// --- BEGIN COPYRIGHT BLOCK --- // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation; version 2 of the License. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License along // with this program; if not, write to the Free Software Foundation, Inc., // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // // (C) 2007 Red Hat, Inc. // All rights reserved. // --- END COPYRIGHT BLOCK --- package netscape.security.x509; import java.io.IOException; import java.io.OutputStream; import java.io.Serializable; import java.security.AlgorithmParameters; import java.security.NoSuchAlgorithmException; import netscape.security.util.DerEncoder; import netscape.security.util.DerInputStream; import netscape.security.util.DerOutputStream; import netscape.security.util.DerValue; import netscape.security.util.ObjectIdentifier; /** * This class identifies algorithms, such as cryptographic transforms, each of * which may be associated with parameters. Instances of this base class are * used when this runtime environment has no special knowledge of the algorithm * type, and may also be used in other cases. Equivalence is defined according * to OID and (where relevant) parameters. * *
* Subclasses may be used, for example when when the algorithm ID has associated * parameters which some code (e.g. code using public keys) needs to have * parsed. Two examples of such algorithms are Diffie-Hellman key exchange, and * the Digital Signature Standard Algorithm (DSS/DSA). * *
* The OID constants defined in this class correspond to some widely used
* algorithms, for which conventional string names have been defined. This class
* is not a general repository for OIDs, or for such string names. Note that the
* mappings between algorithm IDs and algorithm names is not one-to-one.
*
* @version 1.70
*
* @author David Brownell
* @author Amit Kapoor
* @author Hemma Prafullchandra
*/
public class AlgorithmId implements Serializable, DerEncoder {
/** use serialVersionUID from JDK 1.1. for interoperability */
private static final long serialVersionUID = 7205873507486557157L;
/* Are we debugging? */
private static boolean debug = false;
/**
* The object identitifer being used for this algorithm.
*/
private ObjectIdentifier algid = null;
// The (parsed) parameters
private AlgorithmParameters algParams;
/**
* Parameters for this algorithm. These are stored in unparsed DER-encoded
* form; subclasses can be made to automaticaly parse them so there is fast
* access to these parameters.
*/
protected DerValue params = null;
protected String paramsString = null;
/**
* Returns one of the algorithm IDs most commonly associated with this
* algorithm name.
*
* @param algname the name being used
* @deprecated use the short get form of this method.
* @exception NoSuchAlgorithmException on error.
*/
public static AlgorithmId getAlgorithmId(String algname)
throws NoSuchAlgorithmException {
return get(algname);
}
public AlgorithmParameters getParameters() {
return this.algParams;
}
public String getParametersString() {
return this.paramsString;
}
public void setParametersString(String paramStr) {
this.paramsString = paramStr;
}
/**
* Returns one of the algorithm IDs most commonly associated with this
* algorithm name.
*
* @param algname the name being used
* @exception NoSuchAlgorithmException on error.
*/
public static AlgorithmId get(String algname)
throws NoSuchAlgorithmException {
ObjectIdentifier oid = algOID(algname);
if (oid == null)
throw new NoSuchAlgorithmException("unrecognized algorithm name: "
+ algname);
return new AlgorithmId(oid);
}
/**
* Parse (unmarshal) an ID from a DER sequence input value. This form
* parsing might be used when expanding a value which has already been
* partially unmarshaled as a set or sequence member.
*
* @exception IOException on error.
* @param val the input value, which contains the algid and, if there are
* any parameters, those parameters.
* @return an ID for the algorithm. If the system is configured
* appropriately, this may be an instance of a class with some kind
* of special support for this algorithm. In that case, you may
* "narrow" the type of the ID.
*/
public static AlgorithmId parse(DerValue val) throws IOException {
if (val.tag != DerValue.tag_Sequence)
throw new IOException("algid parse error, not a sequence");
/*
* Get the algorithm ID and any parameters.
*/
ObjectIdentifier algid;
DerValue params;
DerInputStream in = val.toDerInputStream();
algid = in.getOID();
if (in.available() == 0)
params = null;
else {
params = in.getDerValue();
if (params.tag == DerValue.tag_Null)
params = null;
}
/*
* Figure out what class (if any) knows about this oid's parameters.
* Make one, and give it the data to decode.
