1 /* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5 /** 6 * Licensed to the Apache Software Foundation (ASF) under one 7 * or more contributor license agreements. See the NOTICE file 8 * distributed with this work for additional information 9 * regarding copyright ownership. The ASF licenses this file 10 * to you under the Apache License, Version 2.0 (the 11 * "License"); you may not use this file except in compliance 12 * with the License. You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, 17 * software distributed under the License is distributed on an 18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19 * KIND, either express or implied. See the License for the 20 * specific language governing permissions and limitations 21 * under the License. 22 */ 23 package com.sun.org.apache.xml.internal.security.algorithms.implementations; 24 25 import java.security.InvalidAlgorithmParameterException; 26 import java.security.InvalidKeyException; 27 import java.security.Key; 28 import java.security.NoSuchProviderException; 29 import java.security.PrivateKey; 30 import java.security.PublicKey; 31 import java.security.SecureRandom; 32 import java.security.Signature; 33 import java.security.SignatureException; 34 import java.security.spec.AlgorithmParameterSpec; 35 36 import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; 37 import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi; 38 import com.sun.org.apache.xml.internal.security.signature.XMLSignature; 39 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; 40 41 public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi { 42 43 private static final com.sun.org.slf4j.internal.Logger LOG = 44 com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureBaseRSA.class); 45 46 /** {@inheritDoc} */ engineGetURI()47 public abstract String engineGetURI(); 48 49 /** Field algorithm */ 50 private Signature signatureAlgorithm; 51 52 /** 53 * Constructor SignatureRSA 54 * 55 * @throws XMLSignatureException 56 */ SignatureBaseRSA()57 public SignatureBaseRSA() throws XMLSignatureException { 58 String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); 59 60 LOG.debug("Created SignatureRSA using {}", algorithmID); 61 String provider = JCEMapper.getProviderId(); 62 try { 63 if (provider == null) { 64 this.signatureAlgorithm = Signature.getInstance(algorithmID); 65 } else { 66 this.signatureAlgorithm = Signature.getInstance(algorithmID, provider); 67 } 68 } catch (java.security.NoSuchAlgorithmException ex) { 69 Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; 70 71 throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); 72 } catch (NoSuchProviderException ex) { 73 Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; 74 75 throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); 76 } 77 } 78 79 /** {@inheritDoc} */ engineSetParameter(AlgorithmParameterSpec params)80 protected void engineSetParameter(AlgorithmParameterSpec params) 81 throws XMLSignatureException { 82 try { 83 this.signatureAlgorithm.setParameter(params); 84 } catch (InvalidAlgorithmParameterException ex) { 85 throw new XMLSignatureException(ex); 86 } 87 } 88 89 /** {@inheritDoc} */ engineVerify(byte[] signature)90 protected boolean engineVerify(byte[] signature) throws XMLSignatureException { 91 try { 92 return this.signatureAlgorithm.verify(signature); 93 } catch (SignatureException ex) { 94 throw new XMLSignatureException(ex); 95 } 96 } 97 98 /** {@inheritDoc} */ engineInitVerify(Key publicKey)99 protected void engineInitVerify(Key publicKey) throws XMLSignatureException { 100 if (!(publicKey instanceof PublicKey)) { 101 String supplied = null; 102 if (publicKey != null) { 103 supplied = publicKey.getClass().getName(); 104 } 105 String needed = PublicKey.class.getName(); 106 Object exArgs[] = { supplied, needed }; 107 108 throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); 109 } 110 111 try { 112 this.signatureAlgorithm.initVerify((PublicKey) publicKey); 113 } catch (InvalidKeyException ex) { 114 // reinstantiate Signature object to work around bug in JDK 115 // see: http://bugs.sun.com/view_bug.do?bug_id=4953555 116 Signature sig = this.signatureAlgorithm; 117 try { 118 this.signatureAlgorithm = Signature.getInstance(signatureAlgorithm.getAlgorithm()); 119 } catch (Exception e) { 120 // this shouldn't occur, but if it does, restore previous 121 // Signature 122 LOG.debug("Exception when reinstantiating Signature: {}", e); 123 this.signatureAlgorithm = sig; 124 } 125 throw new XMLSignatureException(ex); 126 } 127 } 128 129 /** {@inheritDoc} */ engineSign()130 protected byte[] engineSign() throws XMLSignatureException { 131 try { 132 return this.signatureAlgorithm.sign(); 133 } catch (SignatureException ex) { 134 throw new XMLSignatureException(ex); 135 } 136 } 137 138 /** {@inheritDoc} */ engineInitSign(Key privateKey, SecureRandom secureRandom)139 protected void engineInitSign(Key privateKey, SecureRandom secureRandom) 140 throws XMLSignatureException { 141 if (!