diff options
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/AlgorithmId.java')
| -rw-r--r-- | pki/base/util/src/netscape/security/x509/AlgorithmId.java | 785 |
1 files changed, 365 insertions, 420 deletions
diff --git a/pki/base/util/src/netscape/security/x509/AlgorithmId.java b/pki/base/util/src/netscape/security/x509/AlgorithmId.java index 289262615..ca58d9e6b 100644 --- a/pki/base/util/src/netscape/security/x509/AlgorithmId.java +++ b/pki/base/util/src/netscape/security/x509/AlgorithmId.java @@ -31,24 +31,19 @@ import netscape.security.util.ObjectIdentifier; /** * This class identifies algorithms, such as cryptographic transforms, each - * of which may be associated with parameters. Instances of this base class + * of which may be associated with parameters. Instances of this base class * are used when this runtime environment has no special knowledge of the - * algorithm type, and may also be used in other cases. Equivalence is + * algorithm type, and may also be used in other cases. Equivalence is * defined according to OID and (where relevant) parameters. - * - * <P>Subclasses may be used, for example when when the algorithm ID has - * associated parameters which some code (e.g. code using public keys) needs - * to have parsed. Two examples of such algorithms are Diffie-Hellman key - * exchange, and the Digital Signature Standard Algorithm (DSS/DSA). - * - * <P>The OID constants defined in this class correspond to some widely - * used algorithms, for which conventional string names have been defined. - * This class is not a general repository for OIDs, or for such string names. - * Note that the mappings between algorithm IDs and algorithm names is - * not one-to-one. - * + * + * <P> + * Subclasses may be used, for example when when the algorithm ID has associated parameters which some code (e.g. code using public keys) needs to have parsed. Two examples of such algorithms are Diffie-Hellman key exchange, and the Digital Signature Standard Algorithm (DSS/DSA). + * + * <P> + * The OID constants defined in this class correspond to some widely used algorithms, for which conventional string names have been defined. This class is not a general repository for OIDs, or for such string names. Note that the mappings between algorithm IDs and algorithm names is not one-to-one. + * * @version 1.70 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -64,110 +59,104 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * The object identitifer being used for this algorithm. */ - private ObjectIdentifier algid = null; + private ObjectIdentifier algid = null; // The (parsed) parameters private AlgorithmParameters algParams; /** - * Parameters for this algorithm. These are stored in unparsed + * Parameters for this algorithm. These are stored in unparsed * DER-encoded form; subclasses can be made to automaticaly parse * them so there is fast access to these parameters. */ - protected DerValue params = null; + protected DerValue params = null; - - protected String paramsString = null; + protected String paramsString = null; /** * Returns one of the algorithm IDs most commonly associated * with this algorithm name. - * + * * @param algname the name being used * @deprecated use the short get form of this method. * @exception NoSuchAlgorithmException on error. */ - public static AlgorithmId getAlgorithmId(String algname) - throws NoSuchAlgorithmException - { - return get(algname); + public static AlgorithmId getAlgorithmId(String algname) + throws NoSuchAlgorithmException { + return get(algname); } public AlgorithmParameters getParameters() { - return this.algParams; + return this.algParams; } public String getParametersString() { return this.paramsString; } - public void setParametersString(String paramStr) { + public void setParametersString(String paramStr) { this.paramsString = paramStr; } - + /** * Returns one of the algorithm IDs most commonly associated * with this algorithm name. - * + * * @param algname the name being used * @exception NoSuchAlgorithmException on error. */ - public static AlgorithmId get(String algname) - throws NoSuchAlgorithmException - { - ObjectIdentifier oid = algOID(algname); + public static AlgorithmId get(String algname) + throws NoSuchAlgorithmException { + ObjectIdentifier oid = algOID(algname); - if (oid == null) - throw new NoSuchAlgorithmException - ("unrecognized algorithm name: " + algname); + if (oid == null) + throw new NoSuchAlgorithmException("unrecognized algorithm name: " + algname); - return new AlgorithmId(oid); + return new AlgorithmId(oid); } /** - * Parse (unmarshal) an ID from a DER sequence input value. This form + * Parse (unmarshal) an ID from a