code updates

CryptoLib.Tests/src/Asn1/X509/CertificateTest.pas

@@ -298,42 +298,42 @@ begin
 
         if LOid.Equals(TX509Extensions.SubjectKeyIdentifier) then
         begin
-          TSubjectKeyIdentifier.GetInstance(LExtObj as TObject);
+          TSubjectKeyIdentifier.GetInstance(LExtObj);
         end
         else if LOid.Equals(TX509Extensions.KeyUsage) then
         begin
-          //TKeyUsage.GetInstance(LExtObj as TObject);
+          TKeyUsage.GetKeyUsageInstance(LExtObj);
         end
         else if LOid.Equals(TX509Extensions.ExtendedKeyUsage) then
         begin
-          LExtendedKeyUsage := TExtendedKeyUsage.GetInstance(LExtObj as TObject);
+          LExtendedKeyUsage := TExtendedKeyUsage.GetInstance(LExtObj);
           LSeq := LExtendedKeyUsage.ToAsn1Object() as IAsn1Sequence;
           for I := 0 to LSeq.Count - 1 do
           begin
-            TDerObjectIdentifier.GetInstance(LSeq[I] as TObject);
+            TDerObjectIdentifier.GetInstance(LSeq[I]);
           end;
         end
         else if LOid.Equals(TX509Extensions.SubjectAlternativeName) then
         begin
-          LGeneralNames := TGeneralNames.GetInstance(LExtObj as TObject);
+          LGeneralNames := TGeneralNames.GetInstance(LExtObj);
           LSeq := LGeneralNames.ToAsn1Object() as IAsn1Sequence;
           for I := 0 to LSeq.Count - 1 do
           begin
-            TGeneralName.GetInstance(LSeq[I] as TObject);
+            TGeneralName.GetInstance(LSeq[I]);
           end;
         end
         else if LOid.Equals(TX509Extensions.IssuerAlternativeName) then
         begin
-          LGeneralNames := TGeneralNames.GetInstance(LExtObj as TObject);
+          LGeneralNames := TGeneralNames.GetInstance(LExtObj);
           LSeq := LGeneralNames.ToAsn1Object() as IAsn1Sequence;
           for I := 0 to LSeq.Count - 1 do
           begin
-            TGeneralName.GetInstance(LSeq[I] as TObject);
+            TGeneralName.GetInstance(LSeq[I]);
           end;
         end
         else if LOid.Equals(TX509Extensions.CrlDistributionPoints) then
         begin
-          LCrlDistPoint := TCrlDistPoint.GetInstance(LExtObj as TObject);
+          LCrlDistPoint := TCrlDistPoint.GetInstance(LExtObj);
           LPoints := LCrlDistPoint.GetDistributionPoints();
           // do nothing - just verify it parses
         end
@@ -342,16 +342,16 @@ begin
           LPolicySeq := LExtObj as IAsn1Sequence;
           for I := 0 to LPolicySeq.Count - 1 do
           begin
-            LPolicyInfo := TPolicyInformation.GetInstance(LPolicySeq[I] as TObject);
+            LPolicyInfo := TPolicyInformation.GetInstance(LPolicySeq[I]);
           end;
         end
         else if LOid.Equals(TX509Extensions.AuthorityKeyIdentifier) then
         begin
-          TAuthorityKeyIdentifier.GetInstance(LExtObj as TObject);
+          TAuthorityKeyIdentifier.GetInstance(LExtObj);
         end
         else if LOid.Equals(TX509Extensions.BasicConstraints) then
         begin
-          TBasicConstraints.GetInstance(LExtObj as TObject);
+          TBasicConstraints.GetInstance(LExtObj);
         end;
       end;
     end;

CryptoLib.Tests/src/Asn1/X509/X509ExtensionsTests.pas

@@ -57,7 +57,7 @@ type
   published
     procedure TestDuplicateExtensions;
     procedure TestAllowedDuplicateExtensions;
-    procedure TestFunction;
+    procedure TestEqualsAndEquivalent;
 
   end;
 
@@ -100,30 +100,30 @@ begin
     TDerSequence.Create(TAsn1EncodableVector.Create([LName2]) as IAsn1EncodableVector) as IDerSequence);
 
   LBytes := LExtGen.Generate().GetEncoded();
-  LExts := TX509Extensions.GetInstance(TAsn1Sequence.GetInstance(LBytes) as TObject);
+  LExts := TX509Extensions.GetInstance(TAsn1Sequence.GetInstance(LBytes));
 
   LReturnedExtension := LExts.GetExtension(TX509Extensions.SubjectAlternativeName);
 
   LSeq := TAsn1Sequence.GetInstance(LReturnedExtension.GetParsedValue());
 
-  CheckTrue(TGeneralName.GetInstance(LSeq[0] as TObject).Equals(LName1), 'expected name 1');
+  CheckTrue(TGeneralName.GetInstance(LSeq[0]).Equals(LName1), 'expected name 1');
 
-  CheckTrue(TGeneralName.GetInstance(LSeq[1] as TObject).Equals(LName2), 'expected name 2');
+  CheckTrue(TGeneralName.GetInstance(LSeq[1]).Equals(LName2), 'expected name 2');
 
   LGenX := TX509ExtensionsGenerator.Create();
 
   LGenX.AddExtensions(LExts);
 
   LBytes := LGenX.Generate().GetEncoded();
-  LExts := TX509Extensions.GetInstance(TAsn1Sequence.GetInstance(LBytes) as TObject);
+  LExts := TX509Extensions.GetInstance(TAsn1Sequence.GetInstance(LBytes));
 
   LReturnedExtension := LExts.GetExtension(TX509Extensions.SubjectAlternativeName);
 
   LSeq := TAsn1Sequence.GetInstance(LReturnedExtension.GetParsedValue());
 
-  CheckTrue(TGeneralName.GetInstance(LSeq[0] as TObject).Equals(LName1), 'expected name 1');
+  CheckTrue(TGeneralName.GetInstance(LSeq[0]).Equals(LName1), 'expected name 1');
 
-  CheckTrue(TGeneralName.GetInstance(LSeq[1] as TObject).Equals(LName2), 'expected name 2');
+  CheckTrue(TGeneralName.GetInstance(LSeq[1]).Equals(LName2), 'expected name 2');
 end;
 
 procedure TX509ExtensionsTest.TestAllowedDuplicateExtensions;
@@ -173,7 +173,7 @@ begin
   end;
 end;
 
