1 /*
2 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
37
38 public enum SignatureType {
39 RSA("RSA"),
40 RSASSA_PSS("RSASSA-PSS")
41 ;
42
43 private String keyAlg;
44
45 SignatureType(String keyAlg) {
46 this.keyAlg = keyAlg;
47 }
48 @Override
49 public String toString() {
50 return keyAlg;
51 }
52 }
53
54 // collection of all supported digest algorithms
55 // note that the entries are ordered by required key sizes
56 private static final String[] DIGEST_ALGS = {
57 "SHA-512",
58 "SHA-384",
59 "SHA-256",
60 "SHA-512/256",
61 "SHA-224",
62 "SHA-512/224",
63 "SHA-1",
64 "MD2", "MD5" // these aren't supported by RSA PSS
65 };
66
67 // indice for message digest algorithms lookup
68 // may need to be adjusted if new algorithms are added
69 private static final int PKCS1_5_INDEX_768 = 0;
70 private static final int PKCS1_5_INDEX_512 = 2;
71 private static final int PKCS1_5_INDEX_END = DIGEST_ALGS.length;
72 private static final int PSS_INDEX_2048 = 0;
73 private static final int PSS_INDEX_1024 = 1;
74 private static final int PSS_INDEX_768 = 2;
75 private static final int PSS_INDEX_512 = 4;
76 private static final int PSS_INDEX_END = 7;
77
78 public static Iterable<String> getDigestAlgorithms(SignatureType type,
79 int keysize) throws RuntimeException {
80
81 // initialize to all, then trim based on key size
82 List<String> result = new ArrayList<>(Arrays.asList(DIGEST_ALGS));
83 int index = 0;
84 switch (type) {
85 case RSA:
86 if (keysize >= 768) {
87 index = PKCS1_5_INDEX_768;
88 } else if (keysize >= 512) {
89 index = PKCS1_5_INDEX_512;
90 } else {
91 throw new RuntimeException("Keysize too small: " + keysize);
92 }
93 result = result.subList(index, PKCS1_5_INDEX_END);
94 break;
95 case RSASSA_PSS:
96 if (keysize >= 2048) {
118 // only RSASSA-PSS signature uses parameters
119 switch (type) {
120 case RSASSA_PSS:
121 try {
122 MessageDigest md = MessageDigest.getInstance(mdAlg);
123 return new PSSParameterSpec(mdAlg, "MGF1",
124 new MGF1ParameterSpec(mdAlg), md.getDigestLength(),
125 PSSParameterSpec.TRAILER_FIELD_BC);
126 } catch (Exception e) {
127 throw new RuntimeException(e);
128 }
129 default:
130 return null;
131 }
132 }
133
134 public static String generateSigAlg(SignatureType type,
135 String mdAlg) throws RuntimeException {
136 switch (type) {
137 case RSA:
138 int idx = mdAlg.indexOf("-");
139 if (idx != -1) {
140 mdAlg = mdAlg.substring(0, idx) + mdAlg.substring(idx+1);
141 }
142 return mdAlg + "with" + type.toString();
143 case RSASSA_PSS:
144 return type.toString();
145 default:
146 throw new RuntimeException("Unsupported signature type " + type );
147 }
148 }
149
150 }
|
1 /*
2 * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
37
38 public enum SignatureType {
39 RSA("RSA"),
40 RSASSA_PSS("RSASSA-PSS")
41 ;
42
43 private String keyAlg;
44
45 SignatureType(String keyAlg) {
46 this.keyAlg = keyAlg;
47 }
48 @Override
49 public String toString() {
50 return keyAlg;
51 }
52 }
53
54 // collection of all supported digest algorithms
55 // note that the entries are ordered by required key sizes
56 private static final String[] DIGEST_ALGS = {
57 "SHA3-512",
58 "SHA-512",
59 "SHA3-384",
60 "SHA-384",
61 "SHA3-256",
62 "SHA-256",
63 "SHA-512/256",
64 "SHA3-224",
65 "SHA-224",
66 "SHA-512/224",
67 "SHA-1",
68 "MD2", "MD5" // these aren't supported by RSA PSS
69 };
70
71 // indice for message digest algorithms lookup
72 // may need to be adjusted if new algorithms are added
73 private static final int PKCS1_5_INDEX_768 = 0; // 512, 384-bit digests
74 private static final int PKCS1_5_INDEX_512 = 4; // 256-bit digests
75 private static final int PKCS1_5_INDEX_END = DIGEST_ALGS.length;
76 private static final int PSS_INDEX_2048 = 0; // 512-bit digests
77 private static final int PSS_INDEX_1024 = 2; // 384-bit digests
78 private static final int PSS_INDEX_768 = 4; // 256-bit digests
79 private static final int PSS_INDEX_512 = 7; // 224-bit digests
80 private static final int PSS_INDEX_END = DIGEST_ALGS.length - 2;
81
82 public static Iterable<String> getDigestAlgorithms(SignatureType type,
83 int keysize) throws RuntimeException {
84
85 // initialize to all, then trim based on key size
86 List<String> result = new ArrayList<>(Arrays.asList(DIGEST_ALGS));
87 int index = 0;
88 switch (type) {
89 case RSA:
90 if (keysize >= 768) {
91 index = PKCS1_5_INDEX_768;
92 } else if (keysize >= 512) {
93 index = PKCS1_5_INDEX_512;
94 } else {
95 throw new RuntimeException("Keysize too small: " + keysize);
96 }
97 result = result.subList(index, PKCS1_5_INDEX_END);
98 break;
99 case RSASSA_PSS:
100 if (keysize >= 2048) {
122 // only RSASSA-PSS signature uses parameters
123 switch (type) {
124 case RSASSA_PSS:
125 try {
126 MessageDigest md = MessageDigest.getInstance(mdAlg);
127 return new PSSParameterSpec(mdAlg, "MGF1",
128 new MGF1ParameterSpec(mdAlg), md.getDigestLength(),
129 PSSParameterSpec.TRAILER_FIELD_BC);
130 } catch (Exception e) {
131 throw new RuntimeException(e);
132 }
133 default:
134 return null;
135 }
136 }
137
138 public static String generateSigAlg(SignatureType type,
139 String mdAlg) throws RuntimeException {
140 switch (type) {
141 case RSA:
142 if (mdAlg.startsWith("SHA-")) {
143 mdAlg = mdAlg.substring(0, 3) + mdAlg.substring(4);
144 }
145 return mdAlg + "with" + type.toString();
146 case RSASSA_PSS:
147 return type.toString();
148 default:
149 throw new RuntimeException("Unsupported signature type " + type );
150 }
151 }
152
153 }
|