/*
 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.util;

import java.io.IOException;
import java.security.*;
import java.security.spec.*;
import java.util.Locale;
import sun.security.rsa.RSAUtil;
import jdk.internal.access.SharedSecrets;

Utility class for Signature related operations. Currently used by various internal PKI classes such as sun.security.x509.X509CertImpl, sun.security.pkcs.SignerInfo, for setting signature parameters.
Since: 11
/** * Utility class for Signature related operations. Currently used by various * internal PKI classes such as sun.security.x509.X509CertImpl, * sun.security.pkcs.SignerInfo, for setting signature parameters. * * @since 11 */
public class SignatureUtil { private static String checkName(String algName) throws ProviderException { if (algName.indexOf(".") == -1) { return algName; } // convert oid to String try { return Signature.getInstance(algName).getAlgorithm(); } catch (Exception e) { throw new ProviderException("Error mapping algorithm name", e); } } // Utility method of creating an AlgorithmParameters object with // the specified algorithm name and encoding private static AlgorithmParameters createAlgorithmParameters(String algName, byte[] paramBytes) throws ProviderException { try { algName = checkName(algName); AlgorithmParameters result = AlgorithmParameters.getInstance(algName); result.init(paramBytes); return result; } catch (NoSuchAlgorithmException | IOException e) { throw new ProviderException(e); } } // Utility method for converting the specified AlgorithmParameters object // into an AlgorithmParameterSpec object. public static AlgorithmParameterSpec getParamSpec(String sigName, AlgorithmParameters params) throws ProviderException { sigName = checkName(sigName).toUpperCase(Locale.ENGLISH); AlgorithmParameterSpec paramSpec = null; if (params != null) { // AlgorithmParameters.getAlgorithm() may returns oid if it's // created during DER decoding. Convert to use the standard name // before passing it to RSAUtil if (params.getAlgorithm().indexOf(".") != -1) { try { params = createAlgorithmParameters(sigName, params.getEncoded()); } catch (IOException e) { throw new ProviderException(e); } } if (sigName.indexOf("RSA") != -1) { paramSpec = RSAUtil.getParamSpec(params); } else if (sigName.indexOf("ECDSA") != -1) { try { paramSpec = params.getParameterSpec(ECParameterSpec.class); } catch (Exception e) { throw new ProviderException("Error handling EC parameters", e); } } else { throw new ProviderException ("Unrecognized algorithm for signature parameters " + sigName); } } return paramSpec; } // Utility method for converting the specified parameter bytes into an // AlgorithmParameterSpec object. public static AlgorithmParameterSpec getParamSpec(String sigName, byte[] paramBytes) throws ProviderException { sigName = checkName(sigName).toUpperCase(Locale.ENGLISH); AlgorithmParameterSpec paramSpec = null; if (paramBytes != null) { if (sigName.indexOf("RSA") != -1) { AlgorithmParameters params = createAlgorithmParameters(sigName, paramBytes); paramSpec = RSAUtil.getParamSpec(params); } else if (sigName.indexOf("ECDSA") != -1) { try { Provider p = Signature.getInstance(sigName).getProvider(); paramSpec = ECUtil.getECParameterSpec(p, paramBytes); } catch (Exception e) { throw new ProviderException("Error handling EC parameters", e); } // ECUtil discards exception and returns null, so we need to check // the returned value if (paramSpec == null) { throw new ProviderException("Error handling EC parameters"); } } else { throw new ProviderException ("Unrecognized algorithm for signature parameters " + sigName); } } return paramSpec; } // Utility method for initializing the specified Signature object // for verification with the specified key and params (may be null) public static void initVerifyWithParam(Signature s, PublicKey key, AlgorithmParameterSpec params) throws ProviderException, InvalidAlgorithmParameterException, InvalidKeyException { SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, key, params); } // Utility method for initializing the specified Signature object // for verification with the specified Certificate and params (may be null) public static void initVerifyWithParam(Signature s, java.security.cert.Certificate cert, AlgorithmParameterSpec params) throws ProviderException, InvalidAlgorithmParameterException, InvalidKeyException { SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, cert, params); } // Utility method for initializing the specified Signature object // for signing with the specified key and params (may be null) public static void initSignWithParam(Signature s, PrivateKey key, AlgorithmParameterSpec params, SecureRandom sr) throws ProviderException, InvalidAlgorithmParameterException, InvalidKeyException { SharedSecrets.getJavaSecuritySignatureAccess().initSign(s, key, params, sr); } }