1package org.bouncycastle.jcajce.provider.asymmetric.x509;
2
3import java.io.IOException;
4import java.security.AlgorithmParameters;
5import java.security.GeneralSecurityException;
6import java.security.InvalidKeyException;
7import java.security.NoSuchAlgorithmException;
8import java.security.Signature;
9import java.security.SignatureException;
10import java.security.spec.PSSParameterSpec;
11
12import org.bouncycastle.asn1.ASN1Encodable;
13import org.bouncycastle.asn1.ASN1Null;
14import org.bouncycastle.asn1.ASN1Sequence;
15import org.bouncycastle.asn1.DERNull;
16import org.bouncycastle.asn1.DERObjectIdentifier;
17// BEGIN android-removed
18// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
19// END android-removed
20import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
21import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
22import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
23import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
24// BEGIN android-removed
25// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
26// END android-removed
27import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
28import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
29
30class X509SignatureUtil
31{
32    private static final ASN1Null       derNull = DERNull.INSTANCE;
33
34    static void setSignatureParameters(
35        Signature signature,
36        ASN1Encodable params)
37        throws NoSuchAlgorithmException, SignatureException, InvalidKeyException
38    {
39        if (params != null && !derNull.equals(params))
40        {
41            AlgorithmParameters  sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
42
43            try
44            {
45                sigParams.init(params.toASN1Primitive().getEncoded());
46            }
47            catch (IOException e)
48            {
49                throw new SignatureException("IOException decoding parameters: " + e.getMessage());
50            }
51
52            if (signature.getAlgorithm().endsWith("MGF1"))
53            {
54                try
55                {
56                    signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class));
57                }
58                catch (GeneralSecurityException e)
59                {
60                    throw new SignatureException("Exception extracting parameters: " + e.getMessage());
61                }
62            }
63        }
64    }
65
66    static String getSignatureName(
67        AlgorithmIdentifier sigAlgId)
68    {
69        ASN1Encodable params = sigAlgId.getParameters();
70
71        if (params != null && !derNull.equals(params))
72        {
73            if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
74            {
75                RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
76
77                return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
78            }
79            if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2))
80            {
81                ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params);
82
83                return getDigestAlgName((DERObjectIdentifier)ecDsaParams.getObjectAt(0)) + "withECDSA";
84            }
85        }
86
87        return sigAlgId.getAlgorithm().getId();
88    }
89
90    /**
91     * Return the digest algorithm using one of the standard JCA string
92     * representations rather the the algorithm identifier (if possible).
93     */
94    private static String getDigestAlgName(
95        DERObjectIdentifier digestAlgOID)
96    {
97        if (PKCSObjectIdentifiers.md5.equals(digestAlgOID))
98        {
99            return "MD5";
100        }
101        else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID))
102        {
103            return "SHA1";
104        }
105        else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID))
106        {
107            return "SHA224";
108        }
109        else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID))
110        {
111            return "SHA256";
112        }
113        else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID))
114        {
115            return "SHA384";
116        }
117        else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID))
118        {
119            return "SHA512";
120        }
121        // BEGIN android-removed
122        // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
123        // {
124        //     return "RIPEMD128";
125        // }
126        // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
127        // {
128        //     return "RIPEMD160";
129        // }
130        // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
131        // {
132        //     return "RIPEMD256";
133        // }
134        // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
135        // {
136        //     return "GOST3411";
137        // }
138        // END android-removed
139        else
140        {
141            return digestAlgOID.getId();
142        }
143    }
144}
145