001: /*
002: * @(#)AlgorithmId.java 1.93 06/10/11
003: *
004: * Copyright 1990-2006 Sun Microsystems, Inc. All Rights Reserved.
005: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
006: *
007: * This program is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU General Public License version
009: * 2 only, as published by the Free Software Foundation.
010: *
011: * This program is distributed in the hope that it will be useful, but
012: * WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * General Public License version 2 for more details (a copy is
015: * included at /legal/license.txt).
016: *
017: * You should have received a copy of the GNU General Public License
018: * version 2 along with this work; if not, write to the Free Software
019: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA
021: *
022: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
023: * Clara, CA 95054 or visit www.sun.com if you need additional
024: * information or have any questions.
025: *
026: */
027:
028: package sun.security.x509;
029:
030: import java.io.*;
031: import java.security.*;
032: import java.util.Hashtable;
033: import java.util.Enumeration;
034:
035: import sun.security.util.*;
036:
037: /**
038: * This class identifies algorithms, such as cryptographic transforms, each
039: * of which may be associated with parameters. Instances of this base class
040: * are used when this runtime environment has no special knowledge of the
041: * algorithm type, and may also be used in other cases. Equivalence is
042: * defined according to OID and (where relevant) parameters.
043: *
044: * <P>Subclasses may be used, for example when when the algorithm ID has
045: * associated parameters which some code (e.g. code using public keys) needs
046: * to have parsed. Two examples of such algorithms are Diffie-Hellman key
047: * exchange, and the Digital Signature Standard Algorithm (DSS/DSA).
048: *
049: * <P>The OID constants defined in this class correspond to some widely
050: * used algorithms, for which conventional string names have been defined.
051: * This class is not a general repository for OIDs, or for such string names.
052: * Note that the mappings between algorithm IDs and algorithm names is
053: * not one-to-one.
054: *
055: * @version 1.84
056: *
057: * @author David Brownell
058: * @author Amit Kapoor
059: * @author Hemma Prafullchandra
060: */
061: public class AlgorithmId implements Serializable, DerEncoder {
062:
063: /** use serialVersionUID from JDK 1.1. for interoperability */
064: private static final long serialVersionUID = 7205873507486557157L;
065:
066: private static boolean initOidTable = false;
067: private static Hashtable oidTable;
068:
069: /**
070: * The object identitifer being used for this algorithm.
071: */
072: private ObjectIdentifier algid;
073:
074: // The (parsed) parameters
075: private AlgorithmParameters algParams;
076: private boolean constructedFromDer = true;
077:
078: /**
079: * Parameters for this algorithm. These are stored in unparsed
080: * DER-encoded form; subclasses can be made to automaticaly parse
081: * them so there is fast access to these parameters.
082: */
083: protected DerValue params;
084:
085: /**
086: * Returns one of the algorithm IDs most commonly associated
087: * with this algorithm name.
088: *
089: * @param algname the name being used
090: * @deprecated use the short get form of this method.
091: * @exception NoSuchAlgorithmException on error.
092: */
093: public static AlgorithmId getAlgorithmId(String algname)
094: throws NoSuchAlgorithmException {
095: return get(algname);
096: }
097:
098: public AlgorithmParameters getParameters() {
099: return this .algParams;
100: }
101:
102: /**
103: * Returns one of the algorithm IDs most commonly associated
104: * with this algorithm name.
105: *
106: * @param algname the name being used
107: * @exception NoSuchAlgorithmException on error.
108: */
109: public static AlgorithmId get(String algname)
110: throws NoSuchAlgorithmException {
111: ObjectIdentifier oid = null;
112: try {
113: oid = algOID(algname);
114: } catch (IOException ioe) {
115: throw new NoSuchAlgorithmException(
116: "Invalid ObjectIdentifier " + algname);
117: }
118:
119: if (oid == null)
120: throw new NoSuchAlgorithmException(
121: "unrecognized algorithm name: " + algname);
122:
123: return new AlgorithmId(oid);
124: }
125:
126: /**
127: * Returns one of the algorithm IDs most commonly associated
128: * with this algorithm parameters.
