NP-1632 Replaced digest implementations from System.Security.Cryptogr…

…aphy with BouncyCastle.
JetBrains · Dec 18, 2023 · 5ad7d52 · 5ad7d52
1 parent f813691
commit 5ad7d52
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 53 deletions.
diff --git a/net/JetBrains.SignatureVerifier/src/HashUtil.cs b/net/JetBrains.SignatureVerifier/src/HashUtil.cs
@@ -1,6 +1,6 @@
 using System.Collections.Generic;
 using System.IO;
-using System.Security.Cryptography;
+using System.Linq;
 using JetBrains.FormatRipper;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Crypto;
@@ -10,52 +10,14 @@ namespace JetBrains.SignatureVerifier
 {
   public static class HashUtil
   {
-    public static byte[] ComputeHash(Stream stream, ComputeHashInfo computeHashInfo, HashAlgorithmName hashAlgorithmName)
-    {
-      using var hash = IncrementalHash.CreateHash(hashAlgorithmName);
-      computeHashInfo.WalkOnHashRanges(stream, hash.AppendData);
-      return hash.GetHashAndReset();
-    }
-
-    public static IDictionary<HashAlgorithmName, byte[]> ComputeHashes(Stream stream, ComputeHashInfo computeHashInfo, IEnumerable<HashAlgorithmName> hashAlgorithmNames)
-    {
-      Dictionary<HashAlgorithmName, IncrementalHash> algorithms = new Dictionary<HashAlgorithmName, IncrementalHash>();
-      Dictionary<HashAlgorithmName, byte[]> hashes = new Dictionary<HashAlgorithmName, byte[]>();
-
-      try
-      {
-        foreach (var algorithmIdentifier in hashAlgorithmNames)
-        {
-          if (!algorithms.ContainsKey(algorithmIdentifier))
-            algorithms.Add(algorithmIdentifier, IncrementalHash.CreateHash(algorithmIdentifier));
-        }
-
-        // Read from the stream and update the digest
-        computeHashInfo.WalkOnHashRanges(stream, (buffer, index, count) =>
-        {
-          foreach (var digest in algorithms.Values)
-            digest.AppendData(buffer, index, count);
-        });
-
-        // Finalize hashes calculation
-        foreach (var algorithm in algorithms)
-        {
-          byte[] hash = algorithm.Value.GetHashAndReset();
-          hashes.Add(algorithm.Key, hash);
-        }
-      }
-      finally
-      {
-        foreach (var algorithm in algorithms.Values)
-          algorithm.Dispose();
-      }
-
-      return hashes;
-    }
+    public static byte[] ComputeHash(Stream stream, ComputeHashInfo computeHashInfo, string algorithmName)
+      => ComputeHash(stream, computeHashInfo, DigestUtilities.GetDigest(algorithmName));
 
     public static byte[] ComputeHash(Stream stream, ComputeHashInfo computeHashInfo, AlgorithmIdentifier algorithmIdentifier)
+      => ComputeHash(stream, computeHashInfo, DigestUtilities.GetDigest(algorithmIdentifier.Algorithm));
+
+    public static byte[] ComputeHash(Stream stream, ComputeHashInfo computeHashInfo, IDigest digest)
     {
-      IDigest digest = DigestUtilities.GetDigest(algorithmIdentifier.Algorithm);
       computeHashInfo.WalkOnHashRanges(stream, digest.BlockUpdate);
 
       byte[] hash = new byte[digest.GetDigestSize()];
@@ -64,6 +26,9 @@ public static byte[] ComputeHash(Stream stream, ComputeHashInfo computeHashInfo,
       return hash;
     }
 
