Class AlgorithmId
java.lang.Object
org.mozilla.jss.netscape.security.x509.AlgorithmId
- All Implemented Interfaces:
Serializable
,DerEncoder
- Direct Known Subclasses:
AlgIdDSA
This class identifies algorithms, such as cryptographic transforms, each
of which may be associated with parameters. Instances of this base class
are used when this runtime environment has no special knowledge of the
algorithm type, and may also be used in other cases. Equivalence is
defined according to OID and (where relevant) parameters.
Subclasses may be used, for example when when the algorithm ID has associated parameters which some code (e.g. code using public keys) needs to have parsed. Two examples of such algorithms are Diffie-Hellman key exchange, and the Digital Signature Standard Algorithm (DSS/DSA).
The OID constants defined in this class correspond to some widely used algorithms, for which conventional string names have been defined. This class is not a general repository for OIDs, or for such string names. Note that the mappings between algorithm IDs and algorithm names is not one-to-one.
- Version:
- 1.70
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate ObjectIdentifier
The object identitifer being used for this algorithm.private AlgorithmParameters
static final String[]
All supported signing algorithms.private static final int[]
private static final int[]
static final ObjectIdentifier
static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version.private String
private static final int[]
static final ObjectIdentifier
Algorithm ID for Diffie Hellman Key agreement, from PKCS #3.private static final int[]
static final ObjectIdentifier
Algorithm ID for the Diffie Hellman Key Agreement (DH), from the IETF PKIX IPKI Part I.static final ObjectIdentifier
Algorithm ID for the Digital Signing Algorithm (DSA), from the IETF PKIX IPKI Part I.private static final int[]
static final ObjectIdentifier
Algorithm ID for the Digital Signing Algorithm (DSA), from the NIST OIW Stable Agreements part 12.private static final int[]
static final String[]
Deprecated, for removal: This API element is subject to removal in a future version.private static final int[]
Deprecated, for removal: This API element is subject to removal in a future version.static final String[]
private static final int[]
static final ObjectIdentifier
Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319.private static final int[]
static final ObjectIdentifier
Identifies a signing algorithm where an MD2 digest is encrypted using an RSA private key; defined in PKCS #1.private static final int[]
static final ObjectIdentifier
Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321.private static final int[]
static final ObjectIdentifier
Identifies a signing algorithm where an MD5 digest is encrypted using an RSA private key; defined in PKCS #1.private static final int[]
static final ObjectIdentifier
protected DerValue
Parameters for this algorithm.protected String
private static final int[]
static final ObjectIdentifier
Algorithm ID for RSA keys used for any purpose, as defined in X.509.static final String[]
Supported signing algorithms for a RSA key.private static final int[]
static final ObjectIdentifier
Algorithm ID for RSA keys used with RSA encryption, as defined in PKCS #1.private static final int[]
static final ObjectIdentifier
private static final long
use serialVersionUID from JDK 1.1.static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version.private static final int[]
Deprecated, for removal: This API element is subject to removal in a future version.static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version.private static final int[]
Deprecated, for removal: This API element is subject to removal in a future version.static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version.private static final int[]
Deprecated, for removal: This API element is subject to removal in a future version.static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version.private static final int[]
