• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 package org.bouncycastle.operator;
2 
3 import java.util.HashMap;
4 import java.util.HashSet;
5 import java.util.Map;
6 import java.util.Set;
7 
8 import org.bouncycastle.asn1.ASN1Encodable;
9 import org.bouncycastle.asn1.ASN1Integer;
10 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
11 import org.bouncycastle.asn1.DERNull;
12 // Android-removed: Unsupported algorithms
13 // import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
14 // import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
15 // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
16 // import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
17 // import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
18 // import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
19 // import org.bouncycastle.asn1.isara.IsaraObjectIdentifiers;
20 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
21 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
22 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
23 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
24 // import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
25 // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
26 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
27 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
28 import org.bouncycastle.util.Strings;
29 
30 public class DefaultSignatureAlgorithmIdentifierFinder
31     implements SignatureAlgorithmIdentifierFinder
32 {
33     private static Map algorithms = new HashMap();
34     private static Set noParams = new HashSet();
35     private static Map params = new HashMap();
36     private static Set pkcs15RsaEncryption = new HashSet();
37     private static Map digestOids = new HashMap();
38 
39     private static final ASN1ObjectIdentifier ENCRYPTION_RSA = PKCSObjectIdentifiers.rsaEncryption;
40     private static final ASN1ObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1;
41     private static final ASN1ObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1;
42     private static final ASN1ObjectIdentifier ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS;
43     // BEGIN Android-removed: Unsupported algorithms
44     // private static final ASN1ObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94;
45     // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001;
46     // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
47     // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512;
48     // END Android-removed: Unsupported algorithms
49 
50     static
51     {
52         // BEGIN Android-removed: Unsupported algorithms
53         // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
54         // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
55         // END Android-removed: Unsupported algorithms
56         algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
57         algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
58         algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
59         algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption);
60         algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption);
61         algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption);
62         algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption);
63         algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption);
64         algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption);
65         algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption);
66         algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption);
67         algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption);
68         algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
69         algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
70         algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
71         algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
72         algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
73         // BEGIN Android-removed: Unsupported algorithms
74         /*
75         algorithms.put("SHA3-224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
76         algorithms.put("SHA3-256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
77         algorithms.put("SHA3-384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
78         algorithms.put("SHA3-512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
79         algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
80         algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
81         algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
82         algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
83         algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
84         algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
85         */
86         // END Android-removed: Unsupported algorithms
87         algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
88         algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
89         algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
90         algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256);
91         algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384);
92         algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512);