-procedure TX509ExtensionsTest.TestFunction;
+procedure TX509ExtensionsTest.TestEqualsAndEquivalent;
 var
   LGen: IX509ExtensionsGenerator;
   LExt1, LExt2: IX509Extensions;

CryptoLib.Tests/src/Utils/Pem/PemReaderTests.pas

@@ -85,7 +85,7 @@ begin
     LPemObject := LPemReader.ReadPemObject();
 
     LPkcs10 := TCertificationRequest.GetInstance(
-      TAsn1Sequence.GetInstance(LPemObject.Content) as TObject);
+      TAsn1Sequence.GetInstance(LPemObject.Content));
     LSubject := LPkcs10.GetCertificationRequestInfo().Subject.ToString();
 
     CheckEquals('CERTIFICATE REQUEST', LPemObject.&Type, 'PEM type should be CERTIFICATE REQUEST');
@@ -155,7 +155,7 @@ begin
     LPemObject := LPemReader.ReadPemObject();
     
     LCert := TX509CertificateStructure.GetInstance(
-      TAsn1Sequence.GetInstance(LPemObject.Content) as TObject);
+      TAsn1Sequence.GetInstance(LPemObject.Content));
     LIssuer := LCert.Issuer.ToString();
 
     CheckEquals('CERTIFICATE', LPemObject.&Type, 'PEM type should be CERTIFICATE');
@@ -200,7 +200,7 @@ begin
     LPemObject := LPemReader.ReadPemObject();
 
     LCert := TX509CertificateStructure.GetInstance(
-      TAsn1Sequence.GetInstance(LPemObject.Content) as TObject);
+      TAsn1Sequence.GetInstance(LPemObject.Content));
     LIssuer := LCert.Issuer.ToString();
 
     CheckEquals('CERTIFICATE', LPemObject.&Type, 'PEM type should be CERTIFICATE');
@@ -257,7 +257,7 @@ begin
     LPemObject := LPemReader.ReadPemObject();
     
     LCert := TX509CertificateStructure.GetInstance(
-      TAsn1Sequence.GetInstance(LPemObject.Content) as TObject);
+      TAsn1Sequence.GetInstance(LPemObject.Content));
     LIssuer := LCert.Issuer.ToString();
 
     CheckEquals('CERTIFICATE', LPemObject.&Type, 'PEM type should be CERTIFICATE');

CryptoLib/src/Asn1/Pkcs/ClpPkcsAsn1Objects.pas

@@ -69,7 +69,7 @@ type
 
   public
     class function GetInstance(AObj: TObject): IContentInfo; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): IContentInfo; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): IContentInfo; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): IContentInfo; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): IContentInfo; overload; static;
@@ -109,7 +109,7 @@ type
 
   public
     class function GetInstance(AObj: TObject): ISignedData; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): ISignedData; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): ISignedData; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): ISignedData; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): ISignedData; overload; static;
@@ -148,7 +148,7 @@ type
 
   public
     class function GetInstance(AObj: TObject): IAttributePkcs; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): IAttributePkcs; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): IAttributePkcs; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): IAttributePkcs; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): IAttributePkcs; overload; static;
@@ -188,7 +188,7 @@ type
     class function ValidateAttributes(const AAttributes: IAsn1Set): IAsn1Set; static;
 
     class function GetInstance(AObj: TObject): ICertificationRequestInfo; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): ICertificationRequestInfo; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): ICertificationRequestInfo; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): ICertificationRequestInfo; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): ICertificationRequestInfo; overload; static;
@@ -227,7 +227,7 @@ type
 
   public
     class function GetInstance(AObj: TObject): ICertificationRequest; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): ICertificationRequest; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): ICertificationRequest; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): ICertificationRequest; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): ICertificationRequest; overload; static;
@@ -262,6 +262,7 @@ type
     function GetVersion: IDerInteger;
     function GetPrivateKeyAlgorithm: IAlgorithmIdentifier;
     function GetPrivateKey: IAsn1OctetString;
+    function GetPrivateKeyLength: Int32;
     function GetAttributes: IAsn1Set;
     function GetPublicKey: IDerBitString;
     function HasPublicKey: Boolean;
@@ -270,7 +271,7 @@ type
 
   public
     class function GetInstance(AObj: TObject): IPrivateKeyInfo; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): IPrivateKeyInfo; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): IPrivateKeyInfo; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): IPrivateKeyInfo; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): IPrivateKeyInfo; overload; static;
@@ -292,6 +293,7 @@ type
     property Version: IDerInteger read GetVersion;
     property PrivateKeyAlgorithm: IAlgorithmIdentifier read GetPrivateKeyAlgorithm;
     property PrivateKey: IAsn1OctetString read GetPrivateKey;
+    property PrivateKeyLength: Int32 read GetPrivateKeyLength;
     property Attributes: IAsn1Set read GetAttributes;
     property PublicKey: IDerBitString read GetPublicKey;
 
@@ -326,7 +328,7 @@ type
 
   public
     class function GetInstance(AObj: TObject): IRsaPrivateKeyStructure; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): IRsaPrivateKeyStructure; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): IRsaPrivateKeyStructure; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): IRsaPrivateKeyStructure; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): IRsaPrivateKeyStructure; overload; static;
@@ -389,7 +391,7 @@ type
 
   public
     class function GetInstance(AObj: TObject): IRsassaPssParameters; overload; static;
-    class function GetInstance(const AObj: IAsn1Object): IRsassaPssParameters; overload; static;
+    class function GetInstance(const AObj: IAsn1Convertible): IRsassaPssParameters; overload; static;
     class function GetInstance(const AEncoded: TCryptoLibByteArray): IRsassaPssParameters; overload; static;
     class function GetInstance(const AObj: IAsn1TaggedObject;
       AExplicitly: Boolean): IRsassaPssParameters; overload; static;
@@ -415,9 +417,6 @@ implementation
 { TAttributePkcs }
 
 class function TAttributePkcs.GetInstance(AObj: TObject): IAttributePkcs;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -425,28 +424,13 @@ begin
     Exit;
   end;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   if Supports(AObj, IAttributePkcs, Result) then
     Exit;
 
