1package org.bouncycastle.jce.provider; 2 3import java.io.IOException; 4import java.security.AlgorithmParameters; 5import java.security.GeneralSecurityException; 6import java.security.InvalidKeyException; 7import java.security.NoSuchAlgorithmException; 8import java.security.Signature; 9import java.security.SignatureException; 10import java.security.spec.PSSParameterSpec; 11 12import org.bouncycastle.asn1.ASN1Encodable; 13import org.bouncycastle.asn1.ASN1Null; 14import org.bouncycastle.asn1.ASN1Sequence; 15import org.bouncycastle.asn1.DERNull; 16import org.bouncycastle.asn1.DERObjectIdentifier; 17// BEGIN android-removed 18// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 19// END android-removed 20import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 21import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 22import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 23import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 24import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 25import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 26import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 27 28class X509SignatureUtil 29{ 30 private static final ASN1Null derNull = DERNull.INSTANCE; 31 32 static void setSignatureParameters( 33 Signature signature, 34 ASN1Encodable params) 35 throws NoSuchAlgorithmException, SignatureException, InvalidKeyException 36 { 37 if (params != null && !derNull.equals(params)) 38 { 39 AlgorithmParameters sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider()); 40 41 try 42 { 43 sigParams.init(params.toASN1Primitive().getEncoded()); 44 } 45 catch (IOException e) 46 { 47 throw new SignatureException("IOException decoding parameters: " + e.getMessage()); 48 } 49 50 if (signature.getAlgorithm().endsWith("MGF1")) 51 { 52 try 53 { 54 signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); 55 } 56 catch (GeneralSecurityException e) 57 { 58 throw new SignatureException("Exception extracting parameters: " + e.getMessage()); 59 } 60 } 61 } 62 } 63 64 static String getSignatureName( 65 AlgorithmIdentifier sigAlgId) 66 { 67 ASN1Encodable params = sigAlgId.getParameters(); 68 69 if (params != null && !derNull.equals(params)) 70 { 71 // BEGIN android-removed 72 // if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 73 // { 74 // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 75 // 76 // return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 77 // } 78 // END android-removed 79 if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 80 { 81 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 82 83 return getDigestAlgName((DERObjectIdentifier)ecDsaParams.getObjectAt(0)) + "withECDSA"; 84 } 85 } 86 87 return sigAlgId.getObjectId().getId(); 88 } 89 90 /** 91 * Return the digest algorithm using one of the standard JCA string 92 * representations rather the the algorithm identifier (if possible). 93 */ 94 private static String getDigestAlgName( 95 DERObjectIdentifier digestAlgOID) 96 { 97 if (PKCSObjectIdentifiers.md5.equals(digestAlgOID)) 98 { 99 return "MD5"; 100 } 101 else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID)) 102 { 103 return "SHA1"; 104 } 105 else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 106 { 107 return "SHA224"; 108 } 109 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 110 { 111 return "SHA256"; 112 } 113 else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) 114 { 115 return "SHA384"; 116 } 117 else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) 118 { 119 return "SHA512"; 120 } 121 // BEGIN android-removed 122 // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 123 // { 124 // return "RIPEMD128"; 125 // } 126 // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 127 // { 128 // return "RIPEMD160"; 129 // } 130 // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 131 // { 132 // return "RIPEMD256"; 133 // } 134 // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 135 // { 136 // return "GOST3411"; 137 // } 138 // END android-removed 139 else 140 { 141 return digestAlgOID.getId(); 142 } 143 } 144} 145