Make signing algorithm agnostic

Eugene Bochilo · Eugene Bochilo · commit a26f6dfed14e · 2023-07-19T00:57:41.000+03:00
DEVSIX-7617
diff --git a/bouncy-castle-adapter/src/main/java/com/itextpdf/bouncycastle/BouncyCastleFactory.java b/bouncy-castle-adapter/src/main/java/com/itextpdf/bouncycastle/BouncyCastleFactory.java
@@ -309,6 +309,8 @@ This file is part of the iText (R) project.
 import org.bouncycastle.openssl.PEMParser;
 import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
 import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
+import org.bouncycastle.operator.DefaultAlgorithmNameFinder;
+import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
 import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
 import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
 import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
@@ -335,6 +337,27 @@ public BouncyCastleFactory() {
         // Empty constructor.
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public String getAlgorithmOid(String name) {
+        try {
+            AlgorithmIdentifier algorithmIdentifier = new DefaultSignatureAlgorithmIdentifierFinder().find(name);
+            return algorithmIdentifier.getAlgorithm().getId();
+        } catch (IllegalArgumentException ignored) {
+            return null;
+        }
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public String getAlgorithmName(String oid) {
+        return new DefaultAlgorithmNameFinder().getAlgorithmName(new ASN1ObjectIdentifier(oid));
+    }
+
     /**
      * {@inheritDoc}
      */
diff --git a/bouncy-castle-connector/src/main/java/com/itextpdf/bouncycastleconnector/BouncyCastleDefaultFactory.java b/bouncy-castle-connector/src/main/java/com/itextpdf/bouncycastleconnector/BouncyCastleDefaultFactory.java
@@ -153,6 +153,16 @@ class BouncyCastleDefaultFactory implements IBouncyCastleFactory {
     BouncyCastleDefaultFactory() {
         // Empty constructor
     }
+
+    @Override
+    public String getAlgorithmOid(String name) {
+        throw new UnsupportedOperationException(BouncyCastleLogMessageConstant.BOUNCY_CASTLE_DEPENDENCY_MUST_PRESENT);
+    }
+
+    @Override
+    public String getAlgorithmName(String oid) {
+        throw new UnsupportedOperationException(BouncyCastleLogMessageConstant.BOUNCY_CASTLE_DEPENDENCY_MUST_PRESENT);
+    }
     
     @Override
     public IASN1ObjectIdentifier createASN1ObjectIdentifier(IASN1Encodable encodable) {
diff --git a/bouncy-castle-fips-adapter/src/main/java/com/itextpdf/bouncycastlefips/BouncyCastleFipsFactory.java b/bouncy-castle-fips-adapter/src/main/java/com/itextpdf/bouncycastlefips/BouncyCastleFipsFactory.java
@@ -313,6 +313,8 @@ This file is part of the iText (R) project.
 import org.bouncycastle.openssl.PEMParser;
 import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
 import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
+import org.bouncycastle.operator.DefaultAlgorithmNameFinder;
+import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
 import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
 import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
 import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
@@ -339,6 +341,23 @@ public BouncyCastleFipsFactory() {
         // Empty constructor.
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public String getAlgorithmOid(String name) {
+        AlgorithmIdentifier algorithmIdentifier = new DefaultSignatureAlgorithmIdentifierFinder().find(name);
+        return algorithmIdentifier.getAlgorithm().getId();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public String getAlgorithmName(String oid) {
+        return new DefaultAlgorithmNameFinder().getAlgorithmName(new ASN1ObjectIdentifier(oid));
+    }
+
     /**
      * {@inheritDoc}
      */
diff --git a/commons/src/main/java/com/itextpdf/commons/bouncycastle/IBouncyCastleFactory.java b/commons/src/main/java/com/itextpdf/commons/bouncycastle/IBouncyCastleFactory.java
@@ -152,6 +152,25 @@ This file is part of the iText (R) project.
  * selected depending on a bouncy-castle dependency specified by the user.
  */
 public interface IBouncyCastleFactory {
+
+    /**
+     * Get signing algorithm oid from its name.
+     * 
+     * @param name name of the algorithm
+     * 
+     * @return algorithm oid
+     */
+    String getAlgorithmOid(String name);
+
+    /**
+     * Get signing algorithm name from its oid.
+     * 
+     * @param oid oid of the algorithm
+     * 
+     * @return algorithm name
+     */
+    String getAlgorithmName(String oid);
+    
     /**
      * Cast ASN1 encodable wrapper to the ASN1 object identifier wrapper.
      *
diff --git a/sharpenConfiguration.xml b/sharpenConfiguration.xml
@@ -467,7 +467,7 @@
                 <file path="com/itextpdf/signatures/PdfPKCS7ManuallyPortedTest.java"/>
             </fileset>
             <fileset reason="Different implementation on .NET and java">
-                <file path="com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests.java"/>
+                <file path="com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTest.java"/>
             </fileset>
             <fileset reason=".pem files reading logic is different in java and .net">
                 <file path="com/itextpdf/signatures/testutils/PemFileHelper.java"/>
diff --git a/sign/src/main/java/com/itextpdf/signatures/PdfPKCS7.java b/sign/src/main/java/com/itextpdf/signatures/PdfPKCS7.java
@@ -657,7 +657,7 @@ public String getSignatureMechanismName() {
                 // there's no need to duplicate that information in the algorithm name.
                 return "RSASSA-PSS";
             default:
-                return getDigestAlgorithmName() + "with" + getSignatureAlgorithmName();
+                return SignatureMechanisms.getMechanism(signatureMechanismOid, getDigestAlgorithmName());
         }
     }
 
