OpenSSLProvider.java revision 38375a4d0b3d34e2babbd2f6a013976c7c439696
112cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom/* 212cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * Copyright (C) 2010 The Android Open Source Project 312cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * 412cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * Licensed under the Apache License, Version 2.0 (the "License"); 512cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * you may not use this file except in compliance with the License. 612cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * You may obtain a copy of the License at 712cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * 812cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * http://www.apache.org/licenses/LICENSE-2.0 912cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * 1012cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * Unless required by applicable law or agreed to in writing, software 1112cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * distributed under the License is distributed on an "AS IS" BASIS, 1212cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1312cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * See the License for the specific language governing permissions and 1412cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom * limitations under the License. 1512cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom */ 1612cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 1738375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Rootpackage org.conscrypt; 1812cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 1912cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstromimport java.security.Provider; 2012cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 213d1643390a0d624a27b8eccc589b337949657c76Kenny Root/** 223d1643390a0d624a27b8eccc589b337949657c76Kenny Root * Provider that goes through OpenSSL for operations. 233d1643390a0d624a27b8eccc589b337949657c76Kenny Root * <p> 243d1643390a0d624a27b8eccc589b337949657c76Kenny Root * Every algorithm should have its IANA assigned OID as an alias. See the following URLs for each type: 253d1643390a0d624a27b8eccc589b337949657c76Kenny Root * <ul> 263d1643390a0d624a27b8eccc589b337949657c76Kenny Root * <li><a href="http://www.iana.org/assignments/hash-function-text-names/hash-function-text-names.xml">Hash functions</a></li> 273d1643390a0d624a27b8eccc589b337949657c76Kenny Root * <li><a href="http://www.iana.org/assignments/dssc/dssc.xml">Signature algorithms</a></li> 283d1643390a0d624a27b8eccc589b337949657c76Kenny Root * <li><a href="http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html">NIST cryptographic algorithms</a></li> 293d1643390a0d624a27b8eccc589b337949657c76Kenny Root * </ul> 303d1643390a0d624a27b8eccc589b337949657c76Kenny Root */ 3112cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrompublic final class OpenSSLProvider extends Provider { 325b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root public static final String PROVIDER_NAME = "AndroidOpenSSL"; 3312cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 3412cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom public OpenSSLProvider() { 355b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root super(PROVIDER_NAME, 1.0, "Android's OpenSSL-backed security provider"); 3612cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 3738375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root // If we're compiled stand-alone, we need to load the JNI library 3838375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root if ("org.conscrypt".equals(getClass().getPackage().getName())) { 3938375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root System.loadLibrary("conscrypt"); 4038375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root } 4138375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root 423d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* === SSL Contexts === */ 43059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom put("SSLContext.SSL", OpenSSLContextImpl.class.getName()); 44059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom put("SSLContext.SSLv3", OpenSSLContextImpl.class.getName()); 45059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom put("SSLContext.TLS", OpenSSLContextImpl.class.getName()); 46059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom put("SSLContext.TLSv1", OpenSSLContextImpl.class.getName()); 473e6dd45baa0d7f9b4fa06f4ade76e088b59cc7bfBrian Carlstrom put("SSLContext.TLSv1.1", OpenSSLContextImpl.class.getName()); 