   Result := TAttributePkcs.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
-class function TAttributePkcs.GetInstance(const AObj: IAsn1Object): IAttributePkcs;
-var
-  LSequence: IAsn1Sequence;
+class function TAttributePkcs.GetInstance(const AObj: IAsn1Convertible): IAttributePkcs;
 begin
   if AObj = nil then
   begin
@@ -457,13 +441,10 @@ begin
   if Supports(AObj, IAttributePkcs, Result) then
     Exit;
 
-  LSequence := TAsn1Sequence.GetInstance(AObj);
-  Result := TAttributePkcs.Create(LSequence);
+  Result := TAttributePkcs.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
 class function TAttributePkcs.GetInstance(const AEncoded: TCryptoLibByteArray): IAttributePkcs;
-var
-  LAsn1Obj: IAsn1Object;
 begin
   if AEncoded = nil then
   begin
@@ -471,13 +452,7 @@ begin
     Exit;
   end;
 
-  try
-    LAsn1Obj := TAsn1Object.FromByteArray(AEncoded);
-    Result := GetInstance(LAsn1Obj);
-  except
-    on E: EIOCryptoLibException do
-      raise EArgumentCryptoLibException.Create('failed to construct AttributePkcs from byte[]: ' + E.Message);
-  end;
+  Result := TAttributePkcs.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
 class function TAttributePkcs.GetInstance(const AObj: IAsn1TaggedObject;
@@ -504,8 +479,8 @@ begin
     raise EArgumentCryptoLibException.CreateResFmt(@SBadSequenceSize, [LCount]);
   end;
 
-  FAttrType := TDerObjectIdentifier.GetInstance(ASeq[0] as TAsn1Encodable);
-  FAttrValues := TAsn1Set.GetInstance(ASeq[1] as TAsn1Encodable);
+  FAttrType := TDerObjectIdentifier.GetInstance(ASeq[0]);
+  FAttrValues := TAsn1Set.GetInstance(ASeq[1]);
 end;
 
 constructor TAttributePkcs.Create(const AAttrType: IDerObjectIdentifier;
@@ -540,9 +515,6 @@ end;
 { TCertificationRequestInfo }
 
 class function TCertificationRequestInfo.GetInstance(AObj: TObject): ICertificationRequestInfo;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -550,28 +522,13 @@ begin
     Exit;
   end;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   if Supports(AObj, ICertificationRequestInfo, Result) then
     Exit;
 
   Result := TCertificationRequestInfo.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
-class function TCertificationRequestInfo.GetInstance(const AObj: IAsn1Object): ICertificationRequestInfo;
-var
-  LSequence: IAsn1Sequence;
+class function TCertificationRequestInfo.GetInstance(const AObj: IAsn1Convertible): ICertificationRequestInfo;
 begin
   if AObj = nil then
   begin
@@ -582,13 +539,10 @@ begin
   if Supports(AObj, ICertificationRequestInfo, Result) then
     Exit;
 
-  LSequence := TAsn1Sequence.GetInstance(AObj);
-  Result := TCertificationRequestInfo.Create(LSequence);
+  Result := TCertificationRequestInfo.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
 class function TCertificationRequestInfo.GetInstance(const AEncoded: TCryptoLibByteArray): ICertificationRequestInfo;
-var
-  LAsn1Obj: IAsn1Object;
 begin
   if AEncoded = nil then
   begin
@@ -596,13 +550,7 @@ begin
     Exit;
   end;
 
-  try
-    LAsn1Obj := TAsn1Object.FromByteArray(AEncoded);
-    Result := GetInstance(LAsn1Obj);
-  except
-    on E: EIOCryptoLibException do
-      raise EArgumentCryptoLibException.Create('failed to construct CertificationRequestInfo from byte[]: ' + E.Message);
-  end;
+  Result := TCertificationRequestInfo.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
 class function TCertificationRequestInfo.GetInstance(const AObj: IAsn1TaggedObject;
@@ -630,11 +578,11 @@ begin
     raise EArgumentCryptoLibException.CreateResFmt(@SBadSequenceSize, [LCount]);
   end;
 
-  FVersion := TDerInteger.GetInstance(ASeq[LPos] as TAsn1Encodable);
+  FVersion := TDerInteger.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
-  FSubject := TX509Name.GetInstance(ASeq[LPos] as TAsn1Encodable);
+  FSubject := TX509Name.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
-  FSubjectPKInfo := TSubjectPublicKeyInfo.GetInstance(ASeq[LPos] as TAsn1Encodable);
+  FSubjectPKInfo := TSubjectPublicKeyInfo.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
 
   // NOTE: some CertificationRequestInfo objects seem to treat this field as optional.
@@ -677,7 +625,7 @@ begin
   begin
     for I := 0 to AAttributes.Count - 1 do
     begin
-      LAttr := TAttributePkcs.GetInstance(AAttributes[I] as TAsn1Encodable);
+      LAttr := TAttributePkcs.GetInstance(AAttributes[I]);
       if TPkcsObjectIdentifiers.Pkcs9AtChallengePassword.Equals(LAttr.AttrType) then
       begin
         if LAttr.AttrValues.Count <> 1 then
@@ -730,9 +678,6 @@ end;
 { TCertificationRequest }
 
 class function TCertificationRequest.GetInstance(AObj: TObject): ICertificationRequest;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -740,28 +685,13 @@ begin
     Exit;
   end;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   if Supports(AObj, ICertificationRequest, Result) then
     Exit;
 
   Result := TCertificationRequest.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
-class function TCertificationRequest.GetInstance(const AObj: IAsn1Object): ICertificationRequest;
-var
-  LSequence: IAsn1Sequence;
+class function TCertificationRequest.GetInstance(const AObj: IAsn1Convertible): ICertificationRequest;
 begin
   if AObj = nil then
   begin
@@ -772,13 +702,10 @@ begin
   if Supports(AObj, ICertificationRequest, Result) then
     Exit;
 
-  LSequence := TAsn1Sequence.GetInstance(AObj);
-  Result := TCertificationRequest.Create(LSequence);
+  Result := TCertificationRequest.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
 class function TCertificationRequest.GetInstance(const AEncoded: TCryptoLibByteArray): ICertificationRequest;
-var
-  LAsn1Obj: IAsn1Object;
 begin
   if AEncoded = nil then
   begin
@@ -786,13 +713,7 @@ begin
     Exit;
   end;
 