diff --git a/sign/src/main/java/com/itextpdf/signatures/PrivateKeySignature.java b/sign/src/main/java/com/itextpdf/signatures/PrivateKeySignature.java
@@ -22,10 +22,12 @@ This file is part of the iText (R) project.
  */
 package com.itextpdf.signatures;
 
+import com.itextpdf.commons.utils.MessageFormatUtil;
 import com.itextpdf.kernel.exceptions.PdfException;
 import com.itextpdf.signatures.exceptions.SignExceptionMessageConstant;
 
 import java.security.GeneralSecurityException;
+import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.Signature;
 
@@ -164,24 +166,38 @@ public ISignatureMechanismParams getSignatureMechanismParameters() {
     @Override
     public byte[] sign(byte[] message) throws GeneralSecurityException {
         String algorithm = getSignatureMechanismName();
-        Signature sig = SignUtils.getSignatureHelper(algorithm, provider);
-        if (parameters != null) {
-            parameters.apply(sig);
+        Signature sig;
+        try {
+            sig = SignUtils.getSignatureHelper(algorithm, provider);
+            if (parameters != null) {
+                parameters.apply(sig);
+            }
+            sig.initSign(pk);
+            sig.update(message);
+            return sig.sign();
+        } catch (Exception ignored) {
+            try {
+                sig = SignUtils.getSignatureHelper(getSignatureAlgorithmName(), provider);
+                if (parameters != null) {
+                    parameters.apply(sig);
+                }
+                sig.initSign(pk);
+                sig.update(message);
+                return sig.sign();
+            } catch (Exception e) {
+                throw new PdfException(MessageFormatUtil.format(
+                        SignExceptionMessageConstant.ALGORITHMS_NOT_SUPPORTED, algorithm, getSignatureAlgorithmName()),
+                        e);
+            }
         }
-        sig.initSign(pk);
-        sig.update(message);
-        return sig.sign();
     }
 
     private String getSignatureMechanismName() {
         final String signatureAlgo = this.getSignatureAlgorithmName();
-        // Ed25519 and Ed448 do not involve a choice of hashing algorithm
-        // and RSASSA-PSS is parameterised
-        if ("Ed25519".equals(signatureAlgo) || "Ed448".equals(signatureAlgo)
-                || "RSASSA-PSS".equals(signatureAlgo)) {
+        // RSASSA-PSS is parameterised
+        if ("RSASSA-PSS".equals(signatureAlgo)) {
             return signatureAlgo;
-        } else {
-            return getDigestAlgorithmName() + "with" + getSignatureAlgorithmName();
-        }
+        } 
+        return getDigestAlgorithmName() + "with" + getSignatureAlgorithmName();
     }
 }
diff --git a/sign/src/main/java/com/itextpdf/signatures/SignatureMechanisms.java b/sign/src/main/java/com/itextpdf/signatures/SignatureMechanisms.java
@@ -22,8 +22,14 @@ This file is part of the iText (R) project.
  */
 package com.itextpdf.signatures;
 