DER sequence input value. This form * parsing might be used when expanding a value which has already been * partially unmarshaled as a set or sequence member. - * + * * @exception IOException on error. * @param val the input value, which contains the algid and, if - * there are any parameters, those parameters. - * @return an ID for the algorithm. If the system is configured - * appropriately, this may be an instance of a class - * with some kind of special support for this algorithm. - * In that case, you may "narrow" the type of the ID. + * there are any parameters, those parameters. + * @return an ID for the algorithm. If the system is configured + * appropriately, this may be an instance of a class + * with some kind of special support for this algorithm. + * In that case, you may "narrow" the type of the ID. */ public static AlgorithmId parse(DerValue val) - throws IOException - { - if (val.tag != DerValue.tag_Sequence) - throw new IOException("algid parse error, not a sequence"); - - /* - * Get the algorithm ID and any parameters. - */ - ObjectIdentifier algid; - DerValue params; - DerInputStream in = val.toDerInputStream(); - - algid = in.getOID(); - if (in.available() == 0) - params = null; - else { - params = in.getDerValue(); - if (params.tag == DerValue.tag_Null) - params = null; - } - - /* - * Figure out what class (if any) knows about this oid's - * parameters. Make one, and give it the data to decode. - */ - AlgorithmId alg = new AlgorithmId(algid, params); - if (params != null) - alg.decodeParams(); + throws IOException { + if (val.tag != DerValue.tag_Sequence) + throw new IOException("algid parse error, not a sequence"); + /* + * Get the algorithm ID and any parameters. + */ + ObjectIdentifier algid; + DerValue params; + DerInputStream in = val.toDerInputStream(); + + algid = in.getOID(); + if (in.available() == 0) + params = null; + else { + params = in.getDerValue(); + if (params.tag == DerValue.tag_Null) + params = null; + } + + /* + * Figure out what class (if any) knows about this oid's + * parameters. Make one, and give it the data to decode. + */ + AlgorithmId alg = new AlgorithmId(algid, params); + if (params != null) + alg.decodeParams(); /* * Set the raw params string in case @@ -176,130 +165,125 @@ public class AlgorithmId implements Serializable, DerEncoder { String paramStr = null; - if ( params != null ) { + if (params != null) { paramStr = params.toString(); } alg.setParametersString(paramStr); - return alg; + return alg; + } + + public static AlgorithmId parse(byte[] val) + throws IOException { + return null; } - public static AlgorithmId parse(byte[] val) - throws IOException - { - return null; - } - /** * Constructs a parameterless algorithm ID. - * + * * @param oid the identifier for the algorithm */ public AlgorithmId(ObjectIdentifier oid) { - algid = oid; + algid = oid; } - private AlgorithmId(ObjectIdentifier oid, DerValue params) - throws IOException { - this.algid = oid; - this.params = params; + throws IOException { + this.algid = oid; + this.params = params; if (this.params != null) - decodeParams(); + decodeParams(); } - /** * Constructs an algorithm ID which will be initialized * separately, for example by deserialization. + * * @deprecated use one of the other constructors. */ - public AlgorithmId() { } - + public AlgorithmId() { + } protected void decodeParams() throws IOException { - try { - this.algParams = AlgorithmParameters.getInstance - (this.algid.toString()); - } catch (NoSuchAlgorithmException e) { - /* - * This algorithm parameter type is not supported, so we cannot - * parse the parameters. - */ - this.algParams = null; - return; - } - // Decode (parse) the parameters - this.algParams.init(this.params.toByteArray()); + try { + this.algParams = AlgorithmParameters.getInstance + (this.algid.toString()); + } catch (NoSuchAlgorithmException e) { + /* + * This algorithm parameter type is not supported, so we cannot + * parse the parameters. + */ + this.algParams = null; + return; + } + // Decode (parse) the parameters + this.algParams.init(this.params.toByteArray()); } /** * Marshal a DER-encoded "AlgorithmID" sequence on the DER stream. */ public final void encode(DerOutputStream out) - throws IOException - { - derEncode(out); + throws IOException { + derEncode(out); } /** * DER encode this object onto an output stream. * Implements the <code>DerEncoder</code> interface. - * - * @param out - * the output stream on which to write the DER encoding. - * + * + * @param out + * the output stream on which to write the DER encoding. + * * @exception IOException on encoding error. */ - public void derEncode (OutputStream out) throws IOException - { - DerOutputStream bytes = new DerOutputStream(); - DerOutputStream tmp = new DerOutputStream(); - - bytes.putOID(algid); - if (params == null) - bytes.putNull(); - else - bytes.putDerValue(params); - tmp.write(DerValue.tag_Sequence, bytes); - out.write(tmp.toByteArray()); + public void derEncode(OutputStream out) throws IOException { + DerOutputStream bytes = new DerOutputStream(); + DerOutputStream tmp = new DerOutputStream(); + + bytes.putOID(algid); + if (params == null) + bytes.putNull(); + else + bytes.putDerValue(params); + tmp.write(DerValue.tag_Sequence, bytes); + out.write(tmp.toByteArray()); } -// XXXX cleaning required + // XXXX cleaning required /** * Returns the DER-encoded X.509 AlgorithmId as a byte array. */ - public final byte[] encode() throws IOException - { - DerOutputStream out = new DerOutputStream (); - DerOutputStream bytes = new DerOutputStream (); - - bytes.putOID(algid); - if (params == null) - bytes.putNull(); - else - bytes.putDerValue(params); - out.write(DerValue.tag_Sequence, bytes); - return out.toByteArray(); + public final byte[] encode() throws IOException { + DerOutputStream out = new DerOutputStream(); + DerOutputStream bytes = new DerOutputStream(); + + bytes.putOID(algid); + if (params == null) + bytes.putNull(); + else + bytes.putDerValue(params); + out.write(DerValue.tag_Sequence, bytes); + return out.toByteArray(); } /** - * Returns list of signing algorithms for a key algorithm such as - * RSA or DSA. + * Returns list of signing algorithms for a key algorithm such as + * RSA or DSA. */ public static String[] getSigningAlgorithms(AlgorithmId alg) { - ObjectIdentifier algOid = alg.getOID(); - //System.out.println("Key Alg oid "+algOid.toString()); - if (algOid.equals(DSA_oid) || algOid.equals(DSA_OIW_oid)) { - return DSA_SIGNING_ALGORITHMS; - } else if (algOid.equals(RSA_oid) || algOid.equals(RSAEncryption_oid)) { - return RSA_SIGNING_ALGORITHMS; - } else if (algOid.equals(ANSIX962_EC_Public_Key_oid) || algOid.equals(ANSIX962_SHA1_With_EC_oid)) { - return EC_SIGNING_ALGORITHMS; - } else { - return null; - } + ObjectIdentifier algOid = alg.getOID(); + //System.out.println("Key Alg oid "+algOid.toString()); + if (algOid.equals(DSA_oid) || algOid.equals(DSA_OIW_oid)) { + return DSA_SIGNING_ALGORITHMS; + } else if (algOid.equals(RSA_oid) || algOid.equals(RSAEncryption_oid)) { + return RSA_SIGNING_ALGORITHMS; + } else if (algOid.equals(ANSIX962_EC_Public_Key_oid) || algOid.equals(ANSIX962_SHA1_With_EC_oid)) { + return EC_SIGNING_ALGORITHMS; + } else { + return null; + } } /* @@ -309,66 +293,65 @@ public class AlgorithmId implements Serializable, DerEncoder { * where synonyms are supported or where a given algorithm * is commonly associated with multiple OIDs. */ - private static ObjectIdentifier algOID (String name) - { - // Digesting algorithms - - if (name.equals ("MD5")) - return AlgorithmId.MD5_oid; - if (name.equals ("MD2")) - return AlgorithmId.MD2_oid; - if (name.equals ("SHA") || name.equals ("SHA1") - || name.equals("SHA-1")) - return AlgorithmId.SHA_oid; - if (name.equals ("SHA256") || name.equals("SHA-256")) - return AlgorithmId.SHA256_oid; - if (name.equals("SHA512") || name.equals("SHA-512")) - return AlgorithmId.SHA512_oid; - - // Various public key algorithms - - if (name.equals ("RSA")) - return AlgorithmId.RSA_oid; - - if (name.equals ("RSAEncryption")) - return AlgorithmId.RSAEncryption_oid; - if (name.equals ("Diffie-Hellman") || name.equals("DH")) - return AlgorithmId.DH_oid; - if (name.equals ("DSA")) - return AlgorithmId.DSA_oid; - - // Common signature types - - if (name.equals ("SHA1withEC") || name.equals("SHA1/EC") - || name.equals("1.2.840.10045.4.1")) - return AlgorithmId.sha1WithEC_oid; - if (name.equals ("SHA256withEC") || name.equals("SHA256/EC") - || name.equals("1.2.840.10045.4.3.2")) - return AlgorithmId.sha256WithEC_oid; - if (name.equals ("SHA384withEC") || name.equals("SHA384/EC") - || name.equals("1.2.840.10045.4.3.3")) - return AlgorithmId.sha384WithEC_oid; - if (name.equals ("SHA512withEC") || name.equals("SHA512/EC") - || name.equals("1.2.840.10045.4.3.4")) - return AlgorithmId.sha512WithEC_oid; - if (name.equals ("SHA1withRSA") || name.equals("SHA1/RSA") - || name.equals("1.2.840.113549.1.1.5")) - return AlgorithmId.sha1WithRSAEncryption_oid; - if (name.equals ("SHA256withRSA") || name.equals("SHA256/RSA") - || name.equals("1.2.840.113549.1.1.11")) - return AlgorithmId.sha256WithRSAEncryption_oid; - if (name.equals ("SHA512withRSA") || name.equals("SHA512/RSA") - || name.equals("1.2.840.113549.1.1.13")) - return AlgorithmId.sha512WithRSAEncryption_oid; - if (name.equals ("MD5withRSA") || name.equals("MD5/RSA")) - return