483e6dd45baa0d7f9b4fa06f4ade76e088b59cc7bfBrian Carlstrom put("SSLContext.TLSv1.2", OpenSSLContextImpl.class.getName()); 49059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom put("SSLContext.Default", DefaultSSLContextImpl.class.getName()); 50059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom 513d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* === Message Digests === */ 5212cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("MessageDigest.SHA-1", 5338375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root "org.conscrypt.OpenSSLMessageDigestJDK$SHA1"); 5412cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.SHA1", "SHA-1"); 5512cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.SHA", "SHA-1"); 5612cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.1.3.14.3.2.26", "SHA-1"); 5712cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 5812cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("MessageDigest.SHA-256", 5938375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root "org.conscrypt.OpenSSLMessageDigestJDK$SHA256"); 6012cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.SHA256", "SHA-256"); 6112cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256"); 6212cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 6312cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("MessageDigest.SHA-384", 6438375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root "org.conscrypt.OpenSSLMessageDigestJDK$SHA384"); 6512cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.SHA384", "SHA-384"); 6612cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.2", "SHA-384"); 6712cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 6812cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("MessageDigest.SHA-512", 6938375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root "org.conscrypt.OpenSSLMessageDigestJDK$SHA512"); 7012cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.SHA512", "SHA-512"); 7112cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.3", "SHA-512"); 7212cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 733d1643390a0d624a27b8eccc589b337949657c76Kenny Root // iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) md5(5) 7412cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("MessageDigest.MD5", 7538375a4d0b3d34e2babbd2f6a013976c7c439696Kenny Root "org.conscrypt.OpenSSLMessageDigestJDK$MD5"); 7612cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom put("Alg.Alias.MessageDigest.1.2.840.113549.2.5", "MD5"); 7712cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom 783d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* == KeyPairGenerators == */ 79746a236e2be5dee62c482e27f4c682496d071d8bKenny Root put("KeyPairGenerator.RSA", OpenSSLRSAKeyPairGenerator.class.getName()); 80746a236e2be5dee62c482e27f4c682496d071d8bKenny Root put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1.1", "RSA"); 81746a236e2be5dee62c482e27f4c682496d071d8bKenny Root 82746a236e2be5dee62c482e27f4c682496d071d8bKenny Root put("KeyPairGenerator.DSA", OpenSSLDSAKeyPairGenerator.class.getName()); 83746a236e2be5dee62c482e27f4c682496d071d8bKenny Root 849d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("KeyPairGenerator.EC", OpenSSLECKeyPairGenerator.class.getName()); 859d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root 863d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* == KeyFactory == */ 87746a236e2be5dee62c482e27f4c682496d071d8bKenny Root put("KeyFactory.RSA", OpenSSLRSAKeyFactory.class.getName()); 88746a236e2be5dee62c482e27f4c682496d071d8bKenny Root put("Alg.Alias.KeyFactory.1.2.840.113549.1.1.1", "RSA"); 89746a236e2be5dee62c482e27f4c682496d071d8bKenny Root 90c9989de40c23c579bc9dc0231fb643436bbf73ccKenny Root put("KeyFactory.DSA", OpenSSLDSAKeyFactory.class.getName()); 91c9989de40c23c579bc9dc0231fb643436bbf73ccKenny Root 92c9989de40c23c579bc9dc0231fb643436bbf73ccKenny Root put("KeyFactory.EC", OpenSSLECKeyFactory.class.getName()); 93746a236e2be5dee62c482e27f4c682496d071d8bKenny Root 94e741559fd878ee6e3deca9102f7c27e1c1ca70d0Alex Klyubin /* == KeyAgreement == */ 95e741559fd878ee6e3deca9102f7c27e1c1ca70d0Alex Klyubin put("KeyAgreement.ECDH", OpenSSLECDHKeyAgreement.class.getName()); 96e741559fd878ee6e3deca9102f7c27e1c1ca70d0Alex Klyubin 973d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* == Signatures == */ 98eef7e9357c272a9154f007e8bee2a09eed66d101Brian Carlstrom put("Signature.MD5WithRSA", OpenSSLSignature.MD5RSA.class.getName()); 99eef7e9357c272a9154f007e8bee2a09eed66d101Brian Carlstrom