1 package org.bouncycastle.jce.provider; 2 3 import java.io.IOException; 4 import java.security.AlgorithmParameters; 5 import java.security.GeneralSecurityException; 6 import java.security.InvalidKeyException; 7 import java.security.NoSuchAlgorithmException; 8 import java.security.Signature; 9 import java.security.SignatureException; 10 import java.security.spec.PSSParameterSpec; 11 12 import org.bouncycastle.asn1.ASN1Encodable; 13 import org.bouncycastle.asn1.ASN1Null; 14 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 15 import org.bouncycastle.asn1.ASN1Sequence; 16 import org.bouncycastle.asn1.DERNull; 17 // Android-removed: Unsupported algorithms 18 // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 19 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 20 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 21 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 22 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 23 import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 24 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 25 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 26 27 class X509SignatureUtil 28 { 29 private static final ASN1Null derNull = DERNull.INSTANCE; 30 31 static void setSignatureParameters( 32 Signature signature, 33 ASN1Encodable params) 34 throws NoSuchAlgorithmException, SignatureException, InvalidKeyException 35 { 36 if (params != null && !derNull.equals(params)) 37 { 38 AlgorithmParameters sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider()); 39 40 try 41 { 42 sigParams.init(params.toASN1Primitive().getEncoded()); 43 } 44 catch (IOException e) 45 { 46 throw new SignatureException("IOException decoding parameters: " + e.getMessage()); 47 } 48 49 if (signature.getAlgorithm().endsWith("MGF1")) 50 { 51 try 52 { 53 signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); 54 } 55 catch (GeneralSecurityException e) 56 { 57 throw new SignatureException("Exception extracting parameters: " + e.getMessage()); 58 } 59 } 60 } 61 } 62 63 static String getSignatureName( 64 AlgorithmIdentifier sigAlgId) 65 { 66 ASN1Encodable params = sigAlgId.getParameters(); 67 68 if (params != null && !derNull.equals(params)) 69 { 70 // BEGIN Android-removed: Unsupported algorithms 71 /* 72 if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 73 { 74 RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 75 76 return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; 77 } 78 */ 79 // END Android-removed: Unsupported algorithms 80 if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) 81 { 82 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); 83 84 return getDigestAlgName(ASN1ObjectIdentifier.getInstance(ecDsaParams.getObjectAt(0))) + "withECDSA"; 85 } 86 } 87 88 return sigAlgId.getAlgorithm().getId(); 89 } 90 91 /** 92 * Return the digest algorithm using one of the standard JCA string 93 * representations rather the the algorithm identifier (if possible). 94 */ 95 private static String getDigestAlgName( 96 ASN1ObjectIdentifier digestAlgOID) 97 { 98 if (PKCSObjectIdentifiers.md5.equals(digestAlgOID)) 99 { 100 return "MD5"; 101 } 102 else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID)) 103 { 104 return "SHA1"; 105 } 106 else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 107 { 108 return "SHA224"; 109 } 110 else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 111 { 112 return "SHA256"; 113 } 114 else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) 115 { 116 return "SHA384"; 117 } 118 else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) 119 { 120 return "SHA512"; 121 } 122 // BEGIN Android-removed: Unsupported algorithms 123 /* 124 else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 125 { 126 return "RIPEMD128"; 127 } 128 else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 129 { 130 return "RIPEMD160"; 131 } 132 else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 133 { 134 return "RIPEMD256"; 135 } 136 else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 137 { 138 return "GOST3411"; 139 } 140 */ 141 // END Android-removed: Unsupported algorithms 142 else 143 { 144 return digestAlgOID.getId(); 145 } 146 } 147 } 148