129: *
130: * @param algparams the associated algorithm parameters.
131: * @exception NoSuchAlgorithmException on error.
132: */
133: public static AlgorithmId get(AlgorithmParameters algparams)
134: throws NoSuchAlgorithmException {
135: ObjectIdentifier oid = null;
136: String algname = algparams.getAlgorithm();
137: try {
138: oid = algOID(algname);
139: } catch (IOException ioe) {
140: throw new NoSuchAlgorithmException(
141: "Invalid ObjectIdentifier " + algname);
142: }
143: if (oid == null) {
144: throw new NoSuchAlgorithmException(
145: "unrecognized algorithm name: " + algname);
146: }
147: return new AlgorithmId(oid, algparams);
148: }
149:
150: /**
151: * Parse (unmarshal) an ID from a DER sequence input value. This form
152: * parsing might be used when expanding a value which has already been
153: * partially unmarshaled as a set or sequence member.
154: *
155: * @exception IOException on error.
156: * @param val the input value, which contains the algid and, if
157: * there are any parameters, those parameters.
158: * @return an ID for the algorithm. If the system is configured
159: * appropriately, this may be an instance of a class
160: * with some kind of special support for this algorithm.
161: * In that case, you may "narrow" the type of the ID.
162: */
163: public static AlgorithmId parse(DerValue val) throws IOException {
164: if (val.tag != DerValue.tag_Sequence)
165: throw new IOException("algid parse error, not a sequence");
166:
167: /*
168: * Get the algorithm ID and any parameters.
169: */
170: ObjectIdentifier algid;
171: DerValue params;
172: DerInputStream in = val.toDerInputStream();
173:
174: algid = in.getOID();
175: if (in.available() == 0)
176: params = null;
177: else {
178: params = in.getDerValue();
179: if (params.tag == DerValue.tag_Null)
180: params = null;
181: }
182:
183: /*
184: * Figure out what class (if any) knows about this oid's
185: * parameters. Make one, and give it the data to decode.
186: */
187: AlgorithmId alg = new AlgorithmId(algid, params);
188: if (params != null)
189: alg.decodeParams();
190: return alg;
191: }
192:
193: /**
194: * Constructs a parameterless algorithm ID.
195: *
196: * @param oid the identifier for the algorithm
197: */
198: public AlgorithmId(ObjectIdentifier oid) {
199: algid = oid;
200: }
201:
202: /**
203: * Constructs an algorithm ID with algorithm parameters.
204: *
205: * @param oid the identifier for the algorithm.
206: * @param algparams the associated algorithm parameters.
207: */
208: public AlgorithmId(ObjectIdentifier oid,
209: AlgorithmParameters algparams) {
210: algid = oid;
211: algParams = algparams;
212: constructedFromDer = false;
213: }
214:
215: private AlgorithmId(ObjectIdentifier oid, DerValue params)
216: throws IOException {
217: this .algid = oid;
218: this .params = params;
219: if (this .params != null)
220: decodeParams();
221: }
222:
223: /**
224: * Constructs an algorithm ID which will be initialized
225: * separately, for example by deserialization.
226: * @deprecated use one of the other constructors.
227: */
228: public AlgorithmId() {
229: }
230:
231: protected void decodeParams() throws IOException {
232: try {
233: this .algParams = AlgorithmParameters.getInstance(this .algid
234: .toString());
235: } catch (NoSuchAlgorithmException e) {
236: /*
237: * This algorithm parameter type is not supported, so we cannot
238: * parse the parameters.
239: */
240: this .algParams = null;
241: return;
242: }
243: // Decode (parse) the parameters
244: this .algParams.init(this .params.toByteArray());
245: }
246:
247: /**
248: * Marshal a DER-encoded "AlgorithmID" sequence on the DER stream.
