diff options
author | Brian Carlstrom <bdc@google.com> | 2013-05-24 19:14:15 -0700 |
---|---|---|
committer | Brian Carlstrom <bdc@google.com> | 2013-06-03 14:01:40 -0700 |
commit | a198e1ecc615e26a167d0f2dca9fa7e5fc62de10 (patch) | |
tree | 6ac741d0b1ccd61f033299754a0b9a3a54985e18 /bcpkix | |
parent | 67e643cbf3cff776bf1a8fe1ea50a14ccf2d41e4 (diff) | |
download | android_external_bouncycastle-a198e1ecc615e26a167d0f2dca9fa7e5fc62de10.tar.gz android_external_bouncycastle-a198e1ecc615e26a167d0f2dca9fa7e5fc62de10.tar.bz2 android_external_bouncycastle-a198e1ecc615e26a167d0f2dca9fa7e5fc62de10.zip |
bouncycastle 1.49 upgrade
Change-Id: Icbf5a147409c810060a5acc884834fb2a778e860
Diffstat (limited to 'bcpkix')
11 files changed, 706 insertions, 482 deletions
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java index c976dfe..ae71f31 100644 --- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java +++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java @@ -9,34 +9,28 @@ import java.security.Provider; import java.security.cert.CertStore; import java.security.cert.CertStoreException; import java.util.ArrayList; -import java.util.Enumeration; +import java.util.Collection; import java.util.Iterator; import java.util.List; import java.util.Map; -import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1OctetString; -import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; -import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.DERSet; import org.bouncycastle.asn1.cms.ContentInfo; import org.bouncycastle.asn1.cms.SignedData; import org.bouncycastle.asn1.cms.SignerInfo; -import org.bouncycastle.asn1.x509.AttributeCertificate; -import org.bouncycastle.asn1.x509.Certificate; -import org.bouncycastle.asn1.x509.CertificateList; -import org.bouncycastle.cert.X509AttributeCertificateHolder; -import org.bouncycastle.cert.X509CRLHolder; -import org.bouncycastle.cert.X509CertificateHolder; +// BEGIN android-removed +// import org.bouncycastle.cert.jcajce.JcaCertStoreBuilder; +// END android-removed import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder; +import org.bouncycastle.operator.OperatorCreationException; import org.bouncycastle.operator.SignatureAlgorithmIdentifierFinder; -import org.bouncycastle.util.CollectionStore; import org.bouncycastle.util.Store; import org.bouncycastle.x509.NoSuchStoreException; import org.bouncycastle.x509.X509Store; @@ -311,208 +305,201 @@ public class CMSSignedData { if (attributeStore == null) { - attributeStore = HELPER.createAttributeStore(type, provider, signedData.getCertificates()); + attributeStore = HELPER.createAttributeStore(type, provider, this.getAttributeCertificates()); } return attributeStore; } - /** - * return a X509Store containing the public key certificates, if any, contained - * in this message. - * - * @param type type of store to create - * @param provider name of provider to use - * @return a store of public key certificates - * @exception NoSuchProviderException if the provider requested isn't available. - * @exception NoSuchStoreException if the store type isn't available. - * @exception CMSException if a general exception prevents creation of the X509Store - * @deprecated use base Store returning method - */ - public X509Store getCertificates( - String type, - String provider) - throws NoSuchStoreException, NoSuchProviderException, CMSException - { - return getCertificates(type, CMSUtils.getProvider(provider)); - } + // BEGIN android-removed + // /** + // * return a X509Store containing the public key certificates, if any, contained + // * in this message. + // * + // * @param type type of store to create + // * @param provider name of provider to use + // * @return a store of public key certificates + // * @exception NoSuchProviderException if the provider requested isn't available. + // * @exception NoSuchStoreException if the store type isn't available. + // * @exception CMSException if a general exception prevents creation of the X509Store + // * @deprecated use base Store returning method + // */ + // public X509Store getCertificates( + // String type, + // String provider) + // throws NoSuchStoreException, NoSuchProviderException, CMSException + // { + // return getCertificates(type, CMSUtils.getProvider(provider)); + // } + // + // /** + // * return a X509Store containing the public key certificates, if any, contained + // * in this message. + // * + // * @param type type of store to create + // * @param provider provider to use + // * @return a store of public key certificates + // * @exception NoSuchStoreException if the store type isn't available. + // * @exception CMSException if a general exception prevents creation of the X509Store + // * @deprecated use base Store returning method + // */ + // public X509Store getCertificates( + // String type, + // Provider provider) + // throws NoSuchStoreException, CMSException + // { + // if (certificateStore == null) + // { + // certificateStore = HELPER.createCertificateStore(type, provider, this.getCertificates()); + // } + // + // return certificateStore; + // } + // + // /** + // * return a X509Store containing CRLs, if any, contained + // * in this message. + // * + // * @param type type of store to create + // * @param provider name of provider to use + // * @return a store of CRLs + // * @exception NoSuchProviderException if the provider requested isn't available. + // * @exception NoSuchStoreException if the store type isn't available. + // * @exception CMSException if a general exception prevents creation of the X509Store + // * @deprecated use base Store returning method + // */ + // public X509Store getCRLs( + // String type, + // String provider) + // throws NoSuchStoreException, NoSuchProviderException, CMSException + // { + // return getCRLs(type, CMSUtils.getProvider(provider)); + // } + // + // /** + // * return a X509Store containing CRLs, if any, contained + // * in