1 /* 2 * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.x509; 27 28 import java.io.*; 29 import java.security.spec.AlgorithmParameterSpec; 30 import java.security.spec.InvalidParameterSpecException; 31 import java.security.spec.MGF1ParameterSpec; 32 import java.security.spec.PSSParameterSpec; 33 import java.util.*; 34 import java.security.*; 35 36 import sun.security.rsa.PSSParameters; 37 import sun.security.util.*; 38 39 40 /** 41 * This class identifies algorithms, such as cryptographic transforms, each 42 * of which may be associated with parameters. Instances of this base class 43 * are used when this runtime environment has no special knowledge of the 44 * algorithm type, and may also be used in other cases. Equivalence is 45 * defined according to OID and (where relevant) parameters. 46 * 47 * <P>Subclasses may be used, for example when the algorithm ID has 48 * associated parameters which some code (e.g. code using public keys) needs 49 * to have parsed. Two examples of such algorithms are Diffie-Hellman key 50 * exchange, and the Digital Signature Standard Algorithm (DSS/DSA). 51 * 52 * <P>The OID constants defined in this class correspond to some widely 53 * used algorithms, for which conventional string names have been defined. 54 * This class is not a general repository for OIDs, or for such string names. 55 * Note that the mappings between algorithm IDs and algorithm names is 56 * not one-to-one. 57 * 58 * 59 * @author David Brownell 60 * @author Amit Kapoor 61 * @author Hemma Prafullchandra 62 */ 63 public class AlgorithmId implements Serializable, DerEncoder { 64 65 /** use serialVersionUID from JDK 1.1. for interoperability */ 66 @java.io.Serial 67 private static final long serialVersionUID = 7205873507486557157L; 68 69 /** 70 * The object identitifer being used for this algorithm. 71 */ 72 private ObjectIdentifier algid; 73 74 // The (parsed) parameters 75 @SuppressWarnings("serial") // Not statically typed as Serializable 76 private AlgorithmParameters algParams; 77 private boolean constructedFromDer = true; 78 79 /** 80 * Parameters for this algorithm. These are stored in unparsed 81 * DER-encoded form; subclasses can be made to automaticaly parse 82 * them so there is fast access to these parameters. 83 */ 84 @SuppressWarnings("serial") // Not statically typed as Serializable 85 protected DerValue params; 86 87 88 /** 89 * Constructs an algorithm ID which will be initialized 90 * separately, for example by deserialization. 91 * @deprecated use one of the other constructors. 92 */ 93 @Deprecated 94 public AlgorithmId() { } 95 96 /** 97 * Constructs a parameterless algorithm ID. 98 * 99 * @param oid the identifier for the algorithm 100 */ 101 public AlgorithmId(ObjectIdentifier oid) { 102 algid = oid; 103 } 104 105 /** 106 * Constructs an algorithm ID with algorithm parameters. 107 * 108 * @param oid the identifier for the algorithm. 109 * @param algparams the associated algorithm parameters. 110 */ 111 public AlgorithmId(ObjectIdentifier oid, AlgorithmParameters algparams) { 112 algid = oid; 113 algParams = algparams; 114 constructedFromDer = false; 115 } 116 117 private AlgorithmId(ObjectIdentifier oid, DerValue params) 118 throws IOException { 119 this.algid = oid; 120 this.params = params; 121 if (this.params != null) { 122 decodeParams(); 123 } 124 } 125 126 protected void decodeParams() throws IOException { 127 String algidString = algid.toString(); 128 try { 129 algParams = AlgorithmParameters.getInstance(algidString); 130 } catch (NoSuchAlgorithmException e) { 131 /* 132 * This algorithm parameter type is not supported, so we cannot 133 * parse the parameters. 134 */ 135 algParams = null; 136 return; 137 } 138 139 // Decode (parse) the parameters 140 algParams.init(params.toByteArray()); 141 } 142 143 /** 144 * Marshal a DER-encoded "AlgorithmID" sequence on the DER stream. 145 */ 146 public final void encode(DerOutputStream out) throws IOException { 147 derEncode(out); 148 } 149 150 /** 151 * DER encode this object onto an output stream. 152 * Implements the <code>DerEncoder</code> interface. 153 * 154 * @param out 155 * the output stream on which to write the DER encoding. 156 * 157 * @exception IOException on encoding error. 158 */ 159 public void derEncode (OutputStream out) throws IOException { 160 DerOutputStream bytes = new DerOutputStream(); 161 DerOutputStream tmp = new DerOutputStream(); 162 163 bytes.putOID(algid); 164 // Setup params from algParams since no DER encoding is given 165 if (constructedFromDer == false) { 166 if (algParams != null) { 167 params = new DerValue(algParams.getEncoded()); 168 } else { 169 params = null; 170 } 171 } 172 if (params == null) { 173 // Changes backed out for compatibility with Solaris 174 175 // Several AlgorithmId should omit the whole parameter part when 176 // it's NULL. They are --- 177 // RFC 3370 2.1: Implementations SHOULD generate SHA-1 178 // AlgorithmIdentifiers with absent parameters. 179 // RFC 3447 C1: When id-sha1, id-sha224, id-sha256, id-sha384 and 180 // id-sha512 are used in an AlgorithmIdentifier the parameters 181 // (which are optional) SHOULD be omitted. 