| /* GENERATED SOURCE. DO NOT MODIFY. */ |
| package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa; |
| |
| import java.io.IOException; |
| import java.security.AlgorithmParameters; |
| import java.security.InvalidKeyException; |
| import java.security.PrivateKey; |
| import java.security.PublicKey; |
| import java.security.SignatureException; |
| import java.security.SignatureSpi; |
| import java.security.interfaces.RSAPrivateKey; |
| import java.security.interfaces.RSAPublicKey; |
| import java.security.spec.AlgorithmParameterSpec; |
| |
| import com.android.org.bouncycastle.asn1.ASN1Encoding; |
| import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier; |
| import com.android.org.bouncycastle.asn1.DERNull; |
| import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers; |
| import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; |
| import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; |
| // Android-removed: Unsupported algorithms |
| // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; |
| import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier; |
| import com.android.org.bouncycastle.asn1.x509.DigestInfo; |
| import com.android.org.bouncycastle.crypto.AsymmetricBlockCipher; |
| import com.android.org.bouncycastle.crypto.CipherParameters; |
| import com.android.org.bouncycastle.crypto.Digest; |
| // Android-removed: Unsupported algorithms |
| // import org.bouncycastle.crypto.digests.MD2Digest; |
| // import org.bouncycastle.crypto.digests.MD4Digest; |
| // import org.bouncycastle.crypto.digests.NullDigest; |
| // import org.bouncycastle.crypto.digests.RIPEMD128Digest; |
| // import org.bouncycastle.crypto.digests.RIPEMD160Digest; |
| // import org.bouncycastle.crypto.digests.RIPEMD256Digest; |
| import com.android.org.bouncycastle.crypto.encodings.PKCS1Encoding; |
| import com.android.org.bouncycastle.crypto.engines.RSABlindedEngine; |
| // Android-changed: Use Android digests |
| // import org.bouncycastle.crypto.util.DigestFactory; |
| import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory; |
| import com.android.org.bouncycastle.util.Arrays; |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| public class DigestSignatureSpi |
| extends SignatureSpi |
| { |
| private Digest digest; |
| private AsymmetricBlockCipher cipher; |
| private AlgorithmIdentifier algId; |
| |
| // care - this constructor is actually used by outside organisations |
| protected DigestSignatureSpi( |
| Digest digest, |
| AsymmetricBlockCipher cipher) |
| { |
| this.digest = digest; |
| this.cipher = cipher; |
| this.algId = null; |
| } |
| |
| // care - this constructor is actually used by outside organisations |
| protected DigestSignatureSpi( |
| ASN1ObjectIdentifier objId, |
| Digest digest, |
| AsymmetricBlockCipher cipher) |
| { |
| this.digest = digest; |
| this.cipher = cipher; |
| this.algId = new AlgorithmIdentifier(objId, DERNull.INSTANCE); |
| } |
| |
| protected void engineInitVerify( |
| PublicKey publicKey) |
| throws InvalidKeyException |
| { |
| if (!(publicKey instanceof RSAPublicKey)) |
| { |
| throw new InvalidKeyException("Supplied key (" + getType(publicKey) + ") is not a RSAPublicKey instance"); |
| } |
| |
| CipherParameters param = RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey); |
| |
| digest.reset(); |
| cipher.init(false, param); |
| } |
| |
| protected void engineInitSign( |
| PrivateKey privateKey) |
| throws InvalidKeyException |
| { |
| if (!(privateKey instanceof RSAPrivateKey)) |
| { |
| throw new InvalidKeyException("Supplied key (" + getType(privateKey) + ") is not a RSAPrivateKey instance"); |
| } |
| |
| CipherParameters param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey); |
| |
| digest.reset(); |
| |
| cipher.init(true, param); |
| } |
| |
| private String getType( |
| Object o) |
| { |
| if (o == null) |
| { |
| return null; |
| } |
| |
| return o.getClass().getName(); |
| } |
| |
| protected void engineUpdate( |
| byte b) |
| throws SignatureException |
| { |
| digest.update(b); |
| } |
| |
| protected void engineUpdate( |
| byte[] b, |
| int off, |
| int len) |
| throws SignatureException |
| { |
| digest.update(b, off, len); |
| } |
| |
| protected byte[] engineSign() |
| throws SignatureException |
| { |
| byte[] hash = new byte[digest.getDigestSize()]; |
| |
| digest.doFinal(hash, 0); |
| |
| try |
| { |
| byte[] bytes = derEncode(hash); |
| |
| return cipher.processBlock(bytes, 0, bytes.length); |
| } |
| catch (ArrayIndexOutOfBoundsException e) |
| { |
| throw new SignatureException("key too small for signature type"); |
| } |
| catch (Exception e) |
| { |
| throw new SignatureException(e.toString()); |
| } |
| } |
| |
| protected boolean engineVerify( |
| byte[] sigBytes) |
| throws SignatureException |
| { |
| byte[] hash = new byte[digest.getDigestSize()]; |
| |
| digest.doFinal(hash, 0); |
| |
| byte[] sig; |
| byte[] expected; |
| |
| try |
| { |
| sig = cipher.processBlock(sigBytes, 0, sigBytes.length); |
| |
| expected = derEncode(hash); |
| } |
| catch (Exception e) |
| { |
| return false; |
| } |
| |
| if (sig.length == expected.length) |
| { |
| return Arrays.constantTimeAreEqual(sig, expected); |
| } |
| else if (sig.length == expected.length - 2) // NULL left out |
| { |
| expected[1] -= 2; // adjust lengths |
| expected[3] -= 2; |
| |
| int sigOffset = 4 + expected[3]; |
| int expectedOffset = sigOffset + 2; |
