001: package org.bouncycastle.jce;
002:
003: import org.bouncycastle.asn1.ASN1InputStream;
004: import org.bouncycastle.asn1.ASN1Sequence;
005: import org.bouncycastle.asn1.ASN1Set;
006: import org.bouncycastle.asn1.DERBitString;
007: import org.bouncycastle.asn1.DEREncodable;
008: import org.bouncycastle.asn1.DERInteger;
009: import org.bouncycastle.asn1.DERNull;
010: import org.bouncycastle.asn1.DERObjectIdentifier;
011: import org.bouncycastle.asn1.DEROutputStream;
012: import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
013: import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
014: import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
015: import org.bouncycastle.asn1.pkcs.CertificationRequest;
016: import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
017: import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
018: import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
019: import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
020: import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
021: import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
022: import org.bouncycastle.asn1.x509.X509Name;
023: import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
024: import org.bouncycastle.util.Strings;
025:
026: import javax.security.auth.x500.X500Principal;
027: import java.io.ByteArrayInputStream;
028: import java.io.ByteArrayOutputStream;
029: import java.io.IOException;
030: import java.security.AlgorithmParameters;
031: import java.security.GeneralSecurityException;
032: import java.security.InvalidKeyException;
033: import java.security.KeyFactory;
034: import java.security.NoSuchAlgorithmException;
035: import java.security.NoSuchProviderException;
036: import java.security.PrivateKey;
037: import java.security.PublicKey;
038: import java.security.Signature;
039: import java.security.SignatureException;
040: import java.security.spec.InvalidKeySpecException;
041: import java.security.spec.PSSParameterSpec;
042: import java.security.spec.X509EncodedKeySpec;
043: import java.util.HashSet;
044: import java.util.Hashtable;
045: import java.util.Set;
046:
047: /**
048: * A class for verifying and creating PKCS10 Certification requests.
049: * <pre>
050: * CertificationRequest ::= SEQUENCE {
051: * certificationRequestInfo CertificationRequestInfo,
052: * signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
053: * signature BIT STRING
054: * }
055: *
056: * CertificationRequestInfo ::= SEQUENCE {
057: * version INTEGER { v1(0) } (v1,...),
058: * subject Name,
059: * subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
060: * attributes [0] Attributes{{ CRIAttributes }}
061: * }
062: *
063: * Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}
064: *
065: * Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
066: * type ATTRIBUTE.&id({IOSet}),
067: * values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
068: * }
069: * </pre>
070: */
071: public class PKCS10CertificationRequest extends CertificationRequest {
072: private static Hashtable algorithms = new Hashtable();
073: private static Hashtable params = new Hashtable();
074: private static Hashtable keyAlgorithms = new Hashtable();
075: private static Hashtable oids = new Hashtable();
076: private static Set noParams = new HashSet();
077:
078: static {
079: algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier(
080: "1.2.840.113549.1.1.2"));
081: algorithms.put("MD2WITHRSA", new DERObjectIdentifier(
082: "1.2.840.113549.1.1.2"));
083: algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier(
084: "1.2.840.113549.1.1.4"));
085: algorithms.put("MD5WITHRSA", new DERObjectIdentifier(
086: "1.2.840.113549.1.1.4"));
087: algorithms.put("RSAWITHMD5", new DERObjectIdentifier(
088: "1.2.840.113549.1.1.4"));
089: algorithms.put("SHA1WITHRSAENCRYPTION",
090: new DERObjectIdentifier("1.2.840.113549.1.1.5"));
091: algorithms.put("SHA1WITHRSA", new DERObjectIdentifier(
092: "1.2.840.113549.1.1.5"));
093: algorithms.put("SHA224WITHRSAENCRYPTION",
094: PKCSObjectIdentifiers.sha224WithRSAEncryption);
095: algorithms.put("SHA224WITHRSA",
096: PKCSObjectIdentifiers.sha224WithRSAEncryption);
097: algorithms.put("SHA256WITHRSAENCRYPTION",
098: PKCSObjectIdentifiers.sha256WithRSAEncryption);
099: algorithms.put("SHA256WITHRSA",
100: PKCSObjectIdentifiers.sha256WithRSAEncryption);
101: algorithms.put("SHA384WITHRSAENCRYPTION",
102: PKCSObjectIdentifiers.sha384WithRSAEncryption);