+import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
+import com.itextpdf.commons.bouncycastle.IBouncyCastleFactory;
+import com.itextpdf.signatures.logs.SignLogMessageConstant;
+
 import java.util.HashMap;
 import java.util.Map;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Class that contains OID mappings to extract a signature algorithm name
@@ -32,6 +38,10 @@ This file is part of the iText (R) project.
  */
 public class SignatureMechanisms {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(SignatureMechanisms.class);
+    
+    private static final IBouncyCastleFactory BOUNCY_CASTLE_FACTORY = BouncyCastleFactoryCreator.getFactory();
+
     /** Maps IDs of signature algorithms with its human-readable name. */
     static final Map<String, String> algorithmNames = new HashMap<>();
     static final Map<String, String> rsaOidsByDigest = new HashMap<>();
@@ -141,23 +151,40 @@ public class SignatureMechanisms {
      * @return an OID string, or {@code null} if none was found.
      */
     public static String getSignatureMechanismOid(String signatureAlgorithmName, String digestAlgorithmName) {
+        String resultingOId;
         switch (signatureAlgorithmName) {
             case "RSA":
                 final String oId = rsaOidsByDigest.get(digestAlgorithmName);
-                return oId == null ? SecurityIDs.ID_RSA : oId;
+                resultingOId = oId == null ? SecurityIDs.ID_RSA : oId;
+                break;
             case "DSA":
-                return dsaOidsByDigest.get(digestAlgorithmName);
+                resultingOId = dsaOidsByDigest.get(digestAlgorithmName);
+                break;
             case "ECDSA":
-                return ecdsaOidsByDigest.get(digestAlgorithmName);
+                resultingOId = ecdsaOidsByDigest.get(digestAlgorithmName);
+                break;
             case "Ed25519":
-                return SecurityIDs.ID_ED25519;
+                resultingOId = SecurityIDs.ID_ED25519;
+                break;
             case "Ed448":
-                return SecurityIDs.ID_ED448;
+                resultingOId = SecurityIDs.ID_ED448;
+                break;
             case "RSASSA-PSS":
             case "RSA/PSS":
-                return SecurityIDs.ID_RSASSA_PSS;
+                resultingOId = SecurityIDs.ID_RSASSA_PSS;
+                break;
             default:
-                return null;
+                resultingOId = null;
+        }
+        if (resultingOId != null) {
+            return resultingOId;
+        }
+        LOGGER.warn(SignLogMessageConstant.ALGORITHM_NOT_FROM_SPEC);
+        resultingOId = BOUNCY_CASTLE_FACTORY.getAlgorithmOid(digestAlgorithmName + "with" + signatureAlgorithmName);
+        if (resultingOId == null) {
+            return BOUNCY_CASTLE_FACTORY.getAlgorithmOid(signatureAlgorithmName);
+        } else {
+            return resultingOId;
         }
     }
 