+    public static IDictionary<AlgorithmIdentifier, byte[]> ComputeHashes(Stream stream, ComputeHashInfo computeHashInfo, IEnumerable<string> algorithmNames)
+      => ComputeHashes(stream, computeHashInfo, algorithmNames.Select(alg => new AlgorithmIdentifier(DigestUtilities.GetObjectIdentifier(alg))));
+
     public static IDictionary<AlgorithmIdentifier, byte[]> ComputeHashes(Stream stream, ComputeHashInfo computeHashInfo, IEnumerable<AlgorithmIdentifier> algorithmIdentifiers)
     {
       Dictionary<AlgorithmIdentifier, IDigest> algorithms = new Dictionary<AlgorithmIdentifier, IDigest>();

diff --git a/net/JetBrains.SignatureVerifier/tests/FakePkiTest.cs b/net/JetBrains.SignatureVerifier/tests/FakePkiTest.cs
@@ -112,7 +112,7 @@ private Stream signPe(Stream peStream, AsymmetricKeyParameter keyPairPrivate, X5
         cmsGen.AddCertificates(getStore(cert));
 
       var peFile = PeFile.Parse(peStream, PeFile.Mode.ComputeHashInfo);
-      var hash = HashUtil.ComputeHash(peStream, peFile.ComputeHashInfo, HashAlgorithmName.SHA1);
+      var hash = HashUtil.ComputeHash(peStream, peFile.ComputeHashInfo, HashAlgorithmName.SHA1.Name);
       var content = createCmsSignedData(hash);
       var contentData = content.GetDerEncoded();
       CmsSignedData cmsSignedData =

diff --git a/net/JetBrains.SignatureVerifier/tests/MachOComputeHashTest.cs b/net/JetBrains.SignatureVerifier/tests/MachOComputeHashTest.cs
@@ -1,5 +1,4 @@
 using System.Linq;
-using System.Security.Cryptography;
 using JetBrains.FormatRipper.MachO;
 using NUnit.Framework;
 
@@ -23,7 +22,7 @@ public void Test(string resourceName, string hashAlgorithmName, params string[]
         .Select(_ =>
           {
             Assert.IsNotNull(_.ComputeHashInfo);
-            return HashUtil.ComputeHash(stream, _.ComputeHashInfo, new HashAlgorithmName(hashAlgorithmName));
+            return HashUtil.ComputeHash(stream, _.ComputeHashInfo, hashAlgorithmName);
           }).ToArray());
       Assert.AreEqual(expectedHashes.Length, hashes.Length);
       for (var index = 0; index < expectedHashes.Length; ++index)

diff --git a/net/JetBrains.SignatureVerifier/tests/MsiComputeHashTest.cs b/net/JetBrains.SignatureVerifier/tests/MsiComputeHashTest.cs
@@ -1,5 +1,4 @@
-using System.Security.Cryptography;
-using JetBrains.FormatRipper.Compound;
+using JetBrains.FormatRipper.Compound;
 using NUnit.Framework;
 
 namespace JetBrains.SignatureVerifier.Tests
@@ -19,7 +18,7 @@ public void ComputeHashTest(string resourceName, string hashAlgorithmName, strin
         {
           var file = CompoundFile.Parse(stream, CompoundFile.Mode.ComputeHashInfo);
           Assert.IsNotNull(file.ComputeHashInfo);
-          return HashUtil.ComputeHash(stream, file.ComputeHashInfo, new HashAlgorithmName(hashAlgorithmName));
+          return HashUtil.ComputeHash(stream, file.ComputeHashInfo, hashAlgorithmName);
         });
       Assert.AreEqual(expectedHash, HexUtil.ConvertToHexString(hash));
     }

diff --git a/net/JetBrains.SignatureVerifier/tests/PeComputeHashTest.cs b/net/JetBrains.SignatureVerifier/tests/PeComputeHashTest.cs
@@ -1,5 +1,4 @@
-using System.Security.Cryptography;
-using JetBrains.FormatRipper.Pe;
+using JetBrains.FormatRipper.Pe;
 using NUnit.Framework;
 
 namespace JetBrains.SignatureVerifier.Tests
@@ -37,7 +36,7 @@ public void Test(string resourceName, string hashAlgorithmName, string expectedR
         {
           var file = PeFile.Parse(stream, PeFile.Mode.ComputeHashInfo);
           Assert.IsNotNull(file.ComputeHashInfo);
-          return HashUtil.ComputeHash(stream, file.ComputeHashInfo, new HashAlgorithmName(hashAlgorithmName));
+          return HashUtil.ComputeHash(stream, file.ComputeHashInfo, hashAlgorithmName);
         });
       Assert.AreEqual(expectedResult, HexUtil.ConvertToHexString(result));
     }