*/
AlgorithmId alg = new AlgorithmId(algid, params);
if (params != null)
alg.decodeParams();
/*
* Set the raw params string in case higher level code might want the
* info
*/
String paramStr = null;
if (params != null) {
paramStr = params.toString();
}
alg.setParametersString(paramStr);
return alg;
}
public static AlgorithmId parse(byte[] val) throws IOException {
return null;
}
/**
* Constructs a parameterless algorithm ID.
*
* @param oid the identifier for the algorithm
*/
public AlgorithmId(ObjectIdentifier oid) {
algid = oid;
}
private AlgorithmId(ObjectIdentifier oid, DerValue params)
throws IOException {
this.algid = oid;
this.params = params;
if (this.params != null)
decodeParams();
}
/**
* Constructs an algorithm ID which will be initialized separately, for
* example by deserialization.
*
* @deprecated use one of the other constructors.
*/
public AlgorithmId() {
}
protected void decodeParams() throws IOException {
try {
this.algParams = AlgorithmParameters.getInstance(this.algid
.toString());
} catch (NoSuchAlgorithmException e) {
/*
* This algorithm parameter type is not supported, so we cannot
* parse the parameters.
*/
this.algParams = null;
return;
}
// Decode (parse) the parameters
this.algParams.init(this.params.toByteArray());
}
/**
* Marshal a DER-encoded "AlgorithmID" sequence on the DER stream.
*/
public final void encode(DerOutputStream out) throws IOException {
derEncode(out);
}
/**
* DER encode this object onto an output stream. Implements the
* DerEncoder
interface.
*
* @param out the output stream on which to write the DER encoding.
*
* @exception IOException on encoding error.
*/
public void derEncode(OutputStream out) throws IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream tmp = new DerOutputStream();
bytes.putOID(algid);
if (params == null)
bytes.putNull();
else
bytes.putDerValue(params);
tmp.write(DerValue.tag_Sequence, bytes);
out.write(tmp.toByteArray());
}
// XXXX cleaning required
/**
* Returns the DER-encoded X.509 AlgorithmId as a byte array.
*/
public final byte[] encode() throws IOException {
DerOutputStream out = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream();
bytes.putOID(algid);
if (params == null)
bytes.putNull();
else
bytes.putDerValue(params);
out.write(DerValue.tag_Sequence, bytes);
return out.toByteArray();
}
/**
* Returns list of signing algorithms for a key algorithm such as RSA or
* DSA.
*/
public static String[] getSigningAlgorithms(AlgorithmId alg) {
ObjectIdentifier algOid = alg.getOID();
// System.out.println("Key Alg oid "+algOid.toString());
if (algOid.equals(DSA_oid) || algOid.equals(DSA_OIW_oid)) {
return DSA_SIGNING_ALGORITHMS;
} else if (algOid.equals(RSA_oid) || algOid.equals(RSAEncryption_oid)) {
return RSA_SIGNING_ALGORITHMS;
} else if (algOid.equals(ANSIX962_EC_Public_Key_oid)
|| algOid.equals(ANSIX962_SHA1_With_EC_oid)) {
return EC_SIGNING_ALGORITHMS;
} else {
return null;
}
}
/*
* Translates from some common algorithm names to the OID with which they're
* usually associated ... this mapping is the reverse of the one below,
* except in those cases where synonyms are supported or where a given
* algorithm is commonly associated with multiple OIDs.
