26 package sun.security.ssl;
27
28 import java.security.*;
29 import java.security.interfaces.ECPrivateKey;
30 import java.security.spec.AlgorithmParameterSpec;
31 import java.security.spec.ECParameterSpec;
32 import java.security.spec.MGF1ParameterSpec;
33 import java.security.spec.PSSParameterSpec;
34 import java.util.ArrayList;
35 import java.util.Arrays;
36 import java.util.Collection;
37 import java.util.Collections;
38 import java.util.EnumSet;
39 import java.util.LinkedList;
40 import java.util.List;
41 import java.util.Set;
42 import sun.security.ssl.SupportedGroupsExtension.NamedGroup;
43 import sun.security.ssl.SupportedGroupsExtension.NamedGroupType;
44 import sun.security.ssl.X509Authentication.X509Possession;
45 import sun.security.util.KeyUtil;
46 import sun.security.util.SignatureUtil;
47
48 enum SignatureScheme {
49 // EdDSA algorithms
50 ED25519 (0x0807, "ed25519", "ed25519",
51 "ed25519",
52 ProtocolVersion.PROTOCOLS_OF_13),
53 ED448 (0x0808, "ed448", "ed448",
54 "ed448",
55 ProtocolVersion.PROTOCOLS_OF_13),
56
57 // ECDSA algorithms
58 ECDSA_SECP256R1_SHA256 (0x0403, "ecdsa_secp256r1_sha256",
59 "SHA256withECDSA",
60 "EC",
61 NamedGroup.SECP256_R1,
62 ProtocolVersion.PROTOCOLS_TO_13),
63 ECDSA_SECP384R1_SHA384 (0x0503, "ecdsa_secp384r1_sha384",
64 "SHA384withECDSA",
65 "EC",
66 NamedGroup.SECP384_R1,
455 if (schemes != null) {
456 ArrayList<String> names = new ArrayList<>(schemes.size());
457 for (SignatureScheme scheme : schemes) {
458 names.add(scheme.algorithm);
459 }
460
461 return names.toArray(new String[0]);
462 }
463
464 return new String[0];
465 }
466
467 Signature getSignature(Key key) throws NoSuchAlgorithmException,
468 InvalidAlgorithmParameterException, InvalidKeyException {
469 if (!isAvailable) {
470 return null;
471 }
472
473 Signature signer = Signature.getInstance(algorithm);
474 if (key instanceof PublicKey) {
475 SignatureUtil.initVerifyWithParam(signer, (PublicKey)key,
476 signAlgParameter);
477 } else {
478 SignatureUtil.initSignWithParam(signer, (PrivateKey)key,
479 signAlgParameter, null);
480 }
481
482 return signer;
483 }
484 }
|
26 package sun.security.ssl;
27
28 import java.security.*;
29 import java.security.interfaces.ECPrivateKey;
30 import java.security.spec.AlgorithmParameterSpec;
31 import java.security.spec.ECParameterSpec;
32 import java.security.spec.MGF1ParameterSpec;
33 import java.security.spec.PSSParameterSpec;
34 import java.util.ArrayList;
35 import java.util.Arrays;
36 import java.util.Collection;
37 import java.util.Collections;
38 import java.util.EnumSet;
39 import java.util.LinkedList;
40 import java.util.List;
41 import java.util.Set;
42 import sun.security.ssl.SupportedGroupsExtension.NamedGroup;
43 import sun.security.ssl.SupportedGroupsExtension.NamedGroupType;
44 import sun.security.ssl.X509Authentication.X509Possession;
45 import sun.security.util.KeyUtil;
46
47 enum SignatureScheme {
48 // EdDSA algorithms
49 ED25519 (0x0807, "ed25519", "ed25519",
50 "ed25519",
51 ProtocolVersion.PROTOCOLS_OF_13),
52 ED448 (0x0808, "ed448", "ed448",
53 "ed448",
54 ProtocolVersion.PROTOCOLS_OF_13),
55
56 // ECDSA algorithms
57 ECDSA_SECP256R1_SHA256 (0x0403, "ecdsa_secp256r1_sha256",
58 "SHA256withECDSA",
59 "EC",
60 NamedGroup.SECP256_R1,
61 ProtocolVersion.PROTOCOLS_TO_13),
62 ECDSA_SECP384R1_SHA384 (0x0503, "ecdsa_secp384r1_sha384",
63 "SHA384withECDSA",
64 "EC",
65 NamedGroup.SECP384_R1,
454 if (schemes != null) {
455 ArrayList<String> names = new ArrayList<>(schemes.size());
456 for (SignatureScheme scheme : schemes) {
457 names.add(scheme.algorithm);
458 }
459
460 return names.toArray(new String[0]);
461 }
462
463 return new String[0];
464 }
465
466 Signature getSignature(Key key) throws NoSuchAlgorithmException,
467 InvalidAlgorithmParameterException, InvalidKeyException {
468 if (!isAvailable) {
469 return null;
470 }
471
472 Signature signer = Signature.getInstance(algorithm);
473 if (key instanceof PublicKey) {
474 signer.initVerify((PublicKey)(key));
475 } else {
476 signer.initSign((PrivateKey)key);
477 }
478
479 // Important note: Please don't set the parameters before signature
480 // or verification initialization, so that the crypto provider can
481 // be selected properly.
482 if (signAlgParameter != null) {
483 signer.setParameter(signAlgParameter);
484 }
485
486 return signer;
487 }
488 }
|