Skip to content
This repository was archived by the owner on Jan 23, 2023. It is now read-only.

Added additional OIDs for CMS signatures. #32666

Merged
bartonjs merged 1 commit into from
Oct 8, 2018
Merged

Added additional OIDs for CMS signatures. #32666

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/Common/src/System/Security/Cryptography/Oids.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ internal static partial class Oids
internal const string Rsa = "1.2.840.113549.1.1.1";
internal const string RsaOaep = "1.2.840.113549.1.1.7";
internal const string RsaPss = "1.2.840.113549.1.1.10";
internal const string RsaPkcs1Sha1 = "1.2.840.113549.1.1.5";
internal const string RsaPkcs1Sha256 = "1.2.840.113549.1.1.11";
internal const string RsaPkcs1Sha384 = "1.2.840.113549.1.1.12";
internal const string RsaPkcs1Sha512 = "1.2.840.113549.1.1.13";
Expand Down
33 changes: 32 additions & 1 deletion ...stem.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/CmsSignature.RSA.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,25 @@ internal partial class CmsSignature
{
static partial void PrepareRegistrationRsa(Dictionary<string, CmsSignature> lookup)
{
lookup.Add(Oids.Rsa, new RSAPkcs1CmsSignature());
lookup.Add(Oids.Rsa, new RSAPkcs1CmsSignature(null, null));
lookup.Add(Oids.RsaPkcs1Sha1, new RSAPkcs1CmsSignature(Oids.RsaPkcs1Sha1, HashAlgorithmName.SHA1));
lookup.Add(Oids.RsaPkcs1Sha256, new RSAPkcs1CmsSignature(Oids.RsaPkcs1Sha256, HashAlgorithmName.SHA256));
lookup.Add(Oids.RsaPkcs1Sha384, new RSAPkcs1CmsSignature(Oids.RsaPkcs1Sha384, HashAlgorithmName.SHA384));
lookup.Add(Oids.RsaPkcs1Sha512, new RSAPkcs1CmsSignature(Oids.RsaPkcs1Sha512, HashAlgorithmName.SHA512));
lookup.Add(Oids.RsaPss, new RSAPssCmsSignature());
}

private abstract class RSACmsSignature : CmsSignature
{
private readonly string _signatureAlgorithm;
private readonly HashAlgorithmName? _expectedDigest;

protected RSACmsSignature(string signatureAlgorithm, HashAlgorithmName? expectedDigest)
{
_signatureAlgorithm = signatureAlgorithm;
_expectedDigest = expectedDigest;
}

protected override bool VerifyKeyType(AsymmetricAlgorithm key)
{
return (key as RSA) != null;
Expand All @@ -39,6 +52,15 @@ internal override bool VerifySignature(
ReadOnlyMemory<byte>? signatureParameters,
X509Certificate2 certificate)
{
if (_expectedDigest.HasValue && _expectedDigest.Value != digestAlgorithmName)
{
throw new CryptographicException(
SR.Format(
SR.Cryptography_Cms_InvalidSignerHashForSignatureAlg,
digestAlgorithmOid,
_signatureAlgorithm));
}

RSASignaturePadding padding = GetSignaturePadding(
signatureParameters,
digestAlgorithmOid,
Expand Down Expand Up @@ -72,6 +94,11 @@ protected abstract RSASignaturePadding GetSignaturePadding(

private sealed class RSAPkcs1CmsSignature : RSACmsSignature
{
public RSAPkcs1CmsSignature(string signatureAlgorithm, HashAlgorithmName? expectedDigest)
: base(signatureAlgorithm, expectedDigest)
{
}

protected override RSASignaturePadding GetSignaturePadding(
ReadOnlyMemory<byte>? signatureParameters,
string digestAlgorithmOid,
Expand Down Expand Up @@ -170,6 +197,10 @@ protected override bool Sign(

private class RSAPssCmsSignature : RSACmsSignature
{
public RSAPssCmsSignature() : base(null, null)
{
}

protected override RSASignaturePadding GetSignaturePadding(
ReadOnlyMemory<byte>? signatureParameters,
string digestAlgorithmOid,
Expand Down
1 change: 1 addition & 0 deletions src/System.Security.Cryptography.Pkcs/tests/Oids.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ internal static class Oids

