summaryrefslogtreecommitdiffstats
path: root/base/common/src/com
diff options
context:
space:
mode:
authorChristina Fu <cfu@redhat.com>2013-09-10 11:51:54 -0700
committerChristina Fu <cfu@redhat.com>2013-09-10 11:51:54 -0700
commit4db22ab18f4ff17c1dd6dd5b9fa0227016eb7287 (patch)
treea6f00367a09bb706cf3b12562392f0c1fc4ac027 /base/common/src/com
parent04b71d19af2c0b49c9601996d30d96c8de32a944 (diff)
Bug 1005025 - Unable to view Curve details of ECC Cert request from Agent interface
Diffstat (limited to 'base/common/src/com')
-rw-r--r--base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java327
-rw-r--r--base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java8
2 files changed, 12 insertions, 323 deletions
diff --git a/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java
index 20ea9a996..3e07ca307 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java
@@ -19,7 +19,6 @@ package com.netscape.cms.profile.constraint;
import java.math.BigInteger;
import java.security.interfaces.DSAParams;
-import java.util.HashMap;
import java.util.Locale;
import java.util.Vector;
@@ -42,6 +41,7 @@ import com.netscape.certsrv.property.IDescriptor;
import com.netscape.certsrv.request.IRequest;
import com.netscape.cms.profile.def.NoDefault;
import com.netscape.cms.profile.def.UserKeyDefault;
+import com.netscape.cmsutil.crypto.CryptoUtil;
/**
* This constraint is to check the key type and
@@ -55,308 +55,6 @@ public class KeyConstraint extends EnrollConstraint {
public static final String CONFIG_KEY_TYPE = "keyType"; // (EC, RSA)
public static final String CONFIG_KEY_PARAMETERS = "keyParameters";
- private static final String[] ecCurves = {
- "nistp256", "nistp384", "nistp521", "sect163k1", "nistk163", "sect163r1", "sect163r2",
- "nistb163", "sect193r1", "sect193r2", "sect233k1", "nistk233", "sect233r1", "nistb233", "sect239k1",
- "sect283k1", "nistk283",
- "sect283r1", "nistb283", "sect409k1", "nistk409", "sect409r1", "nistb409", "sect571k1", "nistk571",
- "sect571r1", "nistb571",
- "secp160k1", "secp160r1", "secp160r2", "secp192k1", "secp192r1", "nistp192", "secp224k1", "secp224r1",
- "nistp224", "secp256k1",
- "secp256r1", "secp384r1", "secp521r1", "prime192v1", "prime192v2", "prime192v3", "prime239v1",
- "prime239v2", "prime239v3", "c2pnb163v1",
- "c2pnb163v2", "c2pnb163v3", "c2pnb176v1", "c2tnb191v1", "c2tnb191v2", "c2tnb191v3", "c2pnb208w1",
- "c2tnb239v1", "c2tnb239v2", "c2tnb239v3",
- "c2pnb272w1", "c2pnb304w1", "c2tnb359w1", "c2pnb368w1", "c2tnb431r1", "secp112r1", "secp112r2",
- "secp128r1", "secp128r2", "sect113r1", "sect113r2",
- "sect131r1", "sect131r2"
- };
-
- private final static HashMap<String, Vector<String>> ecOIDs = new HashMap<String, Vector<String>>();
- static {
- ecOIDs.put("1.2.840.10045.3.1.7", new Vector<String>() {
- {
- add("nistp256");
- add("secp256r1");
- }
- });
- ecOIDs.put("1.3.132.0.34", new Vector<String>() {
- {
- add("nistp384");
- add("secp384r1");
- }
- });
- ecOIDs.put("1.3.132.0.35", new Vector<String>() {
- {
- add("nistp521");
- add("secp521r1");
- }
- });
- ecOIDs.put("1.3.132.0.1", new Vector<String>() {
- {
- add("sect163k1");
- add("nistk163");
- }
- });
- ecOIDs.put("1.3.132.0.2", new Vector<String>() {
- {
- add("sect163r1");
- }
- });
- ecOIDs.put("1.3.132.0.15", new Vector<String>() {
- {
- add("sect163r2");
- add("nistb163");
- }
- });
- ecOIDs.put("1.3.132.0.24", new Vector<String>() {
- {
- add("sect193r1");
- }
- });
- ecOIDs.put("1.3.132.0.25", new Vector<String>() {
- {
- add("sect193r2");
- }
- });