182 // RFC 3279 2.3.2: The id-dsa algorithm syntax includes optional 183 // domain parameters... When omitted, the parameters component 184 // MUST be omitted entirely 185 // RFC 3370 3.1: When the id-dsa-with-sha1 algorithm identifier 186 // is used, the AlgorithmIdentifier parameters field MUST be absent. 187 /*if ( 188 algid.equals((Object)SHA_oid) || 189 algid.equals((Object)SHA224_oid) || 190 algid.equals((Object)SHA256_oid) || 191 algid.equals((Object)SHA384_oid) || 192 algid.equals((Object)SHA512_oid) || 193 algid.equals((Object)SHA512_224_oid) || 194 algid.equals((Object)SHA512_256_oid) || 195 algid.equals((Object)DSA_oid) || 196 algid.equals((Object)sha1WithDSA_oid)) { 197 ; // no parameter part encoded 198 } else { 199 bytes.putNull(); 200 }*/ 201 if (algid.equals(RSASSA_PSS_oid)) { 202 // RFC 4055 3.3: when an RSASSA-PSS key does not require 203 // parameter validation, field is absent. 204 } else { 205 bytes.putNull(); 206 } 207 } else { 208 bytes.putDerValue(params); 209 } 210 tmp.write(DerValue.tag_Sequence, bytes); 211 out.write(tmp.toByteArray()); 212 } 213 214 215 /** 216 * Returns the DER-encoded X.509 AlgorithmId as a byte array. 217 */ 218 public final byte[] encode() throws IOException { 219 DerOutputStream out = new DerOutputStream(); 220 derEncode(out); 221 return out.toByteArray(); 222 } 223 224 /** 225 * Returns the ISO OID for this algorithm. This is usually converted 226 * to a string and used as part of an algorithm name, for example 227 * "OID.1.3.14.3.2.13" style notation. Use the <code>getName</code> 228 * call when you do not need to ensure cross-system portability 229 * of algorithm names, or need a user friendly name. 230 */ 231 public final ObjectIdentifier getOID () { 232 return algid; 233 } 234 235 /** 236 * Returns a name for the algorithm which may be more intelligible 237 * to humans than the algorithm's OID, but which won't necessarily 238 * be comprehensible on other systems. For example, this might 239 * return a name such as "MD5withRSA" for a signature algorithm on 240 * some systems. It also returns names like "OID.1.2.3.4", when 241 * no particular name for the algorithm is known. 242 */ 243 public String getName() { 244 String algName = nameTable.get(algid); 245 if (algName != null) { 246 return algName; 247 } 248 return (algName == null) ? algid.toString() : algName; 249 } 250 251 public AlgorithmParameters getParameters() { 252 return algParams; 253 } 254 255 /** 256 * Returns the DER encoded parameter, which can then be 257 * used to initialize java.security.AlgorithmParamters. 258 * 259 * @return DER encoded parameters, or null not present. 260 */ 261 public byte[] getEncodedParams() throws IOException { 262 return (params == null) ? null : params.toByteArray(); 263 } 264 265 /** 266 * Returns true iff the argument indicates the same algorithm 267 * with the same parameters. 268 */ 269 public boolean equals(AlgorithmId other) { 270 boolean paramsEqual = Objects.equals(other.params, params); 271 return (algid.equals((Object)other.algid) && paramsEqual); 272 } 273 274 /** 275 * Compares this AlgorithmID to another. If algorithm parameters are 276 * available, they are compared. Otherwise, just the object IDs 277 * for the algorithm are compared. 278 * 279 * @param other preferably an AlgorithmId, else an ObjectIdentifier 280 */ 281 public boolean equals(Object other) { 282 if (this == other) { 283 return true; 284 } 285 if (other instanceof AlgorithmId) { 286 return equals((AlgorithmId) other); 287 } else if (other instanceof ObjectIdentifier) { 288 return equals((ObjectIdentifier) other); 289 } else { 290 return false; 291 } 292 } 293 294 /** 295 * Compares two algorithm IDs for equality. Returns true iff 296 * they are the same algorithm, ignoring algorithm parameters. 297 */ 298 public final boolean equals(ObjectIdentifier id) { 299 return algid.equals((Object)id); 300 } 301 302 /** 303 * Returns a hashcode for this AlgorithmId. 304 * 305 * @return a hashcode for this AlgorithmId. 306 */ 307 public int hashCode() { 308 StringBuilder sbuf = new StringBuilder(); 309 sbuf.append(algid.toString()); 310 sbuf.append(paramsToString()); 311 return sbuf.toString().hashCode(); 312 } 313 314 /** 315 * Provides a human-readable description of the algorithm parameters. 316 * This may be redefined by subclasses which parse those parameters. 317 */ 318 protected String paramsToString() { 319 if (params == null) { 320 return ""; 321 } else if (algParams != null) { 322 return algParams.toString(); 323 } else { 324 return ", params unparsed"; 325 } 326 } 327 328 /** 329 * Returns a string describing the algorithm and its parameters. 330 */ 331 public String toString() { 332 return getName() + paramsToString(); 333 } 334 335 /** 336 * Parse (unmarshal) an ID from a DER sequence input value. This form 337 * parsing might be used when expanding a value which has already been 338 * partially unmarshaled as a set or sequence member. 339 * 340 * @exception IOException on error. 