libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java

   1 /* RSAPSSSignatureX509Codec.java -- X.509 encoder/decoder for RSA signatures
   2    Copyright (C) 2006 Free Software Foundation, Inc.
   3
   4 This file is part of GNU Classpath.
   5
   6 GNU Classpath is free software; you can redistribute it and/or modify
   7 it under the terms of the GNU General Public License as published by
   8 the Free Software Foundation; either version 2, or (at your option)
   9 any later version.
  10
  11 GNU Classpath is distributed in the hope that it will be useful, but
  12 WITHOUT ANY WARRANTY; without even the implied warranty of
  13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14 General Public License for more details.
  15
  16 You should have received a copy of the GNU General Public License
  17 along with GNU Classpath; see the file COPYING.  If not, write to the
  18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19 02110-1301 USA.
  20
  21 Linking this library statically or dynamically with other modules is
  22 making a combined work based on this library.  Thus, the terms and
  23 conditions of the GNU General Public License cover the whole
  24 combination.
  25
  26 As a special exception, the copyright holders of this library give you
  27 permission to link this library with independent modules to produce an
  28 executable, regardless of the license terms of these independent
  29 modules, and to copy and distribute the resulting executable under
  30 terms of your choice, provided that you also meet, for each linked
  31 independent module, the terms and conditions of the license of that
  32 module.  An independent module is a module which is not derived from
  33 or based on this library.  If you modify this library, you may extend
  34 this exception to your version of the library, but you are not
  35 obligated to do so.  If you do not wish to do so, delete this
  36 exception statement from your version. */
  37
  38
  39 package gnu.java.security.sig.rsa;
  40
  41 import gnu.java.security.Registry;
  42 import gnu.java.security.sig.ISignatureCodec;
  43
  44 import java.security.InvalidParameterException;
  45
  46 /**
  47  * An implementation of an {@link ISignatureCodec} that knows to encode and
  48  * decode RSA PKCS1 (v1.5) signatures into the raw bytes which would constitute
  49  * a DER-encoded form of the ASN.1 structure defined in RFC-2459, and RFC-2313
  50  * as described in the next paragraphs.
  51  * <p>
  52  * Digital signatures when transmitted in an X.509 certificates are encoded
  53  * in DER (Distinguished Encoding Rules) as a BIT STRING; i.e.
  54  *
  55  * <pre>
  56  * Certificate ::= SEQUENCE {
  57  *   tbsCertificate       TBSCertificate,
  58  *   signatureAlgorithm   AlgorithmIdentifier,
  59  *   signature            BIT STRING
  60  * }
  61  * </pre>
  62  * <p>
  63  * The output of the encoder, and the input of the decoder, of this codec are
  64  * then the <i>raw</i> bytes of such a BIT STRING; i.e. not the DER-encoded
  65  * form itself.
  66  * <p>
  67  * Our implementation of the RSA PKCS1 signature algorithm outputs a byte array
  68  * as the result of generating a digital signature, in accordance with RFC-2313.
  69  * As a consequence, the encoder and decoder of this codec, simply pass through
  70  * such a byte array.
  71  * <p>
  72  * Client code that needs to build a DER BIT STRING <b>MUST</b> construct such
  73  * an ASN.1 value. The following is an example of how to do this:
  74  * <p>
  75  * <pre>
  76  * ...
  77  * import gnu.java.security.der.BitString;
  78  * import gnu.java.security.der.DER;
  79  * import gnu.java.security.der.DERValue;
  80  * ...
  81  * DERValue bitString = new DERValue(DER.BIT_STRING, new BitString(sigBytes));
  82  * ...
  83  * </pre>
  84  */
  85 public class RSAPKCS1V1_5SignatureX509Codec
  86     implements ISignatureCodec
  87 {
  88   // default 0-arguments constructor
  89
  90   public int getFormatID()
  91   {
  92     return Registry.X509_ENCODING_ID;
  93   }
  94
  95   /**
  96    * Encodes an RSA Signature output as a <i>signature</i> BIT STRING as
  97    * defined in the documentation of this class.
  98    *
  99    * @param signature the output of the RSA PKCS1 (v1.5) signature algorithm;
 100    *          i.e. the value returned by the invocation of
 101    *          {@link gnu.java.security.sig.ISignature#sign()} method. In the
 102    *          case of the RSA PKCS1 (v1.5) signature this is an array of bytes.
 103    * @return the raw bytes of an RSA signature which could be then used as the
 104    *         contents of a BIT STRING as per rfc-2459.
 105    */
 106   public byte[] encodeSignature(Object signature)
 107   {
 108     byte[] result = (byte[]) signature;
 109     return result;
 110   }
 111
 112   /**
 113    * Decodes a <i>signature</i> as defined in the documentation of this class.
 114    *
 115    * @param input the byte array to unmarshall into a valid RSA PKCS1 (v1.5)
 116    *          signature instance; i.e. a byte array. MUST NOT be null.
 117    * @return an array of raw bytes decoded from the designated input. In the
 118    *         case of RSA PKCS1 (v1.5) this is the same as the input.
 119    * @throw InvalidParameterException if the <code>input</code> array is null.
 120    */
 121   public Object decodeSignature(byte[] input)
 122   {
 123     if (input == null)
 124       throw new InvalidParameterException("Input bytes MUST NOT be null");
 125
 126     return input;
 127   }
 128 }