-  try
-    LAsn1Obj := TAsn1Object.FromByteArray(AEncoded);
-    Result := GetInstance(LAsn1Obj);
-  except
-    on E: EIOCryptoLibException do
-      raise EArgumentCryptoLibException.Create('failed to construct CertificationRequest from byte[]: ' + E.Message);
-  end;
+  Result := TCertificationRequest.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
 class function TCertificationRequest.GetInstance(const AObj: IAsn1TaggedObject;
@@ -819,9 +740,9 @@ begin
     raise EArgumentCryptoLibException.Create(SWrongNumberOfElements);
   end;
 
-  FReqInfo := TCertificationRequestInfo.GetInstance(ASeq[0] as TObject);
-  FSigAlgId := TAlgorithmIdentifier.GetInstance(ASeq[1] as TObject);
-  FSigBits := TDerBitString.GetInstance(ASeq[2] as TObject);
+  FReqInfo := TCertificationRequestInfo.GetInstance(ASeq[0]);
+  FSigAlgId := TAlgorithmIdentifier.GetInstance(ASeq[1]);
+  FSigBits := TDerBitString.GetInstance(ASeq[2]);
 end;
 
 constructor TCertificationRequest.Create(const ARequestInfo: ICertificationRequestInfo;
@@ -869,9 +790,6 @@ end;
 { TPrivateKeyInfo }
 
 class function TPrivateKeyInfo.GetInstance(AObj: TObject): IPrivateKeyInfo;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -879,28 +797,13 @@ begin
     Exit;
   end;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   if Supports(AObj, IPrivateKeyInfo, Result) then
     Exit;
 
   Result := TPrivateKeyInfo.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
-class function TPrivateKeyInfo.GetInstance(const AObj: IAsn1Object): IPrivateKeyInfo;
-var
-  LSequence: IAsn1Sequence;
+class function TPrivateKeyInfo.GetInstance(const AObj: IAsn1Convertible): IPrivateKeyInfo;
 begin
   if AObj = nil then
   begin
@@ -911,13 +814,10 @@ begin
   if Supports(AObj, IPrivateKeyInfo, Result) then
     Exit;
 
-  LSequence := TAsn1Sequence.GetInstance(AObj);
-  Result := TPrivateKeyInfo.Create(LSequence);
+  Result := TPrivateKeyInfo.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
 class function TPrivateKeyInfo.GetInstance(const AEncoded: TCryptoLibByteArray): IPrivateKeyInfo;
-var
-  LAsn1Obj: IAsn1Object;
 begin
   if AEncoded = nil then
   begin
@@ -925,13 +825,7 @@ begin
     Exit;
   end;
 
-  try
-    LAsn1Obj := TAsn1Object.FromByteArray(AEncoded);
-    Result := GetInstance(LAsn1Obj);
-  except
-    on E: EIOCryptoLibException do
-      raise EArgumentCryptoLibException.Create('failed to construct PrivateKeyInfo from byte[]: ' + E.Message);
-  end;
+  Result := TPrivateKeyInfo.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
 class function TPrivateKeyInfo.GetInstance(const AObj: IAsn1TaggedObject;
@@ -976,11 +870,11 @@ begin
     raise EArgumentCryptoLibException.CreateResFmt(@SBadSequenceSize, [LCount]);
   end;
 
-  FVersion := TDerInteger.GetInstance(ASeq[LPos] as TAsn1Encodable);
+  FVersion := TDerInteger.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
-  FPrivateKeyAlgorithm := TAlgorithmIdentifier.GetInstance(ASeq[LPos] as TAsn1Encodable);
+  FPrivateKeyAlgorithm := TAlgorithmIdentifier.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
-  FPrivateKey := TAsn1OctetString.GetInstance(ASeq[LPos] as TAsn1Encodable);
+  FPrivateKey := TAsn1OctetString.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
 
   FAttributes := TAsn1Utilities.ReadOptionalContextTagged<Boolean, IAsn1Set>(ASeq, LPos, 0, False,
@@ -1054,6 +948,11 @@ begin
   Result := FPrivateKeyAlgorithm;
 end;
 
+function TPrivateKeyInfo.GetPrivateKeyLength: Int32;
+begin
+  Result := FPrivateKey.GetOctetsLength;
+end;
+
 function TPrivateKeyInfo.GetPrivateKey: IAsn1OctetString;
 begin
   Result := FPrivateKey;
@@ -1080,9 +979,6 @@ begin
 end;
 
 function TPrivateKeyInfo.ParsePublicKey: IAsn1Object;
-var
-  LStream: TStream;
-  LBitStringParser: IAsn1BitStringParser;
 begin
   if FPublicKey = nil then
   begin
@@ -1090,20 +986,7 @@ begin
     Exit;
   end;
 
-  if Supports(FPublicKey, IAsn1BitStringParser, LBitStringParser) then
-  begin
-    LStream := LBitStringParser.GetOctetStream();
-    try
-      Result := TAsn1Object.FromStream(LStream);
-    finally
-      LStream.Free;
-    end;
-  end
-  else
-  begin
-    // Fallback: parse from bytes (assuming octet-aligned)
-    Result := TAsn1Object.FromByteArray(FPublicKey.GetOctets());
-  end;
+  Result := TAsn1Object.FromStream(FPublicKey.GetOctetStream());
 end;
 
 function TPrivateKeyInfo.ToAsn1Object: IAsn1Object;
@@ -1120,9 +1003,6 @@ end;
 { TRsaPrivateKeyStructure }
 
 class function TRsaPrivateKeyStructure.GetInstance(AObj: TObject): IRsaPrivateKeyStructure;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -1130,28 +1010,13 @@ begin
     Exit;
   end;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   if Supports(AObj, IRsaPrivateKeyStructure, Result) then
     Exit;
 
   Result := TRsaPrivateKeyStructure.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
-class function TRsaPrivateKeyStructure.GetInstance(const AObj: IAsn1Object): IRsaPrivateKeyStructure;
-var
-  LSequence: IAsn1Sequence;
+class function TRsaPrivateKeyStructure.GetInstance(const AObj: IAsn1Convertible): IRsaPrivateKeyStructure;
 begin
   if AObj = nil then
   begin
@@ -1162,13 +1027,10 @@ begin
   if Supports(AObj, IRsaPrivateKeyStructure, Result) then
     Exit;
 
-  LSequence := TAsn1Sequence.GetInstance(AObj);
-  Result := TRsaPrivateKeyStructure.Create(LSequence);
+  Result := TRsaPrivateKeyStructure.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
 class function TRsaPrivateKeyStructure.GetInstance(const AEncoded: TCryptoLibByteArray): IRsaPrivateKeyStructure;
-var
-  LAsn1Obj: IAsn1Object;
 begin
   if AEncoded = nil then
   begin
@@ -1176,13 +1038,7 @@ begin
     Exit;
   end;
 