341 * @param val the input value, which contains the algid and, if 342 * there are any parameters, those parameters. 343 * @return an ID for the algorithm. If the system is configured 344 * appropriately, this may be an instance of a class 345 * with some kind of special support for this algorithm. 346 * In that case, you may "narrow" the type of the ID. 347 */ 348 public static AlgorithmId parse(DerValue val) throws IOException { 349 if (val.tag != DerValue.tag_Sequence) { 350 throw new IOException("algid parse error, not a sequence"); 351 } 352 353 /* 354 * Get the algorithm ID and any parameters. 355 */ 356 ObjectIdentifier algid; 357 DerValue params; 358 DerInputStream in = val.toDerInputStream(); 359 360 algid = in.getOID(); 361 if (in.available() == 0) { 362 params = null; 363 } else { 364 params = in.getDerValue(); 365 if (params.tag == DerValue.tag_Null) { 366 if (params.length() != 0) { 367 throw new IOException("invalid NULL"); 368 } 369 params = null; 370 } 371 if (in.available() != 0) { 372 throw new IOException("Invalid AlgorithmIdentifier: extra data"); 373 } 374 // Some implementation uses ecdsa-with-SHA2 as the algorithm and 375 // specifies the hash algorithm in parameters. Here we convert it 376 // directly to a signature algorithm including the hash algorithm. 377 if (algid.equals(specifiedWithECDSA_oid)) { 378 try { 379 AlgorithmId paramsId = AlgorithmId.parse(params); 380 String paramsName = paramsId.getName(); 381 String algName = makeSigAlg(paramsName, "EC"); 382 algid = AlgorithmId.get(algName).getOID(); 383 params = null; 384 } catch (Exception e) { 385 // ignore 386 } 387 } 388 } 389 390 return new AlgorithmId(algid, params); 391 } 392 393 /** 394 * Returns one of the algorithm IDs most commonly associated 395 * with this algorithm name. 396 * 397 * @param algname the name being used 398 * @deprecated use the short get form of this method. 399 * @exception NoSuchAlgorithmException on error. 400 */ 401 @Deprecated 402 public static AlgorithmId getAlgorithmId(String algname) 403 throws NoSuchAlgorithmException { 404 return get(algname); 405 } 406 407 /** 408 * Returns one of the algorithm IDs most commonly associated 409 * with this algorithm name. 410 * 411 * @param algname the name being used 412 * @exception NoSuchAlgorithmException on error. 413 */ 414 public static AlgorithmId get(String algname) 415 throws NoSuchAlgorithmException { 416 ObjectIdentifier oid; 417 try { 418 oid = algOID(algname); 419 } catch (IOException ioe) { 420 throw new NoSuchAlgorithmException 421 ("Invalid ObjectIdentifier " + algname); 422 } 423 424 if (oid == null) { 425 throw new NoSuchAlgorithmException 426 ("unrecognized algorithm name: " + algname); 427 } 428 return new AlgorithmId(oid); 429 } 430 431 /** 432 * Returns one of the algorithm IDs most commonly associated 433 * with this algorithm parameters. 434 * 435 * @param algparams the associated algorithm parameters. 436 * @exception NoSuchAlgorithmException on error. 437 */ 438 public static AlgorithmId get(AlgorithmParameters algparams) 439 throws NoSuchAlgorithmException { 440 ObjectIdentifier oid; 441 String algname = algparams.getAlgorithm(); 442 try { 443 oid = algOID(algname); 444 } catch (IOException ioe) { 445 throw new NoSuchAlgorithmException 446 ("Invalid ObjectIdentifier " + algname); 447 } 448 if (oid == null) { 449 throw new NoSuchAlgorithmException 450 ("unrecognized algorithm name: " + algname); 451 } 452 return new AlgorithmId(oid, algparams); 453 } 454 455 /* 456 * Translates from some common algorithm names to the 457 * OID with which they're usually associated ... this mapping 458 * is the reverse of the one below, except in those cases 459 * where synonyms are supported or where a given algorithm 460 * is commonly associated with multiple OIDs. 461 * 462 * XXX This method needs to be enhanced so that we can also pass the 463 * scope of the algorithm name to it, e.g., the algorithm name "DSA" 464 * may have a different OID when used as a "Signature" algorithm than when 465 * used as a "KeyPairGenerator" algorithm. 466 */ 467 private static ObjectIdentifier algOID(String name) throws IOException { 468 // See if algname is in printable OID ("dot-dot") notation 469 if (name.indexOf('.') != -1) { 470 if (name.startsWith("OID.")) { 471 return new ObjectIdentifier(name.substring("OID.".length())); 472 } else { 473 return new ObjectIdentifier(name); 474 } 475 } 476 477 // Digesting algorithms 478 if (name.equalsIgnoreCase("MD5")) { 479 return AlgorithmId.MD5_oid; 480 } 481 if (name.equalsIgnoreCase("MD2")) { 482 return AlgorithmId.MD2_oid; 483 } 484 if (name.equalsIgnoreCase("SHA") || name.equalsIgnoreCase("SHA1") 485 || name.equalsIgnoreCase("SHA-1")) { 486 return AlgorithmId.SHA_oid; 487 } 488 if (name.equalsIgnoreCase("SHA-256") || 489 name.equalsIgnoreCase("SHA256")) { 490 return AlgorithmId.SHA256_oid; 491 } 492 if (name.equalsIgnoreCase("SHA-384") || 493 name.equalsIgnoreCase("SHA384")) { 494 return AlgorithmId.SHA384_oid; 495 } 496 if (name.equalsIgnoreCase("SHA-512") || 497 name.equalsIgnoreCase("SHA512")) { 498 return AlgorithmId.SHA512_oid; 499 } 500 if (name.equalsIgnoreCase("SHA-224") || 501 name.equalsIgnoreCase("SHA224")) { 502 return AlgorithmId.SHA224_oid; 503 } 504 if (name.equalsIgnoreCase("SHA-512/224") || 505 name.equalsIgnoreCase("SHA512/224")) { 506 return AlgorithmId.SHA512_224_oid; 507 } 508 if (name.equalsIgnoreCase("SHA-512/256") || 509 name.equalsIgnoreCase("SHA512/256")) { 510 return AlgorithmId.SHA512_256_oid; 511 } 512 // Various public key algorithms 513 if (name.equalsIgnoreCase("RSA")) { 514 return AlgorithmId.RSAEncryption_oid; 515 } 516 if (name.equalsIgnoreCase("RSASSA-PSS")) { 517 return AlgorithmId.RSASSA_PSS_oid; 518 } 519 if (name.equalsIgnoreCase("RSAES-OAEP")) { 520 return AlgorithmId.RSAES_OAEP_oid; 521 } 522 if (name.equalsIgnoreCase("Diffie-Hellman") 523 || name.equalsIgnoreCase("DH")) { 524 return AlgorithmId.DH_oid; 525 } 526 if (name.equalsIgnoreCase("DSA")) { 527 return AlgorithmId.DSA_oid; 528 } 529 if (name.equalsIgnoreCase("EC")) { 530 return EC_oid; 531 } 532 if (name.equalsIgnoreCase("ECDH")) { 533 return AlgorithmId.ECDH_oid; 534 } 535 536 // Secret key algorithms 537 if (name.equalsIgnoreCase("AES")) { 538 return AlgorithmId.AES_oid; 539 } 540 541 // Common signature types 542 if (name.equalsIgnoreCase("MD5withRSA") 543 || name.equalsIgnoreCase("MD5/RSA")) { 544 return AlgorithmId.md5WithRSAEncryption_oid; 545 } 546 if (name.equalsIgnoreCase("MD2withRSA") 547 || name.equalsIgnoreCase("MD2/RSA")) { 548 return AlgorithmId.md2WithRSAEncryption_oid; 549 } 550 if (name.equalsIgnoreCase("SHAwithDSA") 551 || name.equalsIgnoreCase("SHA1withDSA") 552 || name.equalsIgnoreCase("SHA/DSA") 553 || name.equalsIgnoreCase("SHA1/DSA") 554 || name.equalsIgnoreCase("DSAWithSHA1") 555 || name.equalsIgnoreCase("DSS") 556 || name.equalsIgnoreCase("SHA-1/DSA")) { 557 return AlgorithmId.sha1WithDSA_oid; 558 } 559 if (name.equalsIgnoreCase("SHA224WithDSA")) { 560 return AlgorithmId.sha224WithDSA_oid; 561 } 562 if (name.equalsIgnoreCase("SHA256WithDSA")) { 563 return AlgorithmId.sha256WithDSA_oid; 564 } 565 if (name.equalsIgnoreCase("SHA1WithRSA") 566 || name.equalsIgnoreCase("SHA1/RSA")) { 567 return AlgorithmId.sha1WithRSAEncryption_oid; 568 } 569 if (name.equalsIgnoreCase("SHA1withECDSA") 570 || name.equalsIgnoreCase("ECDSA")) { 571 return AlgorithmId.sha1WithECDSA_oid; 572 } 573 if (name.equalsIgnoreCase("SHA224withECDSA")) { 574 return AlgorithmId.sha224WithECDSA_oid; 575 } 576 if (name.equalsIgnoreCase("SHA256withECDSA")) { 577 return AlgorithmId.sha256WithECDSA_oid; 578 } 579 if (name.equalsIgnoreCase("SHA384withECDSA")) { 580 return AlgorithmId.sha384WithECDSA_oid; 581 } 582 if (name.equalsIgnoreCase("SHA512withECDSA")) { 583 return AlgorithmId.sha512WithECDSA_oid; 584 } 585 586 return oidTable().get(name.toUpperCase(Locale.ENGLISH)); 587 } 588 589 private static ObjectIdentifier oid(int ... values) { 590 return ObjectIdentifier.newInternal(values); 591 } 592 593 private static volatile Map<String,ObjectIdentifier> oidTable; 594 private static final Map<ObjectIdentifier,String> nameTable; 595 596 /** Returns the oidTable, lazily initializing it on first access. */ 597 private static Map<String,ObjectIdentifier> oidTable() 598 throws IOException { 599 // Double checked locking; safe because oidTable is volatile 600 Map<String,ObjectIdentifier> tab; 601 if ((tab = oidTable) == null) { 602 synchronized (AlgorithmId.class) { 603 if ((tab = oidTable) == null) 604 oidTable = tab = computeOidTable(); 605 } 606 } 607 return tab; 608 } 609 610 /** Collects the algorithm names from the installed providers. */ 611 private static HashMap<String,ObjectIdentifier> computeOidTable() 612 throws IOException { 613 HashMap<String,ObjectIdentifier> tab = new HashMap<>(); 614 for (Provider provider : Security.getProviders()) { 615 for (Object key : provider.keySet()) { 616 String alias = (String)key; 617 String upperCaseAlias = alias.toUpperCase(Locale.ENGLISH); 618 int index; 619 if (upperCaseAlias.startsWith("ALG.ALIAS") && 620 (index=upperCaseAlias.indexOf("OID.", 0)) != -1) { 621 index += "OID.".length(); 622 if (index == alias.length()) { 623 // invalid alias entry 624 break; 625 } 626 String oidString = alias.substring(index); 627 String stdAlgName = provider.getProperty(alias); 628 if (stdAlgName != null) { 629 stdAlgName = stdAlgName.toUpperCase(Locale.ENGLISH); 630 } 631 if (stdAlgName != null && 632 tab.get(stdAlgName) == null) { 633 tab.put(stdAlgName, new ObjectIdentifier(oidString)); 634 } 635 } 636 } 637 } 638 return tab; 639 } 640 641 /*****************************************************************/ 642 643 /* 644 * HASHING ALGORITHMS 645 */ 646 647 /** 648 * Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319. 649 * OID = 1.2.840.113549.2.2 650 */ 651 public static final ObjectIdentifier MD2_oid = 652 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 2, 2}); 653 654 /** 655 * Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321. 656 * OID = 1.2.840.113549.2.5 657 */ 658 public static final ObjectIdentifier MD5_oid = 659 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 2, 5}); 660 661 /** 662 * Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1. 