AlgorithmId.md5WithRSAEncryption_oid; - if (name.equals ("MD2withRSA") || name.equals("MD2/RSA")) - return AlgorithmId.md2WithRSAEncryption_oid; - if (name.equals("SHAwithDSA") || name.equals("SHA1withDSA") - || name.equals("SHA/DSA") || name.equals("SHA1/DSA")) - return AlgorithmId.sha1WithDSA_oid; - - return null; + private static ObjectIdentifier algOID(String name) { + // Digesting algorithms + + if (name.equals("MD5")) + return AlgorithmId.MD5_oid; + if (name.equals("MD2")) + return AlgorithmId.MD2_oid; + if (name.equals("SHA") || name.equals("SHA1") + || name.equals("SHA-1")) + return AlgorithmId.SHA_oid; + if (name.equals("SHA256") || name.equals("SHA-256")) + return AlgorithmId.SHA256_oid; + if (name.equals("SHA512") || name.equals("SHA-512")) + return AlgorithmId.SHA512_oid; + + // Various public key algorithms + + if (name.equals("RSA")) + return AlgorithmId.RSA_oid; + + if (name.equals("RSAEncryption")) + return AlgorithmId.RSAEncryption_oid; + if (name.equals("Diffie-Hellman") || name.equals("DH")) + return AlgorithmId.DH_oid; + if (name.equals("DSA")) + return AlgorithmId.DSA_oid; + + // Common signature types + + if (name.equals("SHA1withEC") || name.equals("SHA1/EC") + || name.equals("1.2.840.10045.4.1")) + return AlgorithmId.sha1WithEC_oid; + if (name.equals("SHA256withEC") || name.equals("SHA256/EC") + || name.equals("1.2.840.10045.4.3.2")) + return AlgorithmId.sha256WithEC_oid; + if (name.equals("SHA384withEC") || name.equals("SHA384/EC") + || name.equals("1.2.840.10045.4.3.3")) + return AlgorithmId.sha384WithEC_oid; + if (name.equals("SHA512withEC") || name.equals("SHA512/EC") + || name.equals("1.2.840.10045.4.3.4")) + return AlgorithmId.sha512WithEC_oid; + if (name.equals("SHA1withRSA") || name.equals("SHA1/RSA") + || name.equals("1.2.840.113549.1.1.5")) + return AlgorithmId.sha1WithRSAEncryption_oid; + if (name.equals("SHA256withRSA") || name.equals("SHA256/RSA") + || name.equals("1.2.840.113549.1.1.11")) + return AlgorithmId.sha256WithRSAEncryption_oid; + if (name.equals("SHA512withRSA") || name.equals("SHA512/RSA") + || name.equals("1.2.840.113549.1.1.13")) + return AlgorithmId.sha512WithRSAEncryption_oid; + if (name.equals("MD5withRSA") || name.equals("MD5/RSA")) + return AlgorithmId.md5WithRSAEncryption_oid; + if (name.equals("MD2withRSA") || name.equals("MD2/RSA")) + return AlgorithmId.md2WithRSAEncryption_oid; + if (name.equals("SHAwithDSA") || name.equals("SHA1withDSA") + || name.equals("SHA/DSA") || name.equals("SHA1/DSA")) + return AlgorithmId.sha1WithDSA_oid; + + return null; } /* @@ -381,99 +364,97 @@ public class AlgorithmId implements Serializable, DerEncoder { * Wherever possible, the names are those defined by the IETF. * Such names are noted below. */ - private String algName() - { - // Common message digest algorithms - - if (algid.equals(AlgorithmId.MD5_oid)) - return "MD5"; // RFC 1423 - if (algid.equals(AlgorithmId.MD2_oid)) - return "MD2"; // RFC 1423 - if (algid.equals(AlgorithmId.SHA_oid)) - return "SHA"; - if (algid.equals(AlgorithmId.SHA256_oid)) - return "SHA256"; - if (algid.equals(AlgorithmId.SHA512_oid)) - return "SHA512"; - - // Common key types - - if (algid.equals(AlgorithmId.ANSIX962_EC_Public_Key_oid)) - return "EC"; - if (algid.equals(AlgorithmId.RSAEncryption_oid) - || algid.equals(AlgorithmId.RSA_oid)) - return "RSA"; - if (algid.equals(AlgorithmId.DH_oid) + private String algName() { + // Common message digest algorithms + + if (algid.equals(AlgorithmId.MD5_oid)) + return "MD5"; // RFC 1423 + if (algid.equals(AlgorithmId.MD2_oid)) + return "MD2"; // RFC 1423 + if (algid.equals(AlgorithmId.SHA_oid)) + return "SHA"; + if (algid.equals(AlgorithmId.SHA256_oid)) + return "SHA256"; + if (algid.equals(AlgorithmId.SHA512_oid)) + return "SHA512"; + + // Common key types + + if (algid.equals(AlgorithmId.ANSIX962_EC_Public_Key_oid)) + return "EC"; + if (algid.equals(AlgorithmId.RSAEncryption_oid) + || algid.equals(AlgorithmId.RSA_oid)) + return "RSA"; + if (algid.equals(AlgorithmId.DH_oid) || algid.equals(AlgorithmId.DH_PKIX_oid)) - return "Diffie-Hellman"; - if (algid.equals(AlgorithmId.DSA_oid) + return "Diffie-Hellman"; + if (algid.equals(AlgorithmId.DSA_oid) || algid.equals(AlgorithmId.DSA_OIW_oid)) - return "DSA"; - - // Common signature types - - if (algid.equals (AlgorithmId.sha1WithEC_oid)) - return "SHA1withEC"; - if (algid.equals (AlgorithmId.sha256WithEC_oid)) - return "SHA256withEC"; - if (algid.equals (AlgorithmId.sha384WithEC_oid)) - return "SHA384withEC"; - if (algid.equals (AlgorithmId.sha512WithEC_oid)) - return "SHA512withEC"; - if (algid.equals (AlgorithmId.md5WithRSAEncryption_oid)) - return "MD5withRSA"; - if (algid.equals (AlgorithmId.md2WithRSAEncryption_oid)) - return "MD2withRSA"; - if (algid.equals (AlgorithmId.sha1WithRSAEncryption_oid)) - return "SHA1withRSA"; - if (algid.equals (AlgorithmId.sha256WithRSAEncryption_oid)) - return "SHA256withRSA"; - if (algid.equals (AlgorithmId.sha512WithRSAEncryption_oid)) - return "SHA512withRSA"; - if (algid.equals(AlgorithmId.sha1WithDSA_oid) + return "DSA"; + + // Common signature types + + if (algid.equals(AlgorithmId.sha1WithEC_oid)) + return "SHA1withEC"; + if (algid.equals(AlgorithmId.sha256WithEC_oid)) + return "SHA256withEC"; + if (algid.equals(AlgorithmId.sha384WithEC_oid)) + return "SHA384withEC"; + if (algid.equals(AlgorithmId.sha512WithEC_oid)) + return "SHA512withEC"; + if (algid.equals(AlgorithmId.md5WithRSAEncryption_oid)) + return "MD5withRSA"; + if (algid.equals(AlgorithmId.md2WithRSAEncryption_oid)) + return "MD2withRSA"; + if (algid.equals(AlgorithmId.sha1WithRSAEncryption_oid)) + return "SHA1withRSA"; + if (algid.equals(AlgorithmId.sha256WithRSAEncryption_oid)) + return "SHA256withRSA"; + if (algid.equals(AlgorithmId.sha512WithRSAEncryption_oid)) + return "SHA512withRSA"; + if (algid.equals(AlgorithmId.sha1WithDSA_oid) || algid.equals(AlgorithmId.sha1WithDSA_OIW_oid) || algid.equals(AlgorithmId.shaWithDSA_OIW_oid)) - return "SHA1withDSA"; + return "SHA1withDSA"; - // default returns a dot-notation ID + // default returns a dot-notation ID - return "OID." + algid.toString (); + return "OID." + algid.toString(); } /** - * Returns the ISO OID for this algorithm. This is usually converted + * Returns the ISO OID for this algorithm. This is usually converted * to a string and used as part of an algorithm name, for example - * "OID.1.3.14.3.2.13" style notation. Use the <code>getName</code> - * call when you do not need to ensure cross-system portability + * "OID.1.3.14.3.2.13" style notation. Use the <code>getName</code> call when you do not need to ensure cross-system portability * of algorithm names, or need a user friendly name. */ - final public ObjectIdentifier getOID () - { return algid; } - + final public ObjectIdentifier getOID() { + return algid; + } /** * Returns a name for the algorithm which may be more intelligible * to humans than the algorithm's OID, but which won't necessarily - * be comprehensible on other systems. For example, this might + * be comprehensible on other systems. For example, this might * return a name such as "MD5withRSA" for a signature algorithm on - * some systems. It also returns names like "OID.1.2.3.4", when + * some systems. It also returns names like "OID.1.2.3.4", when * no particular name for the algorithm is known. */ - public String getName() - { return algName (); } + public String getName() { + return algName(); + } /** * Returns a string describing the algorithm and its parameters. */ - public String toString() - { - return (algName() + paramsToString()); + public String toString() { + return (algName() + paramsToString()); } /** * Returns the DER encoded parameter, which can then be * used to initialize java.security.AlgorithmParamters. - * + * * @return DER encoded parameters, or null not present. */ public byte[] getEncodedParams() throws IOException { @@ -487,63 +468,55 @@ public class AlgorithmId implements Serializable, DerEncoder { * Provides a human-readable description of the algorithm parameters. * This may be redefined by subclasses which parse those parameters. */ - protected String paramsToString() - { - if (params == null) { - return ""; - } else if (algParams != null) { - return algParams.toString(); - } else { - return ", params unparsed"; - } + protected String paramsToString() { + if (params == null) { + return ""; + } else if (algParams != null) { + return algParams.toString(); + } else { + return ", params unparsed"; + } } - /** * Returns true iff the argument indicates the same algorithm * with the same parameters. */ - public boolean equals(AlgorithmId other) - { - if (!algid.equals (other.algid)) + public boolean equals(AlgorithmId other) { + if (!algid.equals(other.algid)) + return false; + else if (params == null && other.params == null) + return true; + else if (params == null) return false; - else if (params == null && other.params == null) - return true; - else if (params == null) - return false; - else - return params.equals(other.params); + else + return params.equals(other.params); } - /** - * Compares this AlgorithmID to another. If algorithm parameters are - * available, they are compared. Otherwise, just the object IDs + * Compares this AlgorithmID to another. If algorithm parameters are + * available, they are compared. Otherwise, just the object IDs * for the algorithm are