93         // BEGIN Android-removed: Unsupported algorithms
94         /*
95         algorithms.put("SHA3-224WITHDSA", NISTObjectIdentifiers.id_dsa_with_sha3_224);
96         algorithms.put("SHA3-256WITHDSA", NISTObjectIdentifiers.id_dsa_with_sha3_256);
97         algorithms.put("SHA3-384WITHDSA", NISTObjectIdentifiers.id_dsa_with_sha3_384);
98         algorithms.put("SHA3-512WITHDSA", NISTObjectIdentifiers.id_dsa_with_sha3_512);
99         algorithms.put("SHA3-224WITHECDSA", NISTObjectIdentifiers.id_ecdsa_with_sha3_224);
100         algorithms.put("SHA3-256WITHECDSA", NISTObjectIdentifiers.id_ecdsa_with_sha3_256);
101         algorithms.put("SHA3-384WITHECDSA", NISTObjectIdentifiers.id_ecdsa_with_sha3_384);
102         algorithms.put("SHA3-512WITHECDSA", NISTObjectIdentifiers.id_ecdsa_with_sha3_512);
103         algorithms.put("SHA3-224WITHRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224);
104         algorithms.put("SHA3-256WITHRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
105         algorithms.put("SHA3-384WITHRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
106         algorithms.put("SHA3-512WITHRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
107         algorithms.put("SHA3-224WITHRSAENCRYPTION", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224);
108         algorithms.put("SHA3-256WITHRSAENCRYPTION", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
109         algorithms.put("SHA3-384WITHRSAENCRYPTION", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
110         algorithms.put("SHA3-512WITHRSAENCRYPTION", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
111         */
112         // END Android-removed: Unsupported algorithms
113         algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
114         algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
115         algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
116         algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
117         algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
118         algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
119 
120         // BEGIN Android-removed: Unsupported algorithms
121         /*
122         algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
123         algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
124         algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
125         algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
126         algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
127         algorithms.put("GOST3411WITHECGOST3410-2012-256", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
128         algorithms.put("GOST3411WITHECGOST3410-2012-512", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
129         algorithms.put("GOST3411WITHGOST3410-2012-256", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
130         algorithms.put("GOST3411WITHGOST3410-2012-512", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
131         algorithms.put("GOST3411-2012-256WITHECGOST3410-2012-256", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
132         algorithms.put("GOST3411-2012-512WITHECGOST3410-2012-512", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
133         algorithms.put("GOST3411-2012-256WITHGOST3410-2012-256", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
134         algorithms.put("GOST3411-2012-512WITHGOST3410-2012-512", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
135         algorithms.put("SHA1WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
136         algorithms.put("SHA224WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA224);
137         algorithms.put("SHA256WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA256);
138         algorithms.put("SHA384WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA384);
139         algorithms.put("SHA512WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA512);
140         algorithms.put("RIPEMD160WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
141         algorithms.put("SHA1WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
142         algorithms.put("SHA224WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
143         algorithms.put("SHA256WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
144         algorithms.put("SHA384WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
145         algorithms.put("SHA512WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
146         algorithms.put("SHA3-512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA3_512);
147         algorithms.put("SHA512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA512);
148 
149         algorithms.put("ED25519", EdECObjectIdentifiers.id_Ed25519);
150         algorithms.put("ED448", EdECObjectIdentifiers.id_Ed448);
151 
152         algorithms.put("RIPEMD160WITHSM2", GMObjectIdentifiers.sm2sign_with_rmd160);
153         algorithms.put("SHA1WITHSM2", GMObjectIdentifiers.sm2sign_with_sha1);
154         algorithms.put("SHA224WITHSM2", GMObjectIdentifiers.sm2sign_with_sha224);
155         algorithms.put("SHA256WITHSM2", GMObjectIdentifiers.sm2sign_with_sha256);
156         algorithms.put("SHA384WITHSM2", GMObjectIdentifiers.sm2sign_with_sha384);
157         algorithms.put("SHA512WITHSM2", GMObjectIdentifiers.sm2sign_with_sha512);
158         algorithms.put("SM3WITHSM2", GMObjectIdentifiers.sm2sign_with_sm3);