put("Alg.Alias.Signature.MD5WithRSAEncryption", "MD5WithRSA"); 100eef7e9357c272a9154f007e8bee2a09eed66d101Brian Carlstrom put("Alg.Alias.Signature.MD5/RSA", "MD5WithRSA"); 101eef7e9357c272a9154f007e8bee2a09eed66d101Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5WithRSA"); 102eef7e9357c272a9154f007e8bee2a09eed66d101Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.2.5with1.2.840.113549.1.1.1", "MD5WithRSA"); 1035b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root 104fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Signature.SHA1WithRSA", OpenSSLSignature.SHA1RSA.class.getName()); 105b3bc3cd743d06f5fb59a1c950a7634b47f3cafc4Kenny Root put("Alg.Alias.Signature.SHA1WithRSAEncryption", "SHA1WithRSA"); 106fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.SHA1/RSA", "SHA1WithRSA"); 107fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.SHA-1/RSA", "SHA1WithRSA"); 108fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1WithRSA"); 109fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.1", "SHA1WithRSA"); 110fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.5", "SHA1WithRSA"); 111fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1WithRSA"); 112fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom 113fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Signature.SHA256WithRSA", OpenSSLSignature.SHA256RSA.class.getName()); 114fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.SHA256WithRSAEncryption", "SHA256WithRSA"); 115fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256WithRSA"); 1163d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.113549.1.1.1", 117b3bc3cd743d06f5fb59a1c950a7634b47f3cafc4Kenny Root "SHA256WithRSA"); 1183d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.113549.1.1.11", 119b3bc3cd743d06f5fb59a1c950a7634b47f3cafc4Kenny Root "SHA256WithRSA"); 120fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom 121fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Signature.SHA384WithRSA", OpenSSLSignature.SHA384RSA.class.getName()); 122fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.SHA384WithRSAEncryption", "SHA384WithRSA"); 123fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384WithRSA"); 1243d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.2with1.2.840.113549.1.1.1", 125b3bc3cd743d06f5fb59a1c950a7634b47f3cafc4Kenny Root "SHA384WithRSA"); 126fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom 127fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Signature.SHA512WithRSA", OpenSSLSignature.SHA512RSA.class.getName()); 128fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.SHA512WithRSAEncryption", "SHA512WithRSA"); 129fe8b870db2b374e21c69c2ff0050e6a34e0d8d94Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512WithRSA"); 1303d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.3with1.2.840.113549.1.1.1", 131b3bc3cd743d06f5fb59a1c950a7634b47f3cafc4Kenny Root "SHA512WithRSA"); 1325b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root 1335b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root put("Signature.SHA1withDSA", OpenSSLSignature.SHA1DSA.class.getName()); 1345b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root put("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); 1355b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root put("Alg.Alias.Signature.DSA", "SHA1withDSA"); 1365b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); 1375b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); 1385b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root put("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); 1395b57eb538f8da8e97cf88a310d75d14dfc91624cKenny Root put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); 14046aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root 14162fc526d80608925cad24c3d6d91657f63a56fcfKenny Root put("Signature.NONEwithRSA", OpenSSLSignatureRawRSA.class.getName()); 1427501e29e0182accf28cc317870a3bbe1e25f4bfaKenny Root 1439d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Signature.ECDSA", OpenSSLSignature.SHA1ECDSA.class.getName()); 1449d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Alg.Alias.Signature.SHA1withECDSA", "ECDSA"); 1459d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Alg.Alias.Signature.ECDSAwithSHA1", "ECDSA"); 1469d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA1(1) 1479d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); 14852c906b82c75e811284a1788e5ca0b4330a55a36Kenny Root put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10045.2.1", "ECDSA"); 1499d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root 