Deprecated, for removal: This API element is subject to removal in a future version.static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version.private static final int[]
Deprecated, for removal: This API element is subject to removal in a future version.static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version.private static final int[]
static final ObjectIdentifier
private static final int[]
static final ObjectIdentifier
private static final int[]
static final ObjectIdentifier
private static final int[]
static final ObjectIdentifier
The proper one for sha256/rsaprivate static final int[]
static final ObjectIdentifier
private static final int[]
static final ObjectIdentifier
private static final int[]
static final ObjectIdentifier
The proper one for sha384/rsaprivate static final int[]
static final ObjectIdentifier
private static final int[]
static final ObjectIdentifier
private static final int[]
static final ObjectIdentifier
The proper one for sha512/rsaprivate static final int[]
Deprecated, for removal: This API element is subject to removal in a future version.static final ObjectIdentifier
Deprecated, for removal: This API element is subject to removal in a future version. -
Constructor Summary
ConstructorsModifierConstructorDescriptionDeprecated.use one of the other constructors.Constructs an algorithm ID with possible RSAPSS params.AlgorithmId
(ObjectIdentifier oid, String algName) Constructor that takes the oid and name, so the name can be cachedf or laster use.AlgorithmId
(ObjectIdentifier oid, AlgorithmParameters params) Constructs an algorithm ID with a fully encoded params objectprivate
AlgorithmId
(ObjectIdentifier oid, DerValue params) -
Method Summary
Modifier and TypeMethodDescriptionprivate String
algName()
private static ObjectIdentifier
static AlgorithmParameters
createPSSAlgorithmParameters
(String algName) Used to create the PSS algorithm params needed for RSA PSS signatures.static AlgorithmParameters
createPSSAlgorithmParametersFromData
(byte[] der) protected void
void
derEncode
(OutputStream out) DER encode this object onto an output stream.void
derEncodeWithContext
(OutputStream out, int contextVal) DER encode this object onto an output stream.final byte[]
encode()
Returns the DER-encoded X.509 AlgorithmId as a byte array.final void
encode
(DerOutputStream out) Marshal a DER-encoded "AlgorithmID" sequence on the DER stream.boolean
Compares this AlgorithmID to another.final boolean
Compares two algorithm IDs for equality.boolean
equals
(AlgorithmId other) Returns true iff the argument indicates the same algorithm with the same parameters.static AlgorithmId
Returns one of the algorithm IDs most commonly associated with this algorithm name.byte[]
Returns the DER encoded parameter, which can then be used to initialize java.security.AlgorithmParamters.getName()
Returns a name for the algorithm which may be more intelligible to humans than the algorithm's OID, but which won't necessarily be comprehensible on other systems.final ObjectIdentifier
getOID()
Returns the ISO OID for this algorithm.private AlgorithmParameters
getPSSParams
(String algName) static String[]
Returns list of signing algorithms for a key algorithm such as RSA or DSA.int
hashCode()
protected String
Provides a human-readable description of the algorithm parameters.static AlgorithmId
parse
(byte[] val) static AlgorithmId
Parse (unmarshal) an ID from a DER sequence input value.void
setParametersString
(String paramStr) toString()
Returns a string describing only the algorithm without parameters.Returns a string describing the algorithm and its parameters.
-
Field Details
-
serialVersionUID
private static final long serialVersionUIDuse serialVersionUID from JDK 1.1. for interoperability- See Also:
-
algid
The object identitifer being used for this algorithm. -
algParams
-
cachedAlgName
-
params
Parameters for this algorithm. These are stored in unparsed DER-encoded form; subclasses can be made to automaticaly parse them so there is fast access to these parameters. -
paramsString
-
MD2_data
private static final int[] MD2_data -
MD5_data
private static final int[] MD5_data -
SHA1_OIW_data