this message. + // * + // * @param type type of store to create + // * @param provider provider to use + // * @return a store of CRLs + // * @exception NoSuchStoreException if the store type isn't available. + // * @exception CMSException if a general exception prevents creation of the X509Store + // * @deprecated use base Store returning method + // */ + // public X509Store getCRLs( + // String type, + // Provider provider) + // throws NoSuchStoreException, CMSException + // { + // if (crlStore == null) + // { + // crlStore = HELPER.createCRLsStore(type, provider, getCRLs()); + // } + // + // return crlStore; + // } + // + // /** + // * return a CertStore containing the certificates and CRLs associated with + // * this message. + // * + // * @exception NoSuchProviderException if the provider requested isn't available. + // * @exception NoSuchAlgorithmException if the cert store isn't available. + // * @exception CMSException if a general exception prevents creation of the CertStore + // * @deprecated use base Store returning method and org.bouncycastle.cert.jcajce.JcaCertStoreBuilder + // */ + // public CertStore getCertificatesAndCRLs( + // String type, + // String provider) + // throws NoSuchAlgorithmException, NoSuchProviderException, CMSException + // { + // return getCertificatesAndCRLs(type, CMSUtils.getProvider(provider)); + // } + // + // /** + // * return a CertStore containing the certificates and CRLs associated with + // * this message. + // * + // * @exception NoSuchAlgorithmException if the cert store isn't available. + // * @exception CMSException if a general exception prevents creation of the CertStore + // * @deprecated use base Store returning method and org.bouncycastle.cert.jcajce.JcaCertStoreBuilder + // */ + // public CertStore getCertificatesAndCRLs( + // String type, + // Provider provider) + // throws NoSuchAlgorithmException, CMSException + // { + // try + // { + // JcaCertStoreBuilder certStoreBuilder = new JcaCertStoreBuilder().setType(type); + // + // if (provider != null) + // { + // certStoreBuilder.setProvider(provider); + // } + // + // certStoreBuilder.addCertificates(this.getCertificates()); + // certStoreBuilder.addCRLs(this.getCRLs()); + // + // return certStoreBuilder.build(); + // } + // catch (NoSuchAlgorithmException e) + // { + // throw e; + // } + // catch (Exception e) + // { + // throw new CMSException("exception creating CertStore: " + e.getMessage(), e); + // } + // } + // END android-removed /** - * return a X509Store containing the public key certificates, if any, contained - * in this message. + * Return any X.509 certificate objects in this SignedData structure as a Store of X509CertificateHolder objects. * - * @param type type of store to create - * @param provider provider to use - * @return a store of public key certificates - * @exception NoSuchStoreException if the store type isn't available. - * @exception CMSException if a general exception prevents creation of the X509Store - * @deprecated use base Store returning method + * @return a Store of X509CertificateHolder objects. */ - public X509Store getCertificates( - String type, - Provider provider) - throws NoSuchStoreException, CMSException - { - if (certificateStore == null) - { - certificateStore = HELPER.createCertificateStore(type, provider, signedData.getCertificates()); - } - - return certificateStore; - } - - /** - * return a X509Store containing CRLs, if any, contained - * in this message. - * - * @param type type of store to create - * @param provider name of provider to use - * @return a store of CRLs - * @exception NoSuchProviderException if the provider requested isn't available. - * @exception NoSuchStoreException if the store type isn't available. - * @exception CMSException if a general exception prevents creation of the X509Store - * @deprecated use base Store returning method - */ - public X509Store getCRLs( - String type, - String provider) - throws NoSuchStoreException, NoSuchProviderException, CMSException + public Store getCertificates() { - return getCRLs(type, CMSUtils.getProvider(provider)); + return HELPER.getCertificates(signedData.getCertificates()); } /** - * return a X509Store containing CRLs, if any, contained - * in this message. - * - * @param type type of store to create - * @param provider provider to use - * @return a store of CRLs - * @exception NoSuchStoreException if the store type isn't available. - * @exception CMSException if a general exception prevents creation of the X509Store - * @deprecated use base Store returning method - */ - public X509Store getCRLs( - String type, - Provider provider) - throws NoSuchStoreException, CMSException - { - if (crlStore == null) - { - crlStore = HELPER.createCRLsStore(type, provider, signedData.getCRLs()); - } - - return crlStore; - } - - /** - * return a CertStore containing the certificates and CRLs associated with - * this message. + * Return any X.509 CRL objects in this SignedData structure as a Store of X509CRLHolder objects. * - * @exception NoSuchProviderException if the provider requested isn't available. - * @exception NoSuchAlgorithmException if the cert store isn't available. - * @exception CMSException if a general exception prevents creation of the CertStore - * @deprecated use base Store returning method + * @return a Store of X509CRLHolder objects. */ - public CertStore getCertificatesAndCRLs( - String type, - String provider) - throws NoSuchAlgorithmException, NoSuchProviderException, CMSException + public Store getCRLs() { - return getCertificatesAndCRLs(type, CMSUtils.getProvider(provider)); + return HELPER.getCRLs(signedData.getCRLs()); } /** - * return a CertStore containing the certificates and CRLs associated with - * this message. + * Return any X.509 attribute certificate objects in this SignedData structure as a Store of X509AttributeCertificateHolder objects. * - * @exception