1 /*
2 * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
158 public void derEncode (OutputStream out) throws IOException {
159 DerOutputStream bytes = new DerOutputStream();
160 DerOutputStream tmp = new DerOutputStream();
161
162 bytes.putOID(algid);
163 // Setup params from algParams since no DER encoding is given
164 if (constructedFromDer == false) {
165 if (algParams != null) {
166 params = new DerValue(algParams.getEncoded());
167 } else {
168 params = null;
169 }
170 }
171 if (params == null) {
172 // Changes backed out for compatibility with Solaris
173
174 // Several AlgorithmId should omit the whole parameter part when
175 // it's NULL. They are ---
176 // rfc3370 2.1: Implementations SHOULD generate SHA-1
177 // AlgorithmIdentifiers with absent parameters.
178 // rfc3447 C1: When id-sha1, id-sha256, id-sha384 and id-sha512
179 // are used in an AlgorithmIdentifier the parameters (which are
180 // optional) SHOULD be omitted.
181 // rfc3279 2.3.2: The id-dsa algorithm syntax includes optional
182 // domain parameters... When omitted, the parameters component
183 // MUST be omitted entirely
184 // rfc3370 3.1: When the id-dsa-with-sha1 algorithm identifier
185 // is used, the AlgorithmIdentifier parameters field MUST be absent.
186 /*if (
187 algid.equals((Object)SHA_oid) ||
188 algid.equals((Object)SHA256_oid) ||
189 algid.equals((Object)SHA384_oid) ||
190 algid.equals((Object)SHA512_oid) ||
191 algid.equals((Object)DSA_oid) ||
192 algid.equals((Object)sha1WithDSA_oid)) {
193 ; // no parameter part encoded
194 } else {
195 bytes.putNull();
196 }*/
197 bytes.putNull();
198 } else {
199 bytes.putDerValue(params);
200 }
201 tmp.write(DerValue.tag_Sequence, bytes);
202 out.write(tmp.toByteArray());
203 }
204
205
206 /**
207 * Returns the DER-encoded X.509 AlgorithmId as a byte array.
471 }
472 if (name.equalsIgnoreCase("MD2")) {
473 return AlgorithmId.MD2_oid;
474 }
475 if (name.equalsIgnoreCase("SHA") || name.equalsIgnoreCase("SHA1")
476 || name.equalsIgnoreCase("SHA-1")) {
477 return AlgorithmId.SHA_oid;
478 }
479 if (name.equalsIgnoreCase("SHA-256") ||
480 name.equalsIgnoreCase("SHA256")) {
481 return AlgorithmId.SHA256_oid;
482 }
483 if (name.equalsIgnoreCase("SHA-384") ||
484 name.equalsIgnoreCase("SHA384")) {
485 return AlgorithmId.SHA384_oid;
486 }
487 if (name.equalsIgnoreCase("SHA-512") ||
488 name.equalsIgnoreCase("SHA512")) {
489 return AlgorithmId.SHA512_oid;
490 }
491
492
493 // Various public key algorithms
494 if (name.equalsIgnoreCase("RSA")) {
495 return AlgorithmId.RSAEncryption_oid;
496 }
497 if (name.equalsIgnoreCase("Diffie-Hellman")
498 || name.equalsIgnoreCase("DH")) {
499 return AlgorithmId.DH_oid;
500 }
501 if (name.equalsIgnoreCase("DSA")) {
502 return AlgorithmId.DSA_oid;
503 }
504 if (name.equalsIgnoreCase("EC")) {
505 return EC_oid;
506 }
507
508 // Common signature types
509 if (name.equalsIgnoreCase("MD5withRSA")
510 || name.equalsIgnoreCase("MD5/RSA")) {
511 return AlgorithmId.md5WithRSAEncryption_oid;
608 */
609 public static final ObjectIdentifier MD2_oid =
610 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 2, 2});
611
612 /**
613 * Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321.
614 * OID = 1.2.840.113549.2.5
615 */
616 public static final ObjectIdentifier MD5_oid =
617 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 2, 5});
618
619 /**
620 * Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1.
621 * This is sometimes called "SHA", though that is often confusing since
622 * many people refer to FIPS 180 (which has an error) as defining SHA.
623 * OID = 1.3.14.3.2.26. Old SHA-0 OID: 1.3.14.3.2.18.