@@ -174,4 +201,21 @@ public static String getAlgorithm(String oid) {
             return ret;
         }
     }
+
+    /**
+     * Get the signing mechanism name for a certain id and digest.
+     * 
+     * @param oid an id of an algorithm
+     * @param digest digest of an algorithm
+     * 
+     * @return name of the mechanism
+     */
+    public static String getMechanism(String oid, String digest) {
+        String algorithm = getAlgorithm(oid);
+        if (!algorithm.equals(oid)) {
+            return digest + "with" + algorithm;
+        }
+        LOGGER.warn(SignLogMessageConstant.ALGORITHM_NOT_FROM_SPEC);
+        return BOUNCY_CASTLE_FACTORY.getAlgorithmName(oid);
+    }
 }
diff --git a/sign/src/main/java/com/itextpdf/signatures/exceptions/SignExceptionMessageConstant.java b/sign/src/main/java/com/itextpdf/signatures/exceptions/SignExceptionMessageConstant.java
@@ -26,6 +26,8 @@ This file is part of the iText (R) project.
  * Class that bundles all the error message templates as constants.
  */
 public final class SignExceptionMessageConstant {
+    public static final String ALGORITHMS_NOT_SUPPORTED = "Signing algorithms {0} and {1} are not supported.";
+    
     public static final String AUTHENTICATED_ATTRIBUTE_IS_MISSING_THE_DIGEST = "Authenticated attribute is missing "
             + "the digest.";
     public static final String AVAILABLE_SPACE_IS_NOT_ENOUGH_FOR_SIGNATURE = "Available space is not enough for "
diff --git a/sign/src/main/java/com/itextpdf/signatures/logs/SignLogMessageConstant.java b/sign/src/main/java/com/itextpdf/signatures/logs/SignLogMessageConstant.java
@@ -29,6 +29,9 @@ public final class SignLogMessageConstant {
 
     public static final String EXCEPTION_WITHOUT_MESSAGE =
             "Unexpected exception without message was thrown during keystore processing";
+    
+    public static final String ALGORITHM_NOT_FROM_SPEC =
+            "Requested algorithm might not be supported by the pdf specification.";
 
     private SignLogMessageConstant() {
         // Private constructor will prevent the instantiation of this class directly
diff --git a/sign/src/test/java/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTest.java b/sign/src/test/java/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTest.java
@@ -41,8 +41,11 @@ This file is part of the iText (R) project.
 import com.itextpdf.signatures.PrivateKeySignature;
 import com.itextpdf.signatures.SecurityIDs;
 import com.itextpdf.signatures.SignatureUtil;
+import com.itextpdf.signatures.logs.SignLogMessageConstant;
 import com.itextpdf.signatures.testutils.PemFileHelper;
-import com.itextpdf.test.ITextTest;
+import com.itextpdf.test.ExtendedITextTest;
+import com.itextpdf.test.annotations.LogMessage;
+import com.itextpdf.test.annotations.LogMessages;
 import com.itextpdf.test.annotations.type.BouncyCastleIntegrationTest;
 
 import java.io.ByteArrayInputStream;
@@ -67,6 +70,8 @@ This file is part of the iText (R) project.
 import java.util.HashSet;
 import java.util.Set;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
 import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
@@ -77,7 +82,7 @@ This file is part of the iText (R) project.
 import org.junit.experimental.categories.Category;
 
 @Category(BouncyCastleIntegrationTest.class)
-public class IsoSignatureExtensionsRoundtripTests extends ITextTest {
+public class IsoSignatureExtensionsRoundtripTest extends ExtendedITextTest {
     private static final IBouncyCastleFactory BOUNCY_CASTLE_FACTORY = BouncyCastleFactoryCreator.getFactory();
 