663 * This is sometimes called "SHA", though that is often confusing since 664 * many people refer to FIPS 180 (which has an error) as defining SHA. 665 * OID = 1.3.14.3.2.26. Old SHA-0 OID: 1.3.14.3.2.18. 666 */ 667 public static final ObjectIdentifier SHA_oid = 668 ObjectIdentifier.newInternal(new int[] {1, 3, 14, 3, 2, 26}); 669 670 public static final ObjectIdentifier SHA224_oid = 671 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 4}); 672 673 public static final ObjectIdentifier SHA256_oid = 674 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 1}); 675 676 public static final ObjectIdentifier SHA384_oid = 677 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 2}); 678 679 public static final ObjectIdentifier SHA512_oid = 680 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 3}); 681 682 public static final ObjectIdentifier SHA512_224_oid = 683 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 5}); 684 685 public static final ObjectIdentifier SHA512_256_oid = 686 ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 6}); 687 688 /* 689 * COMMON PUBLIC KEY TYPES 690 */ 691 private static final int[] DH_data = { 1, 2, 840, 113549, 1, 3, 1 }; 692 private static final int[] DH_PKIX_data = { 1, 2, 840, 10046, 2, 1 }; 693 private static final int[] DSA_OIW_data = { 1, 3, 14, 3, 2, 12 }; 694 private static final int[] DSA_PKIX_data = { 1, 2, 840, 10040, 4, 1 }; 695 private static final int[] RSA_data = { 2, 5, 8, 1, 1 }; 696 697 public static final ObjectIdentifier DH_oid; 698 public static final ObjectIdentifier DH_PKIX_oid; 699 public static final ObjectIdentifier DSA_oid; 700 public static final ObjectIdentifier DSA_OIW_oid; 701 public static final ObjectIdentifier EC_oid = oid(1, 2, 840, 10045, 2, 1); 702 public static final ObjectIdentifier ECDH_oid = oid(1, 3, 132, 1, 12); 703 public static final ObjectIdentifier RSA_oid; 704 public static final ObjectIdentifier RSAEncryption_oid = 705 oid(1, 2, 840, 113549, 1, 1, 1); 706 public static final ObjectIdentifier RSAES_OAEP_oid = 707 oid(1, 2, 840, 113549, 1, 1, 7); 708 public static final ObjectIdentifier mgf1_oid = 709 oid(1, 2, 840, 113549, 1, 1, 8); 710 public static final ObjectIdentifier RSASSA_PSS_oid = 711 oid(1, 2, 840, 113549, 1, 1, 10); 712 713 /* 714 * COMMON SECRET KEY TYPES 715 */ 716 public static final ObjectIdentifier AES_oid = 717 oid(2, 16, 840, 1, 101, 3, 4, 1); 718 719 /* 720 * COMMON SIGNATURE ALGORITHMS 721 */ 722 private static final int[] md2WithRSAEncryption_data = 723 { 1, 2, 840, 113549, 1, 1, 2 }; 724 private static final int[] md5WithRSAEncryption_data = 725 { 1, 2, 840, 113549, 1, 1, 4 }; 726 private static final int[] sha1WithRSAEncryption_data = 727 { 1, 2, 840, 113549, 1, 1, 5 }; 728 private static final int[] sha1WithRSAEncryption_OIW_data = 729 { 1, 3, 14, 3, 2, 29 }; 730 private static final int[] sha224WithRSAEncryption_data = 731 { 1, 2, 840, 113549, 1, 1, 14 }; 732 private static final int[] sha256WithRSAEncryption_data = 733 { 1, 2, 840, 113549, 1, 1, 11 }; 734 private static final int[] sha384WithRSAEncryption_data = 735 { 1, 2, 840, 113549, 1, 1, 12 }; 736 private static final int[] sha512WithRSAEncryption_data = 737 { 1, 2, 840, 113549, 1, 1, 13 }; 738 739 private static final int[] shaWithDSA_OIW_data = 740 { 1, 3, 14, 3, 2, 13 }; 741 private static final int[] sha1WithDSA_OIW_data = 742 { 1, 3, 14, 3, 2, 27 }; 743 private static final int[] dsaWithSHA1_PKIX_data = 744 { 1, 2, 840, 10040, 4, 3 }; 745 746 public static final ObjectIdentifier md2WithRSAEncryption_oid; 747 public static final ObjectIdentifier md5WithRSAEncryption_oid; 748 public static final ObjectIdentifier sha1WithRSAEncryption_oid; 749 public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oid; 750 public static final ObjectIdentifier sha224WithRSAEncryption_oid; 751 public static final ObjectIdentifier sha256WithRSAEncryption_oid; 752 public static final ObjectIdentifier sha384WithRSAEncryption_oid; 753 public static final ObjectIdentifier sha512WithRSAEncryption_oid; 754 public static final ObjectIdentifier sha512_224WithRSAEncryption_oid = 755 oid(1, 2, 840, 113549, 1, 1, 15); 756 public static final ObjectIdentifier sha512_256WithRSAEncryption_oid = 757 oid(1, 2, 840, 113549, 1, 1, 16);; 758 759 public static final ObjectIdentifier shaWithDSA_OIW_oid; 760 public static final ObjectIdentifier sha1WithDSA_OIW_oid; 761 public static final ObjectIdentifier sha1WithDSA_oid; 762 public static final ObjectIdentifier sha224WithDSA_oid = 763 oid(2, 16, 840, 1, 101, 3, 4, 3, 1); 764 public static final ObjectIdentifier sha256WithDSA_oid = 765 oid(2, 16, 840, 1, 101, 3, 4, 3, 2); 766 767 public static final ObjectIdentifier sha1WithECDSA_oid = 768 oid(1, 2, 840, 10045, 4, 1); 769 public static final ObjectIdentifier sha224WithECDSA_oid = 770 oid(1, 2, 840, 10045, 4, 3, 1); 771 public static final ObjectIdentifier sha256WithECDSA_oid = 772 oid(1, 2, 840, 10045, 4, 3, 2); 773 public static final ObjectIdentifier sha384WithECDSA_oid = 774 oid(1, 2, 840, 10045, 4, 3, 3); 775 public static final ObjectIdentifier sha512WithECDSA_oid = 776 oid(1, 2, 840, 10045, 4, 3, 4); 777 public static final ObjectIdentifier specifiedWithECDSA_oid = 778 oid(1, 2, 840, 10045, 4, 3); 779 780 /** 781 * Algorithm ID for the PBE encryption algorithms from PKCS#5 and 782 * PKCS#12. 