*/
private static ObjectIdentifier algOID(String name) {
// Digesting algorithms
if (name.equals("MD5"))
return AlgorithmId.MD5_oid;
if (name.equals("MD2"))
return AlgorithmId.MD2_oid;
if (name.equals("SHA") || name.equals("SHA1") || name.equals("SHA-1"))
return AlgorithmId.SHA_oid;
if (name.equals("SHA256") || name.equals("SHA-256"))
return AlgorithmId.SHA256_oid;
if (name.equals("SHA512") || name.equals("SHA-512"))
return AlgorithmId.SHA512_oid;
// Various public key algorithms
if (name.equals("RSA"))
return AlgorithmId.RSA_oid;
if (name.equals("RSAEncryption"))
return AlgorithmId.RSAEncryption_oid;
if (name.equals("Diffie-Hellman") || name.equals("DH"))
return AlgorithmId.DH_oid;
if (name.equals("DSA"))
return AlgorithmId.DSA_oid;
// Common signature types
if (name.equals("SHA1withEC") || name.equals("SHA1/EC")
|| name.equals("1.2.840.10045.4.1"))
return AlgorithmId.sha1WithEC_oid;
if (name.equals("SHA256withEC") || name.equals("SHA256/EC")
|| name.equals("1.2.840.10045.4.3.2"))
return AlgorithmId.sha256WithEC_oid;
if (name.equals("SHA384withEC") || name.equals("SHA384/EC")
|| name.equals("1.2.840.10045.4.3.3"))
return AlgorithmId.sha384WithEC_oid;
if (name.equals("SHA512withEC") || name.equals("SHA512/EC")
|| name.equals("1.2.840.10045.4.3.4"))
return AlgorithmId.sha512WithEC_oid;
if (name.equals("SHA1withRSA") || name.equals("SHA1/RSA")
|| name.equals("1.2.840.113549.1.1.5"))
return AlgorithmId.sha1WithRSAEncryption_oid;
if (name.equals("SHA256withRSA") || name.equals("SHA256/RSA")
|| name.equals("1.2.840.113549.1.1.11"))
return AlgorithmId.sha256WithRSAEncryption_oid;
if (name.equals("SHA512withRSA") || name.equals("SHA512/RSA")
|| name.equals("1.2.840.113549.1.1.13"))
return AlgorithmId.sha512WithRSAEncryption_oid;
if (name.equals("MD5withRSA") || name.equals("MD5/RSA"))
return AlgorithmId.md5WithRSAEncryption_oid;
if (name.equals("MD2withRSA") || name.equals("MD2/RSA"))
return AlgorithmId.md2WithRSAEncryption_oid;
if (name.equals("SHAwithDSA") || name.equals("SHA1withDSA")
|| name.equals("SHA/DSA") || name.equals("SHA1/DSA"))
return AlgorithmId.sha1WithDSA_oid;
return null;
}
/*
* For the inevitable cases where key or signature types are not configured
* in an environment which encounters such keys or signatures, we still
* attempt to provide user-friendly names for some of the most common
* algorithms. Subclasses can of course override getName().
*
* Wherever possible, the names are those defined by the IETF. Such names
* are noted below.
*/
private String algName() {
// Common message digest algorithms
if (algid.equals(AlgorithmId.MD5_oid))
return "MD5"; // RFC 1423
if (algid.equals(AlgorithmId.MD2_oid))
return "MD2"; // RFC 1423
if (algid.equals(AlgorithmId.SHA_oid))
return "SHA";
if (algid.equals(AlgorithmId.SHA256_oid))
return "SHA256";
if (algid.equals(AlgorithmId.SHA512_oid))
return "SHA512";
// Common key types
if (algid.equals(AlgorithmId.ANSIX962_EC_Public_Key_oid))
return "EC";
if (algid.equals(AlgorithmId.RSAEncryption_oid)
|| algid.equals(AlgorithmId.RSA_oid))
return "RSA";
if (algid.equals(AlgorithmId.DH_oid)
|| algid.equals(AlgorithmId.DH_PKIX_oid))
return "Diffie-Hellman";
if (algid.equals(AlgorithmId.DSA_oid)
|| algid.equals(AlgorithmId.DSA_OIW_oid))
return "DSA";
// Common signature types
if (algid.equals(AlgorithmId.sha1WithEC_oid))
return "SHA1withEC";
if (algid.equals(AlgorithmId.sha256WithEC_oid))
return "SHA256withEC";
if (algid.equals(AlgorithmId.sha384WithEC_oid))
return "SHA384withEC";
if (algid.equals(AlgorithmId.sha512WithEC_oid))
return "SHA512withEC";
if (algid.equals(AlgorithmId.md5WithRSAEncryption_oid))
return "MD5withRSA";
if (algid.equals(AlgorithmId.md2WithRSAEncryption_oid))
return "MD2withRSA";
if (algid.equals(AlgorithmId.sha1WithRSAEncryption_oid))
return "SHA1withRSA";
if (algid.equals(AlgorithmId.sha256WithRSAEncryption_oid))
return "SHA256withRSA";
if (algid.equals(AlgorithmId.sha512WithRSAEncryption_oid))
return "SHA512withRSA";
if (algid.equals(AlgorithmId.sha1WithDSA_oid)
|| algid.equals(AlgorithmId.sha1WithDSA_OIW_oid)
|| algid.equals(AlgorithmId.shaWithDSA_OIW_oid))
return "SHA1withDSA";
// default returns a dot-notation ID
return "OID." + algid.toString();
}
/**
* Returns the ISO OID for this algorithm. This is usually converted to a
* string and used as part of an algorithm name, for example
* "OID.1.3.14.3.2.13" style notation. Use the getName
call
* when you do not need to ensure cross-system portability of algorithm
* names, or need a user friendly name.