249: */
250: public final void encode(DerOutputStream out) throws IOException {
251: derEncode(out);
252: }
253:
254: /**
255: * DER encode this object onto an output stream.
256: * Implements the <code>DerEncoder</code> interface.
257: *
258: * @param out
259: * the output stream on which to write the DER encoding.
260: *
261: * @exception IOException on encoding error.
262: */
263: public void derEncode(OutputStream out) throws IOException {
264: DerOutputStream bytes = new DerOutputStream();
265: DerOutputStream tmp = new DerOutputStream();
266:
267: bytes.putOID(algid);
268: // Setup params from algParams since no DER encoding is given
269: if (constructedFromDer == false) {
270: if (algParams != null) {
271: params = new DerValue(algParams.getEncoded());
272: } else {
273: params = null;
274: }
275: }
276: if (params == null)
277: bytes.putNull();
278: else
279: bytes.putDerValue(params);
280: tmp.write(DerValue.tag_Sequence, bytes);
281: out.write(tmp.toByteArray());
282: }
283:
284: // FIXME: cleaning required
285: /**
286: * Returns the DER-encoded X.509 AlgorithmId as a byte array.
287: */
288: public final byte[] encode() throws IOException {
289: DerOutputStream out = new DerOutputStream();
290: DerOutputStream bytes = new DerOutputStream();
291:
292: bytes.putOID(algid);
293: if (params == null)
294: bytes.putNull();
295: else
296: bytes.putDerValue(params);
297: out.write(DerValue.tag_Sequence, bytes);
298: return out.toByteArray();
299: }
300:
301: /*
302: * Translates from some common algorithm names to the
303: * OID with which they're usually associated ... this mapping
304: * is the reverse of the one below, except in those cases
305: * where synonyms are supported or where a given algorithm
306: * is commonly associated with multiple OIDs.
307: *
308: * TODO: This method needs to be enhanced so that we can also pass the
309: * scope of the algorithm name to it, e.g., the algorithm name "DSA"
310: * may have a different OID when used as a "Signature" algorithm than when
311: * used as a "KeyPairGenerator" algorithm.
312: */
313: private static ObjectIdentifier algOID(String name)
314: throws IOException {
315: // See if algname is in printable OID ("dot-dot") notation
316: if (name.indexOf('.') != -1) {
317: if (name.startsWith("OID."))
318: return new ObjectIdentifier(name.substring("OID."
319: .length()));
320: else
321: return new ObjectIdentifier(name);
322: }
323:
324: // Digesting algorithms
325: if (name.equalsIgnoreCase("MD5"))
326: return AlgorithmId.MD5_oid;
327: if (name.equalsIgnoreCase("MD2"))
328: return AlgorithmId.MD2_oid;
329: if (name.equalsIgnoreCase("SHA")
330: || name.equalsIgnoreCase("SHA1")
331: || name.equalsIgnoreCase("SHA-1"))
332: return AlgorithmId.SHA_oid;
333:
334: // Various public key algorithms
335: if (name.equalsIgnoreCase("RSA"))
336: return AlgorithmId.RSAEncryption_oid;
337: if (name.equalsIgnoreCase("Diffie-Hellman")
338: || name.equalsIgnoreCase("DH"))
339: return AlgorithmId.DH_oid;
340: if (name.equalsIgnoreCase("DSA"))
341: return AlgorithmId.DSA_oid;
342:
343: // Common signature types
344: if (name.equalsIgnoreCase("MD5withRSA")
345: || name.equalsIgnoreCase("MD5/RSA"))
346: return AlgorithmId.md5WithRSAEncryption_oid;
347: if (name.equalsIgnoreCase("MD2withRSA")
348: || name.equalsIgnoreCase("MD2/RSA"))
349: return AlgorithmId.md2WithRSAEncryption_oid;
350: if (name.equalsIgnoreCase("SHAwithDSA")
351: || name.equalsIgnoreCase("SHA1withDSA")