783 */ 784 public static final ObjectIdentifier pbeWithMD5AndDES_oid = 785 ObjectIdentifier.newInternal(new int[]{1, 2, 840, 113549, 1, 5, 3}); 786 public static final ObjectIdentifier pbeWithMD5AndRC2_oid = 787 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 5, 6}); 788 public static final ObjectIdentifier pbeWithSHA1AndDES_oid = 789 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 5, 10}); 790 public static final ObjectIdentifier pbeWithSHA1AndRC2_oid = 791 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 5, 11}); 792 public static ObjectIdentifier pbeWithSHA1AndRC4_128_oid = 793 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 12, 1, 1}); 794 public static ObjectIdentifier pbeWithSHA1AndRC4_40_oid = 795 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 12, 1, 2}); 796 public static ObjectIdentifier pbeWithSHA1AndDESede_oid = 797 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 12, 1, 3}); 798 public static ObjectIdentifier pbeWithSHA1AndRC2_128_oid = 799 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 12, 1, 5}); 800 public static ObjectIdentifier pbeWithSHA1AndRC2_40_oid = 801 ObjectIdentifier.newInternal(new int[] {1, 2, 840, 113549, 1, 12, 1, 6}); 802 803 static { 804 /* 805 * Note the preferred OIDs are named simply with no "OIW" or 806 * "PKIX" in them, even though they may point to data from these 807 * specs; e.g. SHA_oid, DH_oid, DSA_oid, SHA1WithDSA_oid... 808 */ 809 /** 810 * Algorithm ID for Diffie Hellman Key agreement, from PKCS #3. 811 * Parameters include public values P and G, and may optionally specify 812 * the length of the private key X. Alternatively, algorithm parameters 813 * may be derived from another source such as a Certificate Authority's 814 * certificate. 815 * OID = 1.2.840.113549.1.3.1 816 */ 817 DH_oid = ObjectIdentifier.newInternal(DH_data); 818 819 /** 820 * Algorithm ID for the Diffie Hellman Key Agreement (DH), from RFC 3279. 821 * Parameters may include public values P and G. 822 * OID = 1.2.840.10046.2.1 823 */ 824 DH_PKIX_oid = ObjectIdentifier.newInternal(DH_PKIX_data); 825 826 /** 827 * Algorithm ID for the Digital Signing Algorithm (DSA), from the 828 * NIST OIW Stable Agreements part 12. 829 * Parameters may include public values P, Q, and G; or these may be 830 * derived from 831 * another source such as a Certificate Authority's certificate. 832 * OID = 1.3.14.3.2.12 833 */ 834 DSA_OIW_oid = ObjectIdentifier.newInternal(DSA_OIW_data); 835 836 /** 837 * Algorithm ID for the Digital Signing Algorithm (DSA), from RFC 3279. 838 * Parameters may include public values P, Q, and G; or these may be 839 * derived from another source such as a Certificate Authority's 840 * certificate. 841 * OID = 1.2.840.10040.4.1 842 */ 843 DSA_oid = ObjectIdentifier.newInternal(DSA_PKIX_data); 844 845 /** 846 * Algorithm ID for RSA keys used for any purpose, as defined in X.509. 847 * The algorithm parameter is a single value, the number of bits in the 848 * public modulus. 849 * OID = 2.5.8.1.1 850 */ 851 RSA_oid = ObjectIdentifier.newInternal(RSA_data); 852 853 /** 854 * Identifies a signing algorithm where an MD2 digest is encrypted 855 * using an RSA private key; defined in PKCS #1. Use of this 856 * signing algorithm is discouraged due to MD2 vulnerabilities. 857 * OID = 1.2.840.113549.1.1.2 858 */ 859 md2WithRSAEncryption_oid = 860 ObjectIdentifier.newInternal(md2WithRSAEncryption_data); 861 862 /** 863 * Identifies a signing algorithm where an MD5 digest is 864 * encrypted using an RSA private key; defined in PKCS #1. 865 * OID = 1.2.840.113549.1.1.4 866 */ 867 md5WithRSAEncryption_oid = 868 ObjectIdentifier.newInternal(md5WithRSAEncryption_data); 869 870 /** 871 * Identifies a signing algorithm where a SHA1 digest is 872 * encrypted using an RSA private key; defined by RSA DSI. 873 * OID = 1.2.840.113549.1.1.5 874 */ 875 sha1WithRSAEncryption_oid = 876 ObjectIdentifier.newInternal(sha1WithRSAEncryption_data); 877 878 /** 879 * Identifies a signing algorithm where a SHA1 digest is 880 * encrypted using an RSA private key; defined in NIST OIW. 881 * OID = 1.3.14.3.2.29 882 */ 883 sha1WithRSAEncryption_OIW_oid = 884 ObjectIdentifier.newInternal(sha1WithRSAEncryption_OIW_data); 885 886 /** 887 * Identifies a signing algorithm where a SHA224 digest is 888 * encrypted using an RSA private key; defined by PKCS #1. 889 * OID = 1.2.840.113549.1.1.14 890 */ 891 sha224WithRSAEncryption_oid = 892 ObjectIdentifier.newInternal(sha224WithRSAEncryption_data); 893 894 /** 895 * Identifies a signing algorithm where a SHA256 digest is 896 * encrypted using an RSA private key; defined by PKCS #1. 897 * OID = 1.2.840.113549.1.1.11 898 */ 899 sha256WithRSAEncryption_oid = 900 ObjectIdentifier.newInternal(sha256WithRSAEncryption_data); 901 902 /** 903 * Identifies a signing algorithm where a SHA384 digest is 904 * encrypted using an RSA private key; defined by PKCS #1. 