11f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom/* 21f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * Copyright (C) 2010 The Android Open Source Project 31f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * 41f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * Licensed under the Apache License, Version 2.0 (the "License"); 51f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * you may not use this file except in compliance with the License. 61f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * You may obtain a copy of the License at 71f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * 81f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * http://www.apache.org/licenses/LICENSE-2.0 91f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * 101f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * Unless required by applicable law or agreed to in writing, software 111f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * distributed under the License is distributed on an "AS IS" BASIS, 121f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 131f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * See the License for the specific language governing permissions and 141f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom * limitations under the License. 151f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom */ 161f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 17860d2707ce126ef8f66e3eac7ceeab6d24218cd8Kenny Rootpackage org.conscrypt; 181f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 191f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstromimport java.security.Provider; 201f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 2122ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root/** 225070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * Provider that uses BoringSSL to perform the actual cryptographic operations. 2322ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root * <p> 245070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * Every algorithm should have its IANA assigned OID as an alias. See the following URLs for each 255070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * type: <ul> <li><a 265070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * href="http://www.iana.org/assignments/hash-function-text-names/hash-function-text-names.xml">Hash 275070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * functions</a></li> <li><a href="http://www.iana.org/assignments/dssc/dssc.xml">Signature 285070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * algorithms</a></li> <li><a 295070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * href="http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html">NIST cryptographic 305070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * algorithms</a></li> 3122ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root * </ul> 3229916ef38dc9cb4e4c6e3fdb87d4e921546d3ef4Nathan Mittler * 3329916ef38dc9cb4e4c6e3fdb87d4e921546d3ef4Nathan Mittler * @hide 3422ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root */ 35dbe082cb70a1ffbe1a693bd583a06ecad585f46dNathan Mittler@Internal 361f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrompublic final class OpenSSLProvider extends Provider { 37209c986cfe42dbaa5497c6e68d1b5db96b28db78Kenny Root private static final long serialVersionUID = 2996752495318905136L; 38209c986cfe42dbaa5497c6e68d1b5db96b28db78Kenny Root 395070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root /** 405070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * Default name used in the {@link java.security.Security JCE system} by {@code OpenSSLProvider} 415070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root * if the {@link #OpenSSLProvider() default constructor} is used. 425070bdfc6277af136b7eb5fe5d0d72ad2ff6a2ebKenny Root */ 4329916ef38dc9cb4e4c6e3fdb87d4e921546d3ef4Nathan Mittler private static final String PROVIDER_NAME = "AndroidOpenSSL"; 441f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 45f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private static final String PREFIX = OpenSSLProvider.class.getPackage().getName() + "."; 46f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 47f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private static final String STANDARD_EC_PRIVATE_KEY_INTERFACE_CLASS_NAME = 48f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "java.security.interfaces.ECPrivateKey"; 49f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private static final String STANDARD_RSA_PRIVATE_KEY_INTERFACE_CLASS_NAME = 50f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "java.security.interfaces.RSAPrivateKey"; 51f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private static final String STANDARD_RSA_PUBLIC_KEY_INTERFACE_CLASS_NAME = 52f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "java.security.interfaces.RSAPublicKey"; 53f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 541f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom public OpenSSLProvider() { 553e46e4ee56c8e37158f46941dedd5b436d724baaKenny Root this(PROVIDER_NAME); 563e46e4ee56c8e37158f46941dedd5b436d724baaKenny Root } 573e46e4ee56c8e37158f46941dedd5b436d724baaKenny Root 583e46e4ee56c8e37158f46941dedd5b436d724baaKenny Root public OpenSSLProvider(String providerName) { 593e46e4ee56c8e37158f46941dedd5b436d724baaKenny Root super(providerName, 1.0, "Android's OpenSSL-backed security provider"); 601f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 6104c6d65c07b503caa425767b97e3a359c0f1ae35Kenny Root // Make sure the platform is initialized. 6204c6d65c07b503caa425767b97e3a359c0f1ae35Kenny Root Platform.setup(); 6304c6d65c07b503caa425767b97e3a359c0f1ae35Kenny Root 6422ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* === SSL Contexts === */ 65f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin final String classOpenSSLContextImpl = PREFIX + "OpenSSLContextImpl"; 66dee4e55cf84abc70ffa01cd6941576267b48b824Kenny Root final String tls12SSLContext = classOpenSSLContextImpl + "$TLSv12"; 67f3a26b65e797c10956443d8f48727b124d1d0dbfChad Brubaker // Keep SSL as an alias to TLS 68f3a26b65e797c10956443d8f48727b124d1d0dbfChad Brubaker put("SSLContext.SSL", tls12SSLContext); 69dee4e55cf84abc70ffa01cd6941576267b48b824Kenny Root put("SSLContext.TLS", tls12SSLContext); 70dee4e55cf84abc70ffa01cd6941576267b48b824Kenny Root put("SSLContext.TLSv1", classOpenSSLContextImpl + "$TLSv1"); 71dee4e55cf84abc70ffa01cd6941576267b48b824Kenny Root put("SSLContext.TLSv1.1", classOpenSSLContextImpl + "$TLSv11"); 72dee4e55cf84abc70ffa01cd6941576267b48b824Kenny Root put("SSLContext.TLSv1.2", tls12SSLContext); 73f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("SSLContext.Default", PREFIX + "DefaultSSLContextImpl"); 7498a43fda08c8dae8b308fb91756fb121ec1c8ac2Brian Carlstrom 7572171a4df6799a188858faaba5cb08be9ba7dc6eAdam Vartanian /* === AlgorithmParameters === */ 7672171a4df6799a188858faaba5cb08be9ba7dc6eAdam Vartanian put("AlgorithmParameters.GCM", PREFIX + "GCMParameters"); 7772171a4df6799a188858faaba5cb08be9ba7dc6eAdam Vartanian put("Alg.Alias.AlgorithmParameters.2.16.840.1.101.3.4.1.6", "GCM"); 7872171a4df6799a188858faaba5cb08be9ba7dc6eAdam Vartanian put("Alg.Alias.AlgorithmParameters.2.16.840.1.101.3.4.1.26", "GCM"); 7972171a4df6799a188858faaba5cb08be9ba7dc6eAdam Vartanian put("Alg.Alias.AlgorithmParameters.2.16.840.1.101.3.4.1.46", "GCM"); 8072171a4df6799a188858faaba5cb08be9ba7dc6eAdam Vartanian 8122ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* === Message Digests === */ 82f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("MessageDigest.SHA-1", PREFIX + "OpenSSLMessageDigestJDK$SHA1"); 831f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.SHA1", "SHA-1"); 841f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.SHA", "SHA-1"); 851f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.1.3.14.3.2.26", "SHA-1"); 861f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 87f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("MessageDigest.SHA-224", PREFIX + "OpenSSLMessageDigestJDK$SHA224"); 88d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.MessageDigest.SHA224", "SHA-224"); 89d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.4", "SHA-224"); 90d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root 91f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("MessageDigest.SHA-256", PREFIX + "OpenSSLMessageDigestJDK$SHA256"); 921f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.SHA256", "SHA-256"); 931f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256"); 941f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 95f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("MessageDigest.SHA-384", PREFIX + "OpenSSLMessageDigestJDK$SHA384"); 961f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.SHA384", "SHA-384"); 971f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.2", "SHA-384"); 981f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 99f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("MessageDigest.SHA-512", PREFIX + "OpenSSLMessageDigestJDK$SHA512"); 1001f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.SHA512", "SHA-512"); 1011f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.3", "SHA-512"); 1021f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 10322ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root // iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) md5(5) 104f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("MessageDigest.MD5", PREFIX + "OpenSSLMessageDigestJDK$MD5"); 1051f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom put("Alg.Alias.MessageDigest.1.2.840.113549.2.5", "MD5"); 1061f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom 1079ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian /* == KeyGenerators == */ 1089ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.AES", PREFIX + "KeyGeneratorImpl$AES"); 1099ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 1109ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.DESEDE", PREFIX + "KeyGeneratorImpl$DESEDE"); 1119ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); 1129ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 1139ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.HmacMD5", PREFIX + "KeyGeneratorImpl$HmacMD5"); 1149ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.1.3.6.1.5.5.8.1.1", "HmacMD5"); 1159ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC-MD5", "HmacMD5"); 1169ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC/MD5", "HmacMD5"); 1179ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 1189ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.HmacSHA1", PREFIX + "KeyGeneratorImpl$HmacSHA1"); 1199ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.1.2.840.113549.2.7", "HmacSHA1"); 1209ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.1.3.6.1.5.5.8.1.2", "HmacSHA1"); 1219ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC-SHA1", "HmacSHA1"); 1229ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC/SHA1", "HmacSHA1"); 1239ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 1249ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.HmacSHA224", PREFIX + "KeyGeneratorImpl$HmacSHA224"); 1259ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.1.2.840.113549.2.8", "HmacSHA224"); 1269ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC-SHA224", "HmacSHA224"); 1279ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC/SHA224", "HmacSHA224"); 1289ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 1299ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.HmacSHA256", PREFIX + "KeyGeneratorImpl$HmacSHA256"); 1309ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.1.2.840.113549.2.9", "HmacSHA256"); 1319ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.2.16.840.1.101.3.4.2.1", "HmacSHA256"); 1329ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC-SHA256", "HmacSHA256"); 1339ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC/SHA256", "HmacSHA256"); 1349ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 1359ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.HmacSHA384", PREFIX + "KeyGeneratorImpl$HmacSHA384"); 1369ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.1.2.840.113549.2.10", "HmacSHA384"); 1379ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC-SHA384", "HmacSHA384"); 1389ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC/SHA384", "HmacSHA384"); 1399ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 1409ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("KeyGenerator.HmacSHA512", PREFIX + "KeyGeneratorImpl$HmacSHA512"); 1419ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.1.2.840.113549.2.11", "HmacSHA512"); 1429ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC-SHA512", "HmacSHA512"); 1439ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian put("Alg.Alias.KeyGenerator.HMAC/SHA512", "HmacSHA512"); 1449ade0b4f29cf243801c44e6b9bc86999181fe135Adam Vartanian 14522ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* == KeyPairGenerators == */ 146f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("KeyPairGenerator.RSA", PREFIX + "OpenSSLRSAKeyPairGenerator"); 147aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1.1", "RSA"); 14871ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1.7", "RSA"); 14971ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.KeyPairGenerator.2.5.8.1.1", "RSA"); 150aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root 151f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("KeyPairGenerator.EC", PREFIX + "OpenSSLECKeyPairGenerator"); 152490bad571122d898aaad7c02f5146cde5afa3c17Alex Klyubin put("Alg.Alias.KeyPairGenerator.1.2.840.10045.2.1", "EC"); 15371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.KeyPairGenerator.1.3.133.16.840.63.0.2", "EC"); 1548b7521eb38878822be3817270cc074ee1e22095dKenny Root 15522ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* == KeyFactory == */ 156f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("KeyFactory.RSA", PREFIX + "OpenSSLRSAKeyFactory"); 157aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root put("Alg.Alias.KeyFactory.1.2.840.113549.1.1.1", "RSA"); 15871ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.KeyFactory.1.2.840.113549.1.1.7", "RSA"); 15971ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.KeyFactory.2.5.8.1.1", "RSA"); 160aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root 161f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("KeyFactory.EC", PREFIX + "OpenSSLECKeyFactory"); 162490bad571122d898aaad7c02f5146cde5afa3c17Alex Klyubin put("Alg.Alias.KeyFactory.1.2.840.10045.2.1", "EC"); 16371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.KeyFactory.1.3.133.16.840.63.0.2", "EC"); 164aa48fdb4d42bc5de668f11055f88fb430fdf4d61Kenny Root 1651cdadf63c7ce3245d2826465b93cc7beaa628061Adam Vartanian /* == SecretKeyFactory == */ 1661cdadf63c7ce3245d2826465b93cc7beaa628061Adam Vartanian put("SecretKeyFactory.DESEDE", PREFIX + "DESEDESecretKeyFactory"); 1671cdadf63c7ce3245d2826465b93cc7beaa628061Adam Vartanian put("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); 1681cdadf63c7ce3245d2826465b93cc7beaa628061Adam Vartanian 16982f6e22581a00a2acaaa932cf471e276d696965bAlex Klyubin /* == KeyAgreement == */ 170f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putECDHKeyAgreementImplClass("OpenSSLECDHKeyAgreement"); 17182f6e22581a00a2acaaa932cf471e276d696965bAlex Klyubin 17222ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* == Signatures == */ 173f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("MD5WithRSA", "OpenSSLSignature$MD5RSA"); 174e2b6da2c24687aecaa7fd782dffec04d0476c2beBrian Carlstrom put("Alg.Alias.Signature.MD5WithRSAEncryption", "MD5WithRSA"); 175e2b6da2c24687aecaa7fd782dffec04d0476c2beBrian Carlstrom put("Alg.Alias.Signature.MD5/RSA", "MD5WithRSA"); 176e2b6da2c24687aecaa7fd782dffec04d0476c2beBrian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5WithRSA"); 17771ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4", "MD5WithRSA"); 178e2b6da2c24687aecaa7fd782dffec04d0476c2beBrian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.2.5with1.2.840.113549.1.1.1", "MD5WithRSA"); 179661ddf3068e405642526ce8a07de76efd906462bKenny Root 180f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA1WithRSA", "OpenSSLSignature$SHA1RSA"); 181d77f3cf3cde9d512d5cf32e2b4701faf4df4adaaKenny Root put("Alg.Alias.Signature.SHA1WithRSAEncryption", "SHA1WithRSA"); 182feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.SHA1/RSA", "SHA1WithRSA"); 183feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.SHA-1/RSA", "SHA1WithRSA"); 184feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1WithRSA"); 18571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1WithRSA"); 186feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.1", "SHA1WithRSA"); 187feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.5", "SHA1WithRSA"); 188feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1WithRSA"); 18971ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.3.14.3.2.29", "SHA1WithRSA"); 190feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom 191f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA224WithRSA", "OpenSSLSignature$SHA224RSA"); 192d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.Signature.SHA224WithRSAEncryption", "SHA224WithRSA"); 19371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA224/RSA", "SHA224WithRSA"); 19471ffd3d09a4fcdc9e356df86568d2f9b1446d362Chad Brubaker put("Alg.Alias.Signature.1.2.840.113549.1.1.14", "SHA224WithRSA"); 19571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.14", "SHA224WithRSA"); 196d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.113549.1.1.1", 197d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root "SHA224WithRSA"); 19871ffd3d09a4fcdc9e356df86568d2f9b1446d362Chad Brubaker put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.113549.1.1.14", 199d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root "SHA224WithRSA"); 200d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root 201f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA256WithRSA", "OpenSSLSignature$SHA256RSA"); 202feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.SHA256WithRSAEncryption", "SHA256WithRSA"); 20371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA256/RSA", "SHA256WithRSA"); 204feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256WithRSA"); 20571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256WithRSA"); 20622ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.113549.1.1.1", 207d77f3cf3cde9d512d5cf32e2b4701faf4df4adaaKenny Root "SHA256WithRSA"); 20822ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.113549.1.1.11", 209d77f3cf3cde9d512d5cf32e2b4701faf4df4adaaKenny Root "SHA256WithRSA"); 210feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom 211f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA384WithRSA", "OpenSSLSignature$SHA384RSA"); 212feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.SHA384WithRSAEncryption", "SHA384WithRSA"); 21371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA384/RSA", "SHA384WithRSA"); 214feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384WithRSA"); 