108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project/* 208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Copyright (C) 2008 The Android Open Source Project 308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * 408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Licensed under the Apache License, Version 2.0 (the "License"); 508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * you may not use this file except in compliance with the License. 608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * You may obtain a copy of the License at 708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * 808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * 1008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Unless required by applicable law or agreed to in writing, software 1108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 1208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * See the License for the specific language governing permissions and 1408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * limitations under the License. 1508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 1608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 17860d2707ce126ef8f66e3eac7ceeab6d24218cd8Kenny Rootpackage org.conscrypt; 1808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 1908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.security.InvalidKeyException; 2008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.security.InvalidParameterException; 2108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.security.NoSuchAlgorithmException; 2208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.security.PrivateKey; 2308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.security.PublicKey; 2408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.security.SignatureException; 25ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Rootimport java.security.SignatureSpi; 2608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 2708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project/** 281f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * Implements the subset of the JDK Signature interface needed for 291f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * signature verification using OpenSSL. 3008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 31ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Rootpublic class OpenSSLSignature extends SignatureSpi { 329df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root private static enum EngineType { 338b7521eb38878822be3817270cc074ee1e22095dKenny Root RSA, DSA, EC, 349df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root }; 359df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root 36652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private OpenSSLDigestContext ctx; 3708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 3808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 39aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root * The current OpenSSL key we're operating on. 4008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 41aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root private OpenSSLKey key; 4273f1fad27323ed00b318de046cfe43236625af09Elliott Hughes 4308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 449df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root * Holds the type of the Java algorithm. 459df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root */ 469df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root private final EngineType engineType; 479df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root 489df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root /** 4973f1fad27323ed00b318de046cfe43236625af09Elliott Hughes * Holds the OpenSSL name of the algorithm (lower case, no dashes). 5008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 51652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private final long evpAlgorithm; 5273f1fad27323ed00b318de046cfe43236625af09Elliott Hughes 5308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 5408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Holds a dummy buffer for writing single bytes to the digest. 5508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 561f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom private final byte[] singleByte = new byte[1]; 5708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 5808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 59ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Root * True when engine is initialized to signing. 60ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Root */ 61ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Root private boolean signing; 62ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Root 63ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Root /** 6408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Creates a new OpenSSLSignature instance for the given algorithm name. 6573f1fad27323ed00b318de046cfe43236625af09Elliott Hughes * 661f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * @param algorithm OpenSSL name of the algorithm, e.g. "RSA-SHA1". 6708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 68652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private OpenSSLSignature(long algorithm, EngineType engineType) 699df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root throws NoSuchAlgorithmException { 709df6cea08a4eb527ba5b6fc9275e8b0571c12892Kenny Root this.engineType = engineType; 711f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom this.evpAlgorithm = algorithm; 7208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 7373f1fad27323ed00b318de046cfe43236625af09Elliott Hughes 74652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private final void resetContext() { 75652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root OpenSSLDigestContext ctxLocal = new OpenSSLDigestContext(NativeCrypto.EVP_MD_CTX_create()); 76652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root NativeCrypto.EVP_MD_CTX_init(ctxLocal); 77652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root if (signing) { 78652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root enableDSASignatureNonceHardeningIfApplicable(); 79652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root NativeCrypto.EVP_SignInit(ctxLocal, evpAlgorithm); 80652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root } else { 81652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root NativeCrypto.EVP_VerifyInit(ctxLocal, evpAlgorithm); 82652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root } 83652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root this.ctx = ctxLocal; 84652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root } 85652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root 8608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 8708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project protected void engineUpdate(byte input) { 8808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project singleByte[0] = input; 8908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project engineUpdate(singleByte, 0, 1); 9008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 9108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 9208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 9308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project protected void engineUpdate(byte[] input, int offset, int len) { 94652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root final OpenSSLDigestContext ctxLocal = ctx; 95ca729b856ba17a8c4840f6cf8089da0010706d7cKenny Root if (signing) { 96652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root NativeCrypto.EVP_SignUpdate(ctxLocal, input, offset, len); 9708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } else { 98652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root NativeCrypto.EVP_VerifyUpdate(ctxLocal, input, offset, len); 9908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 10008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 10108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 10208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 10308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project protected Object