103: algorithms.put("SHA384WITHRSA",
104: PKCSObjectIdentifiers.sha384WithRSAEncryption);
105: algorithms.put("SHA512WITHRSAENCRYPTION",
106: PKCSObjectIdentifiers.sha512WithRSAEncryption);
107: algorithms.put("SHA512WITHRSA",
108: PKCSObjectIdentifiers.sha512WithRSAEncryption);
109: algorithms.put("SHA1WITHRSAANDMGF1",
110: PKCSObjectIdentifiers.id_RSASSA_PSS);
111: algorithms.put("SHA224WITHRSAANDMGF1",
112: PKCSObjectIdentifiers.id_RSASSA_PSS);
113: algorithms.put("SHA256WITHRSAANDMGF1",
114: PKCSObjectIdentifiers.id_RSASSA_PSS);
115: algorithms.put("SHA384WITHRSAANDMGF1",
116: PKCSObjectIdentifiers.id_RSASSA_PSS);
117: algorithms.put("SHA512WITHRSAANDMGF1",
118: PKCSObjectIdentifiers.id_RSASSA_PSS);
119: algorithms.put("RSAWITHSHA1", new DERObjectIdentifier(
120: "1.2.840.113549.1.1.5"));
121: algorithms.put("RIPEMD160WITHRSAENCRYPTION",
122: new DERObjectIdentifier("1.3.36.3.3.1.2"));
123: algorithms.put("RIPEMD160WITHRSA", new DERObjectIdentifier(
124: "1.3.36.3.3.1.2"));
125: algorithms.put("SHA1WITHDSA", new DERObjectIdentifier(
126: "1.2.840.10040.4.3"));
127: algorithms.put("DSAWITHSHA1", new DERObjectIdentifier(
128: "1.2.840.10040.4.3"));
129: algorithms.put("SHA224WITHDSA",
130: NISTObjectIdentifiers.dsa_with_sha224);
131: algorithms.put("SHA256WITHDSA",
132: NISTObjectIdentifiers.dsa_with_sha256);
133: algorithms.put("SHA1WITHECDSA",
134: X9ObjectIdentifiers.ecdsa_with_SHA1);
135: algorithms.put("SHA224WITHECDSA",
136: X9ObjectIdentifiers.ecdsa_with_SHA224);
137: algorithms.put("SHA256WITHECDSA",
138: X9ObjectIdentifiers.ecdsa_with_SHA256);
139: algorithms.put("SHA384WITHECDSA",
140: X9ObjectIdentifiers.ecdsa_with_SHA384);
141: algorithms.put("SHA512WITHECDSA",
142: X9ObjectIdentifiers.ecdsa_with_SHA512);
143: algorithms.put("ECDSAWITHSHA1",
144: X9ObjectIdentifiers.ecdsa_with_SHA1);
145: algorithms
146: .put(
147: "GOST3411WITHGOST3410",
148: CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
149: algorithms
150: .put(
151: "GOST3410WITHGOST3411",
152: CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
153: algorithms
154: .put(
155: "GOST3411WITHECGOST3410",
156: CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
157: algorithms
158: .put(
159: "GOST3411WITHECGOST3410-2001",
160: CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
161: algorithms
162: .put(
163: "GOST3411WITHGOST3410-2001",
164: CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
165:
166: //
167: // reverse mappings
168: //
169: oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.5"),
170: "SHA1WITHRSA");
171: oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption,
172: "SHA224WITHRSA");
173: oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption,
174: "SHA256WITHRSA");
175: oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption,
176: "SHA384WITHRSA");
177: oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption,
178: "SHA512WITHRSA");
179: oids
180: .put(
181: CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94,
182: "GOST3411WITHGOST3410");
183: oids
184: .put(
185: CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001,
186: "GOST3411WITHECGOST3410");
187:
188: oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.4"),
189: "MD5WITHRSA");
190: oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"),
191: "MD2WITHRSA");
192: oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"),
193: "SHA1WITHDSA");
194: oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
195: oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224,
196: "SHA224WITHECDSA");
197: oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256,
198: "SHA256WITHECDSA");
199: oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384,
200: "SHA384WITHECDSA");
201: oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512,
202: "SHA512WITHECDSA");
203: oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
204: oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA");
205: oids
206: .put(NISTObjectIdentifiers.dsa_with_sha224,
207: "SHA224WITHDSA");
208: oids
209: .put(NISTObjectIdentifiers.dsa_with_sha256,
210: "SHA256WITHDSA");
211:
212: //
213: // key types
214: //
215: keyAlgorithms.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
216: keyAlgorithms.put(X9ObjectIdentifiers.id_dsa, "DSA");
217:
218: //
219: // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
220: // The parameters field SHALL be NULL for RSA based signature algorithms.
