1 /* 2 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.util; 27 28 import java.io.IOException; 29 import java.security.*; 30 import java.security.spec.*; 31 import sun.security.rsa.RSAUtil; 32 import jdk.internal.access.SharedSecrets; 33 34 /** 35 * Utility class for Signature related operations. Currently used by various 36 * internal PKI classes such as sun.security.x509.X509CertImpl, 37 * sun.security.pkcs.SignerInfo, for setting signature parameters. 38 * 39 * @since 11 40 */ 41 public class SignatureUtil { 42 43 private static String checkName(String algName) throws ProviderException { 44 if (algName.indexOf(".") == -1) { 45 return algName; 46 } 47 // convert oid to String 48 try { 49 return Signature.getInstance(algName).getAlgorithm(); 50 } catch (Exception e) { 51 throw new ProviderException("Error mapping algorithm name", e); 52 } 53 } 54 55 // Utility method of creating an AlgorithmParameters object with 56 // the specified algorithm name and encoding 57 private static AlgorithmParameters createAlgorithmParameters(String algName, 58 byte[] paramBytes) throws ProviderException { 59 60 try { 61 algName = checkName(algName); 62 AlgorithmParameters result = 63 AlgorithmParameters.getInstance(algName); 64 result.init(paramBytes); 65 return result; 66 } catch (NoSuchAlgorithmException | IOException e) { 67 throw new ProviderException(e); 68 } 69 } 70 71 // Utility method for converting the specified AlgorithmParameters object 72 // into an AlgorithmParameterSpec object. 73 public static AlgorithmParameterSpec getParamSpec(String sigName, 74 AlgorithmParameters params) 75 throws ProviderException { 76 77 sigName = checkName(sigName); 78 AlgorithmParameterSpec paramSpec = null; 79 if (params != null) { 80 if (sigName.toUpperCase().indexOf("RSA") == -1) { 81 throw new ProviderException 82 ("Unrecognized algorithm for signature parameters " + 83 sigName); 84 } 85 // AlgorithmParameters.getAlgorithm() may returns oid if it's 86 // created during DER decoding. Convert to use the standard name 87 // before passing it to RSAUtil 88 if (params.getAlgorithm().indexOf(".") != -1) { 89 try { 90 params = createAlgorithmParameters(sigName, 91 params.getEncoded()); 92 } catch (IOException e) { 93 throw new ProviderException(e); 94 } 95 } 96 paramSpec = RSAUtil.getParamSpec(params); 97 } 98 return paramSpec; 99 } 100 101 // Utility method for converting the specified parameter bytes into an 102 // AlgorithmParameterSpec object. 103 public static AlgorithmParameterSpec getParamSpec(String sigName, 104 byte[] paramBytes) 105 throws ProviderException { 106 sigName = checkName(sigName); 107 AlgorithmParameterSpec paramSpec = null; 108 if (paramBytes != null) { 109 if (sigName.toUpperCase().indexOf("RSA") == -1) { 110 throw new ProviderException 111 ("Unrecognized algorithm for signature parameters " + 112 sigName); 113 } 114 AlgorithmParameters params = 115 createAlgorithmParameters(sigName, paramBytes); 116 paramSpec = RSAUtil.getParamSpec(params); 117 } 118 return paramSpec; 119 } 120 121 // Utility method for initializing the specified Signature object 122 // for verification with the specified key and params (may be null) 123 public static void initVerifyWithParam(Signature s, PublicKey key, 124 AlgorithmParameterSpec params) 125 throws ProviderException, InvalidAlgorithmParameterException, 126 InvalidKeyException { 127 SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, key, params); 128 } 129 130 // Utility method for initializing the specified Signature object 131 // for verification with the specified Certificate and params (may be null) 132 public static void initVerifyWithParam(Signature s, 133 java.security.cert.Certificate cert, 134 AlgorithmParameterSpec params) 135 throws ProviderException, InvalidAlgorithmParameterException, 136 InvalidKeyException { 137 SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, cert, params); 138 } 139 140 // Utility method for initializing the specified Signature object 141 // for signing with the specified key and params (may be null) 142 public static void initSignWithParam(Signature s, PrivateKey key, 143 AlgorithmParameterSpec params, SecureRandom sr) 144 throws ProviderException, InvalidAlgorithmParameterException, 145 InvalidKeyException { 146 SharedSecrets.getJavaSecuritySignatureAccess().initSign(s, key, params, sr); 147 } 148 }