// Asymmetric encryption algorithms
public const string Rsa = "1.2.840.113549.1.1.1";
public const string RsaPkcs1Sha256 = "1.2.840.113549.1.1.11";
public const string Esdh = "1.2.840.113549.1.9.16.3.5";
public const string Dh = "1.2.840.10046.2.1";

Expand Down
21 changes: 21 additions & 0 deletions src/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1375,6 +1375,27 @@ public static void AddSignerToUnsortedAttributeSignature()
cms.CheckSignature(true);
}

[Fact]
public static void CheckSignature_Pkcs1_RsaWithSha256()
{
SignedCms signedCms = new SignedCms();
signedCms.Decode(SignedDocuments.RsaPkcs1Sha256WithRsa);

// Assert.NoThrows
signedCms.CheckSignature(true);
}

[Fact]
public static void CheckSignature_Pkcs1_Sha1_Declared_Sha256WithRsa()
{
SignedCms signedCms = new SignedCms();
signedCms.Decode(SignedDocuments.RsaPkcs1SignedSha1DeclaredSha256WithRsa);

Assert.Throws<CryptographicException>(() => {
signedCms.CheckSignature(true);
});
}

[Theory]
[InlineData(null, "0102", Oids.Pkcs7Data)]
[InlineData(null, "010100", Oids.Pkcs7Data)]
Expand Down
118 changes: 118 additions & 0 deletions src/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -767,5 +767,123 @@ internal static class SignedDocuments
"101711B9C6AC5C5776923C699E772B07864755C1AC50F387655C4E67DB356207" +
"76252A2F4605B97BD3C299D1CD79929273BB86E7DF9E113C92802380ED6D4041" +
"9DA4C01214D4FA24").HexToByteArray();

