List of usage examples for org.bouncycastle.asn1.nist NISTObjectIdentifiers id_sha512
ASN1ObjectIdentifier id_sha512
To view the source code for org.bouncycastle.asn1.nist NISTObjectIdentifiers id_sha512.
Click Source Link
From source file:org.xipki.common.util.AlgorithmUtil.java
License:Open Source License
static public AlgorithmIdentifier getSignatureAlgoId(final String signatureAlgoName) throws NoSuchAlgorithmException { String algoS = signatureAlgoName.replaceAll("-", ""); AlgorithmIdentifier signatureAlgId;/* ww w . j ava 2s. co m*/ if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA224withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA256withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA384withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA512withRSAandMGF1".equalsIgnoreCase(algoS)) { ASN1ObjectIdentifier hashAlgo; if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = X509ObjectIdentifiers.id_SHA1; } else if ("SHA224withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = NISTObjectIdentifiers.id_sha224; } else if ("SHA256withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = NISTObjectIdentifiers.id_sha256; } else if ("SHA384withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = NISTObjectIdentifiers.id_sha384; } else if ("SHA512withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = NISTObjectIdentifiers.id_sha512; } else { throw new NoSuchAlgorithmException("should not reach here, unknown algorithm " + algoS); } signatureAlgId = AlgorithmUtil.buildRSAPSSAlgorithmIdentifier(hashAlgo); } else { boolean withNullParam = false; ASN1ObjectIdentifier algOid; if ("SHA1withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA1".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha1WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; withNullParam = true; } else if ("SHA224withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA224".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha224WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha224WithRSAEncryption; withNullParam = true; } else if ("SHA256withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA256".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha256WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha256WithRSAEncryption; withNullParam = true; } else if ("SHA384withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA384".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha384WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha384WithRSAEncryption; withNullParam = true; } else if ("SHA512withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA512".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha512WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; withNullParam = true; } else if ("SHA1withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA1".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA1.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA1; } else if ("SHA224withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA224".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA224.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA224; } else if ("SHA256withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA256".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA256.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA256; } else if ("SHA384withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA384".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA384.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA384; } else if ("SHA512withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA512".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA512.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA512; } else if ("SHA1withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA1".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA1.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA1; } else if ("SHA224withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA224".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA224.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA224; } else if ("SHA256withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA256".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA256.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA256; } else if ("SHA384withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA384".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA384.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA384; } else if ("SHA512withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA512".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA512.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA512; } else if ("SHA1withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA1".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.id_dsa_with_sha1.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.id_dsa_with_sha1; } else if ("SHA224withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA224".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha224.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha224; } else if ("SHA256withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA256".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha256.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha256; } else if ("SHA384withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA384".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha384.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha384; } else if ("SHA512withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA512".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha512.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha512; } else { throw new NoSuchAlgorithmException("unsupported signature algorithm " + algoS); } signatureAlgId = withNullParam ? new AlgorithmIdentifier(algOid, DERNull.INSTANCE) : new AlgorithmIdentifier(algOid); } return signatureAlgId; }
From source file:org.xipki.common.util.AlgorithmUtil.java
License:Open Source License
static public AlgorithmIdentifier extractDigesetAlgorithmIdentifier(final AlgorithmIdentifier sigAlgId) throws NoSuchAlgorithmException { ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm(); ASN1ObjectIdentifier digestAlgOid;/*from w w w . jav a2 s. c o m*/ if (X9ObjectIdentifiers.ecdsa_with_SHA1.equals(algOid)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if (X9ObjectIdentifiers.ecdsa_with_SHA224.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha224; } else if (X9ObjectIdentifiers.ecdsa_with_SHA256.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if (X9ObjectIdentifiers.ecdsa_with_SHA384.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else if (X9ObjectIdentifiers.ecdsa_with_SHA512.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha512; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA1.equals(algOid)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA224.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha224; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA256.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA384.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA512.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha512; } else if (X9ObjectIdentifiers.id_dsa_with_sha1.equals(algOid)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if (NISTObjectIdentifiers.dsa_with_sha224.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha224; } else if (NISTObjectIdentifiers.dsa_with_sha256.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if (NISTObjectIdentifiers.dsa_with_sha384.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else if (NISTObjectIdentifiers.dsa_with_sha512.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha512; } else if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(algOid)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if (PKCSObjectIdentifiers.sha224WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha224; } else if (PKCSObjectIdentifiers.sha256WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if (PKCSObjectIdentifiers.sha384WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else if (PKCSObjectIdentifiers.sha512WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha512; } else if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { ASN1Encodable asn1Encodable = sigAlgId.getParameters(); RSASSAPSSparams param = RSASSAPSSparams.getInstance(asn1Encodable); digestAlgOid = param.getHashAlgorithm().getAlgorithm(); } else { throw new NoSuchAlgorithmException("unknown signature algorithm" + algOid.getId()); } return new AlgorithmIdentifier(digestAlgOid, DERNull.INSTANCE); }
From source file:org.xipki.common.util.AlgorithmUtil.java
License:Open Source License
static public AlgorithmIdentifier buildDSASigAlgorithmIdentifier(final AlgorithmIdentifier digAlgId) throws NoSuchAlgorithmException { ASN1ObjectIdentifier digAlgOid = digAlgId.getAlgorithm(); ASN1ObjectIdentifier sid;//from www. ja v a 2 s .c o m if (X509ObjectIdentifiers.id_SHA1.equals(digAlgOid)) { sid = X9ObjectIdentifiers.id_dsa_with_sha1; } else if (NISTObjectIdentifiers.id_sha224.equals(digAlgOid)) { sid = NISTObjectIdentifiers.dsa_with_sha224; } else if (NISTObjectIdentifiers.id_sha256.equals(digAlgOid)) { sid = NISTObjectIdentifiers.dsa_with_sha256; } else if (NISTObjectIdentifiers.id_sha384.equals(digAlgOid)) { sid = NISTObjectIdentifiers.dsa_with_sha384; } else if (NISTObjectIdentifiers.id_sha512.equals(digAlgOid)) { sid = NISTObjectIdentifiers.dsa_with_sha512; } else { throw new NoSuchAlgorithmException( "no signature algorithm for DSA with digest algorithm " + digAlgOid.getId()); } return new AlgorithmIdentifier(sid); }
From source file:org.xipki.common.util.AlgorithmUtil.java
License:Open Source License
static public RSASSAPSSparams createPSSRSAParams(final ASN1ObjectIdentifier digestAlgOID) throws NoSuchAlgorithmException { int saltSize; if (X509ObjectIdentifiers.id_SHA1.equals(digestAlgOID)) { saltSize = 20;/*from w w w . j a v a2 s.c o m*/ } else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) { saltSize = 28; } else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) { saltSize = 32; } else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) { saltSize = 48; } else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) { saltSize = 64; } else { throw new NoSuchAlgorithmException("unknown digest algorithm " + digestAlgOID); } AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(digestAlgOID, DERNull.INSTANCE); return new RSASSAPSSparams(digAlgId, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, digAlgId), new ASN1Integer(saltSize), RSASSAPSSparams.DEFAULT_TRAILER_FIELD); }
From source file:org.xipki.commons.security.util.AlgorithmUtil.java
License:Open Source License
public static String getSignatureAlgoName(final AlgorithmIdentifier sigAlgId) throws NoSuchAlgorithmException { ParamUtil.requireNonNull("sigAlgId", sigAlgId); ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm(); if (X9ObjectIdentifiers.ecdsa_with_SHA1.equals(algOid)) { return "SHA1withECDSA"; } else if (X9ObjectIdentifiers.ecdsa_with_SHA224.equals(algOid)) { return "SHA224withECDSA"; } else if (X9ObjectIdentifiers.ecdsa_with_SHA256.equals(algOid)) { return "SHA256withECDSA"; } else if (X9ObjectIdentifiers.ecdsa_with_SHA384.equals(algOid)) { return "SHA384withECDSA"; } else if (X9ObjectIdentifiers.ecdsa_with_SHA512.equals(algOid)) { return "SHA512withECDSA"; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_224.equals(algOid)) { return "SHA3-224withECDSA"; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_256.equals(algOid)) { return "SHA3-256withECDSA"; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_384.equals(algOid)) { return "SHA3-384withECDSA"; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_512.equals(algOid)) { return "SHA3-512withECDSA"; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA1.equals(algOid)) { return "SHA1withPLAIN-ECDSA"; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA224.equals(algOid)) { return "SHA224withPLAIN-ECDSA"; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA256.equals(algOid)) { return "SHA256withPLAIN-ECDSA"; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA384.equals(algOid)) { return "SHA384withPLAIN-ECDSA"; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA512.equals(algOid)) { return "SHA512withPLAIN-ECDSA"; } else if (X9ObjectIdentifiers.id_dsa_with_sha1.equals(algOid)) { return "SHA1withDSA"; } else if (X9ObjectIdentifiers.id_dsa_with_sha1.equals(algOid)) { return "SHA1withDSA"; } else if (NISTObjectIdentifiers.dsa_with_sha224.equals(algOid)) { return "SHA224withDSA"; } else if (NISTObjectIdentifiers.dsa_with_sha256.equals(algOid)) { return "SHA256withDSA"; } else if (NISTObjectIdentifiers.dsa_with_sha384.equals(algOid)) { return "SHA384withDSA"; } else if (NISTObjectIdentifiers.dsa_with_sha512.equals(algOid)) { return "SHA512withDSA"; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_224.equals(algOid)) { return "SHA3-224withDSA"; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_256.equals(algOid)) { return "SHA3-256withDSA"; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_384.equals(algOid)) { return "SHA3-384withDSA"; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_512.equals(algOid)) { return "SHA3-512withDSA"; } else if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(algOid)) { return "SHA1withRSA"; } else if (PKCSObjectIdentifiers.sha224WithRSAEncryption.equals(algOid)) { return "SHA224withRSA"; } else if (PKCSObjectIdentifiers.sha256WithRSAEncryption.equals(algOid)) { return "SHA256withRSA"; } else if (PKCSObjectIdentifiers.sha384WithRSAEncryption.equals(algOid)) { return "SHA384withRSA"; } else if (PKCSObjectIdentifiers.sha512WithRSAEncryption.equals(algOid)) { return "SHA512withRSA"; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224.equals(algOid)) { return "SHA3-224withRSA"; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256.equals(algOid)) { return "SHA3-256withRSA"; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384.equals(algOid)) { return "SHA3-384withRSA"; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512.equals(algOid)) { return "SHA3-512withRSA"; } else if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters()); ASN1ObjectIdentifier digestAlgOid = param.getHashAlgorithm().getAlgorithm(); if (X509ObjectIdentifiers.id_SHA1.equals(digestAlgOid)) { return "SHA1withRSAandMGF1"; } else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOid)) { return "SHA256withRSAandMGF1"; } else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOid)) { return "SHA384withRSAandMGF1"; } else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOid)) { return "SHA512withRSAandMGF1"; } else if (NISTObjectIdentifiers.id_sha3_224.equals(digestAlgOid)) { return "SHA3-224withRSAandMGF1"; } else if (NISTObjectIdentifiers.id_sha3_256.equals(digestAlgOid)) { return "SHA3-256withRSAandMGF1"; } else if (NISTObjectIdentifiers.id_sha3_384.equals(digestAlgOid)) { return "SHA3-384withRSAandMGF1"; } else if (NISTObjectIdentifiers.id_sha3_512.equals(digestAlgOid)) { return "SHA3-512withRSAandMGF1"; } else {// w w w. j a v a 2s . c o m throw new NoSuchAlgorithmException("unsupported digest algorithm " + digestAlgOid.getId()); } } else { throw new NoSuchAlgorithmException("unsupported signature algorithm " + algOid.getId()); } }
From source file:org.xipki.ocsp.client.api.RequestOptions.java
License:Open Source License
private static AlgorithmIdentifier createAlgId(final String algoName) { ASN1ObjectIdentifier algOid = null;/*from ww w .j av a 2 s. co m*/ if ("SHA1withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; } else if ("SHA256withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha256WithRSAEncryption; } else if ("SHA384withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha384WithRSAEncryption; } else if ("SHA512withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; } else if ("SHA1withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA1; } else if ("SHA256withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA256; } else if ("SHA384withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA384; } else if ("SHA512withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA512; } else if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA256withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA384withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.id_RSASSA_PSS; } else { throw new RuntimeException("Unsupported algorithm " + algoName); // should not happen } ASN1Encodable params; if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { ASN1ObjectIdentifier digestAlgOid = null; if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if ("SHA256withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if ("SHA384withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else // if("SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha512; } params = createPSSRSAParams(digestAlgOid); } else { params = DERNull.INSTANCE; } return new AlgorithmIdentifier(algOid, params); }
From source file:org.xipki.ocsp.client.api.RequestOptions.java
License:Open Source License
static public RSASSAPSSparams createPSSRSAParams(final ASN1ObjectIdentifier digestAlgOID) { int saltSize; if (X509ObjectIdentifiers.id_SHA1.equals(digestAlgOID)) { saltSize = 20;/* ww w. j a v a2 s . c o m*/ } else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) { saltSize = 28; } else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) { saltSize = 32; } else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) { saltSize = 48; } else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) { saltSize = 64; } else { throw new RuntimeException("unknown digest algorithm " + digestAlgOID); } AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(digestAlgOID, DERNull.INSTANCE); return new RSASSAPSSparams(digAlgId, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, digAlgId), new ASN1Integer(saltSize), RSASSAPSSparams.DEFAULT_TRAILER_FIELD); }
From source file:org.xipki.ocsp.client.impl.AbstractOCSPRequestor.java
License:Open Source License
private OCSPReq buildRequest(final X509Certificate caCert, final BigInteger[] serialNumbers, final byte[] nonce, final RequestOptions requestOptions) throws OCSPRequestorException { ASN1ObjectIdentifier hashAlgId = requestOptions.getHashAlgorithmId(); List<AlgorithmIdentifier> prefSigAlgs = requestOptions.getPreferredSignatureAlgorithms(); DigestCalculator digestCalculator;//from w w w.j a va 2s.co m if (NISTObjectIdentifiers.id_sha224.equals(hashAlgId)) { digestCalculator = new SHA224DigestCalculator(); } else if (NISTObjectIdentifiers.id_sha256.equals(hashAlgId)) { digestCalculator = new SHA256DigestCalculator(); } else if (NISTObjectIdentifiers.id_sha384.equals(hashAlgId)) { digestCalculator = new SHA384DigestCalculator(); } else if (NISTObjectIdentifiers.id_sha512.equals(hashAlgId)) { digestCalculator = new SHA512DigestCalculator(); } else { digestCalculator = new SHA1DigestCalculator(); } OCSPReqBuilder reqBuilder = new OCSPReqBuilder(); List<Extension> extensions = new LinkedList<>(); if (nonce != null) { Extension extn = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(nonce)); extensions.add(extn); } if (prefSigAlgs != null && prefSigAlgs.size() > 0) { ASN1EncodableVector v = new ASN1EncodableVector(); for (AlgorithmIdentifier algId : prefSigAlgs) { ASN1Sequence prefSigAlgObj = new DERSequence(algId); v.add(prefSigAlgObj); } ASN1Sequence extnValue = new DERSequence(v); Extension extn; try { extn = new Extension(id_pkix_ocsp_prefSigAlgs, false, new DEROctetString(extnValue)); } catch (IOException e) { throw new OCSPRequestorException(e.getMessage(), e); } extensions.add(extn); } if (CollectionUtil.isNotEmpty(extensions)) { reqBuilder.setRequestExtensions(new Extensions(extensions.toArray(new Extension[0]))); } try { for (BigInteger serialNumber : serialNumbers) { CertificateID certID = new CertificateID(digestCalculator, new X509CertificateHolder(caCert.getEncoded()), serialNumber); reqBuilder.addRequest(certID); } if (requestOptions.isSignRequest()) { synchronized (signerLock) { if (signer == null) { if (StringUtil.isBlank(signerType)) { throw new OCSPRequestorException("signerType is not configured"); } if (StringUtil.isBlank(signerConf)) { throw new OCSPRequestorException("signerConf is not configured"); } X509Certificate cert = null; if (StringUtil.isNotBlank(signerCertFile)) { try { cert = X509Util.parseCert(signerCertFile); } catch (CertificateException e) { throw new OCSPRequestorException( "could not parse certificate " + signerCertFile + ": " + e.getMessage()); } } try { signer = getSecurityFactory().createSigner(signerType, signerConf, cert); } catch (Exception e) { throw new OCSPRequestorException("could not create signer: " + e.getMessage()); } } } ContentSigner singleSigner; try { singleSigner = signer.borrowContentSigner(); } catch (NoIdleSignerException e) { throw new OCSPRequestorException("NoIdleSignerException: " + e.getMessage()); } reqBuilder.setRequestorName(signer.getCertificateAsBCObject().getSubject()); try { return reqBuilder.build(singleSigner, signer.getCertificateChainAsBCObjects()); } finally { signer.returnContentSigner(singleSigner); } } else { return reqBuilder.build(); } } catch (OCSPException | CertificateEncodingException | IOException e) { throw new OCSPRequestorException(e.getMessage(), e); } }
From source file:org.xipki.ocsp.client.impl.SHA512DigestCalculator.java
License:Open Source License
@Override protected ASN1ObjectIdentifier getObjectIdentifier() { return NISTObjectIdentifiers.id_sha512; }
From source file:org.xipki.pki.ocsp.client.api.RequestOptions.java
License:Open Source License
private static AlgorithmIdentifier createAlgId(final String algoName) { ASN1ObjectIdentifier algOid = null;/* w w w . j a va2s. co m*/ if ("SHA1withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; } else if ("SHA256withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha256WithRSAEncryption; } else if ("SHA384withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha384WithRSAEncryption; } else if ("SHA512withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; } else if ("SHA1withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA1; } else if ("SHA256withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA256; } else if ("SHA384withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA384; } else if ("SHA512withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA512; } else if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA256withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA384withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.id_RSASSA_PSS; } else { throw new RuntimeException("Unsupported algorithm " + algoName); // should not happen } ASN1Encodable params; if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { ASN1ObjectIdentifier digestAlgOid = null; if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if ("SHA256withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if ("SHA384withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else { // if ("SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) digestAlgOid = NISTObjectIdentifiers.id_sha512; } params = createPSSRSAParams(digestAlgOid); } else { params = DERNull.INSTANCE; } return new AlgorithmIdentifier(algOid, params); }