- ecOIDs.put("1.3.132.0.26", new Vector<String>() {
- {
- add("sect233k1");
- add("nistk233");
- }
- });
- ecOIDs.put("1.3.132.0.27", new Vector<String>() {
- {
- add("sect233r1");
- add("nistb233");
- }
- });
- ecOIDs.put("1.3.132.0.3", new Vector<String>() {
- {
- add("sect239k1");
- }
- });
- ecOIDs.put("1.3.132.0.16", new Vector<String>() {
- {
- add("sect283k1");
- add("nistk283");
- }
- });
- ecOIDs.put("1.3.132.0.17", new Vector<String>() {
- {
- add("sect283r1");
- add("nistb283");
- }
- });
- ecOIDs.put("1.3.132.0.36", new Vector<String>() {
- {
- add("sect409k1");
- add("nistk409");
- }
- });
- ecOIDs.put("1.3.132.0.37", new Vector<String>() {
- {
- add("sect409r1");
- add("nistb409");
- }
- });
- ecOIDs.put("1.3.132.0.38", new Vector<String>() {
- {
- add("sect571k1");
- add("nistk571");
- }
- });
- ecOIDs.put("1.3.132.0.39", new Vector<String>() {
- {
- add("sect571r1");
- add("nistb571");
- }
- });
- ecOIDs.put("1.3.132.0.9", new Vector<String>() {
- {
- add("secp160k1");
- }
- });
- ecOIDs.put("1.3.132.0.8", new Vector<String>() {
- {
- add("secp160r1");
- }
- });
- ecOIDs.put("1.3.132.0.30", new Vector<String>() {
- {
- add("secp160r2");
- }
- });
- ecOIDs.put("1.3.132.0.31", new Vector<String>() {
- {
- add("secp192k1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.1.1", new Vector<String>() {
- {
- add("secp192r1");
- add("nistp192");
- add("prime192v1");
- }
- });
- ecOIDs.put("1.3.132.0.32", new Vector<String>() {
- {
- add("secp224k1");
- }
- });
- ecOIDs.put("1.3.132.0.33", new Vector<String>() {
- {
- add("secp224r1");
- add("nistp224");
- }
- });
- ecOIDs.put("1.3.132.0.10", new Vector<String>() {
- {
- add("secp256k1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.1.2", new Vector<String>() {
- {
- add("prime192v2");
- }
- });
- ecOIDs.put("1.2.840.10045.3.1.3", new Vector<String>() {
- {
- add("prime192v3");
- }
- });
- ecOIDs.put("1.2.840.10045.3.1.4", new Vector<String>() {
- {
- add("prime239v1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.1.5", new Vector<String>() {
- {
- add("prime239v2");
- }
- });
- ecOIDs.put("1.2.840.10045.3.1.6", new Vector<String>() {
- {
- add("prime239v3");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.1", new Vector<String>() {
- {
- add("c2pnb163v1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.2", new Vector<String>() {
- {
- add("c2pnb163v2");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.3", new Vector<String>() {
- {
- add("c2pnb163v3");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.4", new Vector<String>() {
- {
- add("c2pnb176v1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.5", new Vector<String>() {
- {
- add("c2tnb191v1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.6", new Vector<String>() {
- {
- add("c2tnb191v2");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.7", new Vector<String>() {
- {
- add("c2tnb191v3");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.10", new Vector<String>() {
- {
- add("c2pnb208w1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.11", new Vector<String>() {
- {
- add("c2tnb239v1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.12", new Vector<String>() {
- {
- add("c2tnb239v2");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.13", new Vector<String>() {
- {
- add("c2tnb239v3");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.16", new Vector<String>() {
- {
- add("c2pnb272w1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.17", new Vector<String>() {
- {