(privateKey instanceof PrivateKey)) { 142 String supplied = null; 143 if (privateKey != null) { 144 supplied = privateKey.getClass().getName(); 145 } 146 String needed = PrivateKey.class.getName(); 147 Object exArgs[] = { supplied, needed }; 148 149 throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); 150 } 151 152 try { 153 if (secureRandom == null) { 154 this.signatureAlgorithm.initSign((PrivateKey) privateKey); 155 } else { 156 this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); 157 } 158 } catch (InvalidKeyException ex) { 159 throw new XMLSignatureException(ex); 160 } 161 } 162 163 /** {@inheritDoc} */ engineInitSign(Key privateKey)164 protected void engineInitSign(Key privateKey) throws XMLSignatureException { 165 engineInitSign(privateKey, (SecureRandom)null); 166 } 167 168 /** {@inheritDoc} */ engineUpdate(byte[] input)169 protected void engineUpdate(byte[] input) throws XMLSignatureException { 170 try { 171 this.signatureAlgorithm.update(input); 172 } catch (SignatureException ex) { 173 throw new XMLSignatureException(ex); 174 } 175 } 176 177 /** {@inheritDoc} */ engineUpdate(byte input)178 protected void engineUpdate(byte input) throws XMLSignatureException { 179 try { 180 this.signatureAlgorithm.update(input); 181 } catch (SignatureException ex) { 182 throw new XMLSignatureException(ex); 183 } 184 } 185 186 /** {@inheritDoc} */ engineUpdate(byte buf[], int offset, int len)187 protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException { 188 try { 189 this.signatureAlgorithm.update(buf, offset, len); 190 } catch (SignatureException ex) { 191 throw new XMLSignatureException(ex); 192 } 193 } 194 195 /** {@inheritDoc} */ engineGetJCEAlgorithmString()196 protected String engineGetJCEAlgorithmString() { 197 return this.signatureAlgorithm.getAlgorithm(); 198 } 199 200 /** {@inheritDoc} */ engineGetJCEProviderName()201 protected String engineGetJCEProviderName() { 202 return this.signatureAlgorithm.getProvider().getName(); 203 } 204 205 /** {@inheritDoc} */ engineSetHMACOutputLength(int HMACOutputLength)206 protected void engineSetHMACOutputLength(int HMACOutputLength) 207 throws XMLSignatureException { 208 throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); 209 } 210 211 /** {@inheritDoc} */ engineInitSign( Key signingKey, AlgorithmParameterSpec algorithmParameterSpec )212 protected void engineInitSign( 213 Key signingKey, AlgorithmParameterSpec algorithmParameterSpec 214 ) throws XMLSignatureException { 215 throw new XMLSignatureException("algorithms.CannotUseAlgorithmParameterSpecOnRSA"); 216 } 217 218 /** 219 * Class SignatureRSASHA1 220 */ 221 public static class SignatureRSASHA1 extends SignatureBaseRSA { 222 223 /** 224 * Constructor SignatureRSASHA1 225 * 226 * @throws XMLSignatureException 227 */ SignatureRSASHA1()228 public SignatureRSASHA1() throws XMLSignatureException { 229 super(); 230 } 231 232 /** {@inheritDoc} */ engineGetURI()233 public String engineGetURI() { 234 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1; 235 } 236 } 237 238 /** 239 * Class SignatureRSASHA224 240 */ 241 public static class SignatureRSASHA224 extends SignatureBaseRSA { 242 243 /** 244 * Constructor SignatureRSASHA224 245 * 246 * @throws XMLSignatureException 247 */ SignatureRSASHA224()248 public SignatureRSASHA224() throws XMLSignatureException { 249 super(); 250 } 251 252 /** {@inheritDoc} */ engineGetURI()253 public String engineGetURI() { 254 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224; 255 } 256 } 257 258 /** 259 * Class SignatureRSASHA256 260 */ 261 public static class SignatureRSASHA256 extends SignatureBaseRSA { 262 263 /** 264 * Constructor SignatureRSASHA256 265 * 266 * @throws XMLSignatureException 267 */ SignatureRSASHA256()268 public SignatureRSASHA256() throws XMLSignatureException { 269 super(); 270 } 271 272 /** {@inheritDoc} */ engineGetURI()273 public String