1 files changed, 234 insertions, 0 deletions

diff --git a/pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignerBuilder.java b/pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignerBuilder.java
new file mode 100644
index 00000000..460bb5cf
--- /dev/null
+++ b/pkix/src/main/java/org/spongycastle/eac/operator/jcajce/JcaEACSignerBuilder.java
@@ -0,0 +1,234 @@
+package org.spongycastle.eac.operator.jcajce;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.util.Arrays;
+import java.util.Hashtable;
+
+import org.spongycastle.asn1.ASN1Integer;
+import org.spongycastle.asn1.ASN1ObjectIdentifier;
+import org.spongycastle.asn1.ASN1Sequence;
+import org.spongycastle.asn1.eac.EACObjectIdentifiers;
+import org.spongycastle.eac.operator.EACSigner;
+import org.spongycastle.operator.OperatorCreationException;
+import org.spongycastle.operator.OperatorStreamException;
+import org.spongycastle.operator.RuntimeOperatorException;
+
+public class JcaEACSignerBuilder
+{
+    private static final Hashtable sigNames = new Hashtable();
+
+    static
+    {
+        sigNames.put("SHA1withRSA", EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1);
+        sigNames.put("SHA256withRSA", EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256);
+        sigNames.put("SHA1withRSAandMGF1", EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1);
+        sigNames.put("SHA256withRSAandMGF1", EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256);
+        sigNames.put("SHA512withRSA", EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_512);
+        sigNames.put("SHA512withRSAandMGF1", EACObjectIdentifiers.id_TA_RSA_PSS_SHA_512);
+
+        sigNames.put("SHA1withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
+        sigNames.put("SHA224withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
+        sigNames.put("SHA256withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
+        sigNames.put("SHA384withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
+        sigNames.put("SHA512withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
+    }
+
+    private EACHelper helper = new DefaultEACHelper();
+
+    public JcaEACSignerBuilder setProvider(String providerName)
+    {
+        this.helper = new NamedEACHelper(providerName);
+
+        return this;
+    }
+
+    public JcaEACSignerBuilder setProvider(Provider provider)
+    {
+        this.helper = new ProviderEACHelper(provider);
+
+        return this;
+    }
+
+    public EACSigner build(String algorithm, PrivateKey privKey)
+        throws OperatorCreationException
+    {
+        return build((ASN1ObjectIdentifier)sigNames.get(algorithm), privKey);
+    }
+
+    public EACSigner build(final ASN1ObjectIdentifier usageOid, PrivateKey privKey)
+        throws OperatorCreationException
+    {
+        Signature sig;
+        try
+        {
+            sig = helper.getSignature(usageOid);
+
+            sig.initSign(privKey);
+        }
+        catch (NoSuchAlgorithmException e)
+        {
+            throw new OperatorCreationException("unable to find algorithm: " + e.getMessage(), e);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw new OperatorCreationException("unable to find provider: " + e.getMessage(), e);
+        }
+        catch (InvalidKeyException e)
+        {
+            throw new OperatorCreationException("invalid key: " + e.getMessage(), e);
+        }
+
+        final SignatureOutputStream sigStream = new SignatureOutputStream(sig);
+
+        return new EACSigner()
+        {
+            public ASN1ObjectIdentifier getUsageIdentifier()
+            {
+                return usageOid;
+            }
+
+            public OutputStream getOutputStream()
+            {
+                return sigStream;
+            }
+
+            public byte[] getSignature()
+            {
+                try
+                {
+                    byte[] signature = sigStream.getSignature();
+
+                    if (usageOid.on(EACObjectIdentifiers.id_TA_ECDSA))
+                    {
+                        return reencode(signature);
+                    }
+
+                    return signature;
+                }
+                catch (SignatureException e)
+                {
+                    throw new RuntimeOperatorException("exception obtaining signature: " + e.getMessage(), e);
+                }
+            }
+        };
+    }
+
+    public static int max(int el1, int el2)
+    {
+        return el1 > el2 ? el1 : el2;
+    }
+
+    private static byte[] reencode(byte[] rawSign)
+    {
+        ASN1Sequence sData = ASN1Sequence.getInstance(rawSign);
+
+        BigInteger r = ASN1Integer.getInstance(sData.getObjectAt(0)).getValue();
+        BigInteger s = ASN1Integer.getInstance(sData.getObjectAt(1)).getValue();
+
+        byte[] rB = r.toByteArray();
+        byte[] sB = s.toByteArray();
+
+        int rLen = unsignedIntLength(rB);
+        int sLen = unsignedIntLength(sB);
+
+        byte[] ret;
+        int len = max(rLen, sLen);
+
+        ret = new byte[len * 2];
+        Arrays.fill(ret, (byte)0);
+
+        copyUnsignedInt(rB, ret, len - rLen);
+        copyUnsignedInt(sB, ret, 2 * len - sLen);
+
+        return ret;
+    }
+
+    private static int unsignedIntLength(byte[] i)
+    {
+        int len = i.length;
+        if (i[0] == 0)
+        {
+            len--;
+        }
+
+        return len;
+    }
+
+    private static void copyUnsignedInt(byte[] src, byte[] dst, int offset)
+    {
+        int len = src.length;
+        int readoffset = 0;
+        if (src[0] == 0)
+        {
+            len--;
+            readoffset = 1;
+        }
+
+        System.arraycopy(src, readoffset, dst, offset, len);
+    }
+
+    private class SignatureOutputStream
+        extends OutputStream
+    {
+        private Signature sig;
+
+        SignatureOutputStream(Signature sig)
+        {
+            this.sig = sig;
+        }
+
+        public void write(byte[] bytes, int off, int len)
+            throws IOException
+        {
+            try
+            {
+                sig.update(bytes, off, len);
+            }
+            catch (SignatureException e)
+            {
+                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
+            }
+        }
+
+        public void write(byte[] bytes)
+            throws IOException
+        {
+            try
+            {
+                sig.update(bytes);
+            }
+            catch (SignatureException e)
+            {
+                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
+            }
+        }
+
+        public void write(int b)
+            throws IOException
+        {
+            try
+            {
+                sig.update((byte)b);
+            }
+            catch (SignatureException e)
+            {
+                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
+            }
+        }
+
+        byte[] getSignature()
+            throws SignatureException
+        {
+            return sig.sign();
+        }
+    }
+}