internal static readonly byte[] RsaPkcs1Sha256WithRsa = (
"3082071B06092A864886F70D010702A082070C30820708020101310F300D0609" +
"6086480165030402010500301606092A864886F70D010701A009040700010203" +
"040506A08205223082051E30820406A00302010202100D85090F3FACFF0A9008" +
"A12A9FB00A54300D06092A864886F70D01010B05003072310B30090603550406" +
"1302555331153013060355040A130C446967694365727420496E633119301706" +
"0355040B13107777772E64696769636572742E636F6D3131302F060355040313" +
"2844696769436572742053484132204173737572656420494420436F64652053" +
"69676E696E67204341301E170D3138303832393030303030305A170D31393039" +
"30333132303030305A305B310B3009060355040613025553310B300906035504" +
"0813025641311330110603550407130A416C6578616E64726961311430120603" +
"55040A130B4B6576696E204A6F6E6573311430120603550403130B4B6576696E" +
"204A6F6E657330820122300D06092A864886F70D01010105000382010F003082" +
"010A0282010100F1F4542FF6CA57FBC44986EC816F07D1FD50BFD477C412D299" +
"1C962D0A22194A4296BCD0751F47CE4932F73871277CE3CDD2C78157599C7A35" +
"80CC96A11F7031E3A798F4BAA93988F0E4077D30316252B24337DB26914E1F77" +
"9CB4979544514B0234E5388E936B195B91863B258F0C8951454D3668F0C4D456" +
"A8497758D21C433626E46F2CFF5A7CC7945F788948998E5F8786E1E990E240BB" +
"0780CD258F57761AFB5D42AD8E3D703C3126861E83F191ECE9F0B83221F96214" +
"533B2A47977F43715FE501FBC4A4040839DD3EBCA8B67259A7DD0EA9EFAE2200" +
"943EFB7D0404B8978B49A445849B5F6898B06269F427F30DBC8DB2FD7963943A" +
"8C461760E6A4F30203010001A38201C5308201C1301F0603551D230418301680" +
"145AC4B97B2A0AA3A5EA7103C060F92DF665750E58301D0603551D0E04160414" +
"33795EB2D84BFAA3F96E5930F64EC6A94C6FD36A300E0603551D0F0101FF0404" +
"0302078030130603551D25040C300A06082B0601050507030330770603551D1F" +
"0470306E3035A033A031862F687474703A2F2F63726C332E6469676963657274" +
"2E636F6D2F736861322D617373757265642D63732D67312E63726C3035A033A0" +
"31862F687474703A2F2F63726C342E64696769636572742E636F6D2F73686132" +
"2D617373757265642D63732D67312E63726C304C0603551D2004453043303706" +
"096086480186FD6C0301302A302806082B06010505070201161C68747470733A" +
"2F2F7777772E64696769636572742E636F6D2F4350533008060667810C010401" +
"30818406082B0601050507010104783076302406082B06010505073001861868" +
"7474703A2F2F6F6373702E64696769636572742E636F6D304E06082B06010505" +
"0730028642687474703A2F2F636163657274732E64696769636572742E636F6D" +
"2F446967694365727453484132417373757265644944436F64655369676E696E" +
"6743412E637274300C0603551D130101FF04023000300D06092A864886F70D01" +
"010B0500038201010045B9D9868E494BD02635D0E42DDE80B37A865C389CFDD9" +
"9BFC9B62E2C169A73B5EABF282607439EFF5C61630886DEB63415B53683446A7" +
"3041686C326BA35FF0029FEF603D7C80FA0177A4DE35013529B01F759FD50414" +
"79BDBB6B93B18144CB14E431BC144146848EF8ADB0E28952EAD1BB49E8547FFE" +
"9934817036338B20C4E0B9D7C6A4E5BE3D57157F21904A5C864946313EA6B7D9" +
"50EE0235B5D2CD01490AD2B2A1AB5F66EC8986D64A1D9D239C131E09E5CA1C02" +
"A75F2D7EC07E4C858856A6A58AB94DEAC8B3D3A5BBF492EE2463B156E6A0660B" +
"B452E35922D00456F0DEE0ED15A8BF8FFF31008756B14EEE0AC14BCF19A3CD16" +
"819DC990F5F45CDE21318201B2308201AE0201013081863072310B3009060355" +
"04061302555331153013060355040A130C446967694365727420496E63311930" +
"17060355040B13107777772E64696769636572742E636F6D3131302F06035504" +
"03132844696769436572742053484132204173737572656420494420436F6465" +
"205369676E696E6720434102100D85090F3FACFF0A9008A12A9FB00A54300D06" +
"096086480165030402010500300D06092A864886F70D01010B050004820100E2" +
"980C5A30EC00729D1CFA826D7A65B43FF6806B5E0ABA23A78E4F1CAA3F6436EF" +
"00941C6947A9B8F20D0757B5346CF640AA217F7361BEEFF2BC997FB1D3597BF3" +
"D7457BD4A94062FB03660F9D86710BE2FC99876A848251F4965E1B16192714C8" +
"F9788C09CCDE83603ADC919297BA496E921B95F3BD9554A873E09912640FCFAA" +
"D9DD1441D1851E637031D390C038223AE64B048E806462DDBAC98C156BE2EE47" +
"2B78166BDB1612848B535ADC3F0E7BE52991A17F48AFDCCC1698A236BA338930" +
"50EBAAC4460DAA35185C16670F597E0E6E0CB0AA83F51AAEF452F3367DD9350A" +
"8A49A5A8F79DF8E921303AB5D6646A482F0F59D9980310E1AE3EE8D77CB857").HexToByteArray();