624 */
625 public static final ObjectIdentifier SHA_oid =
626 ObjectIdentifier.newInternal(new int[] {1, 3, 14, 3, 2, 26});
627
628 public static final ObjectIdentifier SHA256_oid =
629 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 1});
630
631 public static final ObjectIdentifier SHA384_oid =
632 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 2});
633
634 public static final ObjectIdentifier SHA512_oid =
635 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 3});
636
637 /*
638 * COMMON PUBLIC KEY TYPES
639 */
640 private static final int DH_data[] = { 1, 2, 840, 113549, 1, 3, 1 };
641 private static final int DH_PKIX_data[] = { 1, 2, 840, 10046, 2, 1 };
642 private static final int DSA_OIW_data[] = { 1, 3, 14, 3, 2, 12 };
643 private static final int DSA_PKIX_data[] = { 1, 2, 840, 10040, 4, 1 };
644 private static final int RSA_data[] = { 2, 5, 8, 1, 1 };
645 private static final int RSAEncryption_data[] =
646 { 1, 2, 840, 113549, 1, 1, 1 };
647
648 public static final ObjectIdentifier DH_oid;
649 public static final ObjectIdentifier DH_PKIX_oid;
650 public static final ObjectIdentifier DSA_oid;
651 public static final ObjectIdentifier DSA_OIW_oid;
652 public static final ObjectIdentifier EC_oid = oid(1, 2, 840, 10045, 2, 1);
653 public static final ObjectIdentifier RSA_oid;
654 public static final ObjectIdentifier RSAEncryption_oid;
655
656 /*
657 * COMMON SIGNATURE ALGORITHMS
658 */
659 private static final int md2WithRSAEncryption_data[] =
660 { 1, 2, 840, 113549, 1, 1, 2 };
661 private static final int md5WithRSAEncryption_data[] =
662 { 1, 2, 840, 113549, 1, 1, 4 };
663 private static final int sha1WithRSAEncryption_data[] =
664 { 1, 2, 840, 113549, 1, 1, 5 };
665 private static final int sha1WithRSAEncryption_OIW_data[] =
666 { 1, 3, 14, 3, 2, 29 };
667 private static final int sha256WithRSAEncryption_data[] =
668 { 1, 2, 840, 113549, 1, 1, 11 };
669 private static final int sha384WithRSAEncryption_data[] =
670 { 1, 2, 840, 113549, 1, 1, 12 };
671 private static final int sha512WithRSAEncryption_data[] =
672 { 1, 2, 840, 113549, 1, 1, 13 };
673 private static final int shaWithDSA_OIW_data[] =
674 { 1, 3, 14, 3, 2, 13 };
675 private static final int sha1WithDSA_OIW_data[] =
676 { 1, 3, 14, 3, 2, 27 };
677 private static final int dsaWithSHA1_PKIX_data[] =
678 { 1, 2, 840, 10040, 4, 3 };
679
680 public static final ObjectIdentifier md2WithRSAEncryption_oid;
681 public static final ObjectIdentifier md5WithRSAEncryption_oid;
682 public static final ObjectIdentifier sha1WithRSAEncryption_oid;
683 public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oid;
684 public static final ObjectIdentifier sha256WithRSAEncryption_oid;
685 public static final ObjectIdentifier sha384WithRSAEncryption_oid;
686 public static final ObjectIdentifier sha512WithRSAEncryption_oid;
687 public static final ObjectIdentifier shaWithDSA_OIW_oid;
688 public static final ObjectIdentifier sha1WithDSA_OIW_oid;
689 public static final ObjectIdentifier sha1WithDSA_oid;
690
691 public static final ObjectIdentifier sha1WithECDSA_oid =
692 oid(1, 2, 840, 10045, 4, 1);
693 public static final ObjectIdentifier sha224WithECDSA_oid =
694 oid(1, 2, 840, 10045, 4, 3, 1);
695 public static final ObjectIdentifier sha256WithECDSA_oid =
696 oid(1, 2, 840, 10045, 4, 3, 2);
697 public static final ObjectIdentifier sha384WithECDSA_oid =
698 oid(1, 2, 840, 10045, 4, 3, 3);
699 public static final ObjectIdentifier sha512WithECDSA_oid =
700 oid(1, 2, 840, 10045, 4, 3, 4);
701 public static final ObjectIdentifier specifiedWithECDSA_oid =
702 oid(1, 2, 840, 10045, 4, 3);
703
793 md5WithRSAEncryption_oid =
794 ObjectIdentifier.newInternal(md5WithRSAEncryption_data);
795
796 /**
797 * Identifies a signing algorithm where a SHA1 digest is
798 * encrypted using an RSA private key; defined by RSA DSI.
