1 package org.bouncycastle.cms; 2 3 import java.util.ArrayList; 4 import java.util.Enumeration; 5 import java.util.HashMap; 6 import java.util.List; 7 import java.util.Map; 8 9 import org.bouncycastle.asn1.ASN1Encodable; 10 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 11 import org.bouncycastle.asn1.ASN1Primitive; 12 import org.bouncycastle.asn1.ASN1Sequence; 13 import org.bouncycastle.asn1.ASN1Set; 14 import org.bouncycastle.asn1.ASN1TaggedObject; 15 import org.bouncycastle.asn1.DERNull; 16 // BEGIN android-removed 17 // import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat; 18 // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 19 // END android-removed 20 import org.bouncycastle.asn1.eac.EACObjectIdentifiers; 21 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 22 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 23 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 24 import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 25 import org.bouncycastle.asn1.x509.AlgorithmIdentifier; 26 import org.bouncycastle.asn1.x509.AttributeCertificate; 27 import org.bouncycastle.asn1.x509.Certificate; 28 import org.bouncycastle.asn1.x509.CertificateList; 29 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; 30 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 31 import org.bouncycastle.cert.X509AttributeCertificateHolder; 32 import org.bouncycastle.cert.X509CRLHolder; 33 import org.bouncycastle.cert.X509CertificateHolder; 34 import org.bouncycastle.util.CollectionStore; 35 import org.bouncycastle.util.Store; 36 37 class CMSSignedHelper 38 { 39 static final CMSSignedHelper INSTANCE = new CMSSignedHelper(); 40 41 private static final Map encryptionAlgs = new HashMap(); 42 private static final Map digestAlgs = new HashMap(); 43 private static final Map digestAliases = new HashMap(); 44 addEntries(ASN1ObjectIdentifier alias, String digest, String encryption)45 private static void addEntries(ASN1ObjectIdentifier alias, String digest, String encryption) 46 { 47 digestAlgs.put(alias.getId(), digest); 48 encryptionAlgs.put(alias.getId(), encryption); 49 } 50 51 static 52 { addEntries(NISTObjectIdentifiers.dsa_with_sha224, "SHA224", "DSA")53 addEntries(NISTObjectIdentifiers.dsa_with_sha224, "SHA224", "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha256, "SHA256", "DSA")54 addEntries(NISTObjectIdentifiers.dsa_with_sha256, "SHA256", "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA")55 addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA")56 addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA"); addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA")57 addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA"); 58 // BEGIN android-removed 59 // addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA"); 60 // addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA"); 61 // END android-removed addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA")62 addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA"); addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA")63 addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA"); 64 // BEGIN android-removed 65 // addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA"); 66 // addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA"); 67 // END android-removed addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA")68 addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA"); addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA")69 addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA"); addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA")70 addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA"); addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256", "RSA")71 addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256", "RSA"); addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384", "RSA")72 addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384", "RSA"); addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512", "RSA")73 addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512", "RSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1", "ECDSA")74 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1", "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA")75 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256", "ECDSA")76 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256", "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384", "ECDSA")77 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384", "ECDSA"); addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512", "ECDSA")78 addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512", "ECDSA"); addEntries(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1", "DSA")79 addEntries(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1", "DSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA")80 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA")81 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA")82 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA")83 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA")84 addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA"); addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA")85 addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA"); addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA")86 addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA"); addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1")87 addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1"); addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1")88 addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1"); 89 X9ObjectIdentifiers.id_dsa.getId()90 encryptionAlgs.put(X9ObjectIdentifiers.id_dsa.getId(), "DSA"); PKCSObjectIdentifiers.rsaEncryption.getId()91 encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption.getId(), "RSA"); encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA")92 encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA"); X509ObjectIdentifiers.id_ea_rsa.getId()93 encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa.getId(), "RSA"); 94 // BEGIN android-removed 95 // encryptionAlgs.put(CMSSignedDataGenerator.ENCRYPTION_RSA_PSS, "RSAandMGF1"); 96 // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94.getId(), "GOST3410"); 97 // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001.getId(), "ECGOST3410"); 98 // encryptionAlgs.put("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410"); 99 // encryptionAlgs.put("1.3.6.1.4.1.5849.1.1.5", "GOST3410"); 100 // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001.getId(), "ECGOST3410"); 101 // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94.getId(), "GOST3410"); 102 // 103 // digestAlgs.put(PKCSObjectIdentifiers.md2.getId(), "MD2"); 104 // digestAlgs.put(PKCSObjectIdentifiers.md4.getId(), "MD4"); 105 // END android-removed PKCSObjectIdentifiers.md5.getId()106 digestAlgs.put(PKCSObjectIdentifiers.md5.getId(), "MD5"); OIWObjectIdentifiers.idSHA1.getId()107 digestAlgs.put(OIWObjectIdentifiers.idSHA1.getId(), "SHA1"); NISTObjectIdentifiers.id_sha224.getId()108 digestAlgs.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224"); NISTObjectIdentifiers.id_sha256.getId()109 digestAlgs.put(NISTObjectIdentifiers.id_sha256.getId(), "SHA256"); NISTObjectIdentifiers.id_sha384.getId()110 digestAlgs.put(NISTObjectIdentifiers.id_sha384.getId(), "SHA384"); NISTObjectIdentifiers.id_sha512.getId()111 digestAlgs.put(NISTObjectIdentifiers.id_sha512.getId(), "SHA512"); 112 // BEGIN android-removed 113 // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128.getId(), "RIPEMD128"); 114 // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160.getId(), "RIPEMD160"); 115 // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256.getId(), "RIPEMD256"); 116 // digestAlgs.put(CryptoProObjectIdentifiers.gostR3411.getId(), "GOST3411"); 117 // digestAlgs.put("1.3.6.1.4.1.5849.1.2.1", "GOST3411"); 118 // END android-removed 119 120 digestAliases.put("SHA1", new String[] { "SHA-1" }); 121 digestAliases.put("SHA224", new String[] { "SHA-224" }); 122 digestAliases.put("SHA256", new String[] { "SHA-256" }); 123 digestAliases.put("SHA384", new String[] { "SHA-384" }); 124 digestAliases.put("SHA512", new String[] { "SHA-512" }); 125 } 126 127 128 /** 129 * Return the digest encryption algorithm using one of the standard 130 * JCA string representations rather the the algorithm identifier (if 131 * possible). 132 */ getEncryptionAlgName( String encryptionAlgOID)133 String getEncryptionAlgName( 134 String encryptionAlgOID) 135 { 136 String algName = (String)encryptionAlgs.get(encryptionAlgOID); 137 138 if (algName != null) 139 { 140 return algName; 141 } 142 143 return encryptionAlgOID; 144 } 145 fixAlgID(AlgorithmIdentifier algId)146 AlgorithmIdentifier fixAlgID(AlgorithmIdentifier algId) 147 { 148 if (algId.getParameters() == null) 149 { 150 return new AlgorithmIdentifier(algId.getAlgorithm(), DERNull.INSTANCE); 151 } 152 153 return algId; 154 } 155 setSigningEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName)156 void setSigningEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName) 157 { 158 encryptionAlgs.put(oid.getId(), algorithmName); 159 } 160 setSigningDigestAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName)161 void setSigningDigestAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName) 162 { 163 digestAlgs.put(oid.getId(), algorithmName); 164 } 165 getCertificates(ASN1Set certSet)166 Store getCertificates(ASN1Set certSet) 167 { 168 if (certSet != null) 169 { 170 List certList = new ArrayList(certSet.size()); 171 172 for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) 173 { 174 ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 175 176 if (obj instanceof ASN1Sequence) 177 { 178 certList.add(new X509CertificateHolder(Certificate.getInstance(obj))); 179 } 180 } 181 182 return new CollectionStore(certList); 183 } 184 185 return new CollectionStore(new ArrayList()); 186 } 187 getAttributeCertificates(ASN1Set certSet)188 Store getAttributeCertificates(ASN1Set certSet) 189 { 190 if (certSet != null) 191 { 192 List certList = new ArrayList(certSet.size()); 193 194 for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) 195 { 196 ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 197 198 if (obj instanceof ASN1TaggedObject) 199 { 200 certList.add(new X509AttributeCertificateHolder(AttributeCertificate.getInstance(((ASN1TaggedObject)obj).getObject()))); 201 } 202 } 203 204 return new CollectionStore(certList); 205 } 206 207 return new CollectionStore(new ArrayList()); 208 } 209 getCRLs(ASN1Set crlSet)210 Store getCRLs(ASN1Set crlSet) 211 { 212 if (crlSet != null) 213 { 214 List crlList = new ArrayList(crlSet.size()); 215 216 for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) 217 { 218 ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 219 220 if (obj instanceof ASN1Sequence) 221 { 222 crlList.add(new X509CRLHolder(CertificateList.getInstance(obj))); 223 } 224 } 225 226 return new CollectionStore(crlList); 227 } 228 229 return new CollectionStore(new ArrayList()); 230 } 231 232 // Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet) 233 // { 234 // if (crlSet != null) 235 // { 236 // List crlList = new ArrayList(crlSet.size()); 237 // 238 // for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) 239 // { 240 // ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 241 // 242 // if (obj instanceof ASN1TaggedObject) 243 // { 244 // ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj); 245 // 246 // if (tObj.getTagNo() == 1) 247 // { 248 // OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false); 249 // 250 // if (otherRevocationInfoFormat.equals(other.getInfoFormat())) 251 // { 252 // crlList.add(other.getInfo()); 253 // } 254 // } 255 // } 256 // } 257 // 258 // return new CollectionStore(crlList); 259 // } 260 // 261 // return new CollectionStore(new ArrayList()); 262 // } 263 } 264