compared. - * + * * @param other preferably an AlgorithmId, else an ObjectIdentifier */ - public boolean equals(Object other) - { - if (other instanceof AlgorithmId) - return equals((AlgorithmId) other); - else if (other instanceof ObjectIdentifier) - return equals((ObjectIdentifier) other); - else - return false; + public boolean equals(Object other) { + if (other instanceof AlgorithmId) + return equals((AlgorithmId) other); + else if (other instanceof ObjectIdentifier) + return equals((ObjectIdentifier) other); + else + return false; } - /** - * Compares two algorithm IDs for equality. Returns true iff + * Compares two algorithm IDs for equality. Returns true iff * they are the same algorithm, ignoring algorithm parameters. */ - public final boolean equals(ObjectIdentifier id) - { - return algid.equals(id); + public final boolean equals(ObjectIdentifier id) { + return algid.equals(id); } - /*****************************************************************/ /* @@ -553,22 +526,20 @@ public class AlgorithmId implements Serializable, DerEncoder { private static final int MD5_data[] = { 1, 2, 840, 113549, 2, 5 }; // sha = { 1, 3, 14, 3, 2, 18 }; private static final int SHA1_OIW_data[] = { 1, 3, 14, 3, 2, 26 }; - private static final int SHA256_data[] = {2, 16, 840, 1, 101, 3, 4, 2, 1}; - private static final int SHA512_data[] = {2, 16, 840, 1, 101, 3, 4, 2, 3}; + private static final int SHA256_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 }; + private static final int SHA512_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 }; /** * Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319. * OID = 1.2.840.113549.2.2 */ - public static final ObjectIdentifier - MD2_oid = new ObjectIdentifier(MD2_data); + public static final ObjectIdentifier MD2_oid = new ObjectIdentifier(MD2_data); /** * Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321. * OID = 1.2.840.113549.2.5 */ - public static final ObjectIdentifier - MD5_oid = new ObjectIdentifier(MD5_data); + public static final ObjectIdentifier MD5_oid = new ObjectIdentifier(MD5_data); /** * Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1. @@ -576,14 +547,11 @@ public class AlgorithmId implements Serializable, DerEncoder { * many people refer to FIPS 180 (which has an error) as defining SHA. * OID = 1.3.14.3.2.26 */ - public static final ObjectIdentifier - SHA_oid = new ObjectIdentifier(SHA1_OIW_data); + public static final ObjectIdentifier SHA_oid = new ObjectIdentifier(SHA1_OIW_data); - public static final ObjectIdentifier - SHA256_oid = new ObjectIdentifier(SHA256_data); + public static final ObjectIdentifier SHA256_oid = new ObjectIdentifier(SHA256_data); - public static final ObjectIdentifier - SHA512_oid = new ObjectIdentifier(SHA512_data); + public static final ObjectIdentifier SHA512_oid = new ObjectIdentifier(SHA512_data); /* * COMMON PUBLIC KEY TYPES @@ -600,10 +568,8 @@ public class AlgorithmId implements Serializable, DerEncoder { private static final int ANSI_X962_sha1_with_ec_data[] = { 1, 2, 840, 10045, 4, 1 }; - public static final ObjectIdentifier - ANSIX962_EC_Public_Key_oid = new ObjectIdentifier(ANSI_X962_public_key_data); - public static final ObjectIdentifier - ANSIX962_SHA1_With_EC_oid = new ObjectIdentifier(ANSI_X962_sha1_with_ec_data); + public static final ObjectIdentifier ANSIX962_EC_Public_Key_oid = new ObjectIdentifier(ANSI_X962_public_key_data); + public static final ObjectIdentifier ANSIX962_SHA1_With_EC_oid = new ObjectIdentifier(ANSI_X962_sha1_with_ec_data); /* * Note the preferred OIDs are named simply with no "OIW" or @@ -613,13 +579,12 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * Algorithm ID for Diffie Hellman Key agreement, from PKCS #3. * Parameters include public values P and G, and may optionally specify - * the length of the private key X. Alternatively, algorithm parameters + * the length of the private key X. Alternatively, algorithm parameters * may be derived from another source such as a Certificate Authority's * certificate. * OID = 1.2.840.113549.1.3.1 */ - public static final ObjectIdentifier - DH_oid = new ObjectIdentifier(DH_data); + public static final ObjectIdentifier DH_oid = new ObjectIdentifier(DH_data); /** * Algorithm ID for the Diffie Hellman Key Agreement (DH), from the @@ -627,8 +592,7 @@ public class AlgorithmId implements Serializable, DerEncoder { * Parameters may include public values P and G. * OID = 1.2.840.10046.2.1 */ - public static final ObjectIdentifier - DH_PKIX_oid = new ObjectIdentifier(DH_PKIX_data); + public static final ObjectIdentifier DH_PKIX_oid = new ObjectIdentifier(DH_PKIX_data); /** * Algorithm ID for the Digital Signing Algorithm (DSA), from