799 * OID = 1.2.840.113549.1.1.5
800 */
801 sha1WithRSAEncryption_oid =
802 ObjectIdentifier.newInternal(sha1WithRSAEncryption_data);
803
804 /**
805 * Identifies a signing algorithm where a SHA1 digest is
806 * encrypted using an RSA private key; defined in NIST OIW.
807 * OID = 1.3.14.3.2.29
808 */
809 sha1WithRSAEncryption_OIW_oid =
810 ObjectIdentifier.newInternal(sha1WithRSAEncryption_OIW_data);
811
812 /**
813 * Identifies a signing algorithm where a SHA256 digest is
814 * encrypted using an RSA private key; defined by PKCS #1.
815 * OID = 1.2.840.113549.1.1.11
816 */
817 sha256WithRSAEncryption_oid =
818 ObjectIdentifier.newInternal(sha256WithRSAEncryption_data);
819
820 /**
821 * Identifies a signing algorithm where a SHA384 digest is
822 * encrypted using an RSA private key; defined by PKCS #1.
823 * OID = 1.2.840.113549.1.1.12
824 */
825 sha384WithRSAEncryption_oid =
826 ObjectIdentifier.newInternal(sha384WithRSAEncryption_data);
827
828 /**
829 * Identifies a signing algorithm where a SHA512 digest is
830 * encrypted using an RSA private key; defined by PKCS #1.
831 * OID = 1.2.840.113549.1.1.13
832 */
842 shaWithDSA_OIW_oid = ObjectIdentifier.newInternal(shaWithDSA_OIW_data);
843
844 /**
845 * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a
846 * SHA1 digest is signed using the Digital Signing Algorithm (DSA).
847 * OID = 1.3.14.3.2.27
848 */
849 sha1WithDSA_OIW_oid = ObjectIdentifier.newInternal(sha1WithDSA_OIW_data);
850
851 /**
852 * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a
853 * SHA1 digest is signed using the Digital Signing Algorithm (DSA).
854 * OID = 1.2.840.10040.4.3
855 */
856 sha1WithDSA_oid = ObjectIdentifier.newInternal(dsaWithSHA1_PKIX_data);
857
858 nameTable = new HashMap<ObjectIdentifier,String>();
859 nameTable.put(MD5_oid, "MD5");
860 nameTable.put(MD2_oid, "MD2");
861 nameTable.put(SHA_oid, "SHA");
862 nameTable.put(SHA256_oid, "SHA256");
863 nameTable.put(SHA384_oid, "SHA384");
864 nameTable.put(SHA512_oid, "SHA512");
865 nameTable.put(RSAEncryption_oid, "RSA");
866 nameTable.put(RSA_oid, "RSA");
867 nameTable.put(DH_oid, "Diffie-Hellman");
868 nameTable.put(DH_PKIX_oid, "Diffie-Hellman");
869 nameTable.put(DSA_oid, "DSA");
870 nameTable.put(DSA_OIW_oid, "DSA");
871 nameTable.put(EC_oid, "EC");
872 nameTable.put(sha1WithECDSA_oid, "SHA1withECDSA");
873 nameTable.put(sha224WithECDSA_oid, "SHA224withECDSA");
874 nameTable.put(sha256WithECDSA_oid, "SHA256withECDSA");
875 nameTable.put(sha384WithECDSA_oid, "SHA384withECDSA");
876 nameTable.put(sha512WithECDSA_oid, "SHA512withECDSA");
877 nameTable.put(md5WithRSAEncryption_oid, "MD5withRSA");
878 nameTable.put(md2WithRSAEncryption_oid, "MD2withRSA");
879 nameTable.put(sha1WithDSA_oid, "SHA1withDSA");
880 nameTable.put(sha1WithDSA_OIW_oid, "SHA1withDSA");
881 nameTable.put(shaWithDSA_OIW_oid, "SHA1withDSA");
882 nameTable.put(sha1WithRSAEncryption_oid, "SHA1withRSA");
883 nameTable.put(sha1WithRSAEncryption_OIW_oid, "SHA1withRSA");
884 nameTable.put(sha256WithRSAEncryption_oid, "SHA256withRSA");
885 nameTable.put(sha384WithRSAEncryption_oid, "SHA384withRSA");
886 nameTable.put(sha512WithRSAEncryption_oid, "SHA512withRSA");
887 nameTable.put(pbeWithMD5AndDES_oid, "PBEWithMD5AndDES");
888 nameTable.put(pbeWithMD5AndRC2_oid, "PBEWithMD5AndRC2");
889 nameTable.put(pbeWithSHA1AndDES_oid, "PBEWithSHA1AndDES");
890 nameTable.put(pbeWithSHA1AndRC2_oid, "PBEWithSHA1AndRC2");
891 nameTable.put(pbeWithSHA1AndDESede_oid, "PBEWithSHA1AndDESede");
892 nameTable.put(pbeWithSHA1AndRC2_40_oid, "PBEWithSHA1AndRC2_40");
893 }
894
895 /**
896 * Creates a signature algorithm name from a digest algorithm
897 * name and a encryption algorithm name.