221: //
222: noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1);
223: noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224);
224: noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256);
225: noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384);
226: noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512);
227: noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1);
228: noParams.add(NISTObjectIdentifiers.dsa_with_sha224);
229: noParams.add(NISTObjectIdentifiers.dsa_with_sha256);
230:
231: //
232: // RFC 4491
233: //
234: noParams
235: .add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
236: noParams
237: .add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
238: //
239: // explicit params
240: //
241: AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(
242: OIWObjectIdentifiers.idSHA1, new DERNull());
243: params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20));
244:
245: AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(
246: NISTObjectIdentifiers.id_sha224, new DERNull());
247: params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId,
248: 28));
249:
250: AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(
251: NISTObjectIdentifiers.id_sha256, new DERNull());
252: params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId,
253: 32));
254:
255: AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(
256: NISTObjectIdentifiers.id_sha384, new DERNull());
257: params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId,
258: 48));
259:
260: AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(
261: NISTObjectIdentifiers.id_sha512, new DERNull());
262: params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId,
263: 64));
264: }
265:
266: private static RSASSAPSSparams creatPSSParams(
267: AlgorithmIdentifier hashAlgId, int saltSize) {
268: return new RSASSAPSSparams(hashAlgId, new AlgorithmIdentifier(
269: PKCSObjectIdentifiers.id_mgf1, hashAlgId),
270: new DERInteger(saltSize), new DERInteger(1));
271: }
272:
273: private static ASN1Sequence toDERSequence(byte[] bytes) {
274: try {
275: ASN1InputStream dIn = new ASN1InputStream(bytes);
276:
277: return (ASN1Sequence) dIn.readObject();
278: } catch (Exception e) {
279: throw new IllegalArgumentException("badly encoded request");
280: }
281: }
282:
283: /**
284: * construct a PKCS10 certification request from a DER encoded
285: * byte stream.
286: */
287: public PKCS10CertificationRequest(byte[] bytes) {
288: super (toDERSequence(bytes));
289: }
290:
291: public PKCS10CertificationRequest(ASN1Sequence sequence) {
292: super (sequence);
293: }
294:
295: /**
296: * create a PKCS10 certfication request using the BC provider.
297: */
298: public PKCS10CertificationRequest(String signatureAlgorithm,
299: X509Name subject, PublicKey key, ASN1Set attributes,
300: PrivateKey signingKey) throws NoSuchAlgorithmException,
301: NoSuchProviderException, InvalidKeyException,
302: SignatureException {
303: this (signatureAlgorithm, subject, key, attributes, signingKey,
304: "BC");
305: }
306:
307: private static X509Name convertName(X500Principal name) {
308: try {
309: return new X509Principal(name.getEncoded());
310: } catch (IOException e) {
311: throw new IllegalArgumentException("can't convert name");
312: }
313: }
314:
315: /**
316: * create a PKCS10 certfication request using the BC provider.
317: */
318: public PKCS10CertificationRequest(String signatureAlgorithm,
319: X500Principal subject, PublicKey key, ASN1Set attributes,
320: PrivateKey signingKey) throws NoSuchAlgorithmException,
321: NoSuchProviderException, InvalidKeyException,
322: SignatureException {
323: this (signatureAlgorithm, convertName(subject), key, attributes,
324: signingKey, "BC");
325: }
326:
327: /**
328: * create a PKCS10 certfication request using the named provider.
329: */
330: public PKCS10CertificationRequest(String signatureAlgorithm,
331: X500Principal subject, PublicKey key, ASN1Set attributes,
332: PrivateKey signingKey, String provider)
333: throws NoSuchAlgorithmException, NoSuchProviderException,
334: InvalidKeyException, SignatureException {
335: this (signatureAlgorithm, convertName(subject), key, attributes,
336: signingKey, provider);
337: }
338:
339: /**
340: * create a PKCS10 certfication request using the named provider.
