summaryrefslogtreecommitdiffstats
path: root/base/util
diff options
context:
space:
mode:
authorChristina Fu <cfu@redhat.com>2016-06-17 15:18:52 -0700
committerChristina Fu <cfu@redhat.com>2016-06-17 17:35:46 -0700
commit158bb22a87832ff2be07ac4b75c8f2927caefd55 (patch)
tree7f750f1533769cda4b383e04eee0abd586d71fd9 /base/util
parent71b6c398227f4f4e36f0eb5c6d5f1f18d533b412 (diff)
downloadpki-158bb22a87832ff2be07ac4b75c8f2927caefd55.tar.gz
pki-158bb22a87832ff2be07ac4b75c8f2927caefd55.tar.xz
pki-158bb22a87832ff2be07ac4b75c8f2927caefd55.zip
Ticket #2346 support SHA384withRSA
This patch adds support for SHA384withRSA signing algorithm.
Diffstat (limited to 'base/util')
-rw-r--r--base/util/src/com/netscape/cmsutil/util/Cert.java2
-rw-r--r--base/util/src/netscape/security/pkcs/PKCS10.java6
-rw-r--r--base/util/src/netscape/security/x509/AlgorithmId.java21
-rwxr-xr-xbase/util/src/netscape/security/x509/X509CRLImpl.java6
4 files changed, 33 insertions, 2 deletions
diff --git a/base/util/src/com/netscape/cmsutil/util/Cert.java b/base/util/src/com/netscape/cmsutil/util/Cert.java
index 7dfc18a5d..0fe558993 100644
--- a/base/util/src/com/netscape/cmsutil/util/Cert.java
+++ b/base/util/src/com/netscape/cmsutil/util/Cert.java
@@ -41,6 +41,8 @@ public class Cert {
return SignatureAlgorithm.DSASignatureWithSHA1Digest;
else if (algname.equals("SHA256withRSA"))
return SignatureAlgorithm.RSASignatureWithSHA256Digest;
+ else if (algname.equals("SHA384withRSA"))
+ return SignatureAlgorithm.RSASignatureWithSHA384Digest;
else if (algname.equals("SHA512withRSA"))
return SignatureAlgorithm.RSASignatureWithSHA512Digest;
else if (algname.equals("SHA1withEC"))
diff --git a/base/util/src/netscape/security/pkcs/PKCS10.java b/base/util/src/netscape/security/pkcs/PKCS10.java
index 4dd9f0f52..0702e8238 100644
--- a/base/util/src/netscape/security/pkcs/PKCS10.java
+++ b/base/util/src/netscape/security/pkcs/PKCS10.java
@@ -181,6 +181,12 @@ public class PKCS10 {
idName = "SHA1/RSA";
else if (idName.equals("SHA1withDSA"))
idName = "SHA1/DSA";
+ else if (idName.equals("SHA256withRSA"))
+ idName = "SHA256/RSA";
+ else if (idName.equals("SHA384withRSA"))
+ idName = "SHA384/RSA";
+ else if (idName.equals("SHA512withRSA"))
+ idName = "SHA512/RSA";
else if (idName.equals("SHA1withEC"))
idName = "SHA1/EC";
else if (idName.equals("SHA256withEC"))
diff --git a/base/util/src/netscape/security/x509/AlgorithmId.java b/base/util/src/netscape/security/x509/AlgorithmId.java
index fa69f77f1..08c9c4f46 100644
--- a/base/util/src/netscape/security/x509/AlgorithmId.java
+++ b/base/util/src/netscape/security/x509/AlgorithmId.java
@@ -329,6 +329,9 @@ public class AlgorithmId implements Serializable, DerEncoder {
if (name.equals("SHA256withRSA") || name.equals("SHA256/RSA")
|| name.equals("1.2.840.113549.1.1.11"))
return AlgorithmId.sha256WithRSAEncryption_oid;
+ if (name.equals("SHA384withRSA") || name.equals("SHA384/RSA")
+ || name.equals("1.2.840.113549.1.1.12"))
+ return AlgorithmId.sha384WithRSAEncryption_oid;
if (name.equals("SHA512withRSA") || name.equals("SHA512/RSA")
|| name.equals("1.2.840.113549.1.1.13"))
return AlgorithmId.sha512WithRSAEncryption_oid;
@@ -364,6 +367,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
return "SHA";
if (algid.equals(AlgorithmId.SHA256_oid))
return "SHA256";
+ if (algid.equals(AlgorithmId.SHA384_oid))
+ return "SHA384";
if (algid.equals(AlgorithmId.SHA512_oid))
return "SHA512";
@@ -399,6 +404,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
return "SHA1withRSA";
if (algid.equals(AlgorithmId.sha256WithRSAEncryption_oid))
return "SHA256withRSA";
