Home | History | Annotate | Download | only in operator 
      1 package org.bouncycastle.operator;
      2 
      3 import java.util.HashMap;
      4 import java.util.HashSet;
      5 import java.util.Map;
      6 import java.util.Set;
      7 
      8 import org.bouncycastle.asn1.ASN1Encodable;
      9 import org.bouncycastle.asn1.ASN1Integer;
     10 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
     11 import org.bouncycastle.asn1.DERNull;
     12 // Android-removed: Unsupported algorithms
     13 // import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
     14 // import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
     15 // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
     16 // import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
     17 // import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
     18 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
     19 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
     20 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
     21 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
     22 import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
     23 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
     24 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
     25 import org.bouncycastle.util.Strings;
     26 
     27 public class DefaultSignatureAlgorithmIdentifierFinder
     28     implements SignatureAlgorithmIdentifierFinder
     29 {
     30     private static Map algorithms = new HashMap();
     31     private static Set noParams = new HashSet();
     32     private static Map params = new HashMap();
     33     private static Set pkcs15RsaEncryption = new HashSet();
     34     private static Map digestOids = new HashMap();
     35 
     36     private static final ASN1ObjectIdentifier ENCRYPTION_RSA = PKCSObjectIdentifiers.rsaEncryption;
     37     private static final ASN1ObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1;
     38     private static final ASN1ObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1;
     39     private static final ASN1ObjectIdentifier ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS;
     40     // BEGIN Android-removed: Unsupported algorithms
     41     // private static final ASN1ObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94;
     42     // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001;
     43     // END Android-removed: Unsupported algorithms
     44 
     45     static
     46     {
     47         // BEGIN Android-removed: Unsupported algorithms
     48         // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
     49         // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
     50         // END Android-removed: Unsupported algorithms
     51         algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
     52         algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
     53         algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
     54         algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption);
     55         algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption);
     56         algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption);
     57         algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption);
     58         algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption);
     59         algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption);
     60         algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption);
     61         algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption);
     62         algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption);
     63         algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
     64         algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
     65         algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
     66         algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
     67         algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
     68         // BEGIN Android-removed: Unsupported algorithms
     69         // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
     70         // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
     71         // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
     72         // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
     73         // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
     74         // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
     75         // END Android-removed: Unsupported algorithms
     76         algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
     77         algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
     78         algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
     79         algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256);
     80         algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384);
     81         algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512);
     82         algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
     83         algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
     84         algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
     85         algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
     86         algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
     87         algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
     88 
     89         // BEGIN Android-removed: Unsupported algorithms
     90         /*
     91         algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
     92         algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
     93         algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
     94         algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
     95         algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
     96         algorithms.put("SHA1WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
     97         algorithms.put("SHA224WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA224);
     98         algorithms.put("SHA256WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA256);
     99         algorithms.put("SHA384WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA384);
    100         algorithms.put("SHA512WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA512);
    101         algorithms.put("RIPEMD160WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
    102         algorithms.put("SHA1WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
    103         algorithms.put("SHA224WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
    104         algorithms.put("SHA256WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
    105         algorithms.put("SHA384WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
    106         algorithms.put("SHA512WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
    107         algorithms.put("SHA3-512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA3_512);
    108         algorithms.put("SHA512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA512);
    109         algorithms.put("SM3WITHSM2", GMObjectIdentifiers.sm2sign_with_sm3);
    110         */
    111         // END Android-removed: Unsupported algorithms
    112 
    113         //
    114         // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
    115         // The parameters field SHALL be NULL for RSA based signature algorithms.
