bc-csharp icon indicating copy to clipboard operation
bc-csharp copied to clipboard
verified publisher icon bcgit

Add support of GOST2012 algorithms for CmsSignedDataGenerator

Open LarinLive opened this issue 5 years ago • 3 comments

Add support of GOST2012 algorithms for the CmsSignedDataGenerator class. This helps to generate a digital signature with actual russian algorithms.

LarinLive avatar Mar 24 '20 18:03 LarinLive

Bump. It is still needed

LarinLive avatar Oct 23 '20 08:10 LarinLive

Hi, can you please include this changes. I think it's linked with your MR.

I'm like your MR, but verification of GOST34.10-2001 cms signature doesn't work propper. I'm resolve this by creating this patch:

diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs
index 9717c018..22c29608 100644
--- a/crypto/src/cms/CMSSignedHelper.cs
+++ b/crypto/src/cms/CMSSignedHelper.cs
@@ -89,6 +89,10 @@ static CmsSignedHelper()
                        AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
                        AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
                        AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
+                       AddEntries(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411", "GOST3410");
+                       AddEntries(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411", "ECGOST3410");
+                       AddEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "GOST3411-2012-256", "ECGOST3410");
+                       AddEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "GOST3411-2012-512", "ECGOST3410");

                        encryptionAlgs.Add(X9ObjectIdentifiers.IdDsa.Id, "DSA");
                        encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA");
diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs
index 3a3e6fe5..e77a49d7 100644
--- a/crypto/src/security/SignerUtilities.cs
+++ b/crypto/src/security/SignerUtilities.cs
@@ -638,11 +638,11 @@ public static ICollection Algorithms
                 return new SM2Signer(digest);
             }

-            if (mechanism.Equals("GOST3410"))
+            if (mechanism.Equals("GOST3410") || mechanism.Equals("GOST3411WITHGOST3410"))
             {
                 return new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest());
             }
-            if (mechanism.Equals("ECGOST3410"))
+            if (mechanism.Equals("ECGOST3410") || mechanism.Equals("GOST3411WITHECGOST3410"))
             {
                 return new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest());
             }

What do you think?

P.s. I found this note at the bouncy castle home page

This is the final feature release with support for legacy .NET platforms. From 1.9.0 we will be targeting more modern .NET frameworks (see https://github.com/bcgit/bc-csharp/pull/68) and updating our build and packaging systems. The 1.8.x series will continue to receive bug fixes, but limited new functionality.

So, I think your functianality will be merged after 1.9.0 release :)

lo1ol avatar May 28 '21 11:05 lo1ol

Still not merged

ibetin avatar Aug 23 '22 17:08 ibetin

Finally merged, thanks.

@lo1ol These were already there in latest code.

peterdettman avatar Nov 06 '22 05:11 peterdettman