+ if (algid.equals(AlgorithmId.sha384WithRSAEncryption_oid))
+ return "SHA384withRSA";
if (algid.equals(AlgorithmId.sha512WithRSAEncryption_oid))
return "SHA512withRSA";
if (algid.equals(AlgorithmId.sha1WithDSA_oid)
@@ -530,6 +537,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
// sha = { 1, 3, 14, 3, 2, 18 };
private static final int SHA1_OIW_data[] = { 1, 3, 14, 3, 2, 26 };
private static final int SHA256_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 };
+ private static final int SHA384_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 2 };
private static final int SHA512_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 };
/**
@@ -553,6 +561,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
public static final ObjectIdentifier SHA_oid = new ObjectIdentifier(SHA1_OIW_data);
public static final ObjectIdentifier SHA256_oid = new ObjectIdentifier(SHA256_data);
+ public static final ObjectIdentifier SHA384_oid = new ObjectIdentifier(SHA384_data);
public static final ObjectIdentifier SHA512_oid = new ObjectIdentifier(SHA512_data);
@@ -651,6 +660,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
{ 1, 2, 840, 113549, 1, 1, 5 };
private static final int sha256WithRSAEncryption_data[] =
{ 1, 2, 840, 113549, 1, 1, 11 };
+ private static final int sha384WithRSAEncryption_data[] =
+ { 1, 2, 840, 113549, 1, 1, 12 };
private static final int sha512WithRSAEncryption_data[] =
{ 1, 2, 840, 113549, 1, 1, 13 };
private static final int sha1WithRSAEncryption_OIW_data[] =
@@ -704,6 +715,12 @@ public class AlgorithmId implements Serializable, DerEncoder {
ObjectIdentifier(sha256WithRSAEncryption_data);
/**
+ * The proper one for sha384/rsa
+ */
+ public static final ObjectIdentifier sha384WithRSAEncryption_oid = new
+ ObjectIdentifier(sha384WithRSAEncryption_data);
+
+ /**
* The proper one for sha512/rsa
*/
public static final ObjectIdentifier sha512WithRSAEncryption_oid = new
@@ -749,7 +766,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
* Supported signing algorithms for a RSA key.
*/
public static final String[] RSA_SIGNING_ALGORITHMS = new String[]
- { "SHA1withRSA", "SHA256withRSA", "SHA512withRSA", "MD5withRSA", "MD2withRSA" };
+ { "SHA1withRSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", "MD5withRSA", "MD2withRSA" };
public static final String[] EC_SIGNING_ALGORITHMS = new String[]
{ "SHA1withEC", "SHA256withEC", "SHA384withEC", "SHA512withEC" };
@@ -759,7 +776,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
*/
public static final String[] ALL_SIGNING_ALGORITHMS = new String[]
{
- "SHA1withRSA", "MD5withRSA", "MD2withRSA", "SHA1withDSA", "SHA256withRSA", "SHA512withRSA", "SHA1withEC",
+ "SHA1withRSA", "MD5withRSA", "MD2withRSA", "SHA1withDSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", "SHA1withEC",
"SHA256withEC", "SHA384withEC", "SHA512withEC" };
}
diff --git a/base/util/src/netscape/security/x509/X509CRLImpl.java b/base/util/src/netscape/security/x509/X509CRLImpl.java
index c48f39050..e8e039034 100755
--- a/base/util/src/netscape/security/x509/X509CRLImpl.java
+++ b/base/util/src/netscape/security/x509/X509CRLImpl.java
@@ -415,6 +415,12 @@ public class X509CRLImpl extends X509CRL {
sigAlg = "SHA1/DSA";
} else if (sigAlg.equals("SHA1withEC")) {
sigAlg = "SHA1/EC";
+ } else if (sigAlg.equals("SHA256withRSA")) {
+ sigAlg = "SHA256/RSA";
+ } else if (sigAlg.equals("SHA384withRSA")) {
+ sigAlg = "SHA384/RSA";
+ } else if (sigAlg.equals("SHA512withRSA")) {
+ sigAlg = "SHA512/RSA";
} else if (sigAlg.equals("SHA256withEC")) {
sigAlg = "SHA256/EC";
} else if (sigAlg.equals("SHA384withEC")) {
generated by cgit (git 2.34.1) at 2024-09-27 05:33:58 +0000