-  try
-    LAsn1Obj := TAsn1Object.FromByteArray(AEncoded);
-    Result := GetInstance(LAsn1Obj);
-  except
-    on E: EIOCryptoLibException do
-      raise EArgumentCryptoLibException.Create('failed to construct RsaPrivateKeyStructure from byte[]: ' + E.Message);
-  end;
+  Result := TRsaPrivateKeyStructure.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
 class function TRsaPrivateKeyStructure.GetInstance(const AObj: IAsn1TaggedObject;
@@ -1210,15 +1066,15 @@ begin
     raise EArgumentCryptoLibException.CreateResFmt(@SBadSequenceSize, [LCount]);
   end;
 
-  LVersion := TDerInteger.GetInstance(ASeq[0] as TAsn1Encodable);
-  FModulus := TDerInteger.GetInstance(ASeq[1] as TAsn1Encodable).Value;
-  FPublicExponent := TDerInteger.GetInstance(ASeq[2] as TAsn1Encodable).Value;
-  FPrivateExponent := TDerInteger.GetInstance(ASeq[3] as TAsn1Encodable).Value;
-  FPrime1 := TDerInteger.GetInstance(ASeq[4] as TAsn1Encodable).Value;
-  FPrime2 := TDerInteger.GetInstance(ASeq[5] as TAsn1Encodable).Value;
-  FExponent1 := TDerInteger.GetInstance(ASeq[6] as TAsn1Encodable).Value;
-  FExponent2 := TDerInteger.GetInstance(ASeq[7] as TAsn1Encodable).Value;
-  FCoefficient := TDerInteger.GetInstance(ASeq[8] as TAsn1Encodable).Value;
+  LVersion := TDerInteger.GetInstance(ASeq[0]);
+  FModulus := TDerInteger.GetInstance(ASeq[1]).Value;
+  FPublicExponent := TDerInteger.GetInstance(ASeq[2]).Value;
+  FPrivateExponent := TDerInteger.GetInstance(ASeq[3]).Value;
+  FPrime1 := TDerInteger.GetInstance(ASeq[4]).Value;
+  FPrime2 := TDerInteger.GetInstance(ASeq[5]).Value;
+  FExponent1 := TDerInteger.GetInstance(ASeq[6]).Value;
+  FExponent2 := TDerInteger.GetInstance(ASeq[7]).Value;
+  FCoefficient := TDerInteger.GetInstance(ASeq[8]).Value;
 
   if not LVersion.HasValue(0) then
     raise EArgumentCryptoLibException.Create('wrong version for RSA private key');
@@ -1331,9 +1187,6 @@ begin
 end;
 
 class function TRsassaPssParameters.GetInstance(AObj: TObject): IRsassaPssParameters;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -1344,23 +1197,10 @@ begin
   if Supports(AObj, IRsassaPssParameters, Result) then
     Exit;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   Result := TRsassaPssParameters.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
-class function TRsassaPssParameters.GetInstance(const AObj: IAsn1Object): IRsassaPssParameters;
+class function TRsassaPssParameters.GetInstance(const AObj: IAsn1Convertible): IRsassaPssParameters;
 begin
   if AObj = nil then
   begin
@@ -1376,7 +1216,13 @@ end;
 
 class function TRsassaPssParameters.GetInstance(const AEncoded: TCryptoLibByteArray): IRsassaPssParameters;
 begin
-  Result := GetInstance(TAsn1Object.FromByteArray(AEncoded));
+  if AEncoded = nil then
+  begin
+    Result := nil;
+    Exit;
+  end;
+
+  Result := TRsassaPssParameters.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
 class function TRsassaPssParameters.GetInstance(const AObj: IAsn1TaggedObject;
@@ -1523,9 +1369,6 @@ end;
 { TContentInfo }
 
 class function TContentInfo.GetInstance(AObj: TObject): IContentInfo;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -1536,25 +1379,10 @@ begin
   if Supports(AObj, IContentInfo, Result) then
     Exit;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   raise EArgumentCryptoLibException.CreateFmt('illegal object in GetInstance: %s', [TPlatform.GetTypeName(AObj)]);
 end;
 
-class function TContentInfo.GetInstance(const AObj: IAsn1Object): IContentInfo;
-var
-  LSeq: IAsn1Sequence;
+class function TContentInfo.GetInstance(const AObj: IAsn1Convertible): IContentInfo;
 begin
   if AObj = nil then
   begin
@@ -1565,12 +1393,17 @@ begin
   if Supports(AObj, IContentInfo, Result) then
     Exit;
 
-  LSeq := TAsn1Sequence.GetInstance(AObj);
-  Result := TContentInfo.Create(LSeq);
+  Result := TContentInfo.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
 class function TContentInfo.GetInstance(const AEncoded: TCryptoLibByteArray): IContentInfo;
 begin
+  if AEncoded = nil then
+  begin
+    Result := nil;
+    Exit;
+  end;
+
   Result := TContentInfo.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
@@ -1596,7 +1429,7 @@ begin
   if (LCount < 1) or (LCount > 2) then
     raise EArgumentCryptoLibException.CreateFmt('Bad sequence size: %d', [LCount]);
 
-  FContentType := TDerObjectIdentifier.GetInstance(ASeq[0] as TObject);
+  FContentType := TDerObjectIdentifier.GetInstance(ASeq[0]);
 
   if ASeq.Count > 1 then
   begin
@@ -1645,9 +1478,6 @@ end;
 { TSignedData }
 
 class function TSignedData.GetInstance(AObj: TObject): ISignedData;
-var
-  LAsn1Obj: IAsn1Object;
-  LConvertible: IAsn1Convertible;
 begin
   if AObj = nil then
   begin
@@ -1658,25 +1488,10 @@ begin
   if Supports(AObj, ISignedData, Result) then
     Exit;
 
-  if Supports(AObj, IAsn1Object, LAsn1Obj) then
-  begin
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
-  if Supports(AObj, IAsn1Convertible, LConvertible) then
-  begin
-    LAsn1Obj := LConvertible.ToAsn1Object();
-    Result := GetInstance(LAsn1Obj);
-    Exit;
-  end;
-
   raise EArgumentCryptoLibException.CreateFmt('illegal object in GetInstance: %s', [TPlatform.GetTypeName(AObj)]);
 end;
 