1509d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA2(3) 1519d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Signature.SHA256withECDSA", OpenSSLSignature.SHA256ECDSA.class.getName()); 1529d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root // ecdsa-with-SHA256(2) 1539d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Alg.Alias.Signature.1.2.840.10045.4.3.2", "SHA256withECDSA"); 15452c906b82c75e811284a1788e5ca0b4330a55a36Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.10045.2.1", "SHA256withECDSA"); 1559d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root 1569d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Signature.SHA384withECDSA", OpenSSLSignature.SHA384ECDSA.class.getName()); 1579d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root // ecdsa-with-SHA384(3) 1589d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Alg.Alias.Signature.1.2.840.10045.4.3.3", "SHA384withECDSA"); 15952c906b82c75e811284a1788e5ca0b4330a55a36Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.2with1.2.840.10045.2.1", "SHA384withECDSA"); 1609d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root 1619d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Signature.SHA512withECDSA", OpenSSLSignature.SHA512ECDSA.class.getName()); 1629d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root // ecdsa-with-SHA512(4) 1639d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root put("Alg.Alias.Signature.1.2.840.10045.4.3.4", "SHA512withECDSA"); 16452c906b82c75e811284a1788e5ca0b4330a55a36Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.3with1.2.840.10045.2.1", "SHA512withECDSA"); 1659d2fb535e5d43ad34af09195d490da18a7694a48Kenny Root 1663d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* === SecureRandom === */ 16746aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root /* 16846aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root * We have to specify SHA1PRNG because various documentation mentions 16946aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root * that algorithm by name instead of just recommending calling 17046aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root * "new SecureRandom()" 17146aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root */ 17246aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root put("SecureRandom.SHA1PRNG", OpenSSLRandom.class.getName()); 17346aabcb28b0e3b807f6db8c33173962d6f2cb71fKenny Root put("SecureRandom.SHA1PRNG ImplementedIn", "Software"); 174c5ddc93173f32383ab456c0a24739e7cb2d19c42Kenny Root 1753d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* === Cipher === */ 1760a156e0126e8015f2791e9a7dd48bbdaeae0c335Brian Carlstrom put("Cipher.RSA/ECB/NoPadding", OpenSSLCipherRSA.Raw.class.getName()); 177c5ddc93173f32383ab456c0a24739e7cb2d19c42Kenny Root put("Alg.Alias.Cipher.RSA/None/NoPadding", "RSA/ECB/NoPadding"); 1780a156e0126e8015f2791e9a7dd48bbdaeae0c335Brian Carlstrom put("Cipher.RSA/ECB/PKCS1Padding", OpenSSLCipherRSA.PKCS1.class.getName()); 1790a156e0126e8015f2791e9a7dd48bbdaeae0c335Brian Carlstrom put("Alg.Alias.Cipher.RSA/None/PKCS1Padding", "RSA/ECB/PKCS1Padding"); 18013cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root 18113cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root /* 18213cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root * OpenSSL only supports a subset of modes, so we'll name them 18313cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root * explicitly here. 18413cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root */ 18513cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/ECB/NoPadding", OpenSSLCipher.AES.ECB.NoPadding.class.getName()); 18613cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/ECB/PKCS5Padding", OpenSSLCipher.AES.ECB.PKCS5Padding.class.getName()); 18713cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/CBC/NoPadding", OpenSSLCipher.AES.CBC.NoPadding.class.getName()); 18813cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/CBC/PKCS5Padding", OpenSSLCipher.AES.CBC.PKCS5Padding.class.getName()); 18913cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/CFB/NoPadding", OpenSSLCipher.AES.CFB.NoPadding.class.getName()); 19013cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/CFB/PKCS5Padding", OpenSSLCipher.AES.CFB.PKCS5Padding.class.getName()); 19113cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/CTR/NoPadding", OpenSSLCipher.AES.CTR.NoPadding.class.getName()); 19213cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/CTR/PKCS5Padding", OpenSSLCipher.AES.CTR.PKCS5Padding.class.getName()); 