the @@ -638,8 +602,7 @@ public class AlgorithmId implements Serializable, DerEncoder { * another source such as a Certificate Authority's certificate. * OID = 1.3.14.3.2.12 */ - public static final ObjectIdentifier - DSA_OIW_oid = new ObjectIdentifier(DSA_OIW_data); + public static final ObjectIdentifier DSA_OIW_oid = new ObjectIdentifier(DSA_OIW_data); /** * Algorithm ID for the Digital Signing Algorithm (DSA), from the @@ -649,8 +612,7 @@ public class AlgorithmId implements Serializable, DerEncoder { * another source such as a Certificate Authority's certificate. * OID = 1.2.840.10040.4.1 */ - public static final ObjectIdentifier - DSA_oid = new ObjectIdentifier(DSA_PKIX_data); + public static final ObjectIdentifier DSA_oid = new ObjectIdentifier(DSA_PKIX_data); /** * Algorithm ID for RSA keys used for any purpose, as defined in X.509. @@ -658,113 +620,99 @@ public class AlgorithmId implements Serializable, DerEncoder { * public modulus. * OID = 1.2.5.8.1.1 */ - public static final ObjectIdentifier - RSA_oid = new ObjectIdentifier(RSA_data); - + public static final ObjectIdentifier RSA_oid = new ObjectIdentifier(RSA_data); /** * Algorithm ID for RSA keys used with RSA encryption, as defined - * in PKCS #1. There are no parameters associated with this algorithm. + * in PKCS #1. There are no parameters associated with this algorithm. * OID = 1.2.840.113549.1.1.1 */ - public static final ObjectIdentifier - RSAEncryption_oid = new ObjectIdentifier(RSAEncryption_data); - + public static final ObjectIdentifier RSAEncryption_oid = new ObjectIdentifier(RSAEncryption_data); /* * COMMON SIGNATURE ALGORITHMS */ - private static final int sha1WithEC_data[] = - { 1, 2, 840, 10045, 4, 1 }; - private static final int sha256WithEC_data[] = - { 1, 2, 840, 10045, 4, 3, 2 }; - private static final int sha384WithEC_data[] = - { 1, 2, 840, 10045, 4, 3, 3 }; - private static final int sha512WithEC_data[] = - { 1, 2, 840, 10045, 4, 3, 4 }; - private static final int md2WithRSAEncryption_data[] = - { 1, 2, 840, 113549, 1, 1, 2 }; - private static final int md5WithRSAEncryption_data[] = - { 1, 2, 840, 113549, 1, 1, 4 }; - private static final int sha1WithRSAEncryption_data[] = - { 1, 2, 840, 113549 ,1, 1, 5 }; - private static final int sha256WithRSAEncryption_data[] = - { 1, 2, 840, 113549 ,1, 1, 11 }; - private static final int sha512WithRSAEncryption_data[] = - { 1, 2, 840, 113549 ,1, 1, 13 }; - private static final int sha1WithRSAEncryption_OIW_data[] = - { 1, 3, 14, 3, 2, 29 }; - private static final int shaWithDSA_OIW_data[] = - { 1, 3, 14, 3, 2, 13 }; - private static final int sha1WithDSA_OIW_data[] = - { 1, 3, 14, 3, 2, 27 }; - private static final int dsaWithSHA1_PKIX_data[] = - { 1, 2, 840, 10040, 4, 3 }; - - public static final ObjectIdentifier - sha1WithEC_oid = new - ObjectIdentifier(sha1WithEC_data); - - public static final ObjectIdentifier - sha256WithEC_oid = new - ObjectIdentifier(sha256WithEC_data); - - public static final ObjectIdentifier - sha384WithEC_oid = new - ObjectIdentifier(sha384WithEC_data); - - public static final ObjectIdentifier - sha512WithEC_oid = new - ObjectIdentifier(sha512WithEC_data); + private static final int sha1WithEC_data[] = + { 1, 2, 840, 10045, 4, 1 }; + private static final int sha256WithEC_data[] = + { 1, 2, 840, 10045, 4, 3, 2 }; + private static final int sha384WithEC_data[] = + { 1, 2, 840, 10045, 4, 3, 3 }; + private static final int sha512WithEC_data[] = + { 1, 2, 840, 10045, 4, 3, 4 }; + private static final int md2WithRSAEncryption_data[] = + { 1, 2, 840, 113549, 1, 1, 2 }; + private static final int md5WithRSAEncryption_data[] = + { 1, 2, 840, 113549, 1, 1, 4 }; + private static final int sha1WithRSAEncryption_data[] = + { 1, 2, 840, 113549, 1, 1, 5 }; + private static final int sha256WithRSAEncryption_data[] = + { 1, 2, 840, 113549, 1, 1, 11 }; + private static final int sha512WithRSAEncryption_data[] = + { 1, 2, 840, 113549, 1, 1, 13 }; + private static final int sha1WithRSAEncryption_OIW_data[] = + { 1, 3, 14, 3, 2, 29 }; + private static final int shaWithDSA_OIW_data[] = + { 1, 3, 14, 3, 2, 13 }; + private static final int sha1WithDSA_OIW_data[] = + { 1, 3, 14, 3, 2, 27 }; + private static final int dsaWithSHA1_PKIX_data[] = + { 1, 2, 840, 10040, 4, 3 }; + + public static final ObjectIdentifier sha1WithEC_oid = new + ObjectIdentifier(sha1WithEC_data); + + public static final ObjectIdentifier sha256WithEC_oid = new + ObjectIdentifier(sha256WithEC_data); + + public static final ObjectIdentifier sha384WithEC_oid = new + ObjectIdentifier(sha384WithEC_data); + + public static final ObjectIdentifier sha512WithEC_oid = new + ObjectIdentifier(sha512WithEC_data); /** * Identifies