OpenSSLX509Certificate: use OID if alg name unavailable
If we cannot map the signature OID type to a canonical name, then we
should try to get an instance of the signature type using the OID.
Additionally, we should return the OID for the #getSigAlgName instead of
null.
Bug: 22365511
Change-Id: I1ebf48667cf720ee5c7751667601eec2f6f8ec91
diff --git a/src/main/java/org/conscrypt/OpenSSLX509Certificate.java b/src/main/java/org/conscrypt/OpenSSLX509Certificate.java
index aed141d..ff7aa84 100644
--- a/src/main/java/org/conscrypt/OpenSSLX509Certificate.java
+++ b/src/main/java/org/conscrypt/OpenSSLX509Certificate.java
@@ -284,7 +284,12 @@
@Override
public String getSigAlgName() {
- return AlgNameMapper.map2AlgName(getSigAlgOID());
+ String oid = getSigAlgOID();
+ String algName = AlgNameMapper.map2AlgName(oid);
+ if (algName != null) {
+ return algName;
+ }
+ return oid;
}
@Override
@@ -357,16 +362,9 @@
private void verifyInternal(PublicKey key, String sigProvider) throws CertificateException,
NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
SignatureException {
- String sigAlg = getSigAlgName();
- if (sigAlg == null) {
- sigAlg = getSigAlgOID();
- }
-
- final Signature sig;
- if (sigProvider == null) {
- sig = Signature.getInstance(sigAlg);
- } else {
- sig = Signature.getInstance(sigAlg, sigProvider);
+ Signature sig = getSignatureInstance(getSigAlgName(), sigProvider);
+ if (sig == null) {
+ sig = getSignatureInstance(getSigAlgOID(), sigProvider);
}
sig.initVerify(key);
@@ -376,6 +374,23 @@
}
}
+ /**
+ * Gets a signature instance or returns {@code null} if there is no
+ * provider.
+ */
+ private Signature getSignatureInstance(String sigAlg, String sigProvider)
+ throws NoSuchProviderException {
+ try {
+ if (sigProvider == null) {
+ return Signature.getInstance(sigAlg);
+ } else {
+ return Signature.getInstance(sigAlg, sigProvider);
+ }
+ } catch (NoSuchAlgorithmException ignored) {
+ return null;
+ }
+ }
+
@Override
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException,
InvalidKeyException, NoSuchProviderException, SignatureException {