| int nonEqual = 0; |
| |
| for (int i = 0; i < expected.length - expectedOffset; i++) |
| { |
| nonEqual |= (sig[sigOffset + i] ^ expected[expectedOffset + i]); |
| } |
| |
| for (int i = 0; i < sigOffset; i++) |
| { |
| nonEqual |= (sig[i] ^ expected[i]); // check header less NULL |
| } |
| |
| return nonEqual == 0; |
| } |
| else |
| { |
| Arrays.constantTimeAreEqual(expected, expected); // keep time "steady". |
| |
| return false; |
| } |
| } |
| |
| protected void engineSetParameter( |
| AlgorithmParameterSpec params) |
| { |
| throw new UnsupportedOperationException("engineSetParameter unsupported"); |
| } |
| |
| /** |
| * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec) |
| */ |
| protected void engineSetParameter( |
| String param, |
| Object value) |
| { |
| throw new UnsupportedOperationException("engineSetParameter unsupported"); |
| } |
| |
| /** |
| * @deprecated |
| */ |
| protected Object engineGetParameter( |
| String param) |
| { |
| return null; |
| } |
| |
| protected AlgorithmParameters engineGetParameters() |
| { |
| return null; |
| } |
| |
| private byte[] derEncode( |
| byte[] hash) |
| throws IOException |
| { |
| if (algId == null) |
| { |
| // For raw RSA, the DigestInfo must be prepared externally |
| return hash; |
| } |
| |
| DigestInfo dInfo = new DigestInfo(algId, hash); |
| |
| return dInfo.getEncoded(ASN1Encoding.DER); |
| } |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| static public class SHA1 |
| extends DigestSignatureSpi |
| { |
| public SHA1() |
| { |
| // Android-changed: Use Android digests |
| // super(OIWObjectIdentifiers.idSHA1, DigestFactory.createSHA1(), new PKCS1Encoding(new RSABlindedEngine())); |
| super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| static public class SHA224 |
| extends DigestSignatureSpi |
| { |
| public SHA224() |
| { |
| // Android-changed: Use Android digests |
| // super(NISTObjectIdentifiers.id_sha224, DigestFactory.createSHA224(), new PKCS1Encoding(new RSABlindedEngine())); |
| super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| static public class SHA256 |
| extends DigestSignatureSpi |
| { |
| public SHA256() |
| { |
| // Android-changed: Use Android digests |
| // super(NISTObjectIdentifiers.id_sha256, DigestFactory.createSHA256(), new PKCS1Encoding(new RSABlindedEngine())); |
| super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| static public class SHA384 |
| extends DigestSignatureSpi |
| { |
| public SHA384() |
| { |
| // Android-changed: Use Android digests |
| // super(NISTObjectIdentifiers.id_sha384, DigestFactory.createSHA384(), new PKCS1Encoding(new RSABlindedEngine())); |
| super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| static public class SHA512 |
| extends DigestSignatureSpi |
| { |
| public SHA512() |
| { |
| // Android-changed: Use Android digests |
| // super(NISTObjectIdentifiers.id_sha512, DigestFactory.createSHA512(), new PKCS1Encoding(new RSABlindedEngine())); |
| super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| // BEGIN Android-removed: Unsupported algorithms |
| /* |
| static public class SHA512_224 |
| extends DigestSignatureSpi |
| { |
| public SHA512_224() |
| { |
| super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class SHA512_256 |
| extends DigestSignatureSpi |
| { |
| public SHA512_256() |
| { |
| super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class SHA3_224 |
| extends DigestSignatureSpi |
| { |
| public SHA3_224() |
| { |
| super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class SHA3_256 |
| extends DigestSignatureSpi |
| { |
| public SHA3_256() |
| { |
| super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class SHA3_384 |
| extends DigestSignatureSpi |
| { |
| public SHA3_384() |
| { |
| super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class SHA3_512 |
| extends DigestSignatureSpi |
| { |
| public SHA3_512() |
| { |
| super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class MD2 |
| extends DigestSignatureSpi |
| { |
| public MD2() |
| { |
| super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class MD4 |
| extends DigestSignatureSpi |
| { |
| public MD4() |
| { |
| super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| */ |
| // END Android-removed: Unsupported algorithms |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| static public class MD5 |
| extends DigestSignatureSpi |
| { |
| public MD5() |
| { |
| // Android-changed: Use Android digests |
| // super(PKCSObjectIdentifiers.md5, DigestFactory.createMD5(), new PKCS1Encoding(new RSABlindedEngine())); |
| super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| // BEGIN Android-removed: Unsupported algorithms |
| /* |
| static public class RIPEMD160 |
| extends DigestSignatureSpi |
| { |
| public RIPEMD160() |
| { |
| super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class RIPEMD128 |
| extends DigestSignatureSpi |
| { |
| public RIPEMD128() |
| { |
| super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class RIPEMD256 |
| extends DigestSignatureSpi |
| { |
| public RIPEMD256() |
| { |
| super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| |
| static public class noneRSA |
| extends DigestSignatureSpi |
| { |
| public noneRSA() |
| { |
| super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); |
| } |
| } |
| */ |
| // END Android-removed: Unsupported algorithms |
| } |