905 * OID = 1.2.840.113549.1.1.12 906 */ 907 sha384WithRSAEncryption_oid = 908 ObjectIdentifier.newInternal(sha384WithRSAEncryption_data); 909 910 /** 911 * Identifies a signing algorithm where a SHA512 digest is 912 * encrypted using an RSA private key; defined by PKCS #1. 913 * OID = 1.2.840.113549.1.1.13 914 */ 915 sha512WithRSAEncryption_oid = 916 ObjectIdentifier.newInternal(sha512WithRSAEncryption_data); 917 918 /** 919 * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a 920 * SHA digest is signed using the Digital Signing Algorithm (DSA). 921 * This should not be used. 922 * OID = 1.3.14.3.2.13 923 */ 924 shaWithDSA_OIW_oid = ObjectIdentifier.newInternal(shaWithDSA_OIW_data); 925 926 /** 927 * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a 928 * SHA1 digest is signed using the Digital Signing Algorithm (DSA). 929 * OID = 1.3.14.3.2.27 930 */ 931 sha1WithDSA_OIW_oid = ObjectIdentifier.newInternal(sha1WithDSA_OIW_data); 932 933 /** 934 * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a 935 * SHA1 digest is signed using the Digital Signing Algorithm (DSA). 936 * OID = 1.2.840.10040.4.3 937 */ 938 sha1WithDSA_oid = ObjectIdentifier.newInternal(dsaWithSHA1_PKIX_data); 939 940 nameTable = new HashMap<>(); 941 nameTable.put(MD5_oid, "MD5"); 942 nameTable.put(MD2_oid, "MD2"); 943 nameTable.put(SHA_oid, "SHA-1"); 944 nameTable.put(SHA224_oid, "SHA-224"); 945 nameTable.put(SHA256_oid, "SHA-256"); 946 nameTable.put(SHA384_oid, "SHA-384"); 947 nameTable.put(SHA512_oid, "SHA-512"); 948 nameTable.put(SHA512_224_oid, "SHA-512/224"); 949 nameTable.put(SHA512_256_oid, "SHA-512/256"); 950 nameTable.put(RSAEncryption_oid, "RSA"); 951 nameTable.put(RSA_oid, "RSA"); 952 nameTable.put(DH_oid, "Diffie-Hellman"); 953 nameTable.put(DH_PKIX_oid, "Diffie-Hellman"); 954 nameTable.put(DSA_oid, "DSA"); 955 nameTable.put(DSA_OIW_oid, "DSA"); 956 nameTable.put(EC_oid, "EC"); 957 nameTable.put(ECDH_oid, "ECDH"); 958 959 nameTable.put(AES_oid, "AES"); 960 961 nameTable.put(sha1WithECDSA_oid, "SHA1withECDSA"); 962 nameTable.put(sha224WithECDSA_oid, "SHA224withECDSA"); 963 nameTable.put(sha256WithECDSA_oid, "SHA256withECDSA"); 964 nameTable.put(sha384WithECDSA_oid, "SHA384withECDSA"); 965 nameTable.put(sha512WithECDSA_oid, "SHA512withECDSA"); 966 nameTable.put(md5WithRSAEncryption_oid, "MD5withRSA"); 967 nameTable.put(md2WithRSAEncryption_oid, "MD2withRSA"); 968 nameTable.put(sha1WithDSA_oid, "SHA1withDSA"); 969 nameTable.put(sha1WithDSA_OIW_oid, "SHA1withDSA"); 970 nameTable.put(shaWithDSA_OIW_oid, "SHA1withDSA"); 971 nameTable.put(sha224WithDSA_oid, "SHA224withDSA"); 972 nameTable.put(sha256WithDSA_oid, "SHA256withDSA"); 973 nameTable.put(sha1WithRSAEncryption_oid, "SHA1withRSA"); 974 nameTable.put(sha1WithRSAEncryption_OIW_oid, "SHA1withRSA"); 975 nameTable.put(sha224WithRSAEncryption_oid, "SHA224withRSA"); 976 nameTable.put(sha256WithRSAEncryption_oid, "SHA256withRSA"); 977 nameTable.put(sha384WithRSAEncryption_oid, "SHA384withRSA"); 978 nameTable.put(sha512WithRSAEncryption_oid, "SHA512withRSA"); 979 nameTable.put(sha512_224WithRSAEncryption_oid, "SHA512/224withRSA"); 980 nameTable.put(sha512_256WithRSAEncryption_oid, "SHA512/256withRSA"); 981 nameTable.put(RSASSA_PSS_oid, "RSASSA-PSS"); 982 nameTable.put(RSAES_OAEP_oid, "RSAES-OAEP"); 983 984 nameTable.put(pbeWithMD5AndDES_oid, "PBEWithMD5AndDES"); 985 nameTable.put(pbeWithMD5AndRC2_oid, "PBEWithMD5AndRC2"); 986 nameTable.put(pbeWithSHA1AndDES_oid, "PBEWithSHA1AndDES"); 987 nameTable.put(pbeWithSHA1AndRC2_oid, "PBEWithSHA1AndRC2"); 988 nameTable.put(pbeWithSHA1AndRC4_128_oid, "PBEWithSHA1AndRC4_128"); 989 nameTable.put(pbeWithSHA1AndRC4_40_oid, "PBEWithSHA1AndRC4_40"); 990 nameTable.put(pbeWithSHA1AndDESede_oid, "PBEWithSHA1AndDESede"); 991 nameTable.put(pbeWithSHA1AndRC2_128_oid, "PBEWithSHA1AndRC2_128"); 992 nameTable.put(pbeWithSHA1AndRC2_40_oid, "PBEWithSHA1AndRC2_40"); 993 } 994 995 /** 996 * Creates a signature algorithm name from a digest algorithm 997 * name and a encryption algorithm name. 998 */ 999 public static String makeSigAlg(String digAlg, String encAlg) { 1000 digAlg = digAlg.replace("-", ""); 1001 if (encAlg.equalsIgnoreCase("EC")) encAlg = "ECDSA"; 1002 1003 return digAlg + "with" + encAlg; 1004 } 1005 1006 /** 1007 * Extracts the encryption algorithm name from a signature 1008 * algorithm name. 1009 */ 1010 public static String getEncAlgFromSigAlg(String signatureAlgorithm) { 1011 signatureAlgorithm = signatureAlgorithm.toUpperCase(Locale.ENGLISH); 1012 int with = signatureAlgorithm.indexOf("WITH"); 1013 String keyAlgorithm = null; 1014 if (with > 0) { 1015 int and = signatureAlgorithm.indexOf("AND", with + 4); 1016 if (and > 0) { 1017 keyAlgorithm = signatureAlgorithm.substring(with + 4, and); 1018 } else { 1019 keyAlgorithm = signatureAlgorithm.substring(with + 4); 1020 } 1021 if (keyAlgorithm.equalsIgnoreCase("ECDSA")) { 1022 keyAlgorithm = "EC"; 1023 } 1024 } 1025 return keyAlgorithm; 1026 } 1027 1028 /** 1029 * Extracts the digest algorithm name from a signature 1030 * algorithm name. 1031 */ 1032 public static String getDigAlgFromSigAlg(String signatureAlgorithm) { 1033 signatureAlgorithm = signatureAlgorithm.toUpperCase(Locale.ENGLISH); 1034 int with = signatureAlgorithm.indexOf("WITH"); 1035 if (with > 0) { 1036 return signatureAlgorithm.substring(0, with); 1037 } 1038 return null; 1039 } 1040 1041 /** 1042 * Checks if a signature algorithm matches a key algorithm, i.e. a 1043 * signature can be initialized with a key. 1044 * 1045 * @param kAlg must not be null 1046 * @param sAlg must not be null 1047 * @throws IllegalArgumentException if they do not match 1048 */ 1049 public static void checkKeyAndSigAlgMatch(String kAlg, String sAlg) { 1050 String sAlgUp = sAlg.toUpperCase(Locale.US); 1051 if ((sAlgUp.endsWith("WITHRSA") && !kAlg.equalsIgnoreCase("RSA")) || 1052 (sAlgUp.endsWith("WITHECDSA") && !kAlg.equalsIgnoreCase("EC")) || 1053 (sAlgUp.endsWith("WITHDSA") && !kAlg.equalsIgnoreCase("DSA"))) { 1054 throw new IllegalArgumentException( 1055 "key algorithm not compatible with signature algorithm"); 1056 } 1057 } 1058 1059 /** 1060 * Returns the default signature algorithm for a private key. The digest 1061 * part might evolve with time. Remember to update the spec of 1062 * {@link jdk.security.jarsigner.JarSigner.Builder#getDefaultSignatureAlgorithm(PrivateKey)} 1063 * if updated. 1064 * 1065 * @param k cannot be null 1066 * @return the default alg, might be null if unsupported 1067 */ 1068 public static String getDefaultSigAlgForKey(PrivateKey k) { 1069 switch (k.getAlgorithm().toUpperCase(Locale.ENGLISH)) { 1070 case "EC": 1071 return ecStrength(KeyUtil.getKeySize(k)) 1072 + "withECDSA"; 1073 case "DSA": 1074 return ifcFfcStrength(KeyUtil.getKeySize(k)) 1075 + "withDSA"; 1076 case "RSA": 1077 return ifcFfcStrength(KeyUtil.getKeySize(k)) 1078 + "withRSA"; 1079 default: 1080 return null; 1081 } 1082 } 1083 1084 // Most commonly used PSSParameterSpec and AlgorithmId 1085 private static class PSSParamsHolder { 1086 1087 final static PSSParameterSpec PSS_256_SPEC = new PSSParameterSpec( 1088 "SHA-256", "MGF1", 1089 new MGF1ParameterSpec("SHA-256"), 1090 32, PSSParameterSpec.TRAILER_FIELD_BC); 1091 final static PSSParameterSpec PSS_384_SPEC = new PSSParameterSpec( 1092 "SHA-384", "MGF1", 1093 new MGF1ParameterSpec("SHA-384"), 1094 48, PSSParameterSpec.TRAILER_FIELD_BC); 1095 final static PSSParameterSpec PSS_512_SPEC = new PSSParameterSpec( 1096 "SHA-512", "MGF1", 1097 new MGF1ParameterSpec("SHA-512"), 1098 64, PSSParameterSpec.TRAILER_FIELD_BC); 1099 1100 final static AlgorithmId PSS_256_ID; 1101 final static AlgorithmId PSS_384_ID; 1102 final static AlgorithmId PSS_512_ID; 1103 1104 static { 1105 try { 1106 PSS_256_ID = new AlgorithmId(RSASSA_PSS_oid, 1107 new DerValue(PSSParameters.getEncoded(PSS_256_SPEC))); 1108 PSS_384_ID = new AlgorithmId(RSASSA_PSS_oid, 1109 new DerValue(PSSParameters.getEncoded(PSS_384_SPEC))); 1110 PSS_512_ID = new AlgorithmId(RSASSA_PSS_oid, 1111 new DerValue(PSSParameters.getEncoded(PSS_512_SPEC))); 1112 } catch (IOException e) { 1113 throw new AssertionError("Should not happen", e); 1114 } 1115 } 1116 } 1117 1118 public static AlgorithmId getWithParameterSpec(String algName, 1119 AlgorithmParameterSpec spec) throws NoSuchAlgorithmException { 1120 1121 if (spec == null) { 1122 return AlgorithmId.get(algName); 1123 } else if (spec == PSSParamsHolder.PSS_256_SPEC) { 1124 return PSSParamsHolder.PSS_256_ID; 1125 } else if (spec == PSSParamsHolder.PSS_384_SPEC) { 1126 return PSSParamsHolder.PSS_384_ID; 1127 } else if (spec == PSSParamsHolder.PSS_512_SPEC) { 1128 return PSSParamsHolder.PSS_512_ID; 1129 } else { 1130 try { 1131 AlgorithmParameters result = 1132 AlgorithmParameters.getInstance(algName); 1133 result.init(spec); 1134 return get(result); 1135 } catch (InvalidParameterSpecException | NoSuchAlgorithmException e) { 1136 throw new ProviderException(e); 1137 } 1138 } 1139 } 1140 1141 public static PSSParameterSpec getDefaultAlgorithmParameterSpec( 1142 String sigAlg, PrivateKey k) { 1143 if (sigAlg.equalsIgnoreCase("RSASSA-PSS")) { 1144 switch (ifcFfcStrength(KeyUtil.getKeySize(k))) { 1145 case "SHA256": 1146 return PSSParamsHolder.PSS_256_SPEC; 1147 case "SHA384": 1148 return PSSParamsHolder.PSS_384_SPEC; 1149 case "SHA512": 1150 return PSSParamsHolder.PSS_512_SPEC; 1151 default: 1152 throw new AssertionError("Should not happen"); 1153 } 1154 } else { 1155 return null; 1156 } 1157 } 1158 1159 // Values from SP800-57 part 1 rev 4 tables 2 and 3 1160 private static String ecStrength (int bitLength) { 1161 if (bitLength >= 512) { // 256 bits of strength 1162 return "SHA512"; 1163 } else if (bitLength >= 384) { // 192 bits of strength 1164 return "SHA384"; 1165 } else { // 128 bits of strength and less 1166 return "SHA256"; 1167 } 1168 } 1169 1170 // Same values for RSA and DSA 1171 private static String ifcFfcStrength (int bitLength) { 1172 if (bitLength > 7680) { // 256 bits 1173 return "SHA512"; 1174 } else if (bitLength > 3072) { // 192 bits 1175 return "SHA384"; 1176 } else { // 128 bits and less 1177 return "SHA256"; 1178 } 1179 } 1180 }