1 /*
2 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.util;
27
28 import java.io.IOException;
29 import java.security.*;
30 import java.security.spec.*;
31 import sun.security.rsa.RSAUtil;
32 import jdk.internal.access.SharedSecrets;
33
34 /**
35 * Utility class for Signature related operations. Currently used by various
36 * internal PKI classes such as sun.security.x509.X509CertImpl,
37 * sun.security.pkcs.SignerInfo, for setting signature parameters.
38 *
39 * @since 11
40 */
41 public class SignatureUtil {
42
43 private static String checkName(String algName) throws ProviderException {
44 if (algName.indexOf(".") == -1) {
45 return algName;
46 }
47 // convert oid to String
48 try {
49 return Signature.getInstance(algName).getAlgorithm();
50 } catch (Exception e) {
51 throw new ProviderException("Error mapping algorithm name", e);
52 }
53 }
54
55 // Utility method of creating an AlgorithmParameters object with
56 // the specified algorithm name and encoding
57 private static AlgorithmParameters createAlgorithmParameters(String algName,
58 byte[] paramBytes) throws ProviderException {
59
60 try {
61 algName = checkName(algName);
62 AlgorithmParameters result =
63 AlgorithmParameters.getInstance(algName);
64 result.init(paramBytes);
65 return result;
66 } catch (NoSuchAlgorithmException | IOException e) {
67 throw new ProviderException(e);
68 }
69 }
70
71 // Utility method for converting the specified AlgorithmParameters object
72 // into an AlgorithmParameterSpec object.
73 public static AlgorithmParameterSpec getParamSpec(String sigName,
74 AlgorithmParameters params)
75 throws ProviderException {
76
77 sigName = checkName(sigName);
78 AlgorithmParameterSpec paramSpec = null;
79 if (params != null) {
80 if (sigName.toUpperCase().indexOf("RSA") == -1) {
81 throw new ProviderException
82 ("Unrecognized algorithm for signature parameters " +
83 sigName);
84 }
85 // AlgorithmParameters.getAlgorithm() may returns oid if it's
86 // created during DER decoding. Convert to use the standard name
87 // before passing it to RSAUtil
88 if (params.getAlgorithm().indexOf(".") != -1) {
89 try {
90 params = createAlgorithmParameters(sigName,
91 params.getEncoded());
92 } catch (IOException e) {
93 throw new ProviderException(e);
94 }
95 }
96 paramSpec = RSAUtil.getParamSpec(params);
97 }
98 return paramSpec;
99 }
100
101 // Utility method for converting the specified parameter bytes into an
102 // AlgorithmParameterSpec object.
103 public static AlgorithmParameterSpec getParamSpec(String sigName,
104 byte[] paramBytes)
105 throws ProviderException {
106 sigName = checkName(sigName);
107 AlgorithmParameterSpec paramSpec = null;
108 if (paramBytes != null) {
109 if (sigName.toUpperCase().indexOf("RSA") == -1) {
110 throw new ProviderException
111 ("Unrecognized algorithm for signature parameters " +
112 sigName);
113 }
114 AlgorithmParameters params =
115 createAlgorithmParameters(sigName, paramBytes);
116 paramSpec = RSAUtil.getParamSpec(params);
117 }
118 return paramSpec;
119 }
120
121 // Utility method for initializing the specified Signature object
122 // for verification with the specified key and params (may be null)
123 public static void initVerifyWithParam(Signature s, PublicKey key,
124 AlgorithmParameterSpec params)
125 throws ProviderException, InvalidAlgorithmParameterException,
126 InvalidKeyException {
127 SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, key, params);
128 }
129
130 // Utility method for initializing the specified Signature object
131 // for verification with the specified Certificate and params (may be null)
132 public static void initVerifyWithParam(Signature s,
133 java.security.cert.Certificate cert,
134 AlgorithmParameterSpec params)
135 throws ProviderException, InvalidAlgorithmParameterException,
136 InvalidKeyException {
137 SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, cert, params);
138 }
139
140 // Utility method for initializing the specified Signature object
141 // for signing with the specified key and params (may be null)
142 public static void initSignWithParam(Signature s, PrivateKey key,
143 AlgorithmParameterSpec params, SecureRandom sr)
144 throws ProviderException, InvalidAlgorithmParameterException,
145 InvalidKeyException {
146 SharedSecrets.getJavaSecuritySignatureAccess().initSign(s, key, params, sr);
147 }
148 }