21571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384WithRSA"); 21622ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.2with1.2.840.113549.1.1.1", 217d77f3cf3cde9d512d5cf32e2b4701faf4df4adaaKenny Root "SHA384WithRSA"); 218feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom 219f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA512WithRSA", "OpenSSLSignature$SHA512RSA"); 220feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.SHA512WithRSAEncryption", "SHA512WithRSA"); 22171ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA512/RSA", "SHA512WithRSA"); 222feda3eff62be1ccf45587460b916521646232d57Brian Carlstrom put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512WithRSA"); 22371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512WithRSA"); 22422ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.3with1.2.840.113549.1.1.1", 225d77f3cf3cde9d512d5cf32e2b4701faf4df4adaaKenny Root "SHA512WithRSA"); 226661ddf3068e405642526ce8a07de76efd906462bKenny Root 227f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putRAWRSASignatureImplClass("OpenSSLSignatureRawRSA"); 2286e7efe14188211dc0f8a2e08276556e871fd8748Kenny Root 2299c0eb3f460dcfb301c2eeb24c14ef3b9d41d7f69Adam Vartanian putSignatureImplClass("NONEwithECDSA", "OpenSSLSignatureRawECDSA"); 230650cd346b0f2f6a0a13eb7fbd467c714137b8013Adam Vartanian 231b825b8339d9ba3649e0997a5328140b7f8479759Kenny Root putSignatureImplClass("SHA1withECDSA", "OpenSSLSignature$SHA1ECDSA"); 232b825b8339d9ba3649e0997a5328140b7f8479759Kenny Root put("Alg.Alias.Signature.ECDSA", "SHA1withECDSA"); 233b825b8339d9ba3649e0997a5328140b7f8479759Kenny Root put("Alg.Alias.Signature.ECDSAwithSHA1", "SHA1withECDSA"); 2348b7521eb38878822be3817270cc074ee1e22095dKenny Root // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA1(1) 235b825b8339d9ba3649e0997a5328140b7f8479759Kenny Root put("Alg.Alias.Signature.1.2.840.10045.4.1", "SHA1withECDSA"); 236b825b8339d9ba3649e0997a5328140b7f8479759Kenny Root put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10045.2.1", "SHA1withECDSA"); 2378b7521eb38878822be3817270cc074ee1e22095dKenny Root 2388b7521eb38878822be3817270cc074ee1e22095dKenny Root // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA2(3) 239f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA224withECDSA", "OpenSSLSignature$SHA224ECDSA"); 24071ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA224/ECDSA", "SHA224withECDSA"); 241d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root // ecdsa-with-SHA224(1) 242d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.Signature.1.2.840.10045.4.3.1", "SHA224withECDSA"); 24371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.1", "SHA224withECDSA"); 244d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.10045.2.1", "SHA224withECDSA"); 245d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root 246d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA2(3) 247f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA256withECDSA", "OpenSSLSignature$SHA256ECDSA"); 24871ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA256/ECDSA", "SHA256withECDSA"); 2498b7521eb38878822be3817270cc074ee1e22095dKenny Root // ecdsa-with-SHA256(2) 2508b7521eb38878822be3817270cc074ee1e22095dKenny Root put("Alg.Alias.Signature.1.2.840.10045.4.3.2", "SHA256withECDSA"); 25171ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.2", "SHA256withECDSA"); 2528bb213a92b67885fc6bc29cb136c8abb70155460Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.10045.2.1", "SHA256withECDSA"); 2538b7521eb38878822be3817270cc074ee1e22095dKenny Root 254f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA384withECDSA", "OpenSSLSignature$SHA384ECDSA"); 25571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA384/ECDSA", "SHA384withECDSA"); 2568b7521eb38878822be3817270cc074ee1e22095dKenny Root // ecdsa-with-SHA384(3) 2578b7521eb38878822be3817270cc074ee1e22095dKenny Root put("Alg.Alias.Signature.1.2.840.10045.4.3.3", "SHA384withECDSA"); 25871ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.3", "SHA384withECDSA"); 2598bb213a92b67885fc6bc29cb136c8abb70155460Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.2with1.2.840.10045.2.1", "SHA384withECDSA"); 2608b7521eb38878822be3817270cc074ee1e22095dKenny Root 261f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putSignatureImplClass("SHA512withECDSA", "OpenSSLSignature$SHA512ECDSA"); 26271ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.SHA512/ECDSA", "SHA512withECDSA"); 2638b7521eb38878822be3817270cc074ee1e22095dKenny Root // ecdsa-with-SHA512(4) 2648b7521eb38878822be3817270cc074ee1e22095dKenny Root put("Alg.Alias.Signature.1.2.840.10045.4.3.4", "SHA512withECDSA"); 26571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.4", "SHA512withECDSA"); 2668bb213a92b67885fc6bc29cb136c8abb70155460Kenny Root put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.3with1.2.840.10045.2.1", "SHA512withECDSA"); 2678b7521eb38878822be3817270cc074ee1e22095dKenny Root 268f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin putSignatureImplClass("SHA1withRSA/PSS", "OpenSSLSignature$SHA1RSAPSS"); 269f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin put("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); 270f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin 271f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin putSignatureImplClass("SHA224withRSA/PSS", "OpenSSLSignature$SHA224RSAPSS"); 272f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin put("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); 273f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin 274f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin putSignatureImplClass("SHA256withRSA/PSS", "OpenSSLSignature$SHA256RSAPSS"); 275f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin put("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); 276f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin 277f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin putSignatureImplClass("SHA384withRSA/PSS", "OpenSSLSignature$SHA384RSAPSS"); 278f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin put("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); 279f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin 280f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin putSignatureImplClass("SHA512withRSA/PSS", "OpenSSLSignature$SHA512RSAPSS"); 281f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin put("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); 