1package org.bouncycastle.jcajce.provider.asymmetric.x509; 2 3import java.io.IOException; 4import java.security.AlgorithmParameters; 5import java.security.GeneralSecurityException; 6import java.security.InvalidKeyException; 7import java.security.NoSuchAlgorithmException; 8import java.security.Signature; 9import java.security.SignatureException; 10import java.security.spec.PSSParameterSpec; 11 12import org.bouncycastle.asn1.ASN1Encodable; 13import org.bouncycastle.asn1.ASN1Null; 14import org.bouncycastle.asn1.ASN1Sequence; 15import org.bouncycastle.asn1.DERNull; 16import org.bouncycastle.asn1.DERObjectIdentifier; 17// BEGIN android-removed 18// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 19// END android-removed 20import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 21import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 22import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 23import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 24// BEGIN android-removed 25// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 26// END android-removed 27import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 28import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 29 30class X509SignatureUtil 31{ 32 private static final ASN1Null derNull = DERNull.INSTANCE; 33 34 static void setSignatureParameters( 35 Signature signature, 36 ASN1Encodable params) 37 throws NoSuchAlgorithmException, SignatureException, InvalidKeyException 38 { 39 if (params != null && !derNull.equals(params)) 40 { 41 AlgorithmParameters sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider()); 42 43 try 44 { 45 sigParams.init(params.toASN1Primitive().getEncoded()); 46 } 47 catch (IOException e) 48 { 49 throw new SignatureException("IOException decoding parameters: " + e.getMessage()); 50 } 51 52 if (signature.getAlgorithm().endsWith("MGF1")) 53 { 54 try 55 { 56 signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); 57 } 58 catch (GeneralSecurityException e) 59 { 60 throw new SignatureException("Exception extracting parameters: " + e.getMessage()); 61 } 62 } 63 } 64 } 65 66 static String getSignatureName( 67 AlgorithmIdentifier sigAlgId) 68 { 69 ASN1Encodable params = sigAlgId.getParameters(); 70 71 if (params != null && !derNull.equals(params)) 72 { 73 if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 74 { 75 RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 76 77 return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 78 } 79 if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 80 { 81 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 82 83 return getDigestAlgName((DERObjectIdentifier)ecDsaParams.getObjectAt(0)) + "withECDSA"; 84 } 85 } 86 87 return sigAlgId.getAlgorithm().getId(); 88 } 89 90 /** 91 * Return the digest algorithm using one of the standard JCA string 92 * representations rather the the algorithm identifier (if possible). 93 */ 94 private static String getDigestAlgName( 95 DERObjectIdentifier digestAlgOID) 96 { 97 if (PKCSObjectIdentifiers.md5.equals(digestAlgOID)) 98 { 99 return "MD5"; 100 } 101 else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID)) 102 { 103 return "SHA1"; 104 } 105 else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 106 { 107 return "SHA224"; 108 } 109 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 110 { 111 return "SHA256"; 112 } 113 else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) 114 { 115 return "SHA384"; 116 } 117 else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) 118 { 119 return "SHA512"; 120 } 121 // BEGIN android-removed 122 // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 123 // { 124 // return "RIPEMD128"; 125 // } 126 // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 127 // { 128 // return "RIPEMD160"; 129 // } 130 // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 131 // { 132 // return "RIPEMD256"; 133 // } 134 // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 135 // { 136 // return "GOST3411"; 137 // } 138 // END android-removed 139 else 140 { 141 return digestAlgOID.getId(); 142 } 143 } 144} 145