898 */
899 public static String makeSigAlg(String digAlg, String encAlg) {
900 digAlg = digAlg.replace("-", "").toUpperCase(Locale.ENGLISH);
901 if (digAlg.equalsIgnoreCase("SHA")) digAlg = "SHA1";
902
903 encAlg = encAlg.toUpperCase(Locale.ENGLISH);
|
1 /*
2 * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
158 public void derEncode (OutputStream out) throws IOException {
159 DerOutputStream bytes = new DerOutputStream();
160 DerOutputStream tmp = new DerOutputStream();
161
162 bytes.putOID(algid);
163 // Setup params from algParams since no DER encoding is given
164 if (constructedFromDer == false) {
165 if (algParams != null) {
166 params = new DerValue(algParams.getEncoded());
167 } else {
168 params = null;
169 }
170 }
171 if (params == null) {
172 // Changes backed out for compatibility with Solaris
173
174 // Several AlgorithmId should omit the whole parameter part when
175 // it's NULL. They are ---
176 // rfc3370 2.1: Implementations SHOULD generate SHA-1
177 // AlgorithmIdentifiers with absent parameters.
178 // rfc3447 C1: When id-sha1, id-sha224, id-sha256, id-sha384 and
179 // id-sha512 are used in an AlgorithmIdentifier the parameters
180 // (which are optional) SHOULD be omitted.
181 // rfc3279 2.3.2: The id-dsa algorithm syntax includes optional
182 // domain parameters... When omitted, the parameters component
183 // MUST be omitted entirely
184 // rfc3370 3.1: When the id-dsa-with-sha1 algorithm identifier
185 // is used, the AlgorithmIdentifier parameters field MUST be absent.
186 /*if (
187 algid.equals((Object)SHA_oid) ||
188 algid.equals((Object)SHA224_oid) ||
189 algid.equals((Object)SHA256_oid) ||
190 algid.equals((Object)SHA384_oid) ||
191 algid.equals((Object)SHA512_oid) ||
192 algid.equals((Object)DSA_oid) ||
193 algid.equals((Object)sha1WithDSA_oid)) {
194 ; // no parameter part encoded
195 } else {
196 bytes.putNull();
197 }*/
198 bytes.putNull();
199 } else {
200 bytes.putDerValue(params);
201 }
202 tmp.write(DerValue.tag_Sequence, bytes);
203 out.write(tmp.toByteArray());
204 }
205
206
207 /**
208 * Returns the DER-encoded X.509 AlgorithmId as a byte array.