159 
160         algorithms.put("SHA256WITHXMSS", BCObjectIdentifiers.xmss_SHA256ph);
161         algorithms.put("SHA512WITHXMSS", BCObjectIdentifiers.xmss_SHA512ph);
162         algorithms.put("SHAKE128WITHXMSS", BCObjectIdentifiers.xmss_SHAKE128ph);
163         algorithms.put("SHAKE256WITHXMSS", BCObjectIdentifiers.xmss_SHAKE256ph);
164 
165         algorithms.put("SHA256WITHXMSSMT", BCObjectIdentifiers.xmss_mt_SHA256ph);
166         algorithms.put("SHA512WITHXMSSMT", BCObjectIdentifiers.xmss_mt_SHA512ph);
167         algorithms.put("SHAKE128WITHXMSSMT", BCObjectIdentifiers.xmss_mt_SHAKE128ph);
168         algorithms.put("SHAKE256WITHXMSSMT", BCObjectIdentifiers.xmss_mt_SHAKE256ph);
169 
170         algorithms.put("SHA256WITHXMSS-SHA256", BCObjectIdentifiers.xmss_SHA256ph);
171         algorithms.put("SHA512WITHXMSS-SHA512", BCObjectIdentifiers.xmss_SHA512ph);
172         algorithms.put("SHAKE128WITHXMSS-SHAKE128", BCObjectIdentifiers.xmss_SHAKE128ph);
173         algorithms.put("SHAKE256WITHXMSS-SHAKE256", BCObjectIdentifiers.xmss_SHAKE256ph);
174 
175         algorithms.put("SHA256WITHXMSSMT-SHA256", BCObjectIdentifiers.xmss_mt_SHA256ph);
176         algorithms.put("SHA512WITHXMSSMT-SHA512", BCObjectIdentifiers.xmss_mt_SHA512ph);
177         algorithms.put("SHAKE128WITHXMSSMT-SHAKE128", BCObjectIdentifiers.xmss_mt_SHAKE128ph);
178         algorithms.put("SHAKE256WITHXMSSMT-SHAKE256", BCObjectIdentifiers.xmss_mt_SHAKE256ph);
179 
180         algorithms.put("LMS", PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
181 
182         algorithms.put("XMSS", IsaraObjectIdentifiers.id_alg_xmss);
183         algorithms.put("XMSS-SHA256", BCObjectIdentifiers.xmss_SHA256);
184         algorithms.put("XMSS-SHA512", BCObjectIdentifiers.xmss_SHA512);
185         algorithms.put("XMSS-SHAKE128", BCObjectIdentifiers.xmss_SHAKE128);
186         algorithms.put("XMSS-SHAKE256", BCObjectIdentifiers.xmss_SHAKE256);
187 
188         algorithms.put("XMSSMT", IsaraObjectIdentifiers.id_alg_xmssmt);
189         algorithms.put("XMSSMT-SHA256", BCObjectIdentifiers.xmss_mt_SHA256);
190         algorithms.put("XMSSMT-SHA512", BCObjectIdentifiers.xmss_mt_SHA512);
191         algorithms.put("XMSSMT-SHAKE128", BCObjectIdentifiers.xmss_mt_SHAKE128);
192         algorithms.put("XMSSMT-SHAKE256", BCObjectIdentifiers.xmss_mt_SHAKE256);
193 
194         algorithms.put("QTESLA-P-I", BCObjectIdentifiers.qTESLA_p_I);
195         algorithms.put("QTESLA-P-III", BCObjectIdentifiers.qTESLA_p_III);
196         */
197         // END Android-removed: Unsupported algorithms
198 
199         //
200         // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
201         // The parameters field SHALL be NULL for RSA based signature algorithms.
202         //
203         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1);
204         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224);
205         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256);
206         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384);
207         noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512);
208         noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1);
209         // BEGIN Android-removed: unsupported algorithms
210         // noParams.add(OIWObjectIdentifiers.dsaWithSHA1);
211         // END Android-removed: unsupported algorithms
212         noParams.add(NISTObjectIdentifiers.dsa_with_sha224);
213         noParams.add(NISTObjectIdentifiers.dsa_with_sha256);
214         noParams.add(NISTObjectIdentifiers.dsa_with_sha384);
215         noParams.add(NISTObjectIdentifiers.dsa_with_sha512);
216         // BEGIN Android-removed: Unsupported algorithms
217         /*
218         noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_224);
219         noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_256);
220         noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_384);
221         noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_512);
222         noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_224);
223         noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_256);
224         noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_384);
225         noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_512);
226 
227         //
228         // RFC 4491
229         //
230         noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
231         noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
232         noParams.add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
233         noParams.add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
234 
235         //
236         // SPHINCS-256
237         //
238         noParams.add(BCObjectIdentifiers.sphincs256_with_SHA512);
239         noParams.add(BCObjectIdentifiers.sphincs256_with_SHA3_512);
240 
241         //
242         // XMSS
243         //
244         noParams.add(BCObjectIdentifiers.xmss_SHA256ph);
245         noParams.add(BCObjectIdentifiers.xmss_SHA512ph);
246         noParams.add(BCObjectIdentifiers.xmss_SHAKE128ph);
247         noParams.add(BCObjectIdentifiers.xmss_SHAKE256ph);
248         noParams.add(BCObjectIdentifiers.xmss_mt_SHA256ph);
249         noParams.add(BCObjectIdentifiers.xmss_mt_SHA512ph);
250         noParams.add(BCObjectIdentifiers.xmss_mt_SHAKE128ph);
251         noParams.add(BCObjectIdentifiers.xmss_mt_SHAKE256ph);