- add("c2pnb304w1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.19", new Vector<String>() {
- {
- add("c2pnb368w1");
- }
- });
- ecOIDs.put("1.2.840.10045.3.0.20", new Vector<String>() {
- {
- add("c2tnb431r1");
- }
- });
- ecOIDs.put("1.3.132.0.6", new Vector<String>() {
- {
- add("secp112r1");
- }
- });
- ecOIDs.put("1.3.132.0.7", new Vector<String>() {
- {
- add("secp112r2");
- }
- });
- ecOIDs.put("1.3.132.0.28", new Vector<String>() {
- {
- add("secp128r1");
- }
- });
- ecOIDs.put("1.3.132.0.29", new Vector<String>() {
- {
- add("secp128r2");
- }
- });
- ecOIDs.put("1.3.132.0.4", new Vector<String>() {
- {
- add("sect113r1");
- }
- });
- ecOIDs.put("1.3.132.0.5", new Vector<String>() {
- {
- add("sect113r2");
- }
- });
- ecOIDs.put("1.3.132.0.22", new Vector<String>() {
- {
- add("sect131r1");
- }
- });
- ecOIDs.put("1.3.132.0.23", new Vector<String>() {
- {
- add("sect131r2");
- }
- });
- }
-
private static String[] cfgECCurves = null;
private static String keyType = "";
private static String keyParams = "";
@@ -450,24 +148,7 @@ public class KeyConstraint extends EnrollConstraint {
value));
}
- AlgorithmId algid = key.getAlgorithmId();
-
- CMS.debug("algId: " + algid);
-
- //Get raw string representation of alg parameters, will give
- //us the curve OID.
-
- String params = null;
- if (algid != null) {
- params = algid.getParametersString();
- }
-
- if (params.startsWith("OID.")) {
- params = params.substring(4);
- }
-
- CMS.debug("EC key OID: " + params);
- Vector<String> vect = ecOIDs.get(params);
+ Vector vect = CryptoUtil.getECKeyCurve(key);
boolean curveFound = false;
@@ -593,7 +274,7 @@ public class KeyConstraint extends EnrollConstraint {
if (keyType.equals("EC")) {
if (cfgECCurves == null) {
//Use the static array as a backup if the config values are not present.
- isECCurve = arrayContainsString(ecCurves, params[i]);
+ isECCurve = arrayContainsString(CryptoUtil.getECcurves(), params[i]);
} else {
isECCurve = arrayContainsString(cfgECCurves, params[i]);
}
@@ -608,7 +289,7 @@ public class KeyConstraint extends EnrollConstraint {
keySize = Integer.parseInt(params[i]);
} catch (Exception e) {
if (isOptional(keyType)) {
- isECCurve = arrayContainsString(ecCurves, params[i]);
+ isECCurve = arrayContainsString(CryptoUtil.getECcurves(), params[i]);
}
keySize = 0;
}
diff --git a/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java b/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java
index f6bc488b2..62b8e6471 100644
--- a/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java
@@ -21,6 +21,7 @@ import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.interfaces.DSAParams;
import java.util.Locale;
+import java.util.Vector;
import netscape.security.provider.DSAPublicKey;
import netscape.security.provider.RSAPublicKey;
@@ -38,6 +39,7 @@ import com.netscape.certsrv.property.Descriptor;
import com.netscape.certsrv.property.EPropertyException;
import com.netscape.certsrv.property.IDescriptor;
import com.netscape.certsrv.request.IRequest;
+import com.netscape.cmsutil.crypto.CryptoUtil;
/**
* This class implements an enrollment default policy
@@ -144,6 +146,12 @@ public class UserKeyDefault extends EnrollDefault {
try {
if (k.getAlgorithm().equals("RSA")) {
return Integer.toString(getRSAKeyLen(k));
+ } else if (k.getAlgorithm().equals("EC")) {
+ Vector vect = CryptoUtil.getECKeyCurve(k);
+ if (vect != null)
+ return vect.toString();
+ else
+ return null;
} else {
return Integer.toString(getDSAKeyLen(k));
}
generated by cgit (git 2.34.1) at 2026-03-20 04:43:43 +0000