282f313a83e04cf0b337f195bd9d7b89bd5365686e0Alex Klyubin 28322ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* === SecureRandom === */ 2842296bd6bf1d43d1ebceaabbb556d5542d529d311Kenny Root /* 2852296bd6bf1d43d1ebceaabbb556d5542d529d311Kenny Root * We have to specify SHA1PRNG because various documentation mentions 2862296bd6bf1d43d1ebceaabbb556d5542d529d311Kenny Root * that algorithm by name instead of just recommending calling 2872296bd6bf1d43d1ebceaabbb556d5542d529d311Kenny Root * "new SecureRandom()" 2882296bd6bf1d43d1ebceaabbb556d5542d529d311Kenny Root */ 289f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("SecureRandom.SHA1PRNG", PREFIX + "OpenSSLRandom"); 2902296bd6bf1d43d1ebceaabbb556d5542d529d311Kenny Root put("SecureRandom.SHA1PRNG ImplementedIn", "Software"); 2911d2bb8c9e7c2011247b2225b878419e292330eb2Kenny Root 29222ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* === Cipher === */ 293f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putRSACipherImplClass("RSA/ECB/NoPadding", "OpenSSLCipherRSA$Raw"); 2941d2bb8c9e7c2011247b2225b878419e292330eb2Kenny Root put("Alg.Alias.Cipher.RSA/None/NoPadding", "RSA/ECB/NoPadding"); 295f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putRSACipherImplClass("RSA/ECB/PKCS1Padding", "OpenSSLCipherRSA$PKCS1"); 296098faff2d757d91d9fd387a16053f55e1b4d5a5cBrian Carlstrom put("Alg.Alias.Cipher.RSA/None/PKCS1Padding", "RSA/ECB/PKCS1Padding"); 2971ddc76d634923479be2b520b2bf20f71ff4f1f44Kenny Root 298ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root putRSACipherImplClass("RSA/ECB/OAEPPadding", "OpenSSLCipherRSA$OAEP$SHA1"); 299f9e638afbd1744bb3dd8307780871be8dc8766afKenny Root put("Alg.Alias.Cipher.RSA/None/OAEPPadding", "RSA/ECB/OAEPPadding"); 300ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root putRSACipherImplClass("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", "OpenSSLCipherRSA$OAEP$SHA1"); 301ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-1AndMGF1Padding", 302ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-1AndMGF1Padding"); 303ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root putRSACipherImplClass( 304ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-224AndMGF1Padding", "OpenSSLCipherRSA$OAEP$SHA224"); 305ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-224AndMGF1Padding", 306ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-224AndMGF1Padding"); 307ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root putRSACipherImplClass( 308ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-256AndMGF1Padding", "OpenSSLCipherRSA$OAEP$SHA256"); 309ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-256AndMGF1Padding", 310ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"); 311ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root putRSACipherImplClass( 312ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-384AndMGF1Padding", "OpenSSLCipherRSA$OAEP$SHA384"); 313ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-384AndMGF1Padding", 314ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-384AndMGF1Padding"); 315ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root putRSACipherImplClass( 316ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-512AndMGF1Padding", "OpenSSLCipherRSA$OAEP$SHA512"); 317ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-512AndMGF1Padding", 318ed55a1efc99fc68c7e5d1c1df8b7513f4f4802a2Kenny Root "RSA/ECB/OAEPWithSHA-512AndMGF1Padding"); 319f9e638afbd1744bb3dd8307780871be8dc8766afKenny Root 3201ddc76d634923479be2b520b2bf20f71ff4f1f44Kenny Root /* 3211ddc76d634923479be2b520b2bf20f71ff4f1f44Kenny Root * OpenSSL only supports a subset of modes, so we'll name them 3221ddc76d634923479be2b520b2bf20f71ff4f1f44Kenny Root * explicitly here. 3230d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * 3240d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * Moreover, OpenSSL only supports PKCS#7 padding. PKCS#5 padding 3250d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * is also supported because it's a special case of PKCS#7 for 64-bit 3260d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * blocks. PKCS#5 technically supports only 64-bit blocks and won't 3270d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * produce the same result as PKCS#7 for blocks that are not 64 bits 3280d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * long. However, everybody assumes PKCS#7 when they say PKCS#5. For 3290d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * example, lots of code uses PKCS#5 with AES whose blocks are longer 3300d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * than 64 bits. We solve this confusion by making PKCS7Padding an 3310d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin * alias for PKCS5Padding. 3321ddc76d634923479be2b520b2bf20f71ff4f1f44Kenny Root */ 333110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("AES/ECB/NoPadding", 334110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root "OpenSSLCipher$EVP_CIPHER$AES$ECB$NoPadding"); 335110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("AES/ECB/PKCS5Padding", 336110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root "OpenSSLCipher$EVP_CIPHER$AES$ECB$PKCS5Padding"); 3370d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin put("Alg.Alias.Cipher.AES/ECB/PKCS7Padding", "AES/ECB/PKCS5Padding"); 338110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("AES/CBC/NoPadding", 339110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root "OpenSSLCipher$EVP_CIPHER$AES$CBC$NoPadding"); 340110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("AES/CBC/PKCS5Padding", 341110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root "OpenSSLCipher$EVP_CIPHER$AES$CBC$PKCS5Padding"); 3420d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin put("Alg.Alias.Cipher.AES/CBC/PKCS7Padding", "AES/CBC/PKCS5Padding"); 343110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("AES/CTR/NoPadding", "OpenSSLCipher$EVP_CIPHER$AES$CTR"); 344cea45ed2858f0b1e712b062e5598fc7eb4d97cdeKenny Root 345ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 346ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_128/ECB/NoPadding", "OpenSSLCipher$EVP_CIPHER$AES_128$ECB$NoPadding"); 347ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 348ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_128/ECB/PKCS5Padding", "OpenSSLCipher$EVP_CIPHER$AES_128$ECB$PKCS5Padding"); 349ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian put("Alg.Alias.Cipher.AES_128/ECB/PKCS7Padding", "AES_128/ECB/PKCS5Padding"); 350ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 351ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_128/CBC/NoPadding", "OpenSSLCipher$EVP_CIPHER$AES_128$CBC$NoPadding"); 352ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 353ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_128/CBC/PKCS5Padding", "OpenSSLCipher$EVP_CIPHER$AES_128$CBC$PKCS5Padding"); 354ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian put("Alg.Alias.Cipher.AES_128/CBC/PKCS7Padding", "AES_128/CBC/PKCS5Padding"); 355ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian 356e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA1AndAES_128", "AES_128/CBC/PKCS5PADDING"); 357e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA224AndAES_128", "AES_128/CBC/PKCS5PADDING"); 358e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA256AndAES_128", "AES_128/CBC/PKCS5PADDING"); 359e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA384AndAES_128", "AES_128/CBC/PKCS5PADDING"); 360e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA512AndAES_128", "AES_128/CBC/PKCS5PADDING"); 361e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian 362ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 363ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_256/ECB/NoPadding", "OpenSSLCipher$EVP_CIPHER$AES_256$ECB$NoPadding"); 364ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 365ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_256/ECB/PKCS5Padding", "OpenSSLCipher$EVP_CIPHER$AES_256$ECB$PKCS5Padding"); 366ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian put("Alg.Alias.Cipher.AES_256/ECB/PKCS7Padding", "AES_256/ECB/PKCS5Padding"); 367ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 368ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_256/CBC/NoPadding", "OpenSSLCipher$EVP_CIPHER$AES_256$CBC$NoPadding"); 369ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian putSymmetricCipherImplClass( 370ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian "AES_256/CBC/PKCS5Padding", "OpenSSLCipher$EVP_CIPHER$AES_256$CBC$PKCS5Padding"); 371ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian put("Alg.Alias.Cipher.AES_256/CBC/PKCS7Padding", "AES_256/CBC/PKCS5Padding"); 372ff81fe37c297e7dabcd103e7f051a1bfebedeb1dAdam Vartanian 373e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA1AndAES_256", "AES_256/CBC/PKCS5PADDING"); 374e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA224AndAES_256", "AES_256/CBC/PKCS5PADDING"); 375e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA256AndAES_256", "AES_256/CBC/PKCS5PADDING"); 376e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA384AndAES_256", "AES_256/CBC/PKCS5PADDING"); 377e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian put("Alg.Alias.Cipher.PBEWithHmacSHA512AndAES_256", "AES_256/CBC/PKCS5PADDING"); 378e3e3df1f45a03f13ce2c67b912c503bfeacb2876Adam Vartanian 379110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("DESEDE/CBC/NoPadding", 380110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root "OpenSSLCipher$EVP_CIPHER$DESEDE$CBC$NoPadding"); 381110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("DESEDE/CBC/PKCS5Padding", 382110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root "OpenSSLCipher$EVP_CIPHER$DESEDE$CBC$PKCS5Padding"); 3830d1f9b857696946e23046956f8f3484acd9de84bAlex Klyubin put("Alg.Alias.Cipher.DESEDE/CBC/PKCS7Padding", "DESEDE/CBC/PKCS5Padding"); 384cea45ed2858f0b1e712b062e5598fc7eb4d97cdeKenny Root 385110054e9931e167e32ec0f31bf00b58a8ad3882cKenny Root putSymmetricCipherImplClass("ARC4", "OpenSSLCipher$EVP_CIPHER$ARC4"); 38671ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Cipher.ARCFOUR", "ARC4"); 38771ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Cipher.RC4", "ARC4"); 38871ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Cipher.1.2.840.113549.3.4", "ARC4"); 38971ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Cipher.OID.1.2.840.113549.3.4", "ARC4"); 390ce4ace90d085db0865286fb6819acc82e6c9f64eKenny Root 391a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin putSymmetricCipherImplClass("AES/GCM/NoPadding", "OpenSSLCipher$EVP_AEAD$AES$GCM"); 392a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin put("Alg.Alias.Cipher.GCM", "AES/GCM/NoPadding"); 393a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.6", "AES/GCM/NoPadding"); 394a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.26", "AES/GCM/NoPadding"); 395a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.46", "AES/GCM/NoPadding"); 396a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin putSymmetricCipherImplClass( 397a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin "AES_128/GCM/NoPadding", "OpenSSLCipher$EVP_AEAD$AES$GCM$AES_128"); 398a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin putSymmetricCipherImplClass( 399a04b81de312ca277cb6df17061d931b6c56b95a0David Benjamin "AES_256/GCM/NoPadding", "OpenSSLCipher$EVP_AEAD$AES$GCM$AES_256"); 400f6f6620ccbad41df84c2be96a9f6c61a0ac3dd53Kenny Root 40122ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root /* === Mac === */ 40222ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root 403f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putMacImplClass("HmacMD5", "OpenSSLMac$HmacMD5"); 40471ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.1.3.6.1.5.5.8.1.1", "HmacMD5"); 40571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.HMAC-MD5", "HmacMD5"); 40671ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.HMAC/MD5", "HmacMD5"); 40722ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root 40822ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root // PKCS#2 - iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 40922ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root // http://www.oid-info.com/get/1.2.840.113549.2 41022ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root 41122ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root // HMAC-SHA-1 PRF (7) 412f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putMacImplClass("HmacSHA1", "OpenSSLMac$HmacSHA1"); 41322ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.7", "HmacSHA1"); 41471ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.1.3.6.1.5.5.8.1.2", "HmacSHA1"); 41522ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC-SHA1", "HmacSHA1"); 