472 }
473 if (name.equalsIgnoreCase("MD2")) {
474 return AlgorithmId.MD2_oid;
475 }
476 if (name.equalsIgnoreCase("SHA") || name.equalsIgnoreCase("SHA1")
477 || name.equalsIgnoreCase("SHA-1")) {
478 return AlgorithmId.SHA_oid;
479 }
480 if (name.equalsIgnoreCase("SHA-256") ||
481 name.equalsIgnoreCase("SHA256")) {
482 return AlgorithmId.SHA256_oid;
483 }
484 if (name.equalsIgnoreCase("SHA-384") ||
485 name.equalsIgnoreCase("SHA384")) {
486 return AlgorithmId.SHA384_oid;
487 }
488 if (name.equalsIgnoreCase("SHA-512") ||
489 name.equalsIgnoreCase("SHA512")) {
490 return AlgorithmId.SHA512_oid;
491 }
492 if (name.equalsIgnoreCase("SHA-224") ||
493 name.equalsIgnoreCase("SHA224")) {
494 return AlgorithmId.SHA224_oid;
495 }
496
497 // Various public key algorithms
498 if (name.equalsIgnoreCase("RSA")) {
499 return AlgorithmId.RSAEncryption_oid;
500 }
501 if (name.equalsIgnoreCase("Diffie-Hellman")
502 || name.equalsIgnoreCase("DH")) {
503 return AlgorithmId.DH_oid;
504 }
505 if (name.equalsIgnoreCase("DSA")) {
506 return AlgorithmId.DSA_oid;
507 }
508 if (name.equalsIgnoreCase("EC")) {
509 return EC_oid;
510 }
511
512 // Common signature types
513 if (name.equalsIgnoreCase("MD5withRSA")
514 || name.equalsIgnoreCase("MD5/RSA")) {
515 return AlgorithmId.md5WithRSAEncryption_oid;
612 */
613 public static final ObjectIdentifier MD2_oid =
614 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 2, 2});
615
616 /**
617 * Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321.
618 * OID = 1.2.840.113549.2.5
619 */
620 public static final ObjectIdentifier MD5_oid =
621 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 2, 5});
622
623 /**
624 * Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1.
625 * This is sometimes called "SHA", though that is often confusing since
626 * many people refer to FIPS 180 (which has an error) as defining SHA.
627 * OID = 1.3.14.3.2.26. Old SHA-0 OID: 1.3.14.3.2.18.
628 */
629 public static final ObjectIdentifier SHA_oid =
630 ObjectIdentifier.newInternal(new int[] {1, 3, 14, 3, 2, 26});
631
632 public static final ObjectIdentifier SHA224_oid =
633 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 4});
634
635 public static final ObjectIdentifier SHA256_oid =
636 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 1});
637
638 public static final ObjectIdentifier SHA384_oid =
639 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 2});
640
641 public static final ObjectIdentifier SHA512_oid =
642 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 3});
643
644 /*
645 * COMMON PUBLIC KEY TYPES
646 */
647 private static final int DH_data[] = { 1, 2, 840, 113549, 1, 3, 1 };
648 private static final int DH_PKIX_data[] = { 1, 2, 840, 10046, 2, 1 };
649 private static final int DSA_OIW_data[] = { 1, 3, 14, 3, 2, 12 };
650 private static final int DSA_PKIX_data[] = { 1, 2, 840, 10040, 4, 1 };
651 private static final int RSA_data[] = { 2, 5, 8, 1, 1 };
652 private static final int RSAEncryption_data[] =
653 { 1, 2, 840, 113549, 1, 1, 1 };
654
655 public static final ObjectIdentifier DH_oid;
656 public static final ObjectIdentifier DH_PKIX_oid;
657 public static final ObjectIdentifier DSA_oid;
658 public static final ObjectIdentifier DSA_OIW_oid;
659 public static final ObjectIdentifier EC_oid = oid(1, 2, 840, 10045, 2, 1);
660 public static final ObjectIdentifier RSA_oid;
661 public static final ObjectIdentifier RSAEncryption_oid;
662
663 /*
664 * COMMON SIGNATURE ALGORITHMS
665 */
666 private static final int md2WithRSAEncryption_data[] =
667 { 1, 2, 840, 113549, 1, 1, 2 };
668 private static final int md5WithRSAEncryption_data[] =
669 { 1, 2, 840, 113549, 1, 1, 4 };
670 private static final int sha1WithRSAEncryption_data[] =