352: || name.equalsIgnoreCase("SHA/DSA")
353: || name.equalsIgnoreCase("SHA1/DSA")
354: || name.equalsIgnoreCase("DSAWithSHA1"))
355: return AlgorithmId.sha1WithDSA_oid;
356: if (name.equalsIgnoreCase("SHA1WithRSA")
357: || name.equalsIgnoreCase("SHA1/RSA"))
358: return AlgorithmId.sha1WithRSAEncryption_oid;
359:
360: // See if any of the installed providers supply a mapping from
361: // the given algorithm name to an OID string
362: String oidString;
363: if (!initOidTable) {
364: Provider[] provs = Security.getProviders();
365: for (int i = 0; i < provs.length; i++) {
366: for (Enumeration enum_ = provs[i].keys(); enum_
367: .hasMoreElements();) {
368: String alias = (String) enum_.nextElement();
369: int index;
370: if (alias.toUpperCase().startsWith("ALG.ALIAS")
371: && (index = alias.toUpperCase().indexOf(
372: "OID.", 0)) != -1) {
373: index += "OID.".length();
374: if (index == alias.length()) {
375: // invalid alias entry
376: break;
377: }
378: if (oidTable == null)
379: oidTable = new Hashtable(11);
380: oidString = alias.substring(index);
381: String stdAlgName = provs[i].getProperty(alias)
382: .toUpperCase();
383: if (oidTable.get(stdAlgName) == null)
384: oidTable.put(stdAlgName,
385: new ObjectIdentifier(oidString));
386: }
387: }
388: }
389: initOidTable = true;
390: }
391:
392: return ((ObjectIdentifier) oidTable.get(name.toUpperCase()));
393: }
394:
395: /*
396: * For the inevitable cases where key or signature types are not
397: * configured in an environment which encounters such keys or
398: * signatures, we still attempt to provide user-friendly names
399: * for some of the most common algorithms. Subclasses can of
400: * course override getName().
401: *
402: * Wherever possible, the names are those defined by the IETF.
403: * Such names are noted below.
404: */
405: private String algName() {
406: // Common message digest algorithms
407:
408: if (algid.equals(AlgorithmId.MD5_oid))
409: return "MD5"; // RFC 1423
410: if (algid.equals(AlgorithmId.MD2_oid))
411: return "MD2"; // RFC 1423
412: if (algid.equals(AlgorithmId.SHA_oid))
413: return "SHA";
414:
415: // Common key types
416:
417: if (algid.equals(AlgorithmId.RSAEncryption_oid)
418: || algid.equals(AlgorithmId.RSA_oid))
419: return "RSA";
420: if (algid.equals(AlgorithmId.DH_oid)
421: || algid.equals(AlgorithmId.DH_PKIX_oid))
422: return "Diffie-Hellman";
423: if (algid.equals(AlgorithmId.DSA_oid)
424: || algid.equals(AlgorithmId.DSA_OIW_oid))
425: return "DSA";
426:
427: // Common signature types
428:
429: if (algid.equals(AlgorithmId.md5WithRSAEncryption_oid))
430: return "MD5withRSA";
431: if (algid.equals(AlgorithmId.md2WithRSAEncryption_oid))
432: return "MD2withRSA";
433: if (algid.equals(AlgorithmId.sha1WithDSA_oid)
434: || algid.equals(AlgorithmId.sha1WithDSA_OIW_oid)
435: || algid.equals(AlgorithmId.shaWithDSA_OIW_oid))
436: return "SHA1withDSA";
437: if (algid.equals(AlgorithmId.sha1WithRSAEncryption_oid)
438: || algid
439: .equals(AlgorithmId.sha1WithRSAEncryption_OIW_oid))
440: return "SHA1withRSA";
441:
442: // default returns a dot-notation ID
443: return algid.toString();
444: }
445:
446: /**
447: * Returns the ISO OID for this algorithm. This is usually converted
448: * to a string and used as part of an algorithm name, for example
449: * "OID.1.3.14.3.2.13" style notation. Use the <code>getName</code>
450: * call when you do not need to ensure cross-system portability
451: * of algorithm names, or need a user friendly name.
452: */
453: final public ObjectIdentifier getOID() {
454: return algid;
455: }
456:
457: /**
458: * Returns a name for the algorithm which may be more intelligible
459: * to humans than the algorithm's OID, but which won't necessarily
460: * be comprehensible on other systems. For example, this might
461: * return a name such as "MD5withRSA" for a signature algorithm on
462: * some systems. It also returns names like "OID.1.2.3.4", when
463: * no particular name for the algorithm is known.
464: */
465: public String getName() {
466: return algName();
467: }
468:
469: /**
470: * Returns a string describing the algorithm and its parameters.
471: */
472: public String toString() {
473: return (algName() + paramsToString());
474: }
475:
476: /**
477: * Returns the DER encoded parameter, which can then be
478: * used to initialize java.security.AlgorithmParamters.
479: *
480: * @return DER encoded parameters, or null not present.
481: */
482: public byte[] getEncodedParams() throws IOException {
483: if (params == null)
484: return null;
485: else
486: return params.toByteArray();
487: }
488:
489: /**
490: * Provides a human-readable description of the algorithm parameters.
491: * This may be redefined by subclasses which parse those parameters.
492: */
493: protected String paramsToString() {
494: if (params == null) {
495: return "";
496: } else if (algParams != null) {
497: return algParams.toString();
498: } else {
499: return ", params unparsed";
500: }
501: }
502:
503: /**
504: * Returns true iff the argument indicates the same algorithm
505: * with the same parameters.
506: */
507: public boolean equals(AlgorithmId other) {
508: if (!algid.equals(other.algid))
509: return false;
510: else if (params == null && other.params == null)
511: return true;
512: else if (params == null)
513: return false;
514: else
515: return params.equals(other.params);
516: }
517:
518: /**
519: * Compares this AlgorithmID to another. If algorithm parameters are
520: * available, they are compared. Otherwise, just the object IDs
521: * for the algorithm are compared.
522: *
523: * @param other preferably an AlgorithmId, else an ObjectIdentifier
524: */
525: public boolean equals(Object other) {
526: if (other instanceof AlgorithmId)
527: return equals((AlgorithmId) other);
528: else if (other instanceof ObjectIdentifier)
529: return equals((ObjectIdentifier) other);
530: else
531: return false;
532: }
533:
534: /**
535: * Compares two algorithm IDs for equality. Returns true iff
536: * they are the same algorithm, ignoring algorithm parameters.
537: */
538: public final boolean equals(ObjectIdentifier id) {
539: return algid.equals(id);
540: }
541:
542: /**
543: * Returns a hashcode for this AlgorithmId.
544: *
545: * @return a hashcode for this AlgorithmId.
546: */
547: public int hashCode() {
548: StringBuffer sbuf = new StringBuffer();
549: sbuf.append(algid.toString());
550: sbuf.append(paramsToString());
551: return sbuf.toString().hashCode();
552: }
553:
554: /*****************************************************************/
555:
556: /*
557: * HASHING ALGORITHMS
558: */
559: private static final int MD2_data[] = { 1, 2, 840, 113549, 2, 2 };
560: private static final int MD5_data[] = { 1, 2, 840, 113549, 2, 5 };
561: // sha = { 1, 3, 14, 3, 2, 18 };
562: private static final int SHA1_OIW_data[] = { 1, 3, 14, 3, 2, 26 };
563:
564: public static ObjectIdentifier MD2_oid;
565: public static ObjectIdentifier MD5_oid;
566: public static ObjectIdentifier SHA5_oid;
567: public static ObjectIdentifier SHA_oid;
568: public static ObjectIdentifier SHA1_OIW_oid;
569: public static ObjectIdentifier DH_oid;
570:
571: /*
572: * COMMON PUBLIC KEY TYPES
573: */
574: private static final int DH_data[] = { 1, 2, 840, 113549, 1, 3, 1 };
575: private static final int DH_PKIX_data[] = { 1, 2, 840, 10046, 2, 1 };
576: private static final int DSA_OIW_data[] = { 1, 3, 14, 3, 2, 12 };
577: private static final int DSA_PKIX_data[] = { 1, 2, 840, 10040, 4, 1 };
578: private static final int RSA_data[] = { 1, 2, 5, 8, 1, 1 };
579: private static final int RSAEncryption_data[] = { 1, 2, 840,
580: 113549, 1, 1, 1 };
581:
582: public static ObjectIdentifier DH_PKIX_oid;
583: public static ObjectIdentifier DSA_oid;;
584: public static ObjectIdentifier DSA_OIW_oid;;
585: public static ObjectIdentifier RSA_oid;;
586: public static ObjectIdentifier RSAEncryption_oid;
587:
588: /*
589: * COMMON SIGNATURE ALGORITHMS
590: */
591: private static final int md2WithRSAEncryption_data[] = { 1, 2, 840,
592: 113549, 1, 1, 2 };
593: private static final int md5WithRSAEncryption_data[] = { 1, 2, 840,
594: 113549, 1, 1, 4 };
595: private static final int sha1WithRSAEncryption_data[] = { 1, 2,
596: 840, 113549, 1, 1, 5 };
597: private static final int sha1WithRSAEncryption_OIW_data[] = { 1, 3,
598: 14, 3, 2, 29 };
599: private static final int shaWithDSA_OIW_data[] = { 1, 3, 14, 3, 2,
600: 13 };
601: private static final int sha1WithDSA_OIW_data[] = { 1, 3, 14, 3, 2,
602: 27 };
603: private static final int dsaWithSHA1_PKIX_data[] = { 1, 2, 840,
604: 10040, 4, 3 };
605:
606: public static ObjectIdentifier md2WithRSAEncryption_oid;
607: public static ObjectIdentifier md5WithRSAEncryption_oid;
608: public static ObjectIdentifier sha1WithRSAEncryption_oid;
609: public static ObjectIdentifier sha1WithRSAEncryption_OIW_oid;
610: public static ObjectIdentifier shaWithDSA_OIW_oid;
611: public static ObjectIdentifier sha1WithDSA_OIW_oid;
612: public static ObjectIdentifier sha1WithDSA_oid;
613:
614: static {
615: try {
616: /**
617: * Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319.
618: * OID = 1.2.840.113549.2.2
619: */
620: MD2_oid = new ObjectIdentifier(MD2_data);
621:
622: /**
623: * Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321.
624: * OID = 1.2.840.113549.2.5
625: */
626: MD5_oid = new ObjectIdentifier(MD5_data);
627:
628: /**
629: * Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1.
630: * This is sometimes called "SHA", though that is often confusing since
631: * many people refer to FIPS 180 (which has an error) as defining SHA.
632: * OID = 1.3.14.3.2.26
633: */
634: SHA_oid = new ObjectIdentifier(SHA1_OIW_data);
635:
636: /*
637: * Note the preferred OIDs are named simply with no "OIW" or
638: * "PKIX" in them, even though they may point to data from these
639: * specs; e.g. SHA_oid, DH_oid, DSA_oid, SHA1WithDSA_oid...
640: */
641: /**
642: * Algorithm ID for Diffie Hellman Key agreement, from PKCS #3.
643: * Parameters include public values P and G, and may optionally specify
644: * the length of the private key X. Alternatively, algorithm parameters
645: * may be derived from another source such as a Certificate Authority's
646: * certificate.
647: * OID = 1.2.840.113549.1.3.1
648: */
649: DH_oid = new ObjectIdentifier(DH_data);
650:
651: /**
652: * Algorithm ID for the Diffie Hellman Key Agreement (DH), from
653: * RFC 2459.
654: * Parameters may include public values P and G.
655: * OID = 1.2.840.10046.2.1
656: */
657: DH_PKIX_oid = new ObjectIdentifier(DH_PKIX_data);
658:
659: /**
660: * Algorithm ID for the Digital Signing Algorithm (DSA), from the
661: * NIST OIW Stable Agreements part 12.
662: * Parameters may include public values P, Q, and G; or these may be
663: * derived from
664: * another source such as a Certificate Authority's certificate.
665: * OID = 1.3.14.3.2.12
666: */
667: DSA_OIW_oid = new ObjectIdentifier(DSA_OIW_data);
668:
669: /**
670: * Algorithm ID for the Digital Signing Algorithm (DSA), from
671: * RFC 2459.
672: * Parameters may include public values P, Q, and G; or these may be
673: * derived from
674: * another source such as a Certificate Authority's certificate.
675: * OID = 1.2.840.10040.4.1
676: */
677: DSA_oid = new ObjectIdentifier(DSA_PKIX_data);
678:
679: /**
680: * Algorithm ID for RSA keys used for any purpose, as defined in X.509.
681: * The algorithm parameter is a single value, the number of bits in the
682: * public modulus.
683: * OID = 1.2.5.8.1.1
684: */
685: RSA_oid = new ObjectIdentifier(RSA_data);
686:
687: /**
688: * Algorithm ID for RSA keys used with RSA encryption, as defined
689: * in PKCS #1. There are no parameters associated with this algorithm.
690: * OID = 1.2.840.113549.1.1.1
691: */
692: RSAEncryption_oid = new ObjectIdentifier(RSAEncryption_data);
693:
694: /**
695: * Identifies a signing algorithm where an MD2 digest is encrypted
696: * using an RSA private key; defined in PKCS #1. Use of this
697: * signing algorithm is discouraged due to MD2 vulnerabilities.
698: * OID = 1.2.840.113549.1.1.2
699: */
700: md2WithRSAEncryption_oid = new ObjectIdentifier(
701: md2WithRSAEncryption_data);
702:
703: /**
704: * Identifies a signing algorithm where an MD5 digest is
705: * encrypted using an RSA private key; defined in PKCS #1.
706: * OID = 1.2.840.113549.1.1.4
707: */
708: md5WithRSAEncryption_oid = new ObjectIdentifier(
709: md5WithRSAEncryption_data);
710:
711: /**
712: * Identifies a signing algorithm where a SHA1 digest is
713: * encrypted using an RSA private key; defined by RSA DSI.
714: * OID = 1.2.840.113549.1.1.5
715: */
716: sha1WithRSAEncryption_oid = new ObjectIdentifier(
717: sha1WithRSAEncryption_data);
718:
719: /**
720: * Identifies a signing algorithm where a SHA1 digest is
721: * encrypted using an RSA private key; defined in NIST OIW.
722: * OID = 1.3.14.3.2.29
723: */
724: sha1WithRSAEncryption_OIW_oid = new ObjectIdentifier(
725: sha1WithRSAEncryption_OIW_data);
726:
727: /**
728: * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a
729: * SHA digest is signed using the Digital Signing Algorithm (DSA).
730: * This should not be used.
731: * OID = 1.3.14.3.2.13
732: */
733: shaWithDSA_OIW_oid = new ObjectIdentifier(
734: shaWithDSA_OIW_data);
735:
736: /**
737: * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a
738: * SHA1 digest is signed using the Digital Signing Algorithm (DSA).
739: * OID = 1.3.14.3.2.27
740: */
741: sha1WithDSA_OIW_oid = new ObjectIdentifier(
742: sha1WithDSA_OIW_data);
743:
744: /**
745: * Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a
746: * SHA1 digest is signed using the Digital Signing Algorithm (DSA).
747: * OID = 1.2.840.10040.4.3
748: */
749: sha1WithDSA_oid = new ObjectIdentifier(
750: dsaWithSHA1_PKIX_data);
751: } catch (IOException ioe) {
752: // should not happen
753: }
754: }
755: }
|