NoSuchAlgorithmException if the cert store isn't available. - * @exception CMSException if a general exception prevents creation of the CertStore - * @deprecated use base Store returning method + * @return a Store of X509AttributeCertificateHolder objects. */ - public CertStore getCertificatesAndCRLs( - String type, - Provider provider) - throws NoSuchAlgorithmException, CMSException - { - ASN1Set certSet = signedData.getCertificates(); - ASN1Set crlSet = signedData.getCRLs(); - - return HELPER.createCertStore(type, provider, certSet, crlSet); - } - - public Store getCertificates() - { - ASN1Set certSet = signedData.getCertificates(); - - if (certSet != null) - { - List certList = new ArrayList(certSet.size()); - - for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) - { - ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); - - if (obj instanceof ASN1Sequence) - { - certList.add(new X509CertificateHolder(Certificate.getInstance(obj))); - } - } - - return new CollectionStore(certList); - } - - return new CollectionStore(new ArrayList()); - } - - public Store getCRLs() - { - ASN1Set crlSet = signedData.getCRLs(); - - if (crlSet != null) - { - List crlList = new ArrayList(crlSet.size()); - - for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) - { - ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); - - if (obj instanceof ASN1Sequence) - { - crlList.add(new X509CRLHolder(CertificateList.getInstance(obj))); - } - } - - return new CollectionStore(crlList); - } - - return new CollectionStore(new ArrayList()); - } - public Store getAttributeCertificates() { - ASN1Set certSet = signedData.getCertificates(); - - if (certSet != null) - { - List certList = new ArrayList(certSet.size()); - - for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) - { - ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); - - if (obj instanceof ASN1TaggedObject) - { - certList.add(new X509AttributeCertificateHolder(AttributeCertificate.getInstance(((ASN1TaggedObject)obj).getObject()))); - } - } - - return new CollectionStore(certList); - } - - return new CollectionStore(new ArrayList()); + return HELPER.getAttributeCertificates(signedData.getCertificates()); } + // BEGIN android-removed + // /** + // * Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in + // * this SignedData structure. + // * + // * @param otherRevocationInfoFormat OID of the format type been looked for. + // * + // * @return a Store of ASN1Encodable objects representing any objects of otherRevocationInfoFormat found. + // */ + // public Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat) + // { + // return HELPER.getOtherRevocationInfo(otherRevocationInfoFormat, signedData.getCRLs()); + // } + // END android-removed + /** * Return the a string representation of the OID associated with the * encapsulated content info structure carried in the signed data. @@ -554,9 +541,77 @@ public class CMSSignedData { return contentInfo.getEncoded(); } - + + // BEGIN android-removed + // /** + // * Verify all the SignerInformation objects and their associated counter signatures attached + // * to this CMS SignedData object. + // * + // * @param verifierProvider a provider of SignerInformationVerifier objects. + // * @return true if all verify, false otherwise. + // * @throws CMSException if an exception occurs during the verification process. + // */ + // public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider) + // throws CMSException + // { + // return verifySignatures(verifierProvider, false); + // } + // + // /** + // * Verify all the SignerInformation objects and optionally their associated counter signatures attached + // * to this CMS SignedData object. + // * + // * @param verifierProvider a provider of SignerInformationVerifier objects. + // * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well. + // * @return true if all verify, false otherwise. + // * @throws CMSException if an exception occurs during the verification process. + // */ + // public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures) + // throws CMSException + // { + // Collection signers = this.getSignerInfos().getSigners(); + // + // for (Iterator it = signers.iterator(); it.hasNext();) + // { + // SignerInformation signer = (SignerInformation)it.next(); + // + // try + // { + // SignerInformationVerifier verifier = verifierProvider.get(signer.getSID()); + // + // if (!signer.verify(verifier)) + // { + // return false; + // } + // + // if (!ignoreCounterSignatures) + // { + // Collection counterSigners = signer.getCounterSignatures().getSigners(); + // + // for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();) + // { + // SignerInformation counterSigner = (SignerInformation)cIt.next(); + // SignerInformationVerifier counterVerifier = verifierProvider.get(signer.getSID()); + // + // if (!counterSigner.verify(counterVerifier)) + // { + // return false; + // } + // } + // } + // } + // catch (OperatorCreationException e) + // { + // throw new CMSException("failure in verifier provider: " + e.getMessage(), e); + // } + // } + // + // return true; + // } + // END android-removed + /** - * Replace the signerinformation store associated with this + * Replace the SignerInformation store associated with this * CMSSignedData object with the new one passed in. You would * probably only want to do this if you wanted to change the unsigned * attributes associated with a signer, or perhaps delete one. diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataGenerator.java index f50791e..9692e15 100644 --- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataGenerator.java +++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataGenerator.java @@ -146,6 +146,7 @@ public class CMSSignedDataGenerator /** * constructor allowing specific source of randomness * @param rand instance of SecureRandom to use + * @deprecated rand ignored in new API, use base constructor. */ public CMSSignedDataGenerator( SecureRandom rand) @@ -479,6 +480,7 @@ public class CMSSignedDataGenerator * addDefaultAttributes indicates whether or not a default set of signed attributes * need to be added automatically. If the argument is set to false, no * attributes will get added at all. + * @deprecated use setDirectSignature() on SignerInformationGenerator. */ public CMSSignedData generate( String eContentType, diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java index 365522d..8b9d4ce 100644 --- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java +++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java @@ -15,6 +15,7 @@ import java.util.List; import java.util.Map; import java.util.Set; +import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Set; @@ -23,6 +24,7 @@ import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.cms.AttributeTable; import org.bouncycastle.asn1.cms.CMSObjectIdentifiers; // BEGIN android-removed +// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat; // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; @@ -32,9 +34,13 @@ import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.AttributeCertificate; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.cert.X509AttributeCertificateHolder; +import org.bouncycastle.cert.X509CRLHolder; +import org.bouncycastle.cert.X509CertificateHolder; // BEGIN android-removed // import org.bouncycastle.jce.interfaces.GOST3410PrivateKey; // END android-removed +import org.bouncycastle.util.Arrays; import org.bouncycastle.util.Store; import org.bouncycastle.x509.X509AttributeCertificate; import org.bouncycastle.x509.X509Store; @@ -173,7 +179,7 @@ public class CMSSignedGenerator Map param = new HashMap(); param.put(CMSAttributeTableGenerator.CONTENT_TYPE, contentType); param.put(CMSAttributeTableGenerator.DIGEST_ALGORITHM_IDENTIFIER, digAlgId); - param.put(CMSAttributeTableGenerator.DIGEST, hash.clone()); + param.put(CMSAttributeTableGenerator.DIGEST, Arrays.clone(hash)); return param; } @@ -207,6 +213,25 @@ public class CMSSignedGenerator crls.addAll(CMSUtils.getCRLsFromStore(certStore)); } + /** + * Add a certificate to the certificate set to be included with the generated SignedData message. + * + * @param certificate the certificate to be included. + * @throws CMSException if the certificate cannot be encoded for adding. + */ + public void addCertificate( + X509CertificateHolder certificate) + throws CMSException + { + certs.add(certificate.toASN1Structure()); + } + + /** + * Add the certificates in certStore to the certificate set to be included with the generated SignedData message. + * + * @param certStore the store containing the certificates to be included. + * @throws CMSException if the certificates cannot be encoded for adding. + */ public void addCertificates( Store certStore) throws CMSException @@ -214,6 +239,22 @@ public class CMSSignedGenerator certs.addAll(CMSUtils.getCertificatesFromStore(certStore)); } + /** + * Add a CRL to the CRL set to be included with the generated SignedData message. + * + * @param crl the CRL to be included. + */ + public void addCRL(X509CRLHolder crl) + { + crls.add(crl.toASN1Structure()); + } + + /** + * Add the CRLs in crlStore to the CRL set to be included with the generated SignedData message. + * + * @param crlStore the store containing the CRLs to be included. + * @throws CMSException if the CRLs cannot be encoded for adding. + */ public void addCRLs( Store crlStore) throws CMSException @@ -221,6 +262,25 @@ public class CMSSignedGenerator crls.addAll(CMSUtils.getCRLsFromStore(crlStore)); } + /** + * Add the attribute certificates in attrStore to the certificate set to be included with the generated SignedData message. + * + * @param attrCert the store containing the certificates to be included. + * @throws CMSException if the attribute certificate cannot be encoded for adding. + */ + public void addAttributeCertificate( + X509AttributeCertificateHolder attrCert) + throws CMSException + { + certs.add(new DERTaggedObject(false, 2, attrCert.toASN1Structure())); + } + + /** + * Add the attribute certificates in attrStore to the certificate set to be included with the generated SignedData message. + * + * @param attrStore the store containing the certificates to be included. + * @throws CMSException if the attribute certificate cannot be encoded for adding. + */ public void addAttributeCertificates( Store attrStore) throws CMSException @@ -228,6 +288,34 @@ public class CMSSignedGenerator certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrStore)); } + // BEGIN android-removed + // /** + // * Add a single instance of otherRevocationData to the CRL set to be included with the generated SignedData message. + // * + // * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data. + // * @param otherRevocationInfo the otherRevocationInfo ASN.1 structure. + // */ + // public void addOtherRevocationInfo( + // ASN1ObjectIdentifier otherRevocationInfoFormat, + // ASN1Encodable otherRevocationInfo) + // { + // crls.