1package org.bouncycastle.jce.provider; 2 3import java.io.IOException; 4import java.security.AlgorithmParameters; 5import java.security.GeneralSecurityException; 6import java.security.InvalidKeyException; 7import java.security.NoSuchAlgorithmException; 8import java.security.Signature; 9import java.security.SignatureException; 10import java.security.spec.PSSParameterSpec; 11 12import org.bouncycastle.asn1.ASN1Encodable; 13import org.bouncycastle.asn1.ASN1Null; 14import org.bouncycastle.asn1.ASN1Sequence; 15import org.bouncycastle.asn1.DERNull; 16import org.bouncycastle.asn1.DERObjectIdentifier; 17// BEGIN android-removed 18// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 19// END android-removed 20import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 21import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 22import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 23import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 24import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 25import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 26import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 27 28class X509SignatureUtil 29{ 30 // BEGIN android-changed 31 private static final ASN1Null derNull = DERNull.INSTANCE; 32 // END android-changed 33 34 static void setSignatureParameters( 35 Signature signature, 36 ASN1Encodable params) 37 throws NoSuchAlgorithmException, SignatureException, InvalidKeyException 38 { 39 if (params != null && !derNull.equals(params)) 40 { 41 AlgorithmParameters sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider()); 42 43 try 44 { 45 sigParams.init(params.toASN1Primitive().getEncoded()); 46 } 47 catch (IOException e) 48 { 49 throw new SignatureException("IOException decoding parameters: " + e.getMessage()); 50 } 51 52 if (signature.getAlgorithm().endsWith("MGF1")) 53 { 54 try 55 { 56 signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); 57 } 58 catch (GeneralSecurityException e) 59 { 60 throw new SignatureException("Exception extracting parameters: " + e.getMessage()); 61 } 62 } 63 } 64 } 65 66 static String getSignatureName( 67 AlgorithmIdentifier sigAlgId) 68 { 69 ASN1Encodable params = sigAlgId.getParameters(); 70 71 if (params != null && !derNull.equals(params)) 72 { 73 // BEGIN android-removed 74 // if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 75 // { 76 // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 77 // 78 // return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 79 // } 80 // END android-removed 81 if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 82 { 83 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 84 85 return getDigestAlgName((DERObjectIdentifier)ecDsaParams.getObjectAt(0)) + "withECDSA"; 86 } 87 } 88 89 return sigAlgId.getObjectId().getId(); 90 } 91 92 /** 93 * Return the digest algorithm using one of the standard JCA string 94 * representations rather the the algorithm identifier (if possible). 95 */ 96 private static String getDigestAlgName( 97 DERObjectIdentifier digestAlgOID) 98 { 99 if (PKCSObjectIdentifiers.md5.equals(digestAlgOID)) 100 { 101 return "MD5"; 102 } 103 else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID)) 104 { 105 return "SHA1"; 106 } 107 // BEGIN android-removed 108 // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 109 // { 110 // return "SHA224"; 111 // } 112 // END android-removed 113 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 114 { 115 return "SHA256"; 116 } 117 else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) 118 { 119 return "SHA384"; 120 } 121 else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) 122 { 123 return "SHA512"; 124 } 125 // BEGIN android-removed 126 // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 127 // { 128 // return "RIPEMD128"; 129 // } 130 // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 131 // { 132 // return "RIPEMD160"; 133 // } 134 // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 135 // { 136 // return "RIPEMD256"; 137 // } 138 // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 139 // { 140 // return "GOST3411"; 141 // } 142 // END android-removed 143 else 144 { 145 return digestAlgOID.getId(); 146 } 147 } 148} 149