    116         //
    117         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1);
    118         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224);
    119         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256);
    120         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384);
    121         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512);
    122         noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1);
    123         noParams.add(NISTObjectIdentifiers.dsa_with_sha224);
    124         noParams.add(NISTObjectIdentifiers.dsa_with_sha256);
    125         noParams.add(NISTObjectIdentifiers.dsa_with_sha384);
    126         noParams.add(NISTObjectIdentifiers.dsa_with_sha512);
    127 
    128         // BEGIN Android-removed: Unsupported algorithms
    129         /*
    130         //
    131         // RFC 4491
    132         //
    133         noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
    134         noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
    135 
    136         //
    137         // SPHINCS-256
    138         //
    139         noParams.add(BCObjectIdentifiers.sphincs256_with_SHA512);
    140         noParams.add(BCObjectIdentifiers.sphincs256_with_SHA3_512);
    141 
    142         //
    143         // SM2
    144         //
    145         noParams.add(GMObjectIdentifiers.sm2sign_with_sm3);
    146         */
    147         // END Android-removed: Unsupported algorithms
    148 
    149         //
    150         // PKCS 1.5 encrypted  algorithms
    151         //
    152         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha1WithRSAEncryption);
    153         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha224WithRSAEncryption);
    154         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
    155         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
    156         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
    157         // BEGIN Android-removed: Unsupported algorithms
    158         // pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
    159         // pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
    160         // pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
    161         // END Android-removed: Unsupported algorithms
    162 
    163         //
    164         // explicit params
    165         //
    166         AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
    167         params.put("SHA1WITHRSAANDMGF1", createPSSParams(sha1AlgId, 20));
    168 
    169         AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE);
    170         params.put("SHA224WITHRSAANDMGF1", createPSSParams(sha224AlgId, 28));
    171 
    172         AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
    173         params.put("SHA256WITHRSAANDMGF1", createPSSParams(sha256AlgId, 32));
    174 
    175         AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE);
    176         params.put("SHA384WITHRSAANDMGF1", createPSSParams(sha384AlgId, 48));
    177 
    178         AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE);
    179         params.put("SHA512WITHRSAANDMGF1", createPSSParams(sha512AlgId, 64));
    180 
    181         //
    182         // digests
    183         //
    184         digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224);
    185         digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
    186         digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
    187         digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
    188         // BEGIN Android-removed: Unsupported algorithms
    189         // digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
    190         // digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
    191         // END Android-removed: Unsupported algorithms
    192         digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
    193         digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
    194         // BEGIN Android-removed: Unsupported algorithms
    195         // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
    196         // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
    197         // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
    198         // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
    199         // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
    200         // END Android-removed: Unsupported algorithms
    201     }
    202 
    203     private static AlgorithmIdentifier generate(String signatureAlgorithm)
    204     {
    205         AlgorithmIdentifier sigAlgId;
    206         AlgorithmIdentifier encAlgId;
    207         AlgorithmIdentifier digAlgId;
    208 
    209         String algorithmName = Strings.toUpperCase(signatureAlgorithm);
    210         ASN1ObjectIdentifier sigOID = (ASN1ObjectIdentifier)algorithms.get(algorithmName);
    211         if (sigOID == null)
    212         {
    213             throw new IllegalArgumentException("Unknown signature type requested: " + algorithmName);
    214         }
    215 
    216         if (noParams.contains(sigOID))
    217         {
    218             sigAlgId = new AlgorithmIdentifier(sigOID);
    219         }
    220         else if (params.containsKey(algorithmName))
    221         {
    222             sigAlgId = new AlgorithmIdentifier(sigOID, (ASN1Encodable)params.get(algorithmName));
    223         }
    224         else
    225         {
    226             sigAlgId = new AlgorithmIdentifier(sigOID, DERNull.INSTANCE);
    227         }
    228 
    229         if (pkcs15RsaEncryption.contains(sigOID))
    230         {
    231             encAlgId = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE);
    232         }
    233         else
    234         {
    235             encAlgId = sigAlgId;
    236         }
    237 
    238         if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
    239         {
    240             digAlgId = ((RSASSAPSSparams)sigAlgId.getParameters()).getHashAlgorithm();
    241         }
    242         else
    243         {
    244             digAlgId = new AlgorithmIdentifier((ASN1ObjectIdentifier)digestOids.get(sigOID), DERNull.INSTANCE);
    245         }
    246 
    247         return sigAlgId;
    248     }
    249 
    250     private static RSASSAPSSparams createPSSParams(AlgorithmIdentifier hashAlgId, int saltSize)
    251     {
    252         return new RSASSAPSSparams(
    253             hashAlgId,
    254             new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, hashAlgId),
    255             new ASN1Integer(saltSize),
    256             new ASN1Integer(1));
    257     }
    258 
    259     public AlgorithmIdentifier find(String sigAlgName)
    260     {
    261         return generate(sigAlgName);
    262     }
    263 }