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, otherRevocationInfo))); + // } + // + // /** + // * Add a Store of otherRevocationData to the CRL set to be included with the generated SignedData message. + // * + // * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data. + // * @param otherRevocationInfos a Store of otherRevocationInfo data to add. + // */ + // public void addOtherRevocationInfo( + // ASN1ObjectIdentifier otherRevocationInfoFormat, + // Store otherRevocationInfos) + // { + // crls.addAll(CMSUtils.getOthersFromStore(otherRevocationInfoFormat, otherRevocationInfos)); + // } + // END android-removed + /** * Add the attribute certificates contained in the passed in store to the * generator. diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java index 457a97e..7612b5f 100644 --- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java +++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java @@ -1,18 +1,14 @@ package org.bouncycastle.cms; -import java.io.ByteArrayInputStream; import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; import java.security.Provider; import java.security.cert.CRLException; -import java.security.cert.CertStore; import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.CollectionCertStoreParameters; import java.util.ArrayList; +import java.util.Collection; import java.util.Enumeration; import java.util.HashMap; +import java.util.Iterator; import java.util.List; import java.util.Map; @@ -24,6 +20,7 @@ import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERNull; // BEGIN android-removed +// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat; // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // END android-removed import org.bouncycastle.asn1.eac.EACObjectIdentifiers; @@ -32,8 +29,20 @@ import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.AttributeCertificate; +import org.bouncycastle.asn1.x509.Certificate; +import org.bouncycastle.asn1.x509.CertificateList; import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.cert.X509AttributeCertificateHolder; +import org.bouncycastle.cert.X509CRLHolder; +import org.bouncycastle.cert.X509CertificateHolder; +// BEGIN android-removed +// import org.bouncycastle.cert.jcajce.JcaX509CRLConverter; +// import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +// END android-removed +import org.bouncycastle.util.CollectionStore; +import org.bouncycastle.util.Store; import org.bouncycastle.x509.NoSuchStoreException; import org.bouncycastle.x509.X509CollectionStoreParameters; import org.bouncycastle.x509.X509Store; @@ -176,45 +185,22 @@ class CMSSignedHelper return encryptionAlgOID; } - X509Store createAttributeStore( String type, Provider provider, - ASN1Set certSet) + Store certStore) throws NoSuchStoreException, CMSException { - List certs = new ArrayList(); - - if (certSet != null) + try { - Enumeration e = certSet.getObjects(); + Collection certHldrs = certStore.getMatches(null); + List certs = new ArrayList(certHldrs.size()); - while (e.hasMoreElements()) + for (Iterator it = certHldrs.iterator(); it.hasNext();) { - try - { - ASN1Primitive obj = ((ASN1Encodable)e.nextElement()).toASN1Primitive(); - - if (obj instanceof ASN1TaggedObject) - { - ASN1TaggedObject tagged = (ASN1TaggedObject)obj; - - if (tagged.getTagNo() == 2) - { - certs.add(new X509V2AttributeCertificate(ASN1Sequence.getInstance(tagged, false).getEncoded())); - } - } - } - catch (IOException ex) - { - throw new CMSException( - "can't re-encode attribute certificate!", ex); - } + certs.add(new X509V2AttributeCertificate(((X509AttributeCertificateHolder)it.next()).getEncoded())); } - } - try - { return X509Store.getInstance( "AttributeCertificate/" +type, new X509CollectionStoreParameters(certs), provider); } @@ -222,202 +208,189 @@ class CMSSignedHelper { throw new CMSException("can't setup the X509Store", e); } - } - - X509Store createCertificateStore( - String type, - Provider provider, - ASN1Set certSet) - throws NoSuchStoreException, CMSException - { - List certs = new ArrayList(); - - if (certSet != null) - { - addCertsFromSet(certs, certSet, provider); - } - - try - { - return X509Store.getInstance( - "Certificate/" +type, new X509CollectionStoreParameters(certs), provider); - } - catch (IllegalArgumentException e) + catch (IOException e) { throw new CMSException("can't setup the X509Store", e); } } - X509Store createCRLsStore( - String type, - Provider provider, - ASN1Set crlSet) - throws NoSuchStoreException, CMSException - { - List crls = new ArrayList(); + // BEGIN android-removed + // X509Store createCertificateStore( + // String type, + // Provider provider, + // Store certStore) + // throws NoSuchStoreException, CMSException + // { + // try + // { + // JcaX509CertificateConverter converter = new JcaX509CertificateConverter().setProvider(provider); + // Collection certHldrs = certStore.getMatches(null); + // List certs = new ArrayList(certHldrs.size()); + // + // for (Iterator it = certHldrs.iterator(); it.hasNext();) + // { + // certs.add(converter.getCertificate((X509CertificateHolder)it.next())); + // } + // + // return X509Store.getInstance( + // "Certificate/" +type, new X509CollectionStoreParameters(certs), provider); + // } + // catch (IllegalArgumentException e) + // { + // throw new CMSException("can't setup the X509Store", e); + // } + // catch (CertificateException e) + // { + // throw new CMSException("can't setup the X509Store", e); + // } + // } + // + // X509Store createCRLsStore( + // String type, + // Provider provider, + // Store crlStore) + // throws NoSuchStoreException, CMSException + // { + // try + // { + // JcaX509CRLConverter converter = new JcaX509CRLConverter().setProvider(provider); + // Collection crlHldrs = crlStore.getMatches(null); + // List crls = new ArrayList(crlHldrs.size()); + // + // for (Iterator it = crlHldrs.iterator(); it.hasNext();) + // { + // crls.add(converter.getCRL((X509CRLHolder)it.next())); + // } + // + // return X509Store.getInstance( + // "CRL/" +type, new X509CollectionStoreParameters(crls), provider); + // } + // catch (IllegalArgumentException e) + // { + // throw new CMSException("can't setup the X509Store", e); + // } + // catch (CRLException e) + // { + // throw new CMSException("can't setup the X509Store", e); + // } + // } + // END android-removed - if (crlSet != null) + AlgorithmIdentifier fixAlgID(AlgorithmIdentifier algId) + { + if (algId.getParameters() == null) { - addCRLsFromSet(crls, crlSet, provider); + return new AlgorithmIdentifier(algId.getAlgorithm(), DERNull.INSTANCE); } - try - { - return X509Store.getInstance( - "CRL/" +type, new X509CollectionStoreParameters(crls), provider); - } - catch (IllegalArgumentException e) - { - throw new CMSException("can't setup the X509Store", e); - } + return algId; } - CertStore createCertStore( - String type, - Provider provider, - ASN1Set certSet, - ASN1Set crlSet) - throws CMSException, NoSuchAlgorithmException + void setSigningEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName) { - List certsAndcrls = new ArrayList(); + encryptionAlgs.put(oid.getId(), algorithmName); + } - // - // load the certificates and revocation lists if we have any - // + void setSigningDigestAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName) + { + digestAlgs.put(oid.getId(), algorithmName); + } + Store getCertificates(ASN1Set certSet) + { if (certSet != null) { - addCertsFromSet(certsAndcrls, certSet, provider); - } - - if (crlSet != null) - { - addCRLsFromSet(certsAndcrls, crlSet, provider); - } + List certList = new ArrayList(certSet.size()); - try - { - if (provider != null) + for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) { - return CertStore.getInstance(type, new CollectionCertStoreParameters(certsAndcrls), provider); - } - else - { - return CertStore.getInstance(type, new CollectionCertStoreParameters(certsAndcrls)); + ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); + + if (obj instanceof ASN1Sequence) + { + certList.add(new X509CertificateHolder(Certificate.getInstance(obj))); + } } + + return new CollectionStore(certList); } - catch (InvalidAlgorithmParameterException e) - { - throw new CMSException("can't setup the CertStore", e); - } + + return new CollectionStore(new ArrayList()); } - private void addCertsFromSet(List certs, ASN1Set certSet, Provider provider) - throws CMSException + Store getAttributeCertificates(ASN1Set certSet) { - CertificateFactory cf; - - try - { - if (provider != null) - { - cf = CertificateFactory.getInstance("X.509", provider); - } - else - { - cf = CertificateFactory.getInstance("X.509"); - } - } - catch (CertificateException ex) + if (certSet != null) { - throw new CMSException("can't get certificate factory.", ex); - } - Enumeration e = certSet.getObjects(); + List certList = new ArrayList(certSet.size()); - while (e.hasMoreElements()) - { - try + for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) { - ASN1Primitive obj = ((ASN1Encodable)e.nextElement()).toASN1Primitive(); + ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); - if (obj instanceof ASN1Sequence) + if (obj instanceof ASN1TaggedObject) { - certs.add(cf.generateCertificate( - new ByteArrayInputStream(obj.getEncoded()))); + certList.add(new X509AttributeCertificateHolder(AttributeCertificate.getInstance(((ASN1TaggedObject)obj).getObject()))); } } - catch (IOException ex) - { - throw new CMSException( - "can't re-encode certificate!", ex); - } - catch (CertificateException ex) - { - throw new CMSException( - "can't re-encode certificate!", ex); - } + + return new CollectionStore(certList); } + + return new CollectionStore(new ArrayList()); } - private void addCRLsFromSet(List crls, ASN1Set certSet, Provider provider) - throws CMSException + Store getCRLs(ASN1Set crlSet) { - CertificateFactory cf; - - try - { - if (provider != null) - { - cf = CertificateFactory.getInstance("X.509", provider); - } - else - { - cf = CertificateFactory.getInstance("X.509"); - } - } - catch (CertificateException ex) + if (crlSet != null) { - throw new CMSException("can't get certificate factory.", ex); - } - Enumeration e = certSet.getObjects(); + List crlList = new ArrayList(crlSet.size()); - while (e.hasMoreElements()) - { - try + for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) { - ASN1Primitive obj = ((ASN1Encodable)e.nextElement()).toASN1Primitive(); + ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); - crls.add(cf.generateCRL( - new ByteArrayInputStream(obj.getEncoded()))); - } - catch (IOException ex) - { - throw new CMSException("can't re-encode CRL!", ex); - } - catch (CRLException ex) - { - throw new CMSException("can't re-encode CRL!", ex); + if (obj instanceof ASN1Sequence) + { + crlList.add(new X509CRLHolder(CertificateList.getInstance(obj))); + } } - } - } - AlgorithmIdentifier fixAlgID(AlgorithmIdentifier algId) - { - if (algId.getParameters() == null) - { - return new AlgorithmIdentifier(algId.getAlgorithm(), DERNull.INSTANCE); + return new CollectionStore(crlList); } - return algId; - } - - void setSigningEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName) - { - encryptionAlgs.put(oid.getId(), algorithmName); + return new CollectionStore(new ArrayList()); } - void setSigningDigestAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName) - { - digestAlgs.put(oid.getId(), algorithmName); - } + // Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet) + // { + // if (crlSet != null) + // { + // List crlList = new ArrayList(crlSet.size()); + // + // for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) + // { + // ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); + // + // if (obj instanceof ASN1TaggedObject) + // { + // ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj); + // + // if (tObj.getTagNo() == 1) + // { + // OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false); + // + // if (otherRevocationInfoFormat.equals(other.getInfoFormat())) + // { + // crlList.add(other.getInfo()); + // } + // } + // } + // } + // + // return new CollectionStore(crlList); + // } + // + // return new CollectionStore(new ArrayList()); + // } } diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java index 907fcc0..ccfab32 100644 --- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java +++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java @@ -20,14 +20,21 @@ import java.util.List; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.BEROctetStringGenerator; import org.bouncycastle.asn1.BERSet; import org.bouncycastle.asn1.DERSet; import org.bouncycastle.asn1.DERTaggedObject; +import org.bouncycastle.asn1.cms.CMSObjectIdentifiers; import org.bouncycastle.asn1.cms.ContentInfo; import org.bouncycastle.asn1.cms.IssuerAndSerialNumber; +// BEGIN android-removed +// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat; +// import org.bouncycastle.asn1.ocsp.OCSPResponse; +// import org.bouncycastle.asn1.ocsp.OCSPResponseStatus; +// END android-removed import org.bouncycastle.asn1.x509.Certificate; import org.bouncycastle.asn1.x509.CertificateList; import org.bouncycastle.asn1.x509.TBSCertificate; @@ -184,6 +191,32 @@ class CMSUtils } } + // BEGIN android-removed + // static Collection getOthersFromStore(ASN1ObjectIdentifier otherRevocationInfoFormat, Store otherRevocationInfos) + // { + // List others = new ArrayList(); + // + // for (Iterator it = otherRevocationInfos.getMatches(null).iterator(); it.hasNext();) + // { + // ASN1Encodable info = (ASN1Encodable)it.next(); + // + // if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(otherRevocationInfoFormat)) + // { + // OCSPResponse resp = OCSPResponse.getInstance(info); + // + // if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL) + // { + // throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData"); + // } + // } + // + // others.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, info))); + // } + // + // return others; + // } + // END android-removed + static ASN1Set createBerSetFromList(List derObjects) { ASN1EncodableVector v = new ASN1EncodableVector(); diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGenerator.java index f5ac174..e378629 100644 --- a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGenerator.java +++ b/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGenerator.java @@ -123,12 +123,12 @@ public class SignerInfoGenerator public SignerIdentifier getSID() { - return signerIdentifier; + return signerIdentifier; } public ASN1Integer getGeneratedVersion() { - return new ASN1Integer(signerIdentifier.isTagged() ? 3 : 1); + return new ASN1Integer(signerIdentifier.isTagged() ? 3 : 1); } public boolean hasAssociatedCertificate() diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInformationStore.java b/bcpkix/src/main/java/org/bouncycastle/cms/SignerInformationStore.java index 70a8727..b65ab5e 100644 --- a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInformationStore.java +++ b/bcpkix/src/main/java/org/bouncycastle/cms/SignerInformationStore.java @@ -9,7 +9,7 @@ import java.util.Map; public class SignerInformationStore { - private ArrayList all = new ArrayList(); + private List all = new ArrayList(); private Map table = new HashMap(); public SignerInformationStore( diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java new file mode 100644 index 0000000..a2c47c2 --- /dev/null +++ b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java @@ -0,0 +1,156 @@ +package org.bouncycastle.operator.bc; + +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +// BEGIN android-removed +// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +// END android-removed +import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.crypto.ExtendedDigest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.GOST3411Digest; +// import org.bouncycastle.crypto.digests.MD2Digest; +// import org.bouncycastle.crypto.digests.MD4Digest; +// END android-removed +import org.bouncycastle.crypto.digests.MD5Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.RIPEMD128Digest; +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// import org.bouncycastle.crypto.digests.RIPEMD256Digest; +// END android-removed +import org.bouncycastle.crypto.digests.SHA1Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.SHA224Digest; +// END android-removed +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA384Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; +import org.bouncycastle.operator.OperatorCreationException; + +public class BcDefaultDigestProvider + implements BcDigestProvider +{ + private static final Map lookup = createTable(); + + private static Map createTable() + { + Map table = new HashMap(); + + table.put(OIWObjectIdentifiers.idSHA1, new BcDigestProvider() + { + public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + { + return new SHA1Digest(); + } + }); + // BEGIN android-removed + // table.put(NISTObjectIdentifiers.id_sha224, new BcDigestProvider() + // { + // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + // { + // return new SHA224Digest(); + // } + // }); + // END android-removed + table.put(NISTObjectIdentifiers.id_sha256, new BcDigestProvider() + { + public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + { + return new SHA256Digest(); + } + }); + table.put(NISTObjectIdentifiers.id_sha384, new BcDigestProvider() + { + public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + { + return new SHA384Digest(); + } + }); + table.put(NISTObjectIdentifiers.id_sha512, new BcDigestProvider() + { + public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + { + return new SHA512Digest(); + } + }); + table.put(PKCSObjectIdentifiers.md5, new BcDigestProvider() + { + public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + { + return new MD5Digest(); + } + }); + // BEGIN android-removed + // table.put(PKCSObjectIdentifiers.md4, new BcDigestProvider() + // { + // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + // { + // return new MD4Digest(); + // } + // }); + // table.put(PKCSObjectIdentifiers.md2, new BcDigestProvider() + // { + // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + // { + // return new MD2Digest(); + // } + // }); + // table.put(CryptoProObjectIdentifiers.gostR3411, new BcDigestProvider() + // { + // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + // { + // return new GOST3411Digest(); + // } + // }); + // table.put(TeleTrusTObjectIdentifiers.ripemd128, new BcDigestProvider() + // { + // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + // { + // return new RIPEMD128Digest(); + // } + // }); + // table.put(TeleTrusTObjectIdentifiers.ripemd160, new