252 
253         noParams.add(BCObjectIdentifiers.xmss_SHA256);
254         noParams.add(BCObjectIdentifiers.xmss_SHA512);
255         noParams.add(BCObjectIdentifiers.xmss_SHAKE128);
256         noParams.add(BCObjectIdentifiers.xmss_SHAKE256);
257         noParams.add(BCObjectIdentifiers.xmss_mt_SHA256);
258         noParams.add(BCObjectIdentifiers.xmss_mt_SHA512);
259         noParams.add(BCObjectIdentifiers.xmss_mt_SHAKE128);
260         noParams.add(BCObjectIdentifiers.xmss_mt_SHAKE256);
261 
262         noParams.add(IsaraObjectIdentifiers.id_alg_xmss);
263         noParams.add(IsaraObjectIdentifiers.id_alg_xmssmt);
264 
265         //
266         // qTESLA
267         //
268         noParams.add(BCObjectIdentifiers.qTESLA_p_I);
269         noParams.add(BCObjectIdentifiers.qTESLA_p_III);
270 
271         //
272         // SM2
273         //
274 //        noParams.add(GMObjectIdentifiers.sm2sign_with_rmd160);
275 //        noParams.add(GMObjectIdentifiers.sm2sign_with_sha1);
276 //        noParams.add(GMObjectIdentifiers.sm2sign_with_sha224);
277         noParams.add(GMObjectIdentifiers.sm2sign_with_sha256);
278 //        noParams.add(GMObjectIdentifiers.sm2sign_with_sha384);
279 //        noParams.add(GMObjectIdentifiers.sm2sign_with_sha512);
280         noParams.add(GMObjectIdentifiers.sm2sign_with_sm3);
281         // EdDSA
282         noParams.add(EdECObjectIdentifiers.id_Ed25519);
283         noParams.add(EdECObjectIdentifiers.id_Ed448);
284         */
285         // END Android-removed: Unsupported algorithms
286 
287         //
288         // PKCS 1.5 encrypted  algorithms
289         //
290         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha1WithRSAEncryption);
291         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha224WithRSAEncryption);
292         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
293         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
294         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
295         // BEGIN Android-removed: Unsupported algorithms
296         /*
297         pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
298         pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
299         pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
300         pkcs15RsaEncryption.add(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224);
301         pkcs15RsaEncryption.add(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
302         pkcs15RsaEncryption.add(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
303         pkcs15RsaEncryption.add(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
304         */
305         // END Android-removed: Unsupported algorithms
306 
307         //
308         // explicit params
309         //
310         AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
311         params.put("SHA1WITHRSAANDMGF1", createPSSParams(sha1AlgId, 20));
312 
313         AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE);
314         params.put("SHA224WITHRSAANDMGF1", createPSSParams(sha224AlgId, 28));
315 
316         AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
317         params.put("SHA256WITHRSAANDMGF1", createPSSParams(sha256AlgId, 32));
318 
319         AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE);
320         params.put("SHA384WITHRSAANDMGF1", createPSSParams(sha384AlgId, 48));
321 
322         AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE);
323         params.put("SHA512WITHRSAANDMGF1", createPSSParams(sha512AlgId, 64));
324 
325         // BEGIN Android-removed: Unsupported algorithms
326         /*
327         AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_224, DERNull.INSTANCE);
328         params.put("SHA3-224WITHRSAANDMGF1", createPSSParams(sha3_224AlgId, 28));
329 
330         AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_256, DERNull.INSTANCE);
331         params.put("SHA3-256WITHRSAANDMGF1", createPSSParams(sha3_256AlgId, 32));
332 
333         AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_384, DERNull.INSTANCE);
334         params.put("SHA3-384WITHRSAANDMGF1", createPSSParams(sha3_384AlgId, 48));
335 
336         AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_512, DERNull.INSTANCE);
337         params.put("SHA3-512WITHRSAANDMGF1", createPSSParams(sha3_512AlgId, 64));
338         */
339         // END Android-removed: Unsupported algorithms
340 
341         //
342         // digests
343         //
digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224)344         digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224);
digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256)345         digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384)346         digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512)347         digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
348         // BEGIN Android-removed: Unsupported algorithms
349         // digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
350         // digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
351         // END Android-removed: Unsupported algorithms
digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5)352         digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1)353         digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
354         // BEGIN Android-removed: Unsupported algorithms
