1 package org.bouncycastle.cms; 2 3 import java.util.ArrayList; 4 import java.util.Enumeration; 5 import java.util.HashMap; 6 import java.util.List; 7 import java.util.Map; 8 9 import org.bouncycastle.asn1.ASN1Encodable; 10 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 11 import org.bouncycastle.asn1.ASN1Primitive; 12 import org.bouncycastle.asn1.ASN1Sequence; 13 import org.bouncycastle.asn1.ASN1Set; 14 import org.bouncycastle.asn1.ASN1TaggedObject; 15 import org.bouncycastle.asn1.DERNull; 16 // Android-removed: Unsupported algorithms 17 // import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat; 18 // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 19 import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 20 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 21 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 22 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 23 // import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers; 24 import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 25 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 26 import org.bouncycastle.asn1.x509.AttributeCertificate; 27 import org.bouncycastle.asn1.x509.Certificate; 28 import org.bouncycastle.asn1.x509.CertificateList; 29 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 30 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 31 import org.bouncycastle.cert.X509AttributeCertificateHolder; 32 import org.bouncycastle.cert.X509CRLHolder; 33 import org.bouncycastle.cert.X509CertificateHolder; 34 import org.bouncycastle.util.CollectionStore; 35 import org.bouncycastle.util.Store; 36 37 class CMSSignedHelper 38 { 39 static final CMSSignedHelper INSTANCE = new CMSSignedHelper(); 40 41 private static final Map encryptionAlgs = new HashMap(); 42 addEntries(ASN1ObjectIdentifier alias, String encryption)43 private static void addEntries(ASN1ObjectIdentifier alias, String encryption) 44 { 45 encryptionAlgs.put(alias.getId(), encryption); 46 } 47 48 static 49 { addEntries(NISTObjectIdentifiers.dsa_with_sha224, "DSA")50 addEntries(NISTObjectIdentifiers.dsa_with_sha224, "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha256, "DSA")51 addEntries(NISTObjectIdentifiers.dsa_with_sha256, "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha384, "DSA")52 addEntries(NISTObjectIdentifiers.dsa_with_sha384, "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha512, "DSA")53 addEntries(NISTObjectIdentifiers.dsa_with_sha512, "DSA"); 54 // BEGIN Android-removed: Unsupported algorithms 55 /* 56 addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_224, "DSA"); 57 addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_256, "DSA"); 58 addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_384, "DSA"); 59 addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_512, "DSA"); 60 */ 61 // END Android-removed: Unsupported algorithms addEntries(OIWObjectIdentifiers.dsaWithSHA1, "DSA")62 addEntries(OIWObjectIdentifiers.dsaWithSHA1, "DSA"); 63 // BEGIN Android-removed: Unsupported algorithms 64 /* 65 addEntries(OIWObjectIdentifiers.md4WithRSA, "RSA"); 66 addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "RSA"); 67 */ 68 // END Android-removed: Unsupported algorithms addEntries(OIWObjectIdentifiers.md5WithRSA, "RSA")69 addEntries(OIWObjectIdentifiers.md5WithRSA, "RSA"); addEntries(OIWObjectIdentifiers.sha1WithRSA, "RSA")70 addEntries(OIWObjectIdentifiers.sha1WithRSA, "RSA"); 71 // BEGIN Android-removed: Unsupported algorithms 72 /* 73 addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "RSA"); 74 addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "RSA"); 75 */ 76 // END Android-removed: Unsupported algorithms addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "RSA")77 addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "RSA"); addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "RSA")78 addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "RSA"); addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "RSA")79 addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "RSA"); addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "RSA")80 addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "RSA"); addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "RSA")81 addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "RSA"); addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "RSA")82 addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "RSA"); 83 // BEGIN Android-removed: Unsupported algorithms 84 /* 85 addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, "RSA"); 86 addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, "RSA"); 87 addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, "RSA"); 88 addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, "RSA"); 89 */ 90 // END Android-removed: Unsupported algorithms addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "ECDSA")91 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "ECDSA")92 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256, "ECDSA")93 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256, "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384, "ECDSA")94 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384, "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "ECDSA")95 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "ECDSA"); 96 // BEGIN Android-removed: Unsupported algorithms 97 /* 98 addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_224, "ECDSA"); 99 addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_256, "ECDSA"); 100 addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, "ECDSA"); 101 addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_512, "ECDSA"); 102 */ 103 // END Android-removed: Unsupported algorithms addEntries(X9ObjectIdentifiers.id_dsa_with_sha1, "DSA")104 