671 { 1, 2, 840, 113549, 1, 1, 5 };
672 private static final int sha1WithRSAEncryption_OIW_data[] =
673 { 1, 3, 14, 3, 2, 29 };
674 private static final int sha224WithRSAEncryption_data[] =
675 { 1, 2, 840, 113549, 1, 1, 14 };
676 private static final int sha256WithRSAEncryption_data[] =
677 { 1, 2, 840, 113549, 1, 1, 11 };
678 private static final int sha384WithRSAEncryption_data[] =
679 { 1, 2, 840, 113549, 1, 1, 12 };
680 private static final int sha512WithRSAEncryption_data[] =
681 { 1, 2, 840, 113549, 1, 1, 13 };
682 private static final int shaWithDSA_OIW_data[] =
683 { 1, 3, 14, 3, 2, 13 };
684 private static final int sha1WithDSA_OIW_data[] =
685 { 1, 3, 14, 3, 2, 27 };
686 private static final int dsaWithSHA1_PKIX_data[] =
687 { 1, 2, 840, 10040, 4, 3 };
688
689 public static final ObjectIdentifier md2WithRSAEncryption_oid;
690 public static final ObjectIdentifier md5WithRSAEncryption_oid;
691 public static final ObjectIdentifier sha1WithRSAEncryption_oid;
692 public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oid;
693 public static final ObjectIdentifier sha224WithRSAEncryption_oid;
694 public static final ObjectIdentifier sha256WithRSAEncryption_oid;
695 public static final ObjectIdentifier sha384WithRSAEncryption_oid;
696 public static final ObjectIdentifier sha512WithRSAEncryption_oid;
697 public static final ObjectIdentifier shaWithDSA_OIW_oid;
698 public static final ObjectIdentifier sha1WithDSA_OIW_oid;
699 public static final ObjectIdentifier sha1WithDSA_oid;
700
701 public static final ObjectIdentifier sha1WithECDSA_oid =
702 oid(1, 2, 840, 10045, 4, 1);
703 public static final ObjectIdentifier sha224WithECDSA_oid =
704 oid(1, 2, 840, 10045, 4, 3, 1);
705 public static final ObjectIdentifier sha256WithECDSA_oid =
706 oid(1, 2, 840, 10045, 4, 3, 2);
707 public static final ObjectIdentifier sha384WithECDSA_oid =
708 oid(1, 2, 840, 10045, 4, 3, 3);
709 public static final ObjectIdentifier sha512WithECDSA_oid =
710 oid(1, 2, 840, 10045, 4, 3, 4);
711 public static final ObjectIdentifier specifiedWithECDSA_oid =
712 oid(1, 2, 840, 10045, 4, 3);
713
803 md5WithRSAEncryption_oid =
804 ObjectIdentifier.newInternal(md5WithRSAEncryption_data);
805
806 /**
807 * Identifies a signing algorithm where a SHA1 digest is
808 * encrypted using an RSA private key; defined by RSA DSI.
809 * OID = 1.2.840.113549.1.1.5
810 */
811 sha1WithRSAEncryption_oid =
812 ObjectIdentifier.newInternal(sha1WithRSAEncryption_data);
813
814 /**
815 * Identifies a signing algorithm where a SHA1 digest is
816 * encrypted using an RSA private key; defined in NIST OIW.
817 * OID = 1.3.14.3.2.29
818 */
819 sha1WithRSAEncryption_OIW_oid =
820 ObjectIdentifier.newInternal(sha1WithRSAEncryption_OIW_data);
821
822 /**
823 * Identifies a signing algorithm where a SHA224 digest is
824 * encrypted using an RSA private key; defined by PKCS #1.
825 * OID = 1.2.840.113549.1.1.14
826 */
827 sha224WithRSAEncryption_oid =
828 ObjectIdentifier.newInternal(sha224WithRSAEncryption_data);
829
830 /**
831 * Identifies a signing algorithm where a SHA256 digest is
832 * encrypted using an RSA private key; defined by PKCS #1.
833 * OID = 1.2.840.113549.1.1.11
834 */
835 sha256WithRSAEncryption_oid =
836 ObjectIdentifier.newInternal(sha256WithRSAEncryption_data);
837
838 /**
839 * Identifies a signing algorithm where a SHA384 digest is
840 * encrypted using an RSA private key; defined by PKCS #1.
841 * OID = 1.2.840.113549.1.1.12
842 */
843 sha384WithRSAEncryption_oid =
844 ObjectIdentifier.newInternal(sha384WithRSAEncryption_data);
845
846 /**
847 * Identifies a signing algorithm where a SHA512 digest is
848 * encrypted using an RSA private key; defined by PKCS #1.