-class function TSignedData.GetInstance(const AObj: IAsn1Object): ISignedData;
-var
-  LSeq: IAsn1Sequence;
+class function TSignedData.GetInstance(const AObj: IAsn1Convertible): ISignedData;
 begin
   if AObj = nil then
   begin
@@ -1687,12 +1502,17 @@ begin
   if Supports(AObj, ISignedData, Result) then
     Exit;
 
-  LSeq := TAsn1Sequence.GetInstance(AObj);
-  Result := TSignedData.Create(LSeq);
+  Result := TSignedData.Create(TAsn1Sequence.GetInstance(AObj));
 end;
 
 class function TSignedData.GetInstance(const AEncoded: TCryptoLibByteArray): ISignedData;
 begin
+  if AEncoded = nil then
+  begin
+    Result := nil;
+    Exit;
+  end;
+
   Result := TSignedData.Create(TAsn1Sequence.GetInstance(AEncoded));
 end;
 
@@ -1718,11 +1538,11 @@ begin
   if (LCount < 4) or (LCount > 6) then
     raise EArgumentCryptoLibException.CreateFmt(SBadSequenceSize, [LCount]);
 
-  FVersion := TDerInteger.GetInstance(ASeq[LPos] as TObject);
+  FVersion := TDerInteger.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
-  FDigestAlgorithms := TAsn1Set.GetInstance(ASeq[LPos] as TObject);
+  FDigestAlgorithms := TAsn1Set.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
-  FContentInfo := TContentInfo.GetInstance(ASeq[LPos] as TObject);
+  FContentInfo := TContentInfo.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
   FCertificates := TAsn1Utilities.ReadOptionalContextTagged<IAsn1Sequence, IAsn1Set>(
     ASeq, LPos, 0, ASeq,
@@ -1736,7 +1556,7 @@ begin
     begin
       Result := TAsn1Set.GetTagged(ATagged, False);
     end);
-  FSignerInfos := TAsn1Set.GetInstance(ASeq[LPos] as TObject);
+  FSignerInfos := TAsn1Set.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
 
   if LPos <> LCount then

CryptoLib/src/Asn1/Sec/ClpSecAsn1Objects.pas

@@ -134,10 +134,10 @@ begin
   if (LCount < 2) or (LCount > 4) then
     raise EArgumentCryptoLibException.CreateResFmt(@SBadSequenceSize, [LCount]);
 
-  FVersion := TDerInteger.GetInstance(ASeq[LPos] as TObject);
+  FVersion := TDerInteger.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
   
-  FPrivateKey := TAsn1OctetString.GetInstance(ASeq[LPos] as TObject);
+  FPrivateKey := TAsn1OctetString.GetInstance(ASeq[LPos]);
   System.Inc(LPos);
   
   FParameters := TAsn1Utilities.ReadOptionalContextTagged<Boolean, IAsn1Encodable>(ASeq, LPos, 0, True,

CryptoLib/src/Asn1/X509/ClpX509Certificate.pas

@@ -432,7 +432,7 @@ begin
     try
       for I := 0 to LSeq.Count - 1 do
       begin
-        LResult.Add(TDerObjectIdentifier.GetInstance(LSeq[I] as TAsn1Encodable));
+        LResult.Add(TDerObjectIdentifier.GetInstance(LSeq[I]));
       end;
       Result := LResult.ToArray();
     finally
@@ -483,7 +483,7 @@ begin
   Result := TX509ExtensionUtilities.GetExtension<IGeneralNames>(GetX509Extensions(), AOid,
     function(AOctets: TCryptoLibByteArray): IGeneralNames
     begin
-      Result := TGeneralNames.GetInstance(TAsn1Object.FromByteArray(AOctets) as TObject);
+      Result := TGeneralNames.GetInstance(TAsn1Object.FromByteArray(AOctets));
     end);
 end;
 
@@ -532,7 +532,7 @@ begin
               if Supports(LName, IX509Name, LNameObj) then
                 LEntry.Add(TValue.From<String>(LNameObj.ToString()))
               else
-                LEntry.Add(TValue.From<String>(TX509Name.GetInstance(LName as TAsn1Object).ToString()));
+                LEntry.Add(TValue.From<String>(TX509Name.GetInstance(LName).ToString()));
             end;
           TGeneralName.DnsName,
           TGeneralName.Rfc822Name,
@@ -543,12 +543,12 @@ begin
             end;
           TGeneralName.RegisteredID:
             begin
-              LOid := TDerObjectIdentifier.GetInstance(LGn.Name as TObject);
+              LOid := TDerObjectIdentifier.GetInstance(LGn.Name);
               LEntry.Add(TValue.From<String>(LOid.Id));
             end;
           TGeneralName.IPAddress:
             begin
-              LOctetString := TAsn1OctetString.GetInstance(LGn.Name as TObject);
+              LOctetString := TAsn1OctetString.GetInstance(LGn.Name);
               LIPAddr := IPAddressToString(LOctetString.GetOctets());
               LEntry.Add(TValue.From<String>(LIPAddr));
             end;
@@ -767,7 +767,7 @@ begin
               try
                 if LOid.Equals(TX509Extensions.BasicConstraints) then
                 begin
-                  LBuf.Append(TBasicConstraints.GetInstance(LObj as TObject).ToString());
+                  LBuf.Append(TBasicConstraints.GetInstance(LObj).ToString());
                 end
                 else if LOid.Equals(TX509Extensions.KeyUsage) then
                 begin
@@ -807,7 +807,7 @@ end;
 
 function TX509Certificate.IsSignatureValid(const AVerifierProvider: IVerifierFactoryProvider): Boolean;
 begin
-  Result := CheckSignatureValid(AVerifierProvider.CreateVerifierFactory(FCertificateStructure.SignatureAlgorithm as TObject));
+  Result := CheckSignatureValid(AVerifierProvider.CreateVerifierFactory(FCertificateStructure.SignatureAlgorithm));
 end;
 
 function TX509Certificate.IsAlternativeSignatureValid(const APublicKey: IAsymmetricKeyParameter): Boolean;
@@ -833,7 +833,7 @@ begin
   LAltSigAlg := TAltSignatureAlgorithm.FromExtensions(LExtensions);
   LAltSigValue := TAltSignatureValue.FromExtensions(LExtensions);
 