*/
final public ObjectIdentifier getOID() {
return algid;
}
/**
* Returns a name for the algorithm which may be more intelligible to humans
* than the algorithm's OID, but which won't necessarily be comprehensible
* on other systems. For example, this might return a name such as
* "MD5withRSA" for a signature algorithm on some systems. It also returns
* names like "OID.1.2.3.4", when no particular name for the algorithm is
* known.
*/
public String getName() {
return algName();
}
/**
* Returns a string describing the algorithm and its parameters.
*/
public String toString() {
return (algName() + paramsToString());
}
/**
* Returns the DER encoded parameter, which can then be used to initialize
* java.security.AlgorithmParamters.
*
* @return DER encoded parameters, or null not present.
*/
public byte[] getEncodedParams() throws IOException {
if (params == null)
return null;
else
return params.toByteArray();
}
/**
* Provides a human-readable description of the algorithm parameters. This
* may be redefined by subclasses which parse those parameters.
*/
protected String paramsToString() {
if (params == null) {
return "";
} else if (algParams != null) {
return algParams.toString();
} else {
return ", params unparsed";
}
}
/**
* Returns true iff the argument indicates the same algorithm with the same
* parameters.
*/
public boolean equals(AlgorithmId other) {
if (!algid.equals(other.algid))
return false;
else if (params == null && other.params == null)
return true;
else if (params == null)
return false;
else
return params.equals(other.params);
}
/**
* Compares this AlgorithmID to another. If algorithm parameters are
* available, they are compared. Otherwise, just the object IDs for the
* algorithm are compared.
*
* @param other preferably an AlgorithmId, else an ObjectIdentifier
*/
public boolean equals(Object other) {
if (other instanceof AlgorithmId)
return equals((AlgorithmId) other);
else if (other instanceof ObjectIdentifier)
return equals((ObjectIdentifier) other);
else
return false;
}
/**
* Compares two algorithm IDs for equality. Returns true iff they are the
* same algorithm, ignoring algorithm parameters.
*/
public final boolean equals(ObjectIdentifier id) {
return algid.equals(id);
}
/*****************************************************************/
/*
* HASHING ALGORITHMS
*/
private static final int MD2_data[] = { 1, 2, 840, 113549, 2, 2 };
private static final int MD5_data[] = { 1, 2, 840, 113549, 2, 5 };
// sha = { 1, 3, 14, 3, 2, 18 };
private static final int SHA1_OIW_data[] = { 1, 3, 14, 3, 2, 26 };
private static final int SHA256_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 };
private static final int SHA512_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 };
/**
* Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319. OID =
* 1.2.840.113549.2.2
*/
public static final ObjectIdentifier MD2_oid = new ObjectIdentifier(
MD2_data);
/**
* Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321. OID =
* 1.2.840.113549.2.5
*/
public static final ObjectIdentifier MD5_oid = new ObjectIdentifier(
MD5_data);
/**
* Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1. This
* is sometimes called "SHA", though that is often confusing since many
* people refer to FIPS 180 (which has an error) as defining SHA. OID =
* 1.3.14.3.2.26
*/
public static final ObjectIdentifier SHA_oid = new ObjectIdentifier(
SHA1_OIW_data);
public static final ObjectIdentifier SHA256_oid = new ObjectIdentifier(
SHA256_data);
public static final ObjectIdentifier SHA512_oid = new ObjectIdentifier(
SHA512_data);
/*
* COMMON PUBLIC KEY TYPES
*/
private static final int DH_data[] = { 1, 2, 840, 113549, 1, 3, 1 };
private static final int DH_PKIX_data[] = { 1, 2, 840, 10046, 2, 1 };
private static final int DSA_OIW_data[] = { 1, 3, 14, 3, 2, 12 };
private static final int DSA_PKIX_data[] = { 1, 2, 840, 10040, 4, 1 };
private static final int RSA_data[] = { 1, 2, 5, 8, 1, 1 };
private static final int RSAEncryption_data[] = { 1, 2, 840, 113549, 1, 1,
1 };
private static final int ANSI_X962_public_key_data[] = { 1, 2, 840, 10045,
2, 1 };
private static final int ANSI_X962_sha1_with_ec_data[] = { 1, 2, 840,
10045, 4, 1 };
public static final ObjectIdentifier ANSIX962_EC_Public_Key_oid = new ObjectIdentifier(
ANSI_X962_public_key_data);
public static final ObjectIdentifier ANSIX962_SHA1_With_EC_oid = new ObjectIdentifier(
ANSI_X962_sha1_with_ec_data);
/*
* Note the preferred OIDs are named simply with no "OIW" or "PKIX" in them,
* even though they may point to data from these specs; e.g. SHA_oid,
* DH_oid, DSA_oid, SHA1WithDSA_oid...