849 * OID = 1.2.840.113549.1.1.13
850 */
860 shaWithDSA_OIW_oid = ObjectIdentifier.newInternal(shaWithDSA_OIW_data);
861
862 /**
863 * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a
864 * SHA1 digest is signed using the Digital Signing Algorithm (DSA).
865 * OID = 1.3.14.3.2.27
866 */
867 sha1WithDSA_OIW_oid = ObjectIdentifier.newInternal(sha1WithDSA_OIW_data);
868
869 /**
870 * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a
871 * SHA1 digest is signed using the Digital Signing Algorithm (DSA).
872 * OID = 1.2.840.10040.4.3
873 */
874 sha1WithDSA_oid = ObjectIdentifier.newInternal(dsaWithSHA1_PKIX_data);
875
876 nameTable = new HashMap<ObjectIdentifier,String>();
877 nameTable.put(MD5_oid, "MD5");
878 nameTable.put(MD2_oid, "MD2");
879 nameTable.put(SHA_oid, "SHA");
880 nameTable.put(SHA224_oid, "SHA224");
881 nameTable.put(SHA256_oid, "SHA256");
882 nameTable.put(SHA384_oid, "SHA384");
883 nameTable.put(SHA512_oid, "SHA512");
884 nameTable.put(RSAEncryption_oid, "RSA");
885 nameTable.put(RSA_oid, "RSA");
886 nameTable.put(DH_oid, "Diffie-Hellman");
887 nameTable.put(DH_PKIX_oid, "Diffie-Hellman");
888 nameTable.put(DSA_oid, "DSA");
889 nameTable.put(DSA_OIW_oid, "DSA");
890 nameTable.put(EC_oid, "EC");
891 nameTable.put(sha1WithECDSA_oid, "SHA1withECDSA");
892 nameTable.put(sha224WithECDSA_oid, "SHA224withECDSA");
893 nameTable.put(sha256WithECDSA_oid, "SHA256withECDSA");
894 nameTable.put(sha384WithECDSA_oid, "SHA384withECDSA");
895 nameTable.put(sha512WithECDSA_oid, "SHA512withECDSA");
896 nameTable.put(md5WithRSAEncryption_oid, "MD5withRSA");
897 nameTable.put(md2WithRSAEncryption_oid, "MD2withRSA");
898 nameTable.put(sha1WithDSA_oid, "SHA1withDSA");
899 nameTable.put(sha1WithDSA_OIW_oid, "SHA1withDSA");
900 nameTable.put(shaWithDSA_OIW_oid, "SHA1withDSA");
901 nameTable.put(sha1WithRSAEncryption_oid, "SHA1withRSA");
902 nameTable.put(sha1WithRSAEncryption_OIW_oid, "SHA1withRSA");
903 nameTable.put(sha224WithRSAEncryption_oid, "SHA224withRSA");
904 nameTable.put(sha256WithRSAEncryption_oid, "SHA256withRSA");
905 nameTable.put(sha384WithRSAEncryption_oid, "SHA384withRSA");
906 nameTable.put(sha512WithRSAEncryption_oid, "SHA512withRSA");
907 nameTable.put(pbeWithMD5AndDES_oid, "PBEWithMD5AndDES");
908 nameTable.put(pbeWithMD5AndRC2_oid, "PBEWithMD5AndRC2");
909 nameTable.put(pbeWithSHA1AndDES_oid, "PBEWithSHA1AndDES");
910 nameTable.put(pbeWithSHA1AndRC2_oid, "PBEWithSHA1AndRC2");
911 nameTable.put(pbeWithSHA1AndDESede_oid, "PBEWithSHA1AndDESede");
912 nameTable.put(pbeWithSHA1AndRC2_40_oid, "PBEWithSHA1AndRC2_40");
913 }
914
915 /**
916 * Creates a signature algorithm name from a digest algorithm
917 * name and a encryption algorithm name.
918 */
919 public static String makeSigAlg(String digAlg, String encAlg) {
920 digAlg = digAlg.replace("-", "").toUpperCase(Locale.ENGLISH);
921 if (digAlg.equalsIgnoreCase("SHA")) digAlg = "SHA1";
922
923 encAlg = encAlg.toUpperCase(Locale.ENGLISH);
|