addEntries(X9ObjectIdentifiers.id_dsa_with_sha1, "DSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "ECDSA")105 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "ECDSA")106 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "ECDSA")107 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "ECDSA")108 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "ECDSA")109 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "RSA")110 addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "RSA"); addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "RSA")111 addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "RSA"); addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "RSAandMGF1")112 addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "RSAandMGF1"); addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "RSAandMGF1")113 addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "RSAandMGF1"); 114 addEntries(X9ObjectIdentifiers.id_dsa, "DSA")115 addEntries(X9ObjectIdentifiers.id_dsa, "DSA"); addEntries(PKCSObjectIdentifiers.rsaEncryption, "RSA")116 addEntries(PKCSObjectIdentifiers.rsaEncryption, "RSA"); addEntries(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA")117 addEntries(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA"); addEntries(X509ObjectIdentifiers.id_ea_rsa, "RSA")118 addEntries(X509ObjectIdentifiers.id_ea_rsa, "RSA"); 119 // BEGIN Android-removed: Unsupported algorithms 120 /* 121 addEntries(PKCSObjectIdentifiers.id_RSASSA_PSS, "RSAandMGF1"); 122 addEntries(CryptoProObjectIdentifiers.gostR3410_94, "GOST3410"); 123 addEntries(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410"); 124 addEntries(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.6.2"), "ECGOST3410"); 125 addEntries(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.1.5"), "GOST3410"); 126 addEntries(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256, "ECGOST3410-2012-256"); 127 addEntries(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512, "ECGOST3410-2012-512"); 128 addEntries(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "ECGOST3410"); 129 addEntries(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410"); 130 addEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "ECGOST3410-2012-256"); 131 addEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "ECGOST3410-2012-512"); 132 */ 133 // END Android-removed: Unsupported algorithms 134 } 135 136 137 /** 138 * Return the digest encryption algorithm using one of the standard 139 * JCA string representations rather the the algorithm identifier (if 140 * possible). 141 */ getEncryptionAlgName( String encryptionAlgOID)142 String getEncryptionAlgName( 143 String encryptionAlgOID) 144 { 145 String algName = (String)encryptionAlgs.get(encryptionAlgOID); 146 147 if (algName != null) 148 { 149 return algName; 150 } 151 152 return encryptionAlgOID; 153 } 154 fixAlgID(AlgorithmIdentifier algId)155 AlgorithmIdentifier fixAlgID(AlgorithmIdentifier algId) 156 { 157 if (algId.getParameters() == null) 158 { 159 return new AlgorithmIdentifier(algId.getAlgorithm(), DERNull.INSTANCE); 160 } 161 162 return algId; 163 } 164 setSigningEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName)165 void setSigningEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName) 166 { 167 addEntries(oid, algorithmName); 168 } 169 getCertificates(ASN1Set certSet)170 Store getCertificates(ASN1Set certSet) 171 { 172 if (certSet != null) 173 { 174 List certList = new ArrayList(certSet.size()); 175 176 for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) 177 { 178 ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 179 180 if (obj instanceof ASN1Sequence) 181 { 182 certList.add(new X509CertificateHolder(Certificate.getInstance(obj))); 183 } 184 } 185 186 return new CollectionStore(certList); 187 } 188 189 return new CollectionStore(new ArrayList()); 190 } 191 getAttributeCertificates(ASN1Set certSet)192 Store getAttributeCertificates(ASN1Set certSet) 193 { 194 if (certSet != null) 195 { 196 List certList = new ArrayList(certSet.size()); 197 198 for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) 199 { 200 ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 201 202 if (obj instanceof ASN1TaggedObject) 203 { 204 certList.add(new X509AttributeCertificateHolder(AttributeCertificate.getInstance(((ASN1TaggedObject)obj).getObject()))); 205 } 206 } 207 208 return new CollectionStore(certList); 209 } 210 211 return new CollectionStore(new ArrayList()); 212 } 213 getCRLs(ASN1Set crlSet)214 Store getCRLs(ASN1Set crlSet) 215 { 216 if (crlSet != null) 217 { 218 List crlList = new ArrayList(crlSet.size()); 219 220 for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) 221 { 222 ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 223 224 if (obj instanceof ASN1Sequence) 225 { 226 crlList.add(new X509CRLHolder(CertificateList.getInstance(obj))); 227 } 228 } 229 230 return new CollectionStore(crlList); 231 } 232 233 return new CollectionStore(new ArrayList()); 234 } 235 236 // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported 237 /* 238 Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet) 239 { 240 if (crlSet != null) 241 { 242 List crlList = new ArrayList(crlSet.size()); 243 244 for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) 245 { 246 ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 247 248 if (obj instanceof ASN1TaggedObject) 249 { 250 ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj); 251 252 if (tObj.getTagNo() == 1) 253 { 254 OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false); 255 256 if (otherRevocationInfoFormat.equals(other.getInfoFormat())) 257 { 258 crlList.add(other.getInfo()); 259 } 260 } 261 } 262 } 263 264 return new CollectionStore(crlList); 265 } 266 267 return new CollectionStore(new ArrayList()); 268 } 269 */ 270 // END Android-removed: OtherRevocationInfoFormat isn't supported 271 } 272