internal static readonly byte[] RsaPkcs1SignedSha1DeclaredSha256WithRsa = (
"3082071306092A864886F70D010702A082070430820700020101310B30090605" +
"2B0E03021A0500301606092A864886F70D010701A009040700010203040506A0" +
"8205223082051E30820406A00302010202100D85090F3FACFF0A9008A12A9FB0" +
"0A54300D06092A864886F70D01010B05003072310B3009060355040613025553" +
"31153013060355040A130C446967694365727420496E6331193017060355040B" +
"13107777772E64696769636572742E636F6D3131302F06035504031328446967" +
"69436572742053484132204173737572656420494420436F6465205369676E69" +
"6E67204341301E170D3138303832393030303030305A170D3139303930333132" +
"303030305A305B310B3009060355040613025553310B30090603550408130256" +
"41311330110603550407130A416C6578616E6472696131143012060355040A13" +
"0B4B6576696E204A6F6E6573311430120603550403130B4B6576696E204A6F6E" +
"657330820122300D06092A864886F70D01010105000382010F003082010A0282" +
"010100F1F4542FF6CA57FBC44986EC816F07D1FD50BFD477C412D2991C962D0A" +
"22194A4296BCD0751F47CE4932F73871277CE3CDD2C78157599C7A3580CC96A1" +
"1F7031E3A798F4BAA93988F0E4077D30316252B24337DB26914E1F779CB49795" +
"44514B0234E5388E936B195B91863B258F0C8951454D3668F0C4D456A8497758" +
"D21C433626E46F2CFF5A7CC7945F788948998E5F8786E1E990E240BB0780CD25" +
"8F57761AFB5D42AD8E3D703C3126861E83F191ECE9F0B83221F96214533B2A47" +
"977F43715FE501FBC4A4040839DD3EBCA8B67259A7DD0EA9EFAE2200943EFB7D" +
"0404B8978B49A445849B5F6898B06269F427F30DBC8DB2FD7963943A8C461760" +
"E6A4F30203010001A38201C5308201C1301F0603551D230418301680145AC4B9" +
"7B2A0AA3A5EA7103C060F92DF665750E58301D0603551D0E0416041433795EB2" +
"D84BFAA3F96E5930F64EC6A94C6FD36A300E0603551D0F0101FF040403020780" +
"30130603551D25040C300A06082B0601050507030330770603551D1F0470306E" +
"3035A033A031862F687474703A2F2F63726C332E64696769636572742E636F6D" +
"2F736861322D617373757265642D63732D67312E63726C3035A033A031862F68" +
"7474703A2F2F63726C342E64696769636572742E636F6D2F736861322D617373" +
"757265642D63732D67312E63726C304C0603551D200445304330370609608648" +
"0186FD6C0301302A302806082B06010505070201161C68747470733A2F2F7777" +
"772E64696769636572742E636F6D2F4350533008060667810C01040130818406" +
"082B0601050507010104783076302406082B060105050730018618687474703A" +
"2F2F6F6373702E64696769636572742E636F6D304E06082B0601050507300286" +
"42687474703A2F2F636163657274732E64696769636572742E636F6D2F446967" +
"694365727453484132417373757265644944436F64655369676E696E6743412E" +
"637274300C0603551D130101FF04023000300D06092A864886F70D01010B0500" +
"038201010045B9D9868E494BD02635D0E42DDE80B37A865C389CFDD99BFC9B62" +
"E2C169A73B5EABF282607439EFF5C61630886DEB63415B53683446A73041686C" +
"326BA35FF0029FEF603D7C80FA0177A4DE35013529B01F759FD5041479BDBB6B" +
"93B18144CB14E431BC144146848EF8ADB0E28952EAD1BB49E8547FFE99348170" +
"36338B20C4E0B9D7C6A4E5BE3D57157F21904A5C864946313EA6B7D950EE0235" +
"B5D2CD01490AD2B2A1AB5F66EC8986D64A1D9D239C131E09E5CA1C02A75F2D7E" +
"C07E4C858856A6A58AB94DEAC8B3D3A5BBF492EE2463B156E6A0660BB452E359" +
"22D00456F0DEE0ED15A8BF8FFF31008756B14EEE0AC14BCF19A3CD16819DC990" +
"F5F45CDE21318201AE308201AA0201013081863072310B300906035504061302" +
"555331153013060355040A130C446967694365727420496E6331193017060355" +
"040B13107777772E64696769636572742E636F6D3131302F0603550403132844" +
"696769436572742053484132204173737572656420494420436F646520536967" +
"6E696E6720434102100D85090F3FACFF0A9008A12A9FB00A54300906052B0E03" +
"021A0500300D06092A864886F70D01010B050004820100EAEEB9E1D4BFB979F1" +
"A1C00EE1EC45069366CDD7489A0671F6DC9E3353F7FAEDCE7B87BD467ADFC850" +
"877414966E7EB39C33367ABB03B3AA8BB1438BD952484CB807451499CAE8FDC9" +
"527304D459D82CA039087560B5D3D0EA03DEA1B9472EFC44CBB55DD9A3C6A5C8" +
"DFFD0786D5523F22604B412D6FC5A15E2D6285D7AB76EC216DE859391D129D51" +
"6C27348EDAE7DC43335D12242D939CAF05385A118235F5B1E342EC034E70F655" +
"793FF2FE037558EC2F45BD2683704F8FFD49B910131F4F2804B4282C5C36E41C" +
"9E4E4F93446D44E3106760D265C5C7A849CF03426ACCB294712E51313D5414A7" +
"8227AB79F6B18E2A2054E3FA781DAA2998EB33EDDCDA80").HexToByteArray();
}
}