View Javadoc
1   /*
2    * Copyright 2018 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.ssl;
17  
18  import java.util.Locale;
19  import java.util.regex.Matcher;
20  import java.util.regex.Pattern;
21  
22  /**
23   * Converts OpenSSL signature Algorithm names to
24   * <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#Signature">
25   *     Java signature Algorithm names</a>.
26   */
27  final class SignatureAlgorithmConverter {
28  
29      private SignatureAlgorithmConverter() { }
30  
31      // OpenSSL has 3 different formats it uses at the moment we will match against all of these.
32      // For example:
33      //              ecdsa-with-SHA384
34      //              hmacWithSHA384
35      //              dsa_with_SHA224
36      //
37      // For more details see https://github.com/openssl/openssl/blob/OpenSSL_1_0_2p/crypto/objects/obj_dat.h
38      //
39      // BoringSSL uses a different format:
40      // https://github.com/google/boringssl/blob/8525ff3/ssl/ssl_privkey.cc#L436
41      //
42      private static final Pattern PATTERN = Pattern.compile(
43              // group 1 - 2
44              "(?:(^[a-zA-Z].+)With(.+)Encryption$)|" +
45              // group 3 - 4
46              "(?:(^[a-zA-Z].+)(?:_with_|-with-|_pkcs1_|_pss_rsae_)(.+$))|" +
47              // group 5 - 6
48              "(?:(^[a-zA-Z].+)_(.+$))");
49  
50      /**
51       * Converts an OpenSSL algorithm name to a Java algorithm name and return it,
52       * or return {@code null} if the conversation failed because the format is not known.
53       */
54      static String toJavaName(String opensslName) {
55          if (opensslName == null) {
56              return null;
57          }
58          Matcher matcher = PATTERN.matcher(opensslName);
59          if (matcher.matches()) {
60              String group1 = matcher.group(1);
61              if (group1 != null) {
62                  return group1.toUpperCase(Locale.ROOT) + "with" + matcher.group(2).toUpperCase(Locale.ROOT);
63              }
64              if (matcher.group(3) != null) {
65                  return matcher.group(4).toUpperCase(Locale.ROOT) + "with" + matcher.group(3).toUpperCase(Locale.ROOT);
66              }
67  
68              if (matcher.group(5) != null) {
69                  return matcher.group(6).toUpperCase(Locale.ROOT) + "with" + matcher.group(5).toUpperCase(Locale.ROOT);
70              }
71          }
72          return null;
73      }
74  }