List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers sha256WithRSAEncryption
ASN1ObjectIdentifier sha256WithRSAEncryption
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers sha256WithRSAEncryption.
Click Source Link
From source file:org.xipki.commons.security.util.AlgorithmUtil.java
License:Open Source License
public static AlgorithmIdentifier getSigAlgId(final String sigAlgName) throws NoSuchAlgorithmException { ParamUtil.requireNonNull("sigAlgName", sigAlgName); String algoS = sigAlgName.toUpperCase(); if (algoS.indexOf('-') != -1 && algoS.indexOf("SHA3-") == -1) { algoS = algoS.replaceAll("-", ""); }/*from w w w . ja v a 2 s.co m*/ AlgorithmIdentifier signatureAlgId; if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA224withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA256withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA384withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA512withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA3-224withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA3-256withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA3-384withRSAandMGF1".equalsIgnoreCase(algoS) || "SHA3-512withRSAandMGF1".equalsIgnoreCase(algoS)) { HashAlgoType hashAlgo; if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA1; } else if ("SHA224withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA224; } else if ("SHA256withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA256; } else if ("SHA384withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA384; } else if ("SHA512withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA512; } else if ("SHA3-224withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA3_224; } else if ("SHA3-256withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA3_256; } else if ("SHA3-384withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA3_384; } else if ("SHA3-512withRSAandMGF1".equalsIgnoreCase(algoS)) { hashAlgo = HashAlgoType.SHA3_512; } else { throw new NoSuchAlgorithmException("should not reach here, unknown algorithm " + algoS); } signatureAlgId = buildRSAPSSAlgId(hashAlgo); } else { boolean withNullParam = false; ASN1ObjectIdentifier algOid; if ("SHA1withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA1".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha1WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; withNullParam = true; } else if ("SHA224withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA224".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha224WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha224WithRSAEncryption; withNullParam = true; } else if ("SHA256withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA256".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha256WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha256WithRSAEncryption; withNullParam = true; } else if ("SHA384withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA384".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha384WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha384WithRSAEncryption; withNullParam = true; } else if ("SHA512withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA512".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha512WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; withNullParam = true; } else if ("SHA512withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA512".equalsIgnoreCase(algoS) || PKCSObjectIdentifiers.sha512WithRSAEncryption.getId().equals(algoS)) { algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; withNullParam = true; } else if ("SHA3-224withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA3-224".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224; withNullParam = true; } else if ("SHA3-256withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA3-256".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256; withNullParam = true; } else if ("SHA3-384withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA3-384".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384; withNullParam = true; } else if ("SHA3-512withRSA".equalsIgnoreCase(algoS) || "RSAwithSHA3-512".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512; withNullParam = true; } else if ("SHA1withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA1".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA1.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA1; } else if ("SHA224withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA224".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA224.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA224; } else if ("SHA256withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA256".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA256.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA256; } else if ("SHA384withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA384".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA384.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA384; } else if ("SHA512withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA512".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.ecdsa_with_SHA512.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA512; } else if ("SHA3-224withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA3-224".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_ecdsa_with_sha3_224.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_ecdsa_with_sha3_224; } else if ("SHA3-256withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA3-256".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_ecdsa_with_sha3_256.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_ecdsa_with_sha3_256; } else if ("SHA3-384withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA3-384".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_ecdsa_with_sha3_384.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_ecdsa_with_sha3_384; } else if ("SHA3-512withECDSA".equalsIgnoreCase(algoS) || "ECDSAwithSHA3-512".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_ecdsa_with_sha3_512.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_ecdsa_with_sha3_512; } else if ("SHA1withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA1".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA1.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA1; } else if ("SHA224withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA224".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA224.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA224; } else if ("SHA256withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA256".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA256.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA256; } else if ("SHA384withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA384".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA384.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA384; } else if ("SHA512withPlainECDSA".equalsIgnoreCase(algoS) || "PlainECDSAwithSHA512".equalsIgnoreCase(algoS) || BSIObjectIdentifiers.ecdsa_plain_SHA512.getId().equals(algoS)) { algOid = BSIObjectIdentifiers.ecdsa_plain_SHA512; } else if ("SHA1withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA1".equalsIgnoreCase(algoS) || X9ObjectIdentifiers.id_dsa_with_sha1.getId().equals(algoS)) { algOid = X9ObjectIdentifiers.id_dsa_with_sha1; } else if ("SHA224withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA224".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha224.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha224; } else if ("SHA256withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA256".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha256.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha256; } else if ("SHA384withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA384".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha384.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha384; } else if ("SHA512withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA512".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.dsa_with_sha512.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.dsa_with_sha512; } else if ("SHA3-224withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA3-224".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_dsa_with_sha3_224.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_dsa_with_sha3_224; } else if ("SHA3-256withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA3-256".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_dsa_with_sha3_256.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_dsa_with_sha3_256; } else if ("SHA3-384withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA3-384".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_dsa_with_sha3_384.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_dsa_with_sha3_384; } else if ("SHA3-512withDSA".equalsIgnoreCase(algoS) || "DSAwithSHA3-512".equalsIgnoreCase(algoS) || NISTObjectIdentifiers.id_dsa_with_sha3_512.getId().equals(algoS)) { algOid = NISTObjectIdentifiers.id_dsa_with_sha3_512; } else { throw new NoSuchAlgorithmException("unsupported signature algorithm " + algoS); } signatureAlgId = withNullParam ? new AlgorithmIdentifier(algOid, DERNull.INSTANCE) : new AlgorithmIdentifier(algOid); } return signatureAlgId; }
From source file:org.xipki.commons.security.util.AlgorithmUtil.java
License:Open Source License
public static boolean isRSASigAlgId(final AlgorithmIdentifier algId) { ParamUtil.requireNonNull("algId", algId); ASN1ObjectIdentifier oid = algId.getAlgorithm(); if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(oid) || PKCSObjectIdentifiers.sha224WithRSAEncryption.equals(oid) || PKCSObjectIdentifiers.sha256WithRSAEncryption.equals(oid) || PKCSObjectIdentifiers.sha384WithRSAEncryption.equals(oid) || PKCSObjectIdentifiers.sha512WithRSAEncryption.equals(oid) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224.equals(oid) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256.equals(oid) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384.equals(oid) || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512.equals(oid) || PKCSObjectIdentifiers.id_RSASSA_PSS.equals(oid)) { return true; }/*from ww w. j av a 2 s.c o m*/ return false; }
From source file:org.xipki.commons.security.util.AlgorithmUtil.java
License:Open Source License
public static AlgorithmIdentifier getRSASigAlgId(final HashAlgoType hashAlgo, final boolean mgf1) throws NoSuchAlgorithmException { ParamUtil.requireNonNull("hashAlgo", hashAlgo); if (mgf1) {//from w w w . j a va2s . com return buildRSAPSSAlgId(hashAlgo); } ASN1ObjectIdentifier sigAlgOid; switch (hashAlgo) { case SHA1: sigAlgOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; break; case SHA224: sigAlgOid = PKCSObjectIdentifiers.sha224WithRSAEncryption; break; case SHA256: sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption; break; case SHA384: sigAlgOid = PKCSObjectIdentifiers.sha384WithRSAEncryption; break; case SHA512: sigAlgOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; break; case SHA3_224: sigAlgOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224; break; case SHA3_256: sigAlgOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256; break; case SHA3_384: sigAlgOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384; break; case SHA3_512: sigAlgOid = NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512; break; default: throw new RuntimeException("unknown HashAlgoType: " + hashAlgo); } return new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE); }
From source file:org.xipki.commons.security.util.AlgorithmUtil.java
License:Open Source License
public static AlgorithmIdentifier extractDigesetAlgId(final AlgorithmIdentifier sigAlgId) throws NoSuchAlgorithmException { ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm(); ASN1ObjectIdentifier digestAlgOid;/* w w w. jav a2s. c om*/ if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { ASN1Encodable asn1Encodable = sigAlgId.getParameters(); RSASSAPSSparams param = RSASSAPSSparams.getInstance(asn1Encodable); digestAlgOid = param.getHashAlgorithm().getAlgorithm(); } else { HashAlgoType digestAlg; if (X9ObjectIdentifiers.ecdsa_with_SHA1.equals(algOid)) { digestAlg = HashAlgoType.SHA1; } else if (X9ObjectIdentifiers.ecdsa_with_SHA224.equals(algOid)) { digestAlg = HashAlgoType.SHA224; } else if (X9ObjectIdentifiers.ecdsa_with_SHA256.equals(algOid)) { digestAlg = HashAlgoType.SHA256; } else if (X9ObjectIdentifiers.ecdsa_with_SHA384.equals(algOid)) { digestAlg = HashAlgoType.SHA384; } else if (X9ObjectIdentifiers.ecdsa_with_SHA512.equals(algOid)) { digestAlg = HashAlgoType.SHA512; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_224.equals(algOid)) { digestAlg = HashAlgoType.SHA3_224; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_256.equals(algOid)) { digestAlg = HashAlgoType.SHA3_256; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_384.equals(algOid)) { digestAlg = HashAlgoType.SHA3_384; } else if (NISTObjectIdentifiers.id_ecdsa_with_sha3_512.equals(algOid)) { digestAlg = HashAlgoType.SHA3_512; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA1.equals(algOid)) { digestAlg = HashAlgoType.SHA1; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA224.equals(algOid)) { digestAlg = HashAlgoType.SHA224; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA256.equals(algOid)) { digestAlg = HashAlgoType.SHA256; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA384.equals(algOid)) { digestAlg = HashAlgoType.SHA384; } else if (BSIObjectIdentifiers.ecdsa_plain_SHA512.equals(algOid)) { digestAlg = HashAlgoType.SHA512; } else if (X9ObjectIdentifiers.id_dsa_with_sha1.equals(algOid)) { digestAlg = HashAlgoType.SHA1; } else if (NISTObjectIdentifiers.dsa_with_sha224.equals(algOid)) { digestAlg = HashAlgoType.SHA224; } else if (NISTObjectIdentifiers.dsa_with_sha256.equals(algOid)) { digestAlg = HashAlgoType.SHA256; } else if (NISTObjectIdentifiers.dsa_with_sha384.equals(algOid)) { digestAlg = HashAlgoType.SHA384; } else if (NISTObjectIdentifiers.dsa_with_sha512.equals(algOid)) { digestAlg = HashAlgoType.SHA512; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_224.equals(algOid)) { digestAlg = HashAlgoType.SHA3_224; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_256.equals(algOid)) { digestAlg = HashAlgoType.SHA3_256; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_384.equals(algOid)) { digestAlg = HashAlgoType.SHA3_384; } else if (NISTObjectIdentifiers.id_dsa_with_sha3_512.equals(algOid)) { digestAlg = HashAlgoType.SHA3_512; } else if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(algOid)) { digestAlg = HashAlgoType.SHA1; } else if (PKCSObjectIdentifiers.sha224WithRSAEncryption.equals(algOid)) { digestAlg = HashAlgoType.SHA224; } else if (PKCSObjectIdentifiers.sha256WithRSAEncryption.equals(algOid)) { digestAlg = HashAlgoType.SHA256; } else if (PKCSObjectIdentifiers.sha384WithRSAEncryption.equals(algOid)) { digestAlg = HashAlgoType.SHA384; } else if (PKCSObjectIdentifiers.sha512WithRSAEncryption.equals(algOid)) { digestAlg = HashAlgoType.SHA512; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224.equals(algOid)) { digestAlg = HashAlgoType.SHA3_224; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256.equals(algOid)) { digestAlg = HashAlgoType.SHA3_256; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384.equals(algOid)) { digestAlg = HashAlgoType.SHA3_384; } else if (NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512.equals(algOid)) { digestAlg = HashAlgoType.SHA3_512; } else { throw new NoSuchAlgorithmException("unknown signature algorithm" + algOid.getId()); } digestAlgOid = digestAlg.getOid(); } return new AlgorithmIdentifier(digestAlgOid, DERNull.INSTANCE); }
From source file:org.xipki.ocsp.client.api.RequestOptions.java
License:Open Source License
private static AlgorithmIdentifier createAlgId(final String algoName) { ASN1ObjectIdentifier algOid = null;// w w w .j a v a2 s . c o m if ("SHA1withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; } else if ("SHA256withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha256WithRSAEncryption; } else if ("SHA384withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha384WithRSAEncryption; } else if ("SHA512withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; } else if ("SHA1withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA1; } else if ("SHA256withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA256; } else if ("SHA384withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA384; } else if ("SHA512withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA512; } else if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA256withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA384withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.id_RSASSA_PSS; } else { throw new RuntimeException("Unsupported algorithm " + algoName); // should not happen } ASN1Encodable params; if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { ASN1ObjectIdentifier digestAlgOid = null; if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if ("SHA256withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if ("SHA384withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else // if("SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha512; } params = createPSSRSAParams(digestAlgOid); } else { params = DERNull.INSTANCE; } return new AlgorithmIdentifier(algOid, params); }
From source file:org.xipki.pki.ocsp.client.api.RequestOptions.java
License:Open Source License
private static AlgorithmIdentifier createAlgId(final String algoName) { ASN1ObjectIdentifier algOid = null;/*from w w w. ja v a2 s. co m*/ if ("SHA1withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; } else if ("SHA256withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha256WithRSAEncryption; } else if ("SHA384withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha384WithRSAEncryption; } else if ("SHA512withRSA".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption; } else if ("SHA1withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA1; } else if ("SHA256withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA256; } else if ("SHA384withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA384; } else if ("SHA512withECDSA".equalsIgnoreCase(algoName)) { algOid = X9ObjectIdentifiers.ecdsa_with_SHA512; } else if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA256withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA384withRSAandMGF1".equalsIgnoreCase(algoName) || "SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) { algOid = PKCSObjectIdentifiers.id_RSASSA_PSS; } else { throw new RuntimeException("Unsupported algorithm " + algoName); // should not happen } ASN1Encodable params; if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { ASN1ObjectIdentifier digestAlgOid = null; if ("SHA1withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if ("SHA256withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if ("SHA384withRSAandMGF1".equalsIgnoreCase(algoName)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else { // if ("SHA512withRSAandMGF1".equalsIgnoreCase(algoName)) digestAlgOid = NISTObjectIdentifiers.id_sha512; } params = createPSSRSAParams(digestAlgOid); } else { params = DERNull.INSTANCE; } return new AlgorithmIdentifier(algOid, params); }
From source file:org.xipki.pki.scep.util.ScepUtil.java
License:Open Source License
public static ASN1ObjectIdentifier extractDigesetAlgorithmIdentifier(final String sigOid, final byte[] sigParams) throws NoSuchAlgorithmException { ParamUtil.requireNonBlank("sigOid", sigOid); ASN1ObjectIdentifier algOid = new ASN1ObjectIdentifier(sigOid); ASN1ObjectIdentifier digestAlgOid;/*from w ww .java2 s . c o m*/ if (PKCSObjectIdentifiers.md5WithRSAEncryption.equals(algOid)) { digestAlgOid = PKCSObjectIdentifiers.md5; } else if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(algOid)) { digestAlgOid = X509ObjectIdentifiers.id_SHA1; } else if (PKCSObjectIdentifiers.sha224WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha224; } else if (PKCSObjectIdentifiers.sha256WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha256; } else if (PKCSObjectIdentifiers.sha384WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha384; } else if (PKCSObjectIdentifiers.sha512WithRSAEncryption.equals(algOid)) { digestAlgOid = NISTObjectIdentifiers.id_sha512; } else if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigParams); digestAlgOid = param.getHashAlgorithm().getAlgorithm(); } else { throw new NoSuchAlgorithmException("unknown signature algorithm" + algOid.getId()); } return digestAlgOid; }
From source file:org.xipki.security.p11.iaik.IaikP11Slot.java
License:Open Source License
@Override public P11KeypairGenerationResult generateRSAKeypairAndCert(final int keySize, final BigInteger publicExponent, final String label, final String subject, final Integer keyUsage, final List<ASN1ObjectIdentifier> extendedKeyusage) throws Exception { ParamChecker.assertNotBlank("label", label); if (keySize < 1024) { throw new IllegalArgumentException("keysize not allowed: " + keySize); }/*from w w w. j ava 2s . c o m*/ if (keySize % 1024 != 0) { throw new IllegalArgumentException("key size is not multiple of 1024: " + keySize); } Session session = borrowWritableSession(); try { if (IaikP11Util.labelExists(session, label)) { throw new IllegalArgumentException("label " + label + " exists, please specify another one"); } byte[] id = IaikP11Util.generateKeyID(session); PrivateKeyAndPKInfo privateKeyAndPKInfo = generateRSAKeyPair(session, keySize, publicExponent, id, label); AlgorithmIdentifier signatureAlgId = new AlgorithmIdentifier( PKCSObjectIdentifiers.sha256WithRSAEncryption, DERNull.INSTANCE); X509CertificateHolder certificate = generateCertificate(session, id, label, subject, signatureAlgId, privateKeyAndPKInfo, keyUsage, extendedKeyusage); return new P11KeypairGenerationResult(id, label, certificate); } finally { returnWritableSession(session); } }
From source file:org.xipki.security.p11.iaik.IaikP11Slot.java
License:Open Source License
private X509CertificateHolder generateCertificate(final Session session, final byte[] id, final String label, final String subject, final AlgorithmIdentifier signatureAlgId, final PrivateKeyAndPKInfo privateKeyAndPkInfo, Integer keyUsage, List<ASN1ObjectIdentifier> extendedKeyUsage) throws Exception { BigInteger serialNumber = BigInteger.ONE; Date startDate = new Date(); Date endDate = new Date(startDate.getTime() + 20 * YEAR); X500Name x500Name_subject = new X500Name(subject); x500Name_subject = X509Util.sortX509Name(x500Name_subject); V3TBSCertificateGenerator tbsGen = new V3TBSCertificateGenerator(); tbsGen.setSerialNumber(new ASN1Integer(serialNumber)); tbsGen.setSignature(signatureAlgId); tbsGen.setIssuer(x500Name_subject); tbsGen.setStartDate(new Time(startDate)); tbsGen.setEndDate(new Time(endDate)); tbsGen.setSubject(x500Name_subject); tbsGen.setSubjectPublicKeyInfo(privateKeyAndPkInfo.getPublicKeyInfo()); List<Extension> extensions = new ArrayList<>(2); if (keyUsage == null) { keyUsage = KeyUsage.keyCertSign | KeyUsage.cRLSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment; }//from w w w . j av a2 s. co m extensions.add(new Extension(Extension.keyUsage, true, new DEROctetString(new KeyUsage(keyUsage)))); if (CollectionUtil.isNotEmpty(extendedKeyUsage)) { KeyPurposeId[] kps = new KeyPurposeId[extendedKeyUsage.size()]; int i = 0; for (ASN1ObjectIdentifier oid : extendedKeyUsage) { kps[i++] = KeyPurposeId.getInstance(oid); } extensions.add(new Extension(Extension.extendedKeyUsage, false, new DEROctetString(new ExtendedKeyUsage(kps)))); } Extensions paramX509Extensions = new Extensions(extensions.toArray(new Extension[0])); tbsGen.setExtensions(paramX509Extensions); TBSCertificate tbsCertificate = tbsGen.generateTBSCertificate(); byte[] encodedTbsCertificate = tbsCertificate.getEncoded(); byte[] signature = null; Digest digest = null; Mechanism sigMechanism = null; ASN1ObjectIdentifier sigAlgID = signatureAlgId.getAlgorithm(); if (sigAlgID.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption)) { sigMechanism = Mechanism.get(PKCS11Constants.CKM_SHA256_RSA_PKCS); session.signInit(sigMechanism, privateKeyAndPkInfo.getPrivateKey()); signature = session.sign(encodedTbsCertificate); } else if (sigAlgID.equals(NISTObjectIdentifiers.dsa_with_sha256)) { digest = new SHA256Digest(); byte[] digestValue = new byte[digest.getDigestSize()]; digest.update(encodedTbsCertificate, 0, encodedTbsCertificate.length); digest.doFinal(digestValue, 0); session.signInit(Mechanism.get(PKCS11Constants.CKM_DSA), privateKeyAndPkInfo.getPrivateKey()); byte[] rawSignature = session.sign(digestValue); signature = convertToX962Signature(rawSignature); } else { if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA1)) { digest = new SHA1Digest(); } else if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA256)) { digest = new SHA256Digest(); } else if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA384)) { digest = new SHA384Digest(); } else if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA512)) { digest = new SHA512Digest(); } else { System.err.println("unknown algorithm ID: " + sigAlgID.getId()); return null; } byte[] digestValue = new byte[digest.getDigestSize()]; digest.update(encodedTbsCertificate, 0, encodedTbsCertificate.length); digest.doFinal(digestValue, 0); session.signInit(Mechanism.get(PKCS11Constants.CKM_ECDSA), privateKeyAndPkInfo.getPrivateKey()); byte[] rawSignature = session.sign(digestValue); signature = convertToX962Signature(rawSignature); } // build DER certificate ASN1EncodableVector v = new ASN1EncodableVector(); v.add(tbsCertificate); v.add(signatureAlgId); v.add(new DERBitString(signature)); DERSequence cert = new DERSequence(v); // build and store PKCS#11 certificate object X509PublicKeyCertificate certTemp = new X509PublicKeyCertificate(); certTemp.getToken().setBooleanValue(true); certTemp.getId().setByteArrayValue(id); certTemp.getLabel().setCharArrayValue(label.toCharArray()); certTemp.getSubject().setByteArrayValue(x500Name_subject.getEncoded()); certTemp.getIssuer().setByteArrayValue(x500Name_subject.getEncoded()); certTemp.getSerialNumber().setByteArrayValue(serialNumber.toByteArray()); certTemp.getValue().setByteArrayValue(cert.getEncoded()); session.createObject(certTemp); return new X509CertificateHolder(Certificate.getInstance(cert)); }
From source file:org.xipki.security.test.Pkcs12_SHA256withRSA_Test.java
License:Open Source License
@Override protected ASN1ObjectIdentifier getSignatureAlgorithm() { return PKCSObjectIdentifiers.sha256WithRSAEncryption; }