     private static final String SOURCE_FOLDER =
@@ -115,6 +120,34 @@ public void testEd448() throws Exception {
     public void testBrainpoolP384r1WithSha384() throws Exception {
         doRoundTrip("brainpoolP384r1", DigestAlgorithms.SHA384, X9ObjectIdentifiers.ecdsa_with_SHA384);
     }
+    
+    @Test
+    @LogMessages(messages = @LogMessage(messageTemplate = SignLogMessageConstant.ALGORITHM_NOT_FROM_SPEC, count = 3), ignore = true)
+    public void testPlainBrainpoolP384r1WithSha384() throws Exception {
+        if ("BC".equals(BOUNCY_CASTLE_FACTORY.getProviderName())) {
+            doRoundTrip("plainBrainpoolP384r1", DigestAlgorithms.SHA384, "PLAIN-ECDSA",
+                    BSIObjectIdentifiers.ecdsa_plain_SHA384);
+        } else {
+            // PLAIN_ECDSA is currently not supported in BCFIPS
+            Assert.assertThrows(PdfException.class,
+                    () -> doRoundTrip("plainBrainpoolP384r1", DigestAlgorithms.SHA384,
+                            "PLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA384));
+        }
+    }
+    
+    @Test
+    @LogMessages(messages = @LogMessage(messageTemplate = SignLogMessageConstant.ALGORITHM_NOT_FROM_SPEC, count = 3), ignore = true)
+    public void testCvcBrainpoolP384r1WithSha384() throws Exception {
+        if ("BC".equals(BOUNCY_CASTLE_FACTORY.getProviderName())) {
+            doRoundTrip("cvcBrainpoolP384r1", DigestAlgorithms.SHA384, "CVC-ECDSA",
+                    EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
+        } else {
+            // CVC_ECDSA is currently not supported in BCFIPS
+            Assert.assertThrows(PdfException.class,
+                    () -> doRoundTrip("cvcBrainpoolP384r1", DigestAlgorithms.SHA384,
+                            "CVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384));
+        }
+    }
 
     @Test
     public void testBrainpoolP384r1WithSha3_384() throws Exception {
diff --git a/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/cvcBrainpoolP384r1.crt b/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/cvcBrainpoolP384r1.crt
diff --git a/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/cvcBrainpoolP384r1.key.pem b/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/cvcBrainpoolP384r1.key.pem
@@ -0,0 +1,8 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBHDBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQILO2URPFSo7gCAggA
+MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBBg359a5GBDuEsq54UUaplsBIHA
+nKah5MzABEWIgHk+KoJHgggNzDYfgFwIrvRpj1X7X1lLlW3UgKWza2V32KdUsYXb
+1KghEQ9PObdGKoi3fa5PrlDNahXYiD1FHmqOeSJmhP3qCOl+ytSTLKPhq4iyA9Gz
+xseDDKndD1uRpVAl8yPRZkLsnqzHLN6+ah6zB3taugE8MK4BQa3swG1C57WpKM6r
+umdebWq6z+owGYGdA6WOzwKAxcaoTHliV7rrjIfetgBb4Rd2D2hvKRxHG4N6NmMV
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/plainBrainpoolP384r1.crt b/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/plainBrainpoolP384r1.crt
diff --git a/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/plainBrainpoolP384r1.key.pem b/sign/src/test/resources/com/itextpdf/signatures/sign/IsoSignatureExtensionsRoundtripTests/plainBrainpoolP384r1.key.pem
@@ -0,0 +1,8 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBHDBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQILO2URPFSo7gCAggA
+MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBBg359a5GBDuEsq54UUaplsBIHA
+nKah5MzABEWIgHk+KoJHgggNzDYfgFwIrvRpj1X7X1lLlW3UgKWza2V32KdUsYXb
+1KghEQ9PObdGKoi3fa5PrlDNahXYiD1FHmqOeSJmhP3qCOl+ytSTLKPhq4iyA9Gz
+xseDDKndD1uRpVAl8yPRZkLsnqzHLN6+ah6zB3taugE8MK4BQa3swG1C57WpKM6r
+umdebWq6z+owGYGdA6WOzwKAxcaoTHliV7rrjIfetgBb4Rd2D2hvKRxHG4N6NmMV
+-----END ENCRYPTED PRIVATE KEY-----

Original file line number	Diff line number	Diff line change
`@@ -657,7 +657,7 @@ public String getSignatureMechanismName() {`
`657`	`657`	`// there's no need to duplicate that information in the algorithm name.`
`658`	`658`	`return "RSASSA-PSS";`
`659`	`659`	`default:`
`660`		`- return getDigestAlgorithmName() + "with" + getSignatureAlgorithmName();`
	`660`	`+ return SignatureMechanisms.getMechanism(signatureMechanismOid, getDigestAlgorithmName());`
`661`	`661`	`}`
`662`	`662`	`}`
`663`	`663`