engineGetParameter(String param) throws InvalidParameterException { 10408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project return null; 10508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 10608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 10747cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root private void checkEngineType(OpenSSLKey pkey) throws InvalidKeyException { 10847cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root final int pkeyType = NativeCrypto.EVP_PKEY_type(pkey.getPkeyContext()); 10947cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root 11047cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root switch (engineType) { 11147cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root case RSA: 11247cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root if (pkeyType != NativeCrypto.EVP_PKEY_RSA) { 11375e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root throw new InvalidKeyException("Signature initialized as " + engineType 11475e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root + " (not RSA)"); 11547cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root } 11647cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root break; 11747cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root case DSA: 11847cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root if (pkeyType != NativeCrypto.EVP_PKEY_DSA) { 11975e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root throw new InvalidKeyException("Signature initialized as " + engineType 12075e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root + " (not DSA)"); 12147cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root } 12247cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root break; 12347cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root case EC: 12447cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root if (pkeyType != NativeCrypto.EVP_PKEY_EC) { 12575e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root throw new InvalidKeyException("Signature initialized as " + engineType 12675e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root + " (not EC)"); 12747cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root } 12847cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root break; 12947cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root default: 13075e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root throw new InvalidKeyException("Key must be of type " + engineType); 13147cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root } 13247cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root } 13347cc520bd63c1eabfdef23cbab10457701f2a395Kenny Root 134652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private void initInternal(OpenSSLKey newKey, boolean signing) throws InvalidKeyException { 13575e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root checkEngineType(newKey); 13675e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root key = newKey; 137652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root 138652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root this.signing = signing; 139652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root resetContext(); 14075e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root } 141bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root 14275e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root @Override 14375e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089Kenny Root protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException { 144652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root initInternal(OpenSSLKey.fromPrivateKey(privateKey), true); 14508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 14608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 14760f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin /** 14860f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin * Enables a mitigation against private key leakage through DSA and ECDSA signatures when weak 14960f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin * nonces (per-message k values) are used. To mitigate the issue, private key and message being 15060f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin * signed is mixed into the randomly generated nonce (k). 15160f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin * 15260f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin * <p>Does nothing for signatures that are neither DSA nor ECDSA. 15360f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin */ 15460f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin private void enableDSASignatureNonceHardeningIfApplicable() { 155652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root final OpenSSLKey key = this.key; 15660f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin switch (engineType) { 15760f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin case DSA: 15860f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin NativeCrypto.set_DSA_flag_nonce_from_hash(key.getPkeyContext()); 15960f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin break; 16060f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin case EC: 16160f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin NativeCrypto.EC_KEY_set_nonce_from_hash(key.getPkeyContext(), true); 16260f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin break; 16360f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin default: 16460f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin // Hardening not applicable 16560f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin } 16660f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin } 16760f83802801e224b51afac6c27c19e7c3d65ddc3Alex Klyubin 16808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 16908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException { 170652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root initInternal(OpenSSLKey.fromPublicKey(publicKey), false); 17108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 17208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 17308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 17408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project protected void engineSetParameter(String param, Object value) throws InvalidParameterException { 17508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 17608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 17708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 17808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project protected byte[] engineSign() throws SignatureException { 179aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root if (key == null) { 180bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root // This can't actually happen, but you never know... 1818b7521eb38878822be3817270cc074ee1e22095dKenny Root throw new SignatureException("Need DSA or RSA or EC private key"); 182bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root } 183bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root 184652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root final OpenSSLDigestContext ctxLocal = ctx; 185bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root try { 186aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root byte[] buffer = new byte[NativeCrypto.EVP_PKEY_size(key.getPkeyContext())]; 187652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root int bytesWritten = NativeCrypto.EVP_SignFinal(ctxLocal, buffer, 0, 188652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root key.getPkeyContext()); 189bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root 190bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root byte[] signature = new byte[bytesWritten]; 191bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root System.arraycopy(buffer, 0, signature, 0, bytesWritten); 192bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root 193bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root return signature; 194bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root } catch (Exception ex) { 195bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root throw new SignatureException(ex); 196bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root } finally { 197bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root /* 198bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root * Java expects the digest context to be reset completely after sign 199bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root * calls. 200bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root */ 201652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root resetContext(); 202bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root } 20308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 20408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 20508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 20608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project protected boolean engineVerify(byte[] sigBytes) throws SignatureException { 207aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root if (key == null) { 20808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project // This can't actually happen, but you never know... 20908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project throw new SignatureException("Need DSA or RSA public key"); 21008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 21173f1fad27323ed00b318de046cfe43236625af09Elliott Hughes 21208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project try { 213aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root int result = NativeCrypto.EVP_VerifyFinal(ctx, sigBytes, 0, sigBytes.length, 214aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root key.getPkeyContext()); 21508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project return result == 1; 21608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } catch (Exception ex) { 21741fcca451c81b75354ea2a5fcc3a8fef241f6297Brian Carlstrom return false; 218bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root } finally { 219bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root /* 220bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root * Java expects the digest context to be reset completely after 221bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root * verify calls. 222bad843cfc413e5ccb61bacc426a204def0687e69Kenny Root */ 223652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root resetContext(); 22408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 22508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 2261f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 2271f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public static final class MD5RSA extends OpenSSLSignature { 228652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("RSA-MD5"); 2291f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public MD5RSA() throws NoSuchAlgorithmException { 230652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.RSA); 2311f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2321f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2331f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public static final class SHA1RSA extends OpenSSLSignature { 234652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("RSA-SHA1"); 2351f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public SHA1RSA() throws NoSuchAlgorithmException { 236652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.RSA); 2371f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2381f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 239d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root public static final class SHA224RSA extends OpenSSLSignature { 240652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("RSA-SHA224"); 241d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root public SHA224RSA() throws NoSuchAlgorithmException { 242652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.RSA); 243d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root } 244d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root } 2451f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public static final class SHA256RSA extends OpenSSLSignature { 246652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("RSA-SHA256"); 2471f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public SHA256RSA() throws NoSuchAlgorithmException { 248652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.RSA); 2491f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2501f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2511f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public static final class SHA384RSA extends OpenSSLSignature { 252652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("RSA-SHA384"); 2531f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public SHA384RSA() throws NoSuchAlgorithmException { 254652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.RSA); 2551f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2561f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2571f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public static final class SHA512RSA extends OpenSSLSignature { 258652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("RSA-SHA512"); 2591f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public SHA512RSA() throws NoSuchAlgorithmException { 260652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.RSA); 2611f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2621f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2631f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public static final class SHA1DSA extends OpenSSLSignature { 264652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("DSA-SHA1"); 2651f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public SHA1DSA() throws NoSuchAlgorithmException { 266652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.DSA); 2671f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2681f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 2698b7521eb38878822be3817270cc074ee1e22095dKenny Root public static final class SHA1ECDSA extends OpenSSLSignature { 270652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("SHA1"); 2718b7521eb38878822be3817270cc074ee1e22095dKenny Root public SHA1ECDSA() throws NoSuchAlgorithmException { 272652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.EC); 2738b7521eb38878822be3817270cc074ee1e22095dKenny Root } 2748b7521eb38878822be3817270cc074ee1e22095dKenny Root } 275d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root public static final class SHA224ECDSA extends OpenSSLSignature { 276652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("SHA224"); 277d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root public SHA224ECDSA() throws NoSuchAlgorithmException { 278652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.EC); 279d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root } 280d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root } 2818b7521eb38878822be3817270cc074ee1e22095dKenny Root public static final class SHA256ECDSA extends OpenSSLSignature { 282652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("SHA256"); 2838b7521eb38878822be3817270cc074ee1e22095dKenny Root public SHA256ECDSA() throws NoSuchAlgorithmException { 284652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.EC); 2858b7521eb38878822be3817270cc074ee1e22095dKenny Root } 2868b7521eb38878822be3817270cc074ee1e22095dKenny Root } 2878b7521eb38878822be3817270cc074ee1e22095dKenny Root public static final class SHA384ECDSA extends OpenSSLSignature { 288652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("SHA384"); 2898b7521eb38878822be3817270cc074ee1e22095dKenny Root public SHA384ECDSA() throws NoSuchAlgorithmException { 290652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.EC); 2918b7521eb38878822be3817270cc074ee1e22095dKenny Root } 2928b7521eb38878822be3817270cc074ee1e22095dKenny Root } 2938b7521eb38878822be3817270cc074ee1e22095dKenny Root public static final class SHA512ECDSA extends OpenSSLSignature { 294652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("SHA512"); 2958b7521eb38878822be3817270cc074ee1e22095dKenny Root public SHA512ECDSA() throws NoSuchAlgorithmException { 296652ff53bd48ed61389337a42d8e50cdb7ace0fecKenny Root super(EVP_MD, EngineType.EC); 2978b7521eb38878822be3817270cc074ee1e22095dKenny Root } 2988b7521eb38878822be3817270cc074ee1e22095dKenny Root } 29908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project} 3001f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 301