41622ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC/SHA1", "HmacSHA1"); 41722ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root 418d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root // id-hmacWithSHA224 (8) 419f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putMacImplClass("HmacSHA224", "OpenSSLMac$HmacSHA224"); 420abdd12276a5a9481e4c377820d5976c6dfe008e0Przemyslaw Szczepaniak put("Alg.Alias.Mac.1.2.840.113549.2.8", "HmacSHA224"); 421d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.Mac.HMAC-SHA224", "HmacSHA224"); 422d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root put("Alg.Alias.Mac.HMAC/SHA224", "HmacSHA224"); 42371ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.PBEWITHHMACSHA224", "HmacSHA224"); 424d2db2c558ef6afc14d59f4a6b547598ff3973597Kenny Root 42522ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root // id-hmacWithSHA256 (9) 426f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putMacImplClass("HmacSHA256", "OpenSSLMac$HmacSHA256"); 42722ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256"); 42871ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.2.16.840.1.101.3.4.2.1", "HmacSHA256"); 42922ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC-SHA256", "HmacSHA256"); 43022ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC/SHA256", "HmacSHA256"); 43171ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.PBEWITHHMACSHA256", "HmacSHA256"); 43222ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root 43322ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root // id-hmacWithSHA384 (10) 434f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putMacImplClass("HmacSHA384", "OpenSSLMac$HmacSHA384"); 43522ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384"); 43622ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC-SHA384", "HmacSHA384"); 43722ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC/SHA384", "HmacSHA384"); 43871ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.PBEWITHHMACSHA384", "HmacSHA384"); 43922ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root 44022ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root // id-hmacWithSHA384 (11) 441f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putMacImplClass("HmacSHA512", "OpenSSLMac$HmacSHA512"); 44222ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512"); 44322ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC-SHA512", "HmacSHA512"); 44422ce603f3bf4772e43de0fc36f80cf7d1d83c886Kenny Root put("Alg.Alias.Mac.HMAC/SHA512", "HmacSHA512"); 44571ba399571496034ff578306a65ec46d671b6bacAdam Vartanian put("Alg.Alias.Mac.PBEWITHHMACSHA512", "HmacSHA512"); 44632850b6ce29c70150cfe01c4ce2a1b353d92e6feKenny Root 44732850b6ce29c70150cfe01c4ce2a1b353d92e6feKenny Root /* === Certificate === */ 44832850b6ce29c70150cfe01c4ce2a1b353d92e6feKenny Root 449f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put("CertificateFactory.X509", PREFIX + "OpenSSLX509CertificateFactory"); 45032850b6ce29c70150cfe01c4ce2a1b353d92e6feKenny Root put("Alg.Alias.CertificateFactory.X.509", "X509"); 4511f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom } 452f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 453f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private void putMacImplClass(String algorithm, String className) { 454f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // Accept only keys for which any of the following is true: 455f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key is from this provider (subclass of OpenSSLKeyHolder), 456f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key provides its key material in "RAW" encoding via Key.getEncoded. 457f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyClasses = PREFIX + "OpenSSLKeyHolder"; 458f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyFormats = "RAW"; 459f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putImplClassWithKeyConstraints( 460f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "Mac." + algorithm, 461f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin PREFIX + className, 462f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyClasses, 463f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyFormats); 464f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 465f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 466f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private void putSymmetricCipherImplClass(String transformation, String className) { 467f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // Accept only keys for which any of the following is true: 468f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key provides its key material in "RAW" encoding via Key.getEncoded. 469f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyClasses = null; // ignored -- filtered based on encoding format only 470f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyFormats = "RAW"; 471f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putImplClassWithKeyConstraints( 472f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "Cipher." + transformation, 473f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin PREFIX + className, 474f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyClasses, 475f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyFormats); 476f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 477f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 478f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private void putRSACipherImplClass(String transformation, String className) { 479f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // Accept only keys for which any of the following is true: 480f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key is instance of OpenSSLRSAPrivateKey, RSAPrivateKey, OpenSSLRSAPublicKey, or 481f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // RSAPublicKey. 