Deprecated, for removal: This API element is subject to removal in a future version. -
SHA256_data
private static final int[] SHA256_data -
SHA384_data
private static final int[] SHA384_data -
SHA512_data
private static final int[] SHA512_data -
MGF1_data
private static final int[] MGF1_data -
MD2_oid
Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319. OID = 1.2.840.113549.2.2 -
MD5_oid
Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321. OID = 1.2.840.113549.2.5 -
SHA_oid
Deprecated, for removal: This API element is subject to removal in a future version.Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1. This is sometimes called "SHA", though that is often confusing since many people refer to FIPS 180 (which has an error) as defining SHA. OID = 1.3.14.3.2.26 -
SHA256_oid
-
SHA384_oid
-
SHA512_oid
-
MGF1_oid
-
DH_data
private static final int[] DH_data -
DH_PKIX_data
private static final int[] DH_PKIX_data -
DSA_OIW_data
private static final int[] DSA_OIW_data -
DSA_PKIX_data
private static final int[] DSA_PKIX_data -
RSA_data
private static final int[] RSA_data -
RSAEncryption_data
private static final int[] RSAEncryption_data -
ANSI_X962_public_key_data
private static final int[] ANSI_X962_public_key_data -
ANSI_X962_sha1_with_ec_data
private static final int[] ANSI_X962_sha1_with_ec_data -
ANSIX962_EC_Public_Key_oid
-
ANSIX962_SHA1_With_EC_oid
@Deprecated(since="5.0.1", forRemoval=true) public static final ObjectIdentifier ANSIX962_SHA1_With_EC_oidDeprecated, for removal: This API element is subject to removal in a future version. -
DH_oid
Algorithm ID for Diffie Hellman Key agreement, from PKCS #3. Parameters include public values P and G, and may optionally specify the length of the private key X. Alternatively, algorithm parameters may be derived from another source such as a Certificate Authority's certificate. OID = 1.2.840.113549.1.3.1 -
DH_PKIX_oid
Algorithm ID for the Diffie Hellman Key Agreement (DH), from the IETF PKIX IPKI Part I. Parameters may include public values P and G. OID = 1.2.840.10046.2.1 -
DSA_OIW_oid
Algorithm ID for the Digital Signing Algorithm (DSA), from the NIST OIW Stable Agreements part 12. Parameters may include public values P, Q, and G; or these may be derived from another source such as a Certificate Authority's certificate. OID = 1.3.14.3.2.12 -
DSA_oid
Algorithm ID for the Digital Signing Algorithm (DSA), from the IETF PKIX IPKI Part I. Parameters may include public values P, Q, and G; or these may be derived from another source such as a Certificate Authority's certificate. OID = 1.2.840.10040.4.1 -
RSA_oid
Algorithm ID for RSA keys used for any purpose, as defined in X.509. The algorithm parameter is a single value, the number of bits in the public modulus. OID = 1.2.5.8.1.1 -
RSAEncryption_oid
Algorithm ID for RSA keys used with RSA encryption, as defined in PKCS #1. There are no parameters associated with this algorithm. OID = 1.2.840.113549.1.1.1 -
sha1WithEC_data
Deprecated, for removal: This API element is subject to removal in a future version. -
sha224WithEC_data
private static final int[] sha224WithEC_data -
sha256WithEC_data
private static final int[] sha256WithEC_data -
sha384WithEC_data
private static final int[] sha384WithEC_data -
sha512WithEC_data
private static final int[] sha512WithEC_data -
md2WithRSAEncryption_data
private static final int[] md2WithRSAEncryption_data -
md5WithRSAEncryption_data
private static final int[] md5WithRSAEncryption_data -
sha1WithRSAEncryption_data
Deprecated, for removal: This API element is subject to removal in a future version. -
sha256WithRSAEncryption_data
private static final int[] sha256WithRSAEncryption_data -
sha384WithRSAEncryption_data
private static final int[] sha384WithRSAEncryption_data -
sha512WithRSAEncryption_data
private static final int[] sha512WithRSAEncryption_data -
sha1WithRSAEncryption_OIW_data
@Deprecated(since="5.0.1", forRemoval=true) private static final int[] sha1WithRSAEncryption_OIW_dataDeprecated, for removal: This API element is subject to removal in a future version. -
shaWithDSA_OIW_data
Deprecated, for removal: This API element is subject to removal in a future version. -