*/
/**
* Algorithm ID for Diffie Hellman Key agreement, from PKCS #3. Parameters
* include public values P and G, and may optionally specify the length of
* the private key X. Alternatively, algorithm parameters may be derived
* from another source such as a Certificate Authority's certificate. OID =
* 1.2.840.113549.1.3.1
*/
public static final ObjectIdentifier DH_oid = new ObjectIdentifier(DH_data);
/**
* Algorithm ID for the Diffie Hellman Key Agreement (DH), from the IETF
* PKIX IPKI Part I. Parameters may include public values P and G. OID =
* 1.2.840.10046.2.1
*/
public static final ObjectIdentifier DH_PKIX_oid = new ObjectIdentifier(
DH_PKIX_data);
/**
* Algorithm ID for the Digital Signing Algorithm (DSA), from the NIST OIW
* Stable Agreements part 12. Parameters may include public values P, Q, and
* G; or these may be derived from another source such as a Certificate
* Authority's certificate. OID = 1.3.14.3.2.12
*/
public static final ObjectIdentifier DSA_OIW_oid = new ObjectIdentifier(
DSA_OIW_data);
/**
* Algorithm ID for the Digital Signing Algorithm (DSA), from the IETF PKIX
* IPKI Part I. Parameters may include public values P, Q, and G; or these
* may be derived from another source such as a Certificate Authority's
* certificate. OID = 1.2.840.10040.4.1
*/
public static final ObjectIdentifier DSA_oid = new ObjectIdentifier(
DSA_PKIX_data);
/**
* Algorithm ID for RSA keys used for any purpose, as defined in X.509. The
* algorithm parameter is a single value, the number of bits in the public
* modulus. OID = 1.2.5.8.1.1
*/
public static final ObjectIdentifier RSA_oid = new ObjectIdentifier(
RSA_data);
/**
* Algorithm ID for RSA keys used with RSA encryption, as defined in PKCS
* #1. There are no parameters associated with this algorithm. OID =
* 1.2.840.113549.1.1.1
*/
public static final ObjectIdentifier RSAEncryption_oid = new ObjectIdentifier(
RSAEncryption_data);
/*
* COMMON SIGNATURE ALGORITHMS
*/
private static final int sha1WithEC_data[] = { 1, 2, 840, 10045, 4, 1 };
private static final int sha256WithEC_data[] = { 1, 2, 840, 10045, 4, 3, 2 };
private static final int sha384WithEC_data[] = { 1, 2, 840, 10045, 4, 3, 3 };
private static final int sha512WithEC_data[] = { 1, 2, 840, 10045, 4, 3, 4 };
private static final int md2WithRSAEncryption_data[] = { 1, 2, 840, 113549,
1, 1, 2 };
private static final int md5WithRSAEncryption_data[] = { 1, 2, 840, 113549,
1, 1, 4 };
private static final int sha1WithRSAEncryption_data[] = { 1, 2, 840,
113549, 1, 1, 5 };
private static final int sha256WithRSAEncryption_data[] = { 1, 2, 840,
113549, 1, 1, 11 };
private static final int sha512WithRSAEncryption_data[] = { 1, 2, 840,
113549, 1, 1, 13 };
private static final int sha1WithRSAEncryption_OIW_data[] = { 1, 3, 14, 3,
2, 29 };
private static final int shaWithDSA_OIW_data[] = { 1, 3, 14, 3, 2, 13 };
private static final int sha1WithDSA_OIW_data[] = { 1, 3, 14, 3, 2, 27 };
private static final int dsaWithSHA1_PKIX_data[] = { 1, 2, 840, 10040, 4, 3 };
public static final ObjectIdentifier sha1WithEC_oid = new ObjectIdentifier(
sha1WithEC_data);