engineGetURI() { 274 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256; 275 } 276 } 277 278 /** 279 * Class SignatureRSASHA384 280 */ 281 public static class SignatureRSASHA384 extends SignatureBaseRSA { 282 283 /** 284 * Constructor SignatureRSASHA384 285 * 286 * @throws XMLSignatureException 287 */ SignatureRSASHA384()288 public SignatureRSASHA384() throws XMLSignatureException { 289 super(); 290 } 291 292 /** {@inheritDoc} */ engineGetURI()293 public String engineGetURI() { 294 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384; 295 } 296 } 297 298 /** 299 * Class SignatureRSASHA512 300 */ 301 public static class SignatureRSASHA512 extends SignatureBaseRSA { 302 303 /** 304 * Constructor SignatureRSASHA512 305 * 306 * @throws XMLSignatureException 307 */ SignatureRSASHA512()308 public SignatureRSASHA512() throws XMLSignatureException { 309 super(); 310 } 311 312 /** {@inheritDoc} */ engineGetURI()313 public String engineGetURI() { 314 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512; 315 } 316 } 317 318 /** 319 * Class SignatureRSARIPEMD160 320 */ 321 public static class SignatureRSARIPEMD160 extends SignatureBaseRSA { 322 323 /** 324 * Constructor SignatureRSARIPEMD160 325 * 326 * @throws XMLSignatureException 327 */ SignatureRSARIPEMD160()328 public SignatureRSARIPEMD160() throws XMLSignatureException { 329 super(); 330 } 331 332 /** {@inheritDoc} */ engineGetURI()333 public String engineGetURI() { 334 return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160; 335 } 336 } 337 338 /** 339 * Class SignatureRSAMD5 340 */ 341 public static class SignatureRSAMD5 extends SignatureBaseRSA { 342 343 /** 344 * Constructor SignatureRSAMD5 345 * 346 * @throws XMLSignatureException 347 */ SignatureRSAMD5()348 public SignatureRSAMD5() throws XMLSignatureException { 349 super(); 350 } 351 352 /** {@inheritDoc} */ engineGetURI()353 public String engineGetURI() { 354 return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5; 355 } 356 } 357 358 /** 359 * Class SignatureRSASHA1MGF1 360 */ 361 public static class SignatureRSASHA1MGF1 extends SignatureBaseRSA { 362 363 /** 364 * Constructor SignatureRSASHA1MGF1 365 * 366 * @throws XMLSignatureException 367 */ SignatureRSASHA1MGF1()368 public SignatureRSASHA1MGF1() throws XMLSignatureException { 369 super(); 370 } 371 372 /** {@inheritDoc} */ engineGetURI()373 public String engineGetURI() { 374 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1; 375 } 376 } 377 378 /** 379 * Class SignatureRSASHA224MGF1 380 */ 381 public static class SignatureRSASHA224MGF1 extends SignatureBaseRSA { 382 383 /** 384 * Constructor SignatureRSASHA224MGF1 385 * 386 * @throws XMLSignatureException 387 */ SignatureRSASHA224MGF1()388 public SignatureRSASHA224MGF1() throws XMLSignatureException { 389 super(); 390 } 391 392 /** {@inheritDoc} */ engineGetURI()393 public String engineGetURI() { 394 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1; 395 } 396 } 397 398 /** 399 * Class SignatureRSASHA256MGF1 400 */ 401 public static class SignatureRSASHA256MGF1 extends SignatureBaseRSA { 402 403 /** 404 * Constructor SignatureRSASHA256MGF1 405 * 406 * @throws XMLSignatureException 407 */ SignatureRSASHA256MGF1()408 public SignatureRSASHA256MGF1() throws XMLSignatureException { 409 super(); 410 } 411 412 /** {@inheritDoc} */ engineGetURI()413 public String engineGetURI() { 414 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1; 415 } 416 } 417 418 /** 419 * Class SignatureRSASHA384MGF1 420 */ 421 public static class SignatureRSASHA384MGF1 extends SignatureBaseRSA { 422 423 /** 424 * Constructor SignatureRSASHA384MGF1 425 * 426 * @throws XMLSignatureException 427 */ SignatureRSASHA384MGF1()428 public SignatureRSASHA384MGF1() throws XMLSignatureException { 429 super(); 430 } 431 432 /** {@inheritDoc} */ engineGetURI()433 public String engineGetURI() { 434 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1; 435 } 436 } 437 438 /** 439 * Class SignatureRSASHA512MGF1 440 */ 441 public static class SignatureRSASHA512MGF1 extends SignatureBaseRSA { 442 443 /** 444 * Constructor SignatureRSASHA512MGF1 445 * 446 * @throws XMLSignatureException 447 */ SignatureRSASHA512MGF1()448 public SignatureRSASHA512MGF1() throws XMLSignatureException { 449 super(); 450 } 451 452 /** {@inheritDoc} */ engineGetURI()453 public String engineGetURI() { 454 return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1; 455 } 456 } 457 } 458