summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2011-01-11 19:22:01 +0000
committerclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2011-01-11 19:22:01 +0000
commit0ab2acec3b22feaeb19767a64281054a7437552b (patch)
tree6184e4b1e241379c46e8d6cbbdfdbf19eee95d28
parent1adb10227e9a722b5ea6a93ec928d805c826d328 (diff)
downloadmocca-0ab2acec3b22feaeb19767a64281054a7437552b.tar.gz
mocca-0ab2acec3b22feaeb19767a64281054a7437552b.tar.bz2
mocca-0ab2acec3b22feaeb19767a64281054a7437552b.zip
enable SHA-2 for RSA >= 2048 or ECDSA >= 256
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.3.4-update1-sha2@889 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java190
1 files changed, 95 insertions, 95 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
index f1219a6c..d2c4106b 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package at.gv.egiz.bku.slcommands.impl.xsect;
-
+package at.gv.egiz.bku.slcommands.impl.xsect;
+
import iaik.security.ecc.interfaces.ECDSAParams;
import iaik.xml.crypto.XmldsigMore;
@@ -33,53 +33,53 @@ import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
-
-/**
- * An implementation of the AlgorithmMethod factory that uses the signing
- * certificate to choose appropriate algorithms.
- *
- * @author mcentner
- */
-public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
+
+/**
+ * An implementation of the AlgorithmMethod factory that uses the signing
+ * certificate to choose appropriate algorithms.
+ *
+ * @author mcentner
+ */
+public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
/**
* Use SHA-2?
*/
- private static boolean SHA2 = false;
-
- /**
- * The signature algorithm URI.
- */
+ private static boolean SHA2 = true;
+
+ /**
+ * The signature algorithm URI.
+ */
private String signatureAlgorithmURI;
/**
* the digest algorithm URI.
*/
- private String digestAlgorithmURI = DigestMethod.SHA1;
-
- /**
- * The algorithm parameters for the signature algorithm.
- */
- private SignatureMethodParameterSpec signatureMethodParameterSpec;
-
- /**
- * Creates a new AlgrithmMethodFactory with the given
- * <code>signingCertificate</code>.
- *
- * @param signingCertificate
- *
- * @throws NoSuchAlgorithmException
- * if the public key algorithm of the given
- * <code>signingCertificate</code> is not supported
- */
- public AlgorithmMethodFactoryImpl(X509Certificate signingCertificate)
- throws NoSuchAlgorithmException {
-
- PublicKey publicKey = signingCertificate.getPublicKey();
+ private String digestAlgorithmURI = DigestMethod.SHA1;
+
+ /**
+ * The algorithm parameters for the signature algorithm.
+ */
+ private SignatureMethodParameterSpec signatureMethodParameterSpec;
+
+ /**
+ * Creates a new AlgrithmMethodFactory with the given
+ * <code>signingCertificate</code>.
+ *
+ * @param signingCertificate
+ *
+ * @throws NoSuchAlgorithmException
+ * if the public key algorithm of the given
+ * <code>signingCertificate</code> is not supported
+ */
+ public AlgorithmMethodFactoryImpl(X509Certificate signingCertificate)
+ throws NoSuchAlgorithmException {
+
+ PublicKey publicKey = signingCertificate.getPublicