PKCS10CertificationRequest.java revision c37f4a04ef89e73a39a59f3c5a179af8c8ab5974
1b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampackage org.bouncycastle.jce; 2b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 3c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.ASN1Encodable; 4b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.ASN1InputStream; 5c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.ASN1Object; 6b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.ASN1Sequence; 7b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.ASN1Set; 8b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.DERBitString; 9c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.DEREncodable; 10c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.DERInteger; 11c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.DERNull; 12b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.DERObjectIdentifier; 13b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; 14c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.nist.NISTObjectIdentifiers; 15b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; 16b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.pkcs.CertificationRequest; 17b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.pkcs.CertificationRequestInfo; 18c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 19c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.pkcs.RSASSAPSSparams; 20c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; 21b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.AlgorithmIdentifier; 22b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; 23b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.X509Name; 24b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x9.X9ObjectIdentifiers; 25b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.util.Strings; 26b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 27c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport javax.security.auth.x500.X500Principal; 28c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.io.IOException; 29c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.AlgorithmParameters; 30c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.GeneralSecurityException; 31c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.InvalidKeyException; 32c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.KeyFactory; 33c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.NoSuchAlgorithmException; 34c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.NoSuchProviderException; 35c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.PrivateKey; 36c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.PublicKey; 37c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.Signature; 38c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.SignatureException; 39c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.spec.InvalidKeySpecException; 40c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.spec.PSSParameterSpec; 41c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.security.spec.X509EncodedKeySpec; 42c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.util.HashSet; 43c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.util.Hashtable; 44c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport java.util.Set; 45c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 46b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam/** 47b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * A class for verifying and creating PKCS10 Certification requests. 48b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * <pre> 49b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * CertificationRequest ::= SEQUENCE { 50b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * certificationRequestInfo CertificationRequestInfo, 51b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }}, 52b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * signature BIT STRING 53b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * } 54b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * 55b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * CertificationRequestInfo ::= SEQUENCE { 56b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * version INTEGER { v1(0) } (v1,...), 57b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * subject Name, 58b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, 59b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * attributes [0] Attributes{{ CRIAttributes }} 60b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * } 61b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * 62b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }} 63b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * 64b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE { 65b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * type ATTRIBUTE.&id({IOSet}), 66b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type}) 67b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * } 68b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * </pre> 69b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 70b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampublic class PKCS10CertificationRequest 71b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam extends CertificationRequest 72b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam{ 73b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private static Hashtable algorithms = new Hashtable(); 74c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private static Hashtable params = new Hashtable(); 75b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private static Hashtable keyAlgorithms = new Hashtable(); 76b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private static Hashtable oids = new Hashtable(); 77b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private static Set noParams = new HashSet(); 78b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 79b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam static 80b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 81b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // BEGIN android-removed 82b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // Dropping MD2 83b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 84b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); 85b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // END android-removed 86b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 87b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 88b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("RSAWITHMD5", new DERObjectIdentifier("1.2.840.113549.1.1.4")); 89b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA1WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 90b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA1WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 91b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); 92b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); 93b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); 94b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); 95b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); 96b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption); 97b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); 98b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); 99c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 100c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 101c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 102c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 103c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); 104b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("RSAWITHSHA1", new DERObjectIdentifier("1.2.840.113549.1.1.5")); 105b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("RIPEMD160WITHRSAENCRYPTION", new DERObjectIdentifier("1.3.36.3.3.1.2")); 106b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("RIPEMD160WITHRSA", new DERObjectIdentifier("1.3.36.3.3.1.2")); 107b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3")); 108b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3")); 109b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); 110b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); 111b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); 112b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); 113b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); 114b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); 115b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); 116b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); 117b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 118b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 119b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 120c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 121c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 122b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 123b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 124b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // reverse mappings 125b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 126b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA"); 127b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); 128b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); 129b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); 130b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); 131b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); 132c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); 133b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 134b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); 135b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // BEGIN android-removed 136b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // Dropping MD2 137b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); 138b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // END android-removed 139b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); 140b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); 141b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); 142b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); 143b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); 144b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); 145b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); 146b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA"); 147b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); 148b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); 149b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 150b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 151b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // key types 152b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 153b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam keyAlgorithms.put(PKCSObjectIdentifiers.rsaEncryption, "RSA"); 154b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam keyAlgorithms.put(X9ObjectIdentifiers.id_dsa, "DSA"); 155b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 156b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 157b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 158b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // The parameters field SHALL be NULL for RSA based signature algorithms. 159b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 160b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); 161b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); 162b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); 163b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); 164b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); 165b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); 166b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(NISTObjectIdentifiers.dsa_with_sha224); 167b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam noParams.add(NISTObjectIdentifiers.dsa_with_sha256); 168c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 169c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // 170c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // RFC 4491 171c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // 172c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); 173c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); 174c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // 175c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // explicit params 176c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // 177c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // BEGIN android-changed 178c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); 179c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // END android-changed 180c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); 181c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 182c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // BEGIN android-changed 183c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); 184c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // END android-changed 185c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); 186c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 187c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // BEGIN android-changed 188c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); 189c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // END android-changed 190c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); 191c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 192c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // BEGIN android-changed 193c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE); 194c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // END android-changed 195c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId, 48)); 196c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 197c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // BEGIN android-changed 198c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE); 199c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // END android-changed 200c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId, 64)); 201c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 202c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 203c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private static RSASSAPSSparams creatPSSParams(AlgorithmIdentifier hashAlgId, int saltSize) 204c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 205c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return new RSASSAPSSparams( 206c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom hashAlgId, 207c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, hashAlgId), 208c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom new DERInteger(saltSize), 209c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom new DERInteger(1)); 210b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 211b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 212b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private static ASN1Sequence toDERSequence( 213b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] bytes) 214b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 215b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 216b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 217c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom ASN1InputStream dIn = new ASN1InputStream(bytes); 218b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 219b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return (ASN1Sequence)dIn.readObject(); 220b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 221b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (Exception e) 222b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 223b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalArgumentException("badly encoded request"); 224b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 225b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 226b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 227b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 228b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * construct a PKCS10 certification request from a DER encoded 229b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * byte stream. 230b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 231b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PKCS10CertificationRequest( 232b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] bytes) 233b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 234b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam super(toDERSequence(bytes)); 235b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 236b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 237b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PKCS10CertificationRequest( 238b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1Sequence sequence) 239b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 240b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam super(sequence); 241b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 242b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 243b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 244b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * create a PKCS10 certfication request using the BC provider. 245b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 246b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PKCS10CertificationRequest( 247b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String signatureAlgorithm, 248b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Name subject, 249b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PublicKey key, 250b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1Set attributes, 251b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PrivateKey signingKey) 252b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, 253b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, SignatureException 254b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 255b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this(signatureAlgorithm, subject, key, attributes, signingKey, "BC"); 256b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 257b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 258b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private static X509Name convertName( 259b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X500Principal name) 260b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 261b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 262b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 263b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return new X509Principal(name.getEncoded()); 264b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 265b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 266b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 267b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalArgumentException("can't convert name"); 268b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 269b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 270b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 271b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 272b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * create a PKCS10 certfication request using the BC provider. 273b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 274b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PKCS10CertificationRequest( 275b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String signatureAlgorithm, 276b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X500Principal subject, 277b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PublicKey key, 278b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1Set attributes, 279b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PrivateKey signingKey) 280b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, 281b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, SignatureException 282b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 283b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this(signatureAlgorithm, convertName(subject), key, attributes, signingKey, "BC"); 284b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 285b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 286b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 287b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * create a PKCS10 certfication request using the named provider. 288b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 289b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PKCS10CertificationRequest( 290b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String signatureAlgorithm, 291b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X500Principal subject, 292b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PublicKey key, 293b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1Set attributes, 294b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PrivateKey signingKey, 295b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String provider) 296b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, 297b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, SignatureException 298b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 299b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this(signatureAlgorithm, convertName(subject), key, attributes, signingKey, provider); 300b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 301b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 302b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 303b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * create a PKCS10 certfication request using the named provider. 304b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 305b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PKCS10CertificationRequest( 306b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String signatureAlgorithm, 307b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Name subject, 308b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PublicKey key, 309b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1Set attributes, 310b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PrivateKey signingKey, 311b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String provider) 312b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, 313b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, SignatureException 314b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 315c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom String algorithmName = Strings.toUpperCase(signatureAlgorithm); 316c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom DERObjectIdentifier sigOID = (DERObjectIdentifier)algorithms.get(algorithmName); 317b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 318b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (sigOID == null) 319b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 320b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalArgumentException("Unknown signature type requested"); 321b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 322b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 323b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (subject == null) 324b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 325b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalArgumentException("subject must not be null"); 326b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 327b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 328b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (key == null) 329b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 330b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalArgumentException("public key must not be null"); 331b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 332b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 333b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (noParams.contains(sigOID)) 334b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 335b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.sigAlgId = new AlgorithmIdentifier(sigOID); 336b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 337c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (params.containsKey(algorithmName)) 338c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 339c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom this.sigAlgId = new AlgorithmIdentifier(sigOID, (DEREncodable)params.get(algorithmName)); 340c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 341b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 342b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 343b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.sigAlgId = new AlgorithmIdentifier(sigOID, null); 344b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 345b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 346b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 347b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 348c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom ASN1Sequence seq = (ASN1Sequence)ASN1Object.fromByteArray(key.getEncoded()); 349c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom this.reqInfo = new CertificationRequestInfo(subject, new SubjectPublicKeyInfo(seq), attributes); 350b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 351b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 352b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 353b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalArgumentException("can't encode public key"); 354b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 355b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 356c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom Signature sig; 357c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (provider == null) 358b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 359c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig = Signature.getInstance(signatureAlgorithm); 360b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 361c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 362b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 363b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam sig = Signature.getInstance(signatureAlgorithm, provider); 364b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 365b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 366b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam sig.initSign(signingKey); 367b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 368b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 369b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 370c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig.update(reqInfo.getEncoded(ASN1Encodable.DER)); 371b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 372b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (Exception e) 373b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 374c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new IllegalArgumentException("exception encoding TBS cert request - " + e); 375b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 376b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 377b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.sigBits = new DERBitString(sig.sign()); 378b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 379b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 380b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 381b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return the public key associated with the certification request - 382b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * the public key is created using the BC provider. 383b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 384b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PublicKey getPublicKey() 385b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException 386b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 387b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return getPublicKey("BC"); 388b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 389b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 390b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PublicKey getPublicKey( 391b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String provider) 392b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, 393b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException 394b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 395b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam SubjectPublicKeyInfo subjectPKInfo = reqInfo.getSubjectPublicKeyInfo(); 396b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509EncodedKeySpec xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getBytes()); 397b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam AlgorithmIdentifier keyAlg = subjectPKInfo.getAlgorithmId(); 398b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 399b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 400b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 401b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 402b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 403c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (provider == null) 404c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 405c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return KeyFactory.getInstance(keyAlg.getObjectId().getId()).generatePublic(xspec); 406c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 407c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 408c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 409c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return KeyFactory.getInstance(keyAlg.getObjectId().getId(), provider).generatePublic(xspec); 410c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 411b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 412b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (NoSuchAlgorithmException e) 413b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 414b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 415b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // try an alternate 416b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 417b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (keyAlgorithms.get(keyAlg.getObjectId()) != null) 418b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 419b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String keyAlgorithm = (String)keyAlgorithms.get(keyAlg.getObjectId()); 420b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 421c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (provider == null) 422c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 423c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return KeyFactory.getInstance(keyAlgorithm).generatePublic(xspec); 424c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 425c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 426c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 427c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return KeyFactory.getInstance(keyAlgorithm, provider).generatePublic(xspec); 428c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 429b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 430b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 431b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw e; 432b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 433b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 434b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (InvalidKeySpecException e) 435b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 436b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new InvalidKeyException("error decoding public key"); 437b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 438b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 439b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 440b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 441b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * verify the request using the BC provider. 442b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 443b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean verify() 444b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, 445b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, SignatureException 446b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 447b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return verify("BC"); 448b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 449b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 450c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom /** 451c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom * verify the request using the passed in provider. 452c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom */ 453c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom public boolean verify( 454c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom String provider) 455c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throws NoSuchAlgorithmException, NoSuchProviderException, 456c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom InvalidKeyException, SignatureException 457c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 458c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return verify(this.getPublicKey(provider), provider); 459c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 460c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 461c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom /** 462c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom * verify the request using the passed in public key and the provider.. 463c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom */ 464b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean verify( 465c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom PublicKey pubKey, 466b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String provider) 467b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws NoSuchAlgorithmException, NoSuchProviderException, 468b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, SignatureException 469b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 470c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom Signature sig; 471b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 472b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 473b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 474c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (provider == null) 475c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 476c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig = Signature.getInstance(getSignatureName(sigAlgId)); 477c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 478c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 479c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 480c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig = Signature.getInstance(getSignatureName(sigAlgId), provider); 481c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 482b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 483b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (NoSuchAlgorithmException e) 484b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 485b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 486b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // try an alternate 487b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 488b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (oids.get(sigAlgId.getObjectId()) != null) 489b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 490b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String signatureAlgorithm = (String)oids.get(sigAlgId.getObjectId()); 491b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 492c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (provider == null) 493c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 494c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig = Signature.getInstance(signatureAlgorithm); 495c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 496c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 497c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 498c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig = Signature.getInstance(signatureAlgorithm, provider); 499c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 500b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 501b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 502b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 503b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw e; 504b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 505b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 506b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 507c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom setSignatureParameters(sig, sigAlgId.getParameters()); 508c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 509c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig.initVerify(pubKey); 510b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 511b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 512b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 513c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sig.update(reqInfo.getEncoded(ASN1Encodable.DER)); 514b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 515b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (Exception e) 516b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 517c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new SignatureException("exception encoding TBS cert request - " + e); 518b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 519b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 520b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return sig.verify(sigBits.getBytes()); 521b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 522b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 523b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 524b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return a DER encoded byte array representing this object 525b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 526b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public byte[] getEncoded() 527b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 528b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 529b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 530c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return this.getEncoded(ASN1Encodable.DER); 531b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 532b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 533b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 534b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new RuntimeException(e.toString()); 535b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 536c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 537c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 538c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private void setSignatureParameters( 539c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom Signature signature, 540c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom DEREncodable params) 541c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throws NoSuchAlgorithmException, SignatureException, InvalidKeyException 542c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 543c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (params != null && !DERNull.INSTANCE.equals(params)) 544c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 545c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom AlgorithmParameters sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider()); 546c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 547c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom try 548c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 549c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom sigParams.init(params.getDERObject().getDEREncoded()); 550c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 551c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom catch (IOException e) 552c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 553c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new SignatureException("IOException decoding parameters: " + e.getMessage()); 554c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 555c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 556c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (signature.getAlgorithm().endsWith("MGF1")) 557c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 558c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom try 559c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 560c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); 561c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 562c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom catch (GeneralSecurityException e) 563c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 564c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new SignatureException("Exception extracting parameters: " + e.getMessage()); 565c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 566c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 567c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 568c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 569b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 570c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom static String getSignatureName( 571c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom AlgorithmIdentifier sigAlgId) 572c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 573c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom DEREncodable params = sigAlgId.getParameters(); 574c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 575c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (params != null && !DERNull.INSTANCE.equals(params)) 576c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 577c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) 578c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 579c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); 580c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; 581c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 582c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 583c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 584c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return sigAlgId.getObjectId().getId(); 585c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 586c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 587c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private static String getDigestAlgName( 588c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom DERObjectIdentifier digestAlgOID) 589c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 590c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (PKCSObjectIdentifiers.md5.equals(digestAlgOID)) 591c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 592c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "MD5"; 593c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 594c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID)) 595c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 596c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "SHA1"; 597c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 598c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) 599c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 600c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "SHA224"; 601c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 602c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) 603c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 604c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "SHA256"; 605c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 606c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) 607c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 608c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "SHA384"; 609c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 610c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) 611c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 612c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "SHA512"; 613c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 614c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) 615c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 616c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "RIPEMD128"; 617c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 618c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) 619c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 620c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "RIPEMD160"; 621c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 622c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) 623c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 624c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "RIPEMD256"; 625c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 626c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) 627c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 628c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return "GOST3411"; 629c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 630c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 631c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 632c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return digestAlgOID.getId(); 633c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 634b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 635b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam} 636