package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Base64;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
public class SignatureDSA extends SignatureAlgorithmSpi {
public static final String URI = Constants.SignatureSpecNS + "dsa-sha1";
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureDSA.class);
private Signature signatureAlgorithm;
private int size;
protected String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_DSA;
}
public SignatureDSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(engineGetURI());
LOG.debug("Created SignatureDSA using {}", algorithmID);
String provider = JCEMapper.getProviderId();
try {
if (provider == null) {
this.signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
this.signatureAlgorithm =
Signature.getInstance(algorithmID, provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (java.security.NoSuchProviderException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
}
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
try {
this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException(ex);
}
}
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException {
try {
if (LOG.isDebugEnabled()) {
LOG.debug("Called DSA.verify() on " + Base64.getMimeEncoder().encodeToString(signature));
}
byte[] jcebytes = JavaUtils.convertDsaXMLDSIGtoASN1(signature,
size/8);
return this.signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException(ex);
} catch (IOException ex) {
throw new XMLSignatureException(ex);
}
}
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = null;
if (publicKey != null) {
supplied = publicKey.getClass().getName();
}
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
Signature sig = this.signatureAlgorithm;
try {
this.signatureAlgorithm = Signature.getInstance(signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
LOG.debug("Exception when reinstantiating Signature: {}", e);
this.signatureAlgorithm = sig;
}
throw new XMLSignatureException(ex);
}
size = ((DSAKey)publicKey).getParams().getQ().bitLength();
}
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this.signatureAlgorithm.sign();
return JavaUtils.convertDsaASN1toXMLDSIG(jcebytes, size/8);
} catch (IOException ex) {
throw new XMLSignatureException(ex);
} catch (SignatureException ex) {
throw new XMLSignatureException(ex);
}
}
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = null;
if (privateKey != null) {
supplied = privateKey.getClass().getName();
}
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
if (secureRandom == null) {
this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} else {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
}
} catch (InvalidKeyException ex) {
throw new XMLSignatureException(ex);
}
size = ((DSAKey)privateKey).getParams().getQ().bitLength();
}
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
engineInitSign(privateKey, (SecureRandom)null);
}
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException(ex);
}
}
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException(ex);
}
}
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException(ex);
}
}
protected String engineGetJCEAlgorithmString() {
return this.signatureAlgorithm.getAlgorithm();
}
protected String engineGetJCEProviderName() {
return this.signatureAlgorithm.getProvider().getName();
}
protected void engineSetHMACOutputLength(int HMACOutputLength) throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException {
throw new XMLSignatureException("algorithms.CannotUseAlgorithmParameterSpecOnDSA");
}
public static class SHA256 extends SignatureDSA {
public SHA256() throws XMLSignatureException {
super();
}
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_DSA_SHA256;
}
}
}