355         // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
356         // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
357         // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
358         // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
359         // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
360         // END Android-removed: Unsupported algorithms
digestOids.put(NISTObjectIdentifiers.dsa_with_sha224, NISTObjectIdentifiers.id_sha224)361         digestOids.put(NISTObjectIdentifiers.dsa_with_sha224, NISTObjectIdentifiers.id_sha224);
digestOids.put(NISTObjectIdentifiers.dsa_with_sha256, NISTObjectIdentifiers.id_sha256)362         digestOids.put(NISTObjectIdentifiers.dsa_with_sha256, NISTObjectIdentifiers.id_sha256);
digestOids.put(NISTObjectIdentifiers.dsa_with_sha384, NISTObjectIdentifiers.id_sha384)363         digestOids.put(NISTObjectIdentifiers.dsa_with_sha384, NISTObjectIdentifiers.id_sha384);
digestOids.put(NISTObjectIdentifiers.dsa_with_sha512, NISTObjectIdentifiers.id_sha512)364         digestOids.put(NISTObjectIdentifiers.dsa_with_sha512, NISTObjectIdentifiers.id_sha512);
365         // BEGIN Android-removed: Unsupported algorithms
366         /*
367         digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
368         digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
369         digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
370         digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
371         digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
372         digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
373         digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
374         digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
375         digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
376         digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
377         digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
378         digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
379 
380         digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
381         digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
382         */
383         // END Android-removed: Unsupported algorithms
digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5)384         digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1)385         digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
386         // BEGIN Android-removed: Unsupported algorithms
387         /*
388         digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
389         digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
390         digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
391         digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
392         digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
393         digestOids.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
394         digestOids.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
395 
396         digestOids.put(GMObjectIdentifiers.sm2sign_with_rmd160, TeleTrusTObjectIdentifiers.ripemd160);
397         digestOids.put(GMObjectIdentifiers.sm2sign_with_sha1, OIWObjectIdentifiers.idSHA1);
398         digestOids.put(GMObjectIdentifiers.sm2sign_with_sha224, NISTObjectIdentifiers.id_sha224);
399         digestOids.put(GMObjectIdentifiers.sm2sign_with_sha256, NISTObjectIdentifiers.id_sha256);
400         digestOids.put(GMObjectIdentifiers.sm2sign_with_sha384, NISTObjectIdentifiers.id_sha384);
401         digestOids.put(GMObjectIdentifiers.sm2sign_with_sha512, NISTObjectIdentifiers.id_sha512);
402         digestOids.put(GMObjectIdentifiers.sm2sign_with_sm3, GMObjectIdentifiers.sm3);
403         */
404         // END Android-removed: Unsupported algorithms
405     }
406 
generate(String signatureAlgorithm)407     private static AlgorithmIdentifier generate(String signatureAlgorithm)
408     {
409         AlgorithmIdentifier sigAlgId;
410 
411         String algorithmName = Strings.toUpperCase(signatureAlgorithm);
412         ASN1ObjectIdentifier sigOID = (ASN1ObjectIdentifier)algorithms.get(algorithmName);
413         if (sigOID == null)
414         {
415             throw new IllegalArgumentException("Unknown signature type requested: " + algorithmName);
416         }
417 
418         if (noParams.contains(sigOID))
419         {
420             sigAlgId = new AlgorithmIdentifier(sigOID);
421         }
422         else if (params.containsKey(algorithmName))
423         {
424             sigAlgId = new AlgorithmIdentifier(sigOID, (ASN1Encodable)params.get(algorithmName));
425         }
426         else
427         {
428             sigAlgId = new AlgorithmIdentifier(sigOID, DERNull.INSTANCE);
429         }
430 
431         return sigAlgId;
432     }
433 
createPSSParams(AlgorithmIdentifier hashAlgId, int saltSize)434     private static RSASSAPSSparams createPSSParams(AlgorithmIdentifier hashAlgId, int saltSize)
435     {
436         return new RSASSAPSSparams(
437             hashAlgId,
438             new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, hashAlgId),
439             new ASN1Integer(saltSize),
440             new ASN1Integer(1));
441     }
442 
find(String sigAlgName)443     public AlgorithmIdentifier find(String sigAlgName)
444     {
445         return generate(sigAlgName);
446     }
447 }