341: */
342: public PKCS10CertificationRequest(String signatureAlgorithm,
343: X509Name subject, PublicKey key, ASN1Set attributes,
344: PrivateKey signingKey, String provider)
345: throws NoSuchAlgorithmException, NoSuchProviderException,
346: InvalidKeyException, SignatureException {
347: String algorithmName = Strings.toUpperCase(signatureAlgorithm);
348: DERObjectIdentifier sigOID = (DERObjectIdentifier) algorithms
349: .get(algorithmName);
350:
351: if (sigOID == null) {
352: throw new IllegalArgumentException(
353: "Unknown signature type requested");
354: }
355:
356: if (subject == null) {
357: throw new IllegalArgumentException(
358: "subject must not be null");
359: }
360:
361: if (key == null) {
362: throw new IllegalArgumentException(
363: "public key must not be null");
364: }
365:
366: if (noParams.contains(sigOID)) {
367: this .sigAlgId = new AlgorithmIdentifier(sigOID);
368: } else if (params.containsKey(algorithmName)) {
369: this .sigAlgId = new AlgorithmIdentifier(sigOID,
370: (DEREncodable) params.get(algorithmName));
371: } else {
372: this .sigAlgId = new AlgorithmIdentifier(sigOID, null);
373: }
374:
375: byte[] bytes = key.getEncoded();
376: ByteArrayInputStream bIn = new ByteArrayInputStream(bytes);
377: ASN1InputStream dIn = new ASN1InputStream(bIn);
378:
379: try {
380: this .reqInfo = new CertificationRequestInfo(subject,
381: new SubjectPublicKeyInfo((ASN1Sequence) dIn
382: .readObject()), attributes);
383: } catch (IOException e) {
384: throw new IllegalArgumentException(
385: "can't encode public key");
386: }
387:
388: Signature sig = Signature.getInstance(signatureAlgorithm,
389: provider);
390:
391: sig.initSign(signingKey);
392:
393: try {
394: ByteArrayOutputStream bOut = new ByteArrayOutputStream();
395: DEROutputStream dOut = new DEROutputStream(bOut);
396:
397: dOut.writeObject(reqInfo);
398:
399: sig.update(bOut.toByteArray());
400: } catch (Exception e) {
401: throw new IllegalArgumentException(
402: "exception encoding TBS cert request - " + e);
403: }
404:
405: this .sigBits = new DERBitString(sig.sign());
406: }
407:
408: /**
409: * return the public key associated with the certification request -
410: * the public key is created using the BC provider.
411: */
412: public PublicKey getPublicKey() throws NoSuchAlgorithmException,
413: NoSuchProviderException, InvalidKeyException {
414: return getPublicKey("BC");
415: }
416:
417: public PublicKey getPublicKey(String provider)
418: throws NoSuchAlgorithmException, NoSuchProviderException,
419: InvalidKeyException {
420: SubjectPublicKeyInfo subjectPKInfo = reqInfo
421: .getSubjectPublicKeyInfo();
422: X509EncodedKeySpec xspec = new X509EncodedKeySpec(
423: new DERBitString(subjectPKInfo).getBytes());
424: AlgorithmIdentifier keyAlg = subjectPKInfo.getAlgorithmId();
425:
426: try {
427: try {
428: return KeyFactory.getInstance(
429: keyAlg.getObjectId().getId(), provider)
430: .generatePublic(xspec);
431: } catch (NoSuchAlgorithmException e) {
432: //
433: // try an alternate
434: //
435: if (keyAlgorithms.get(keyAlg.getObjectId()) != null) {
436: String keyAlgorithm = (String) keyAlgorithms
437: .get(keyAlg.getObjectId());
438:
439: return KeyFactory.getInstance(keyAlgorithm,
440: provider).generatePublic(xspec);
441: }
442:
443: throw e;
444: }
445: } catch (InvalidKeySpecException e) {
446: throw new InvalidKeyException("error decoding public key");
447: }
448: }
449:
450: /**
451: * verify the request using the BC provider.
452: */
453: public boolean verify() throws NoSuchAlgorithmException,
454: NoSuchProviderException, InvalidKeyException,
455: SignatureException {
456: return verify("BC");
457: }
458:
459: /**
460: * verify the request using the passed in provider.
461: */
462: public boolean verify(String provider)
463: throws NoSuchAlgorithmException, NoSuchProviderException,
464: InvalidKeyException, SignatureException {
465: return verify(this .getPublicKey(provider), provider);
466: }
467:
468: /**
469: * verify the request using the passed in public key and the provider..