-  LVerifier := AVerifierProvider.CreateVerifierFactory(LAltSigAlg.Algorithm as TObject);
+  LVerifier := AVerifierProvider.CreateVerifierFactory(LAltSigAlg.Algorithm);
 
   LTbsSeq := TAsn1Sequence.GetInstance(LTbsCertificate.ToAsn1Object());
   LV := TAsn1EncodableVector.Create();
@@ -859,7 +859,7 @@ end;
 
 procedure TX509Certificate.Verify(const AVerifierProvider: IVerifierFactoryProvider);
 begin
-  CheckSignature(AVerifierProvider.CreateVerifierFactory(FCertificateStructure.SignatureAlgorithm as TObject));
+  CheckSignature(AVerifierProvider.CreateVerifierFactory(FCertificateStructure.SignatureAlgorithm));
 end;
 
 procedure TX509Certificate.VerifyAltSignature(const AVerifierProvider: IVerifierFactoryProvider);

CryptoLib/src/Asn1/X509/ClpX509CertificateParser.pas

@@ -134,7 +134,7 @@ begin
     end;
   end;
 
-  Result := TX509Certificate.Create(TX509CertificateStructure.GetInstance(LSeq as TObject));
+  Result := TX509Certificate.Create(TX509CertificateStructure.GetInstance(LSeq));
 end;
 
 function TX509CertificateParser.ReadPemCertificate(const AInStream: TStream): IX509Certificate;
@@ -146,7 +146,7 @@ begin
   if LSeq = nil then
     Result := nil
   else
-    Result := TX509Certificate.Create(TX509CertificateStructure.GetInstance(LSeq as TObject));
+    Result := TX509Certificate.Create(TX509CertificateStructure.GetInstance(LSeq));
 end;
 
 function TX509CertificateParser.GetCertificate(): IX509Certificate;

CryptoLib/src/Asn1/X509/ClpX509SignatureUtilities.pas

@@ -218,7 +218,7 @@ var
   LSigAlgOid: IDerObjectIdentifier;
   LSigAlgParams: IAsn1Encodable;
   LRsassaPssParams: IRsassaPssParameters;
-  LECdsaParams: IAlgorithmIdentifier;
+  LECDsaParams: IAlgorithmIdentifier;
 begin
   if ASigAlgID = nil then
   begin
@@ -233,14 +233,14 @@ begin
   begin
     if TPkcsObjectIdentifiers.IdRsassaPss.Equals(LSigAlgOid) then
     begin
-      LRsassaPssParams := TRsassaPssParameters.GetInstance(LSigAlgParams as TObject);
+      LRsassaPssParams := TRsassaPssParameters.GetInstance(LSigAlgParams);
       Result := GetDigestName(LRsassaPssParams.HashAlgorithm.Algorithm) + 'withRSAandMGF1';
       Exit;
     end;
     if TX9ObjectIdentifiers.ECDsaWithSha2.Equals(LSigAlgOid) then
     begin
-      LECdsaParams := TAlgorithmIdentifier.GetInstance(LSigAlgParams as TObject);
-      Result := GetDigestName(LECdsaParams.Algorithm) + 'withECDSA';
+      LECDsaParams := TAlgorithmIdentifier.GetInstance(LSigAlgParams);
+      Result := GetDigestName(LECDsaParams.Algorithm) + 'withECDSA';
       Exit;
     end;
   end;

CryptoLib/src/Crypto/Operators/ClpAsn1SignatureFactory.pas

@@ -49,7 +49,7 @@ type
     FRandom: ISecureRandom;
 
   strict protected
-    function GetAlgorithmDetails: TObject;
+    function GetAlgorithmDetails: IAlgorithmIdentifier;
 
   public
     constructor Create(const AAlgorithm: String;
@@ -65,7 +65,7 @@ type
 
     function CreateCalculator: IStreamCalculator<IBlockResult>;
 
-    property AlgorithmDetails: TObject read GetAlgorithmDetails;
+    property AlgorithmDetails: IAlgorithmIdentifier read GetAlgorithmDetails;
 
     /// <summary>
     /// Allows enumeration of the signature names supported.
@@ -123,9 +123,9 @@ begin
   FRandom := ARandom;
 end;
 
-function TAsn1SignatureFactory.GetAlgorithmDetails: TObject;
+function TAsn1SignatureFactory.GetAlgorithmDetails: IAlgorithmIdentifier;
 begin
-  Result := FAlgID as TObject;
+  Result := FAlgID;
 end;
 
 function TAsn1SignatureFactory.CreateCalculator: IStreamCalculator<IBlockResult>;

CryptoLib/src/Crypto/Operators/ClpAsn1VerifierFactory.pas

@@ -47,7 +47,7 @@ type
     FPublicKey: IAsymmetricKeyParameter;
 
   strict protected
-    function GetAlgorithmDetails: TObject;
+    function GetAlgorithmDetails: IAlgorithmIdentifier;
 
   public
     constructor Create(const AAlgorithm: String;
@@ -57,7 +57,7 @@ type
 
     function CreateCalculator: IStreamCalculator<IVerifier>;
 
-    property AlgorithmDetails: TObject read GetAlgorithmDetails;
+    property AlgorithmDetails: IAlgorithmIdentifier read GetAlgorithmDetails;
   end;
 
 implementation
@@ -96,9 +96,9 @@ begin
   FPublicKey := APublicKey;
 end;
 
-function TAsn1VerifierFactory.GetAlgorithmDetails: TObject;
+function TAsn1VerifierFactory.GetAlgorithmDetails: IAlgorithmIdentifier;
 begin
-  Result := FAlgID as TObject;
+  Result := FAlgID;
 end;
 
 function TAsn1VerifierFactory.CreateCalculator: IStreamCalculator<IVerifier>;

CryptoLib/src/Crypto/Operators/ClpAsn1VerifierFactoryProvider.pas

@@ -45,7 +45,7 @@ type
   public
     constructor Create(const APublicKey: IAsymmetricKeyParameter);
 
-    function CreateVerifierFactory(AAlgorithmDetails: TObject): IVerifierFactory;
+    function CreateVerifierFactory(AAlgorithmDetails: IAlgorithmIdentifier): IVerifierFactory;
 
     /// <summary>
     /// Allows enumeration of the signature names supported by the verifier provider.
@@ -68,14 +68,12 @@ begin
   FPublicKey := APublicKey;
 end;
 