a signing algorithm where an MD2 digest is encrypted - * using an RSA private key; defined in PKCS #1. Use of this + * using an RSA private key; defined in PKCS #1. Use of this * signing algorithm is discouraged due to MD2 vulnerabilities. * OID = 1.2.840.113549.1.1.2 */ - public static final ObjectIdentifier - md2WithRSAEncryption_oid = new - ObjectIdentifier(md2WithRSAEncryption_data); + public static final ObjectIdentifier md2WithRSAEncryption_oid = new + ObjectIdentifier(md2WithRSAEncryption_data); /** * Identifies a signing algorithm where an MD5 digest is * encrypted using an RSA private key; defined in PKCS #1. * OID = 1.2.840.113549.1.1.4 */ - public static final ObjectIdentifier - md5WithRSAEncryption_oid = new - ObjectIdentifier(md5WithRSAEncryption_data); + public static final ObjectIdentifier md5WithRSAEncryption_oid = new + ObjectIdentifier(md5WithRSAEncryption_data); /** * The proper one for sha1/rsa */ - public static final ObjectIdentifier - sha1WithRSAEncryption_oid = new - ObjectIdentifier(sha1WithRSAEncryption_data); + public static final ObjectIdentifier sha1WithRSAEncryption_oid = new + ObjectIdentifier(sha1WithRSAEncryption_data); /** * The proper one for sha256/rsa */ - public static final ObjectIdentifier - sha256WithRSAEncryption_oid = new - ObjectIdentifier(sha256WithRSAEncryption_data); + public static final ObjectIdentifier sha256WithRSAEncryption_oid = new + ObjectIdentifier(sha256WithRSAEncryption_data); /** * The proper one for sha512/rsa */ - public static final ObjectIdentifier - sha512WithRSAEncryption_oid = new - ObjectIdentifier(sha512WithRSAEncryption_data); + public static final ObjectIdentifier sha512WithRSAEncryption_oid = new + ObjectIdentifier(sha512WithRSAEncryption_data); /** * Identifies a signing algorithm where an SHA1 digest is * encrypted using an RSA private key; defined in NIST OIW. * OID = 1.3.14.3.2.29 */ - public static final ObjectIdentifier - sha1WithRSAEncryption_OIW_oid = new - ObjectIdentifier(sha1WithRSAEncryption_OIW_data); + public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oid = new + ObjectIdentifier(sha1WithRSAEncryption_OIW_data); /** * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a @@ -772,44 +720,41 @@ public class AlgorithmId implements Serializable, DerEncoder { * This should not be used. * OID = 1.3.14.3.2.13 */ - public static final ObjectIdentifier - shaWithDSA_OIW_oid = new ObjectIdentifier(shaWithDSA_OIW_data); + public static final ObjectIdentifier shaWithDSA_OIW_oid = new ObjectIdentifier(shaWithDSA_OIW_data); /** * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a * SHA1 digest is signed using the Digital Signing Algorithm (DSA). * OID = 1.3.14.3.2.27 */ - public static final ObjectIdentifier - sha1WithDSA_OIW_oid = new ObjectIdentifier(sha1WithDSA_OIW_data); + public static final ObjectIdentifier sha1WithDSA_OIW_oid = new ObjectIdentifier(sha1WithDSA_OIW_data); /** * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a * SHA1 digest is signed using the Digital Signing Algorithm (DSA). * OID = 1.2.840.10040.4.3 */ - public static final ObjectIdentifier - sha1WithDSA_oid = new ObjectIdentifier(dsaWithSHA1_PKIX_data); + public static final ObjectIdentifier sha1WithDSA_oid = new ObjectIdentifier(dsaWithSHA1_PKIX_data); - /** + /** * Supported signing algorithms for a DSA key. */ - public static final String[] DSA_SIGNING_ALGORITHMS = new String[] - { "SHA1withDSA" }; + public static final String[] DSA_SIGNING_ALGORITHMS = new String[] + { "SHA1withDSA" }; - /** + /** * Supported signing algorithms for a RSA key. */ - public static final String[] RSA_SIGNING_ALGORITHMS = new String[] - { "SHA1withRSA", "SHA256withRSA", "SHA512withRSA", "MD5withRSA", "MD2withRSA" }; + public static final String[] RSA_SIGNING_ALGORITHMS = new String[] + { "SHA1withRSA", "SHA256withRSA", "SHA512withRSA", "MD5withRSA", "MD2withRSA" }; - public static final String[] EC_SIGNING_ALGORITHMS = new String[] - { "SHA1withEC", "SHA256withEC", "SHA384withEC", "SHA512withEC" }; + public static final String[] EC_SIGNING_ALGORITHMS = new String[] + { "SHA1withEC", "SHA256withEC", "SHA384withEC", "SHA512withEC" }; - /** + /** * All supported signing algorithms. */ - public static final String[] ALL_SIGNING_ALGORITHMS = new String[] - { "SHA1withRSA", "MD5withRSA", "MD2withRSA", "SHA1withDSA", "SHA256withRSA", "SHA512withRSA", "SHA1withEC", "SHA256withEC", "SHA384withEC", "SHA512withEC" }; + public static final String[] ALL_SIGNING_ALGORITHMS = new String[] + { "SHA1withRSA", "MD5withRSA", "MD2withRSA", "SHA1withDSA", "SHA256withRSA", "SHA512withRSA", "SHA1withEC", "SHA256withEC", "SHA384withEC", "SHA512withEC" }; } |