public static final ObjectIdentifier sha256WithEC_oid = new ObjectIdentifier(
sha256WithEC_data);
public static final ObjectIdentifier sha384WithEC_oid = new ObjectIdentifier(
sha384WithEC_data);
public static final ObjectIdentifier sha512WithEC_oid = new ObjectIdentifier(
sha512WithEC_data);
/**
* Identifies a signing algorithm where an MD2 digest is encrypted using an
* RSA private key; defined in PKCS #1. Use of this signing algorithm is
* discouraged due to MD2 vulnerabilities. OID = 1.2.840.113549.1.1.2
*/
public static final ObjectIdentifier md2WithRSAEncryption_oid = new ObjectIdentifier(
md2WithRSAEncryption_data);
/**
* Identifies a signing algorithm where an MD5 digest is encrypted using an
* RSA private key; defined in PKCS #1. OID = 1.2.840.113549.1.1.4
*/
public static final ObjectIdentifier md5WithRSAEncryption_oid = new ObjectIdentifier(
md5WithRSAEncryption_data);
/**
* The proper one for sha1/rsa
*/
public static final ObjectIdentifier sha1WithRSAEncryption_oid = new ObjectIdentifier(
sha1WithRSAEncryption_data);
/**
* The proper one for sha256/rsa
*/
public static final ObjectIdentifier sha256WithRSAEncryption_oid = new ObjectIdentifier(
sha256WithRSAEncryption_data);
/**
* The proper one for sha512/rsa
*/
public static final ObjectIdentifier sha512WithRSAEncryption_oid = new ObjectIdentifier(
sha512WithRSAEncryption_data);
/**
* Identifies a signing algorithm where an SHA1 digest is encrypted using an
* RSA private key; defined in NIST OIW. OID = 1.3.14.3.2.29
*/
public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oid = new ObjectIdentifier(
sha1WithRSAEncryption_OIW_data);
/**
* Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA
* digest is signed using the Digital Signing Algorithm (DSA). This should
* not be used. OID = 1.3.14.3.2.13
*/
public static final ObjectIdentifier shaWithDSA_OIW_oid = new ObjectIdentifier(
shaWithDSA_OIW_data);
/**
* Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1
* digest is signed using the Digital Signing Algorithm (DSA). OID =
* 1.3.14.3.2.27
*/
public static final ObjectIdentifier sha1WithDSA_OIW_oid = new ObjectIdentifier(
sha1WithDSA_OIW_data);
/**
* Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1
* digest is signed using the Digital Signing Algorithm (DSA). OID =
* 1.2.840.10040.4.3
*/
public static final ObjectIdentifier sha1WithDSA_oid = new ObjectIdentifier(
dsaWithSHA1_PKIX_data);
/**
* Supported signing algorithms for a DSA key.
*/
public static final String[] DSA_SIGNING_ALGORITHMS = new String[] { "SHA1withDSA" };
/**
* Supported signing algorithms for a RSA key.
*/
public static final String[] RSA_SIGNING_ALGORITHMS = new String[] {
"SHA1withRSA", "SHA256withRSA", "SHA512withRSA", "MD5withRSA",
"MD2withRSA" };
public static final String[] EC_SIGNING_ALGORITHMS = new String[] {
"SHA1withEC", "SHA256withEC", "SHA384withEC", "SHA512withEC" };
/**
* All supported signing algorithms.
*/
public static final String[] ALL_SIGNING_ALGORITHMS = new String[] {
"SHA1withRSA", "MD5withRSA", "MD2withRSA", "SHA1withDSA",
"SHA256withRSA", "SHA512withRSA", "SHA1withEC", "SHA256withEC",
"SHA384withEC", "SHA512withEC" };
}