470: */
471: public boolean verify(PublicKey pubKey, String provider)
472: throws NoSuchAlgorithmException, NoSuchProviderException,
473: InvalidKeyException, SignatureException {
474: Signature sig;
475:
476: try {
477: sig = Signature.getInstance(getSignatureName(sigAlgId),
478: provider);
479: } catch (NoSuchAlgorithmException e) {
480: //
481: // try an alternate
482: //
483: if (oids.get(sigAlgId.getObjectId()) != null) {
484: String signatureAlgorithm = (String) oids.get(sigAlgId
485: .getObjectId());
486:
487: sig = Signature.getInstance(signatureAlgorithm,
488: provider);
489: } else {
490: throw e;
491: }
492: }
493:
494: setSignatureParameters(sig, sigAlgId.getParameters());
495:
496: sig.initVerify(pubKey);
497:
498: try {
499: ByteArrayOutputStream bOut = new ByteArrayOutputStream();
500: DEROutputStream dOut = new DEROutputStream(bOut);
501:
502: dOut.writeObject(reqInfo);
503:
504: sig.update(bOut.toByteArray());
505: } catch (Exception e) {
506: throw new SignatureException(
507: "exception encoding TBS cert request - " + e);
508: }
509:
510: return sig.verify(sigBits.getBytes());
511: }
512:
513: /**
514: * return a DER encoded byte array representing this object
515: */
516: public byte[] getEncoded() {
517: ByteArrayOutputStream bOut = new ByteArrayOutputStream();
518: DEROutputStream dOut = new DEROutputStream(bOut);
519:
520: try {
521: dOut.writeObject(this );
522: } catch (IOException e) {
523: throw new RuntimeException(e.toString());
524: }
525:
526: return bOut.toByteArray();
527: }
528:
529: private void setSignatureParameters(Signature signature,
530: DEREncodable params) throws NoSuchAlgorithmException,
531: SignatureException, InvalidKeyException {
532: if (params != null && !DERNull.INSTANCE.equals(params)) {
533: AlgorithmParameters sigParams = AlgorithmParameters
534: .getInstance(signature.getAlgorithm(), signature
535: .getProvider());
536:
537: try {
538: sigParams.init(params.getDERObject().getDEREncoded());
539: } catch (IOException e) {
540: throw new SignatureException(
541: "IOException decoding parameters: "
542: + e.getMessage());
543: }
544:
545: if (signature.getAlgorithm().endsWith("MGF1")) {
546: try {
547: signature.setParameter(sigParams
548: .getParameterSpec(PSSParameterSpec.class));
549: } catch (GeneralSecurityException e) {
550: throw new SignatureException(
551: "Exception extracting parameters: "
552: + e.getMessage());
553: }
554: }
555: }
556: }
557:
558: static String getSignatureName(AlgorithmIdentifier sigAlgId) {
559: DEREncodable params = sigAlgId.getParameters();
560:
561: if (params != null && !DERNull.INSTANCE.equals(params)) {
562: if (sigAlgId.getObjectId().equals(
563: PKCSObjectIdentifiers.id_RSASSA_PSS)) {
564: RSASSAPSSparams rsaParams = RSASSAPSSparams
565: .getInstance(params);
566: return getDigestAlgName(rsaParams.getHashAlgorithm()
567: .getObjectId())
568: + "withRSAandMGF1";
569: }
570: }
571:
572: return sigAlgId.getObjectId().getId();
573: }
574:
575: private static String getDigestAlgName(
576: DERObjectIdentifier digestAlgOID) {
577: if (PKCSObjectIdentifiers.md5.equals(digestAlgOID)) {
578: return "MD5";
579: } else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID)) {
580: return "SHA1";
581: } else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) {
582: return "SHA224";
583: } else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) {
584: return "SHA256";
585: } else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) {
586: return "SHA384";
587: } else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) {
588: return "SHA512";
589: } else if (TeleTrusTObjectIdentifiers.ripemd128
590: .equals(digestAlgOID)) {
591: return "RIPEMD128";
592: } else if (TeleTrusTObjectIdentifiers.ripemd160
593: .equals(digestAlgOID)) {
594: return "RIPEMD160";
595: } else if (TeleTrusTObjectIdentifiers.ripemd256
596: .equals(digestAlgOID)) {
597: return "RIPEMD256";
598: } else if (CryptoProObjectIdentifiers.gostR3411
599: .equals(digestAlgOID)) {
600: return "GOST3411";
601: } else {
602: return digestAlgOID.getId();
603: }
604: }
605: }
|