-function TAsn1VerifierFactoryProvider.CreateVerifierFactory(AAlgorithmDetails: TObject): IVerifierFactory;
-var
-  LAlgID: IAlgorithmIdentifier;
+function TAsn1VerifierFactoryProvider.CreateVerifierFactory(AAlgorithmDetails: IAlgorithmIdentifier): IVerifierFactory;
 begin
-  if not Supports(AAlgorithmDetails, IAlgorithmIdentifier, LAlgID) then
-    raise EInvalidCastCryptoLibException.Create('algorithmDetails must be IAlgorithmIdentifier');
+  if AAlgorithmDetails = nil then
+    raise EArgumentNilCryptoLibException.Create('algorithmDetails');
 
-  Result := TAsn1VerifierFactory.Create(LAlgID, FPublicKey);
+  Result := TAsn1VerifierFactory.Create(AAlgorithmDetails, FPublicKey);
 end;
 
 function TAsn1VerifierFactoryProvider.SignatureAlgNames: TCryptoLibStringArray;

CryptoLib/src/Interfaces/ClpIPkcsAsn1Objects.pas

@@ -91,6 +91,7 @@ type
     function GetVersion: IDerInteger;
     function GetPrivateKeyAlgorithm: IAlgorithmIdentifier;
     function GetPrivateKey: IAsn1OctetString;
+    function GetPrivateKeyLength: Int32;
     function GetAttributes: IAsn1Set;
     function GetPublicKey: IDerBitString;
     function HasPublicKey: Boolean;
@@ -100,6 +101,7 @@ type
     property Version: IDerInteger read GetVersion;
     property PrivateKeyAlgorithm: IAlgorithmIdentifier read GetPrivateKeyAlgorithm;
     property PrivateKey: IAsn1OctetString read GetPrivateKey;
+    property PrivateKeyLength: Int32 read GetPrivateKeyLength;
     property Attributes: IAsn1Set read GetAttributes;
     property PublicKey: IDerBitString read GetPublicKey;
   end;

CryptoLib/src/Interfaces/ClpISignatureFactory.pas

@@ -23,7 +23,8 @@ interface
 
 uses
   ClpIStreamCalculator,
-  ClpIBlockResult;
+  ClpIBlockResult,
+  ClpIX509Asn1Objects;
 
 type
   /// <summary>
@@ -35,14 +36,14 @@ type
     /// <summary>
     /// The algorithm details object for this calculator.
     /// </summary>
-    function GetAlgorithmDetails: TObject;
+    function GetAlgorithmDetails: IAlgorithmIdentifier;
 
     /// <summary>
     /// Create a stream calculator for this signature calculator.
     /// </summary>
     function CreateCalculator: IStreamCalculator<IBlockResult>;
 
-    property AlgorithmDetails: TObject read GetAlgorithmDetails;
+    property AlgorithmDetails: IAlgorithmIdentifier read GetAlgorithmDetails;
   end;
 
 implementation

CryptoLib/src/Interfaces/ClpIVerifierFactory.pas

@@ -23,7 +23,8 @@ interface
 
 uses
   ClpIStreamCalculator,
-  ClpIVerifier;
+  ClpIVerifier,
+  ClpIX509Asn1Objects;
 
 type
   /// <summary>
@@ -35,14 +36,14 @@ type
     /// <summary>
     /// The algorithm details object for this verifier.
     /// </summary>
-    function GetAlgorithmDetails: TObject;
+    function GetAlgorithmDetails: IAlgorithmIdentifier;
 
     /// <summary>
     /// Create a stream calculator for this verifier.
     /// </summary>
     function CreateCalculator: IStreamCalculator<IVerifier>;
 
-    property AlgorithmDetails: TObject read GetAlgorithmDetails;
+    property AlgorithmDetails: IAlgorithmIdentifier read GetAlgorithmDetails;
   end;
 
 implementation

CryptoLib/src/Interfaces/ClpIVerifierFactoryProvider.pas

@@ -22,7 +22,8 @@ unit ClpIVerifierFactoryProvider;
 interface
 
 uses
-  ClpIVerifierFactory;
+  ClpIVerifierFactory,
+  ClpIX509Asn1Objects;
 
 type
   /// <summary>
@@ -34,7 +35,7 @@ type
     /// <summary>
     /// Return a signature verifier for signature algorithm described in the passed in algorithm details object.
     /// </summary>
-    function CreateVerifierFactory(AAlgorithmDetails: TObject): IVerifierFactory;
+    function CreateVerifierFactory(AAlgorithmDetails: IAlgorithmIdentifier): IVerifierFactory;
   end;
 
 implementation

CryptoLib/src/Security/ClpPublicKeyFactory.pas

@@ -73,12 +73,12 @@ implementation
 
 class function TPublicKeyFactory.CreateKey(const AKeyInfoData: TCryptoLibByteArray): IAsymmetricKeyParameter;
 begin
-  Result := CreateKey(TSubjectPublicKeyInfo.GetInstance(TAsn1Sequence.GetInstance(AKeyInfoData) as TObject));
+  Result := CreateKey(TSubjectPublicKeyInfo.GetInstance(TAsn1Sequence.GetInstance(AKeyInfoData)));
 end;
 
 class function TPublicKeyFactory.CreateKey(const AInStr: TStream): IAsymmetricKeyParameter;
 begin
-  Result := CreateKey(TSubjectPublicKeyInfo.GetInstance(TAsn1Object.FromStream(AInStr) as TAsn1Object));
+  Result := CreateKey(TSubjectPublicKeyInfo.GetInstance(TAsn1Object.FromStream(AInStr)));
 end;
 
 class function TPublicKeyFactory.CreateKey(const AKeyInfo: ISubjectPublicKeyInfo): IAsymmetricKeyParameter;
@@ -110,7 +110,7 @@ begin
     LAlgOid.Equals(TPkcsObjectIdentifiers.IdRsassaPss) or
     LAlgOid.Equals(TPkcsObjectIdentifiers.IdRsaesOaep) then
   begin
-    LPubKey := TRsaPublicKeyStructure.GetInstance(AKeyInfo.ParsePublicKey() as TObject);
+    LPubKey := TRsaPublicKeyStructure.GetInstance(AKeyInfo.ParsePublicKey());
     Result := TRsaKeyParameters.Create(False, LPubKey.Modulus, LPubKey.PublicExponent);
     Exit;
   end;