sha1WithDSA_OIW_data
Deprecated, for removal: This API element is subject to removal in a future version. -
dsaWithSHA1_PKIX_data
Deprecated, for removal: This API element is subject to removal in a future version. -
rsaPSS_data
private static final int[] rsaPSS_data -
sha1WithEC_oid
Deprecated, for removal: This API element is subject to removal in a future version. -
sha224WithEC_oid
-
sha256WithEC_oid
-
sha384WithEC_oid
-
sha512WithEC_oid
-
rsaPSS_oid
-
md2WithRSAEncryption_oid
Identifies a signing algorithm where an MD2 digest is encrypted using an RSA private key; defined in PKCS #1. Use of this signing algorithm is discouraged due to MD2 vulnerabilities. OID = 1.2.840.113549.1.1.2 -
md5WithRSAEncryption_oid
Identifies a signing algorithm where an MD5 digest is encrypted using an RSA private key; defined in PKCS #1. OID = 1.2.840.113549.1.1.4 -
sha1WithRSAEncryption_oid
@Deprecated(since="5.0.1", forRemoval=true) public static final ObjectIdentifier sha1WithRSAEncryption_oidDeprecated, for removal: This API element is subject to removal in a future version.The proper one for sha1/rsa -
sha256WithRSAEncryption_oid
The proper one for sha256/rsa -
sha384WithRSAEncryption_oid
The proper one for sha384/rsa -
sha512WithRSAEncryption_oid
The proper one for sha512/rsa -
sha1WithRSAEncryption_OIW_oid
@Deprecated(since="5.0.1", forRemoval=true) public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oidDeprecated, for removal: This API element is subject to removal in a future version.Identifies a signing algorithm where an SHA1 digest is encrypted using an RSA private key; defined in NIST OIW. OID = 1.3.14.3.2.29 -
shaWithDSA_OIW_oid
Deprecated, for removal: This API element is subject to removal in a future version.Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA digest is signed using the Digital Signing Algorithm (DSA). This should not be used. OID = 1.3.14.3.2.13 -
sha1WithDSA_OIW_oid
@Deprecated(since="5.0.1", forRemoval=true) public static final ObjectIdentifier sha1WithDSA_OIW_oidDeprecated, for removal: This API element is subject to removal in a future version.Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1 digest is signed using the Digital Signing Algorithm (DSA). OID = 1.3.14.3.2.27 -
sha1WithDSA_oid
Deprecated, for removal: This API element is subject to removal in a future version.Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1 digest is signed using the Digital Signing Algorithm (DSA). OID = 1.2.840.10040.4.3 -
DSA_SIGNING_ALGORITHMS
Deprecated, for removal: This API element is subject to removal in a future version.Supported signing algorithms for a DSA key. -
RSA_SIGNING_ALGORITHMS
Supported signing algorithms for a RSA key. -
EC_SIGNING_ALGORITHMS
-
ALL_SIGNING_ALGORITHMS
All supported signing algorithms.
-
-
Constructor Details
-
AlgorithmId
public AlgorithmId(ObjectIdentifier oid, AlgorithmParameters params) throws IOException, NoSuchAlgorithmException Constructs an algorithm ID with a fully encoded params object- Parameters:
oid
- the identifier for the algorithmparams
- the fully encoded AlgorithmIdentifier Object- Throws:
NoSuchAlgorithmException
IOException
-
AlgorithmId
public AlgorithmId(ObjectIdentifier oid, String algName) throws IOException, NoSuchAlgorithmException Constructor that takes the oid and name, so the name can be cachedf or laster use.- Parameters:
oid
- the identifier for the algorithmalgName
- the algorithm name- Throws:
NoSuchAlgorithmException
IOException
-
AlgorithmId
Constructs an algorithm ID with possible RSAPSS params.- Parameters:
oid
- the identifier for the algorithm
-
AlgorithmId
- Throws:
IOException
-
AlgorithmId
Deprecated.use one of the other constructors.Constructs an algorithm ID which will be initialized separately, for example by deserialization.
-
-
Method Details
-
getParameters
-
getParametersString
-
setParametersString
-
get
Returns one of the algorithm IDs most commonly associated with this algorithm name.- Parameters:
algname
- the name being used- Returns:
- an ID for the algorithm.
- Throws:
NoSuchAlgorithmException
- on error.
-
parse
Parse (unmarshal) an ID from a DER sequence input value. This form parsing might be used when expanding a value which has already been partially unmarshaled as a set or sequence member.- Parameters:
val
- the input value, which contains the algid and, if there are any parameters, those parameters.- Returns:
- an ID for the algorithm. If the system is configured appropriately, this may be an instance of a class with some kind of special support for this algorithm. In that case, you may "narrow" the type of the ID.
- Throws:
IOException
- on error.
-
parse
- Throws:
IOException
-
getPSSParams
private AlgorithmParameters getPSSParams(String algName) throws NoSuchAlgorithmException, IOException - Throws:
NoSuchAlgorithmException
IOException
-
decodeParams
- Throws:
IOException
-
encode
Marshal a DER-encoded "AlgorithmID" sequence on the DER stream.- Parameters:
out
- the output stream on which to write the DER encoding.- Throws:
IOException
- on encoding error.
-
derEncode
DER encode this object onto an output stream. Implements theDerEncoder
interface.- Specified by:
derEncode
in interfaceDerEncoder
- Parameters:
out
- the output stream on which to write the DER encoding.- Throws:
IOException
- on encoding error.
-
derEncodeWithContext
DER encode this object onto an output stream. Implements theDerEncoder
interface.- Parameters:
out
- the output stream on which to write the DER encoding params, using context value.contextVal
- context value- Throws:
IOException
- on encoding error.
-
encode
Returns the DER-encoded X.509 AlgorithmId as a byte array.- Returns:
- the byte array
- Throws:
IOException
- If an error occurred.
-
getSigningAlgorithms
Returns list of signing algorithms for a key algorithm such as RSA or DSA.- Parameters:
alg
- key algorithm- Returns:
- list of signing algorithms
-
algOID
-
algName
-
getOID
Returns the ISO OID for this algorithm. This is usually converted to a string and used as part of an algorithm name, for example "OID.1.3.14.3.2.13" style notation. Use thegetName
call when you do not need to ensure cross-system portability of algorithm names, or need a user friendly name.- Returns:
- the ISO OID
-
getName
Returns a name for the algorithm which may be more intelligible to humans than the algorithm's OID, but which won't necessarily be comprehensible on other systems. For example, this might return a name such as "MD5withRSA" for a signature algorithm on some systems. It also returns names like "OID.1.2.3.4", when no particular name for the algorithm is known.- Returns:
- the name
-
toString
Returns a string describing only the algorithm without parameters. Use toStringWithParams() for algorithm name and paramaters, or paramsToString() for just parameters. -
toStringWithParams
Returns a string describing the algorithm and its parameters.- Returns:
- algorithm name and parameters
-
getEncodedParams
Returns the DER encoded parameter, which can then be used to initialize java.security.AlgorithmParamters.- Returns:
- DER encoded parameters, or null not present.
- Throws:
IOException
- If an error occurred.
-
paramsToString
Provides a human-readable description of the algorithm parameters. This may be redefined by subclasses which parse those parameters.- Returns:
- algorithm parameters description
-
equals
Returns true iff the argument indicates the same algorithm with the same parameters.- Parameters:
other
- another algorithm ID- Returns:
- true iff it's identical
-
equals
Compares this AlgorithmID to another. If algorithm parameters are available, they are compared. Otherwise, just the object IDs for the algorithm are compared. -
hashCode
public int hashCode() -
equals
Compares two algorithm IDs for equality. Returns true iff they are the same algorithm, ignoring algorithm parameters.- Parameters:
id
- another algorithm ID- Returns:
- true iff it's the same
-
createPSSAlgorithmParametersFromData
- Throws:
Exception
-
createPSSAlgorithmParameters
public static AlgorithmParameters createPSSAlgorithmParameters(String algName) throws IllegalArgumentException, NoSuchProviderException, InvalidParameterSpecException, NoSuchAlgorithmException Used to create the PSS algorithm params needed for RSA PSS signatures.- Parameters:
algName
- algorithm name- Returns:
- algorithm parameters
- Throws:
IllegalArgumentException
NoSuchProviderException
InvalidParameterSpecException
NoSuchAlgorithmException
-