482f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyClasses = PREFIX + "OpenSSLRSAPrivateKey" 483f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_RSA_PRIVATE_KEY_INTERFACE_CLASS_NAME 484f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + PREFIX + "OpenSSLRSAPublicKey" 485f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_RSA_PUBLIC_KEY_INTERFACE_CLASS_NAME; 486f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyFormats = null; // ignored -- filtered based on class only 487f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putImplClassWithKeyConstraints( 488f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "Cipher." + transformation, 489f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin PREFIX + className, 490f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyClasses, 491f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyFormats); 492f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 493f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 494f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private void putSignatureImplClass(String algorithm, String className) { 495f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // Accept only keys for which any of the following is true: 496f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key is from this provider (subclass of OpenSSLKeyHolder), 497f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key provides its key material in "PKCS#8" or "X.509" encodings via Key.getEncoded. 498f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key is a transparent private key (subclass of RSAPrivateKey or ECPrivateKey). For 499f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // some reason this provider's Signature implementation does not unconditionally accept 500f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // transparent public keys -- it only accepts them if they provide their key material in 501f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // encoded form (see above). 502f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyClasses = PREFIX + "OpenSSLKeyHolder" 503f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_RSA_PRIVATE_KEY_INTERFACE_CLASS_NAME 504f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_EC_PRIVATE_KEY_INTERFACE_CLASS_NAME 505f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_RSA_PUBLIC_KEY_INTERFACE_CLASS_NAME; 506f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyFormats = "PKCS#8|X.509"; 507f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putImplClassWithKeyConstraints( 508f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "Signature." + algorithm, 509f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin PREFIX + className, 510f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyClasses, 511f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyFormats); 512f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 513f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 514f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private void putRAWRSASignatureImplClass(String className) { 515f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // Accept only keys for which any of the following is true: 516f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key is instance of OpenSSLRSAPrivateKey, RSAPrivateKey, OpenSSLRSAPublicKey, or 517f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // RSAPublicKey. 518f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyClasses = PREFIX + "OpenSSLRSAPrivateKey" 519f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_RSA_PRIVATE_KEY_INTERFACE_CLASS_NAME 520f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + PREFIX + "OpenSSLRSAPublicKey" 521f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_RSA_PUBLIC_KEY_INTERFACE_CLASS_NAME; 522f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyFormats = null; // ignored -- filtered based on class only 523f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putImplClassWithKeyConstraints( 524f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "Signature.NONEwithRSA", 525f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin PREFIX + className, 526f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyClasses, 527f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyFormats); 528f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 529f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 530f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private void putECDHKeyAgreementImplClass(String className) { 531f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // Accept only keys for which any of the following is true: 532f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key is from this provider (subclass of OpenSSLKeyHolder), 533f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key provides its key material in "PKCS#8" encoding via Key.getEncoded. 534f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin // * the key is a transparent EC private key (subclass of ECPrivateKey). 535f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyClasses = PREFIX + "OpenSSLKeyHolder" 536f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin + "|" + STANDARD_EC_PRIVATE_KEY_INTERFACE_CLASS_NAME; 537f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyFormats = "PKCS#8"; 538f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin putImplClassWithKeyConstraints( 539f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin "KeyAgreement.ECDH", 540f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin PREFIX + className, 541f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyClasses, 542f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin supportedKeyFormats); 543f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 544f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin 545f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin private void putImplClassWithKeyConstraints(String typeAndAlgName, 546f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String fullyQualifiedClassName, 547f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyClasses, 548f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin String supportedKeyFormats) { 549f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put(typeAndAlgName, fullyQualifiedClassName); 550f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin if (supportedKeyClasses != null) { 551f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put(typeAndAlgName + " SupportedKeyClasses", supportedKeyClasses); 552f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 553f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin if (supportedKeyFormats != null) { 554f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin put(typeAndAlgName + " SupportedKeyFormats", supportedKeyFormats); 555f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 556f2e0c381755ffbb6dcb8e5a151acc3e8f51bc582Alex Klyubin } 5571f42e0a4d7d28b8fc20833e0be05ad17dcfa8ea0Brian Carlstrom} 558