19313cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/OFB/NoPadding", OpenSSLCipher.AES.OFB.NoPadding.class.getName()); 19413cf08b2f06e1f5f0278c449072898f5e147db49Kenny Root put("Cipher.AES/OFB/PKCS5Padding", OpenSSLCipher.AES.OFB.PKCS5Padding.class.getName()); 1959961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root 1969961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/CBC/NoPadding", OpenSSLCipher.DESEDE.CBC.NoPadding.class.getName()); 1979961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/CBC/PKCS5Padding", OpenSSLCipher.DESEDE.CBC.PKCS5Padding.class.getName()); 1989961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/CFB/NoPadding", OpenSSLCipher.DESEDE.CFB.NoPadding.class.getName()); 1999961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/CFB/PKCS5Padding", OpenSSLCipher.DESEDE.CFB.PKCS5Padding.class.getName()); 2009961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/ECB/NoPadding", OpenSSLCipher.DESEDE.ECB.NoPadding.class.getName()); 2019961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/ECB/PKCS5Padding", OpenSSLCipher.DESEDE.ECB.PKCS5Padding.class.getName()); 2029961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/OFB/NoPadding", OpenSSLCipher.DESEDE.OFB.NoPadding.class.getName()); 2039961a1e1fc3cf3fa8ceab5917eb49cedc996a2f6Kenny Root put("Cipher.DESEDE/OFB/PKCS5Padding", OpenSSLCipher.DESEDE.OFB.PKCS5Padding.class.getName()); 204a9a21fc20ac86e723c141bc145f582a2ab83268aKenny Root 205edefa57a822c27f3e9def050fd50e375c5908551Kenny Root put("Cipher.ARC4", OpenSSLCipher.ARC4.class.getName()); 206edefa57a822c27f3e9def050fd50e375c5908551Kenny Root 2073d1643390a0d624a27b8eccc589b337949657c76Kenny Root /* === Mac === */ 2083d1643390a0d624a27b8eccc589b337949657c76Kenny Root 209a9a21fc20ac86e723c141bc145f582a2ab83268aKenny Root put("Mac.HmacMD5", OpenSSLMac.HmacMD5.class.getName()); 2103d1643390a0d624a27b8eccc589b337949657c76Kenny Root 2113d1643390a0d624a27b8eccc589b337949657c76Kenny Root // PKCS#2 - iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2123d1643390a0d624a27b8eccc589b337949657c76Kenny Root // http://www.oid-info.com/get/1.2.840.113549.2 2133d1643390a0d624a27b8eccc589b337949657c76Kenny Root 2143d1643390a0d624a27b8eccc589b337949657c76Kenny Root // HMAC-SHA-1 PRF (7) 215a9a21fc20ac86e723c141bc145f582a2ab83268aKenny Root put("Mac.HmacSHA1", OpenSSLMac.HmacSHA1.class.getName()); 2163d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.7", "HmacSHA1"); 2173d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC-SHA1", "HmacSHA1"); 2183d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC/SHA1", "HmacSHA1"); 2193d1643390a0d624a27b8eccc589b337949657c76Kenny Root 2203d1643390a0d624a27b8eccc589b337949657c76Kenny Root // id-hmacWithSHA256 (9) 221a9a21fc20ac86e723c141bc145f582a2ab83268aKenny Root put("Mac.HmacSHA256", OpenSSLMac.HmacSHA256.class.getName()); 2223d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256"); 2233d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC-SHA256", "HmacSHA256"); 2243d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC/SHA256", "HmacSHA256"); 2253d1643390a0d624a27b8eccc589b337949657c76Kenny Root 2263d1643390a0d624a27b8eccc589b337949657c76Kenny Root // id-hmacWithSHA384 (10) 227a9a21fc20ac86e723c141bc145f582a2ab83268aKenny Root put("Mac.HmacSHA384", OpenSSLMac.HmacSHA384.class.getName()); 2283d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384"); 2293d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC-SHA384", "HmacSHA384"); 2303d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC/SHA384", "HmacSHA384"); 2313d1643390a0d624a27b8eccc589b337949657c76Kenny Root 2323d1643390a0d624a27b8eccc589b337949657c76Kenny Root // id-hmacWithSHA384 (11) 233a9a21fc20ac86e723c141bc145f582a2ab83268aKenny Root put("Mac.HmacSHA512", OpenSSLMac.HmacSHA512.class.getName()); 2343d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512"); 2353d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC-SHA512", "HmacSHA512"); 2363d1643390a0d624a27b8eccc589b337949657c76Kenny Root put("Alg.Alias.Mac.HMAC/SHA512", "HmacSHA512"); 23775dc9601af8ab3c65114e3c8c57d29ce5ac64125Kenny Root 23875dc9601af8ab3c65114e3c8c57d29ce5ac64125Kenny Root /* === Certificate === */ 23975dc9601af8ab3c65114e3c8c57d29ce5ac64125Kenny Root 24075dc9601af8ab3c65114e3c8c57d29ce5ac64125Kenny Root put("CertificateFactory.X509", OpenSSLX509CertificateFactory.class.getName()); 24175dc9601af8ab3c65114e3c8c57d29ce5ac64125Kenny Root put("Alg.Alias.CertificateFactory.X.509", "X509"); 24212cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom } 24312cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9Brian Carlstrom} 244