BcDigestProvider() + // { + // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + // { + // return new RIPEMD160Digest(); + // } + // }); + // table.put(TeleTrusTObjectIdentifiers.ripemd256, new BcDigestProvider() + // { + // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + // { + // return new RIPEMD256Digest(); + // } + // }); + // END android-removed + + return Collections.unmodifiableMap(table); + } + + public static final BcDigestProvider INSTANCE = new BcDefaultDigestProvider(); + + private BcDefaultDigestProvider() + { + + } + + public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + throws OperatorCreationException + { + BcDigestProvider extProv = (BcDigestProvider)lookup.get(digestAlgorithmIdentifier.getAlgorithm()); + + if (extProv == null) + { + throw new OperatorCreationException("cannot recognise digest"); + } + + return extProv.get(digestAlgorithmIdentifier); + } +} diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDigestCalculatorProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDigestCalculatorProvider.java index 233b31b..4d029dd 100644 --- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDigestCalculatorProvider.java +++ b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDigestCalculatorProvider.java @@ -2,9 +2,11 @@ package org.bouncycastle.operator.bc; import java.io.IOException; import java.io.OutputStream; +import java.util.Map; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.ExtendedDigest; import org.bouncycastle.operator.DigestCalculator; import org.bouncycastle.operator.DigestCalculatorProvider; import org.bouncycastle.operator.OperatorCreationException; @@ -12,10 +14,12 @@ import org.bouncycastle.operator.OperatorCreationException; public class BcDigestCalculatorProvider implements DigestCalculatorProvider { + private BcDigestProvider digestProvider = BcDefaultDigestProvider.INSTANCE; + public DigestCalculator get(final AlgorithmIdentifier algorithm) throws OperatorCreationException { - Digest dig = BcUtil.createDigest(algorithm); + Digest dig = digestProvider.get(algorithm); final DigestOutputStream stream = new DigestOutputStream(dig); diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDigestProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDigestProvider.java new file mode 100644 index 0000000..691a56a --- /dev/null +++ b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDigestProvider.java @@ -0,0 +1,11 @@ +package org.bouncycastle.operator.bc; + +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.crypto.ExtendedDigest; +import org.bouncycastle.operator.OperatorCreationException; + +public interface BcDigestProvider +{ + ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) + throws OperatorCreationException; +} diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcUtil.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcUtil.java deleted file mode 100644 index 368c1f3..0000000 --- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcUtil.java +++ /dev/null @@ -1,98 +0,0 @@ -package org.bouncycastle.operator.bc; - -// BEGIN android-removed -// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed -import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; -import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; -import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.crypto.Digest; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.GOST3411Digest; -// import org.bouncycastle.crypto.digests.MD2Digest; -// import org.bouncycastle.crypto.digests.MD4Digest; -// END android-removed -import org.bouncycastle.crypto.digests.MD5Digest; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.RIPEMD128Digest; -// import org.bouncycastle.crypto.digests.RIPEMD160Digest; -// import org.bouncycastle.crypto.digests.RIPEMD256Digest; -// END android-removed -import org.bouncycastle.crypto.digests.SHA1Digest; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.SHA224Digest; -// END android-removed -import org.bouncycastle.crypto.digests.SHA256Digest; -import org.bouncycastle.crypto.digests.SHA384Digest; -import org.bouncycastle.crypto.digests.SHA512Digest; -import org.bouncycastle.operator.OperatorCreationException; - -class BcUtil -{ - static Digest createDigest(AlgorithmIdentifier digAlg) - throws OperatorCreationException - { - Digest dig; - - if (digAlg.getAlgorithm().equals(OIWObjectIdentifiers.idSHA1)) - { - dig = new SHA1Digest(); - } - // BEGIN android-removed - // else if (digAlg.getAlgorithm().equals(NISTObjectIdentifiers.id_sha224)) - // { - // dig = new SHA224Digest(); - // } - // END android-removed - else if (digAlg.getAlgorithm().equals(NISTObjectIdentifiers.id_sha256)) - { - dig = new SHA256Digest(); - } - else if (digAlg.getAlgorithm().equals(NISTObjectIdentifiers.id_sha384)) - { - dig = new SHA384Digest(); - } - else if (digAlg.getAlgorithm().equals(NISTObjectIdentifiers.id_sha512)) - { - dig = new SHA512Digest(); - } - else if (digAlg.getAlgorithm().equals(PKCSObjectIdentifiers.md5)) - { - dig = new MD5Digest(); - } - // BEGIN android-removed - // else if (digAlg.getAlgorithm().equals(PKCSObjectIdentifiers.md4)) - // { - // dig = new MD4Digest(); - // } - // else if (digAlg.getAlgorithm().equals(PKCSObjectIdentifiers.md2)) - // { - // dig = new MD2Digest(); - // } - // else if (digAlg.getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3411)) - // { - // dig = new GOST3411Digest(); - // } - // else if (digAlg.getAlgorithm().equals(TeleTrusTObjectIdentifiers.ripemd128)) - // { - // dig = new RIPEMD128Digest(); - // } - // else if (digAlg.getAlgorithm().equals(TeleTrusTObjectIdentifiers.ripemd160)) - // { - // dig = new RIPEMD160Digest(); - // } - // else if (digAlg.getAlgorithm().equals(TeleTrusTObjectIdentifiers.ripemd256)) - // { - // dig = new RIPEMD256Digest(); - // } - // END android-removed - else - { - throw new OperatorCreationException("cannot recognise digest"); - } - - return dig; - } -} |