--- a/src/java.base/share/classes/sun/security/util/SignatureUtil.java Tue Apr 09 16:32:22 2019 -0700
+++ b/src/java.base/share/classes/sun/security/util/SignatureUtil.java Wed Apr 10 02:35:18 2019 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -29,6 +29,7 @@
import java.security.*;
import java.security.spec.*;
import sun.security.rsa.RSAUtil;
+import jdk.internal.access.SharedSecrets;
/**
* Utility class for Signature related operations. Currently used by various
@@ -39,12 +40,25 @@
*/
public class SignatureUtil {
+ private static String checkName(String algName) throws ProviderException {
+ if (algName.indexOf(".") == -1) {
+ return algName;
+ }
+ // convert oid to String
+ try {
+ return Signature.getInstance(algName).getAlgorithm();
+ } catch (Exception e) {
+ throw new ProviderException("Error mapping algorithm name", e);
+ }
+ }
+
// Utility method of creating an AlgorithmParameters object with
// the specified algorithm name and encoding
private static AlgorithmParameters createAlgorithmParameters(String algName,
byte[] paramBytes) throws ProviderException {
try {
+ algName = checkName(algName);
AlgorithmParameters result =
AlgorithmParameters.getInstance(algName);
result.init(paramBytes);
@@ -54,52 +68,81 @@
}
}
- private static AlgorithmParameterSpec getParamSpec(String sigName,
+ // Utility method for converting the specified AlgorithmParameters object
+ // into an AlgorithmParameterSpec object.
+ public static AlgorithmParameterSpec getParamSpec(String sigName,
AlgorithmParameters params)
- throws InvalidAlgorithmParameterException, ProviderException {
+ throws ProviderException {
- if (params == null) return null;
-
- if (sigName.toUpperCase().indexOf("RSA") == -1) {
- throw new ProviderException
- ("Unrecognized algorithm for signature parameters " +
- sigName);
+ sigName = checkName(sigName);
+ AlgorithmParameterSpec paramSpec = null;
+ if (params != null) {
+ if (sigName.toUpperCase().indexOf("RSA") == -1) {
+ throw new ProviderException
+ ("Unrecognized algorithm for signature parameters " +
+ sigName);
+ }
+ // AlgorithmParameters.getAlgorithm() may returns oid if it's
+ // created during DER decoding. Convert to use the standard name
+ // before passing it to RSAUtil
+ if (params.getAlgorithm().indexOf(".") != -1) {
+ try {
+ params = createAlgorithmParameters(sigName,
+ params.getEncoded());
+ } catch (IOException e) {
+ throw new ProviderException(e);
+ }
+ }
+ paramSpec = RSAUtil.getParamSpec(params);
}
- // AlgorithmParameters.getAlgorithm() may returns oid if it's
- // created during DER decoding. Convert to use the standard name
- // before passing it to RSAUtil
- String alg = params.getAlgorithm();
- if (alg.equalsIgnoreCase(sigName) || alg.indexOf(".") != -1) {
- try {
- params = createAlgorithmParameters(sigName,
- params.getEncoded());
- } catch (IOException e) {
- throw new ProviderException(e);
- }
- }
- return RSAUtil.getParamSpec(params);
+ return paramSpec;
}
- // Special method for setting the specified parameter bytes into the
- // specified Signature object as signature parameters.
- public static void specialSetParameter(Signature sig, byte[] paramBytes)
- throws InvalidAlgorithmParameterException, ProviderException {
+ // Utility method for converting the specified parameter bytes into an
+ // AlgorithmParameterSpec object.
+ public static AlgorithmParameterSpec getParamSpec(String sigName,
+ byte[] paramBytes)
+ throws ProviderException {
+ sigName = checkName(sigName);
+ AlgorithmParameterSpec paramSpec = null;
if (paramBytes != null) {
- String sigName = sig.getAlgorithm();
+ if (sigName.toUpperCase().indexOf("RSA") == -1) {
+ throw new ProviderException
+ ("Unrecognized algorithm for signature parameters " +
+ sigName);
+ }
AlgorithmParameters params =
createAlgorithmParameters(sigName, paramBytes);
- specialSetParameter(sig, params);
+ paramSpec = RSAUtil.getParamSpec(params);
}
+ return paramSpec;
}
- // Special method for setting the specified AlgorithmParameter object
- // into the specified Signature object as signature parameters.
- public static void specialSetParameter(Signature sig,
- AlgorithmParameters params)
- throws InvalidAlgorithmParameterException, ProviderException {
- if (params != null) {
- String sigName = sig.getAlgorithm();
- sig.setParameter(getParamSpec(sigName, params));
- }
+ // Utility method for initializing the specified Signature object
+ // for verification with the specified key and params (may be null)
+ public static void initVerifyWithParam(Signature s, PublicKey key,
+ AlgorithmParameterSpec params)
+ throws ProviderException, InvalidAlgorithmParameterException,
+ InvalidKeyException {
+ SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, key, params);
+ }
+
+ // Utility method for initializing the specified Signature object
+ // for verification with the specified Certificate and params (may be null)
+ public static void initVerifyWithParam(Signature s,
+ java.security.cert.Certificate cert,
+ AlgorithmParameterSpec params)
+ throws ProviderException, InvalidAlgorithmParameterException,
+ InvalidKeyException {
+ SharedSecrets.getJavaSecuritySignatureAccess().initVerify(s, cert, params);
+ }
+
+ // Utility method for initializing the specified Signature object
+ // for signing with the specified key and params (may be null)
+ public static void initSignWithParam(Signature s, PrivateKey key,
+ AlgorithmParameterSpec params, SecureRandom sr)
+ throws ProviderException, InvalidAlgorithmParameterException,
+ InvalidKeyException {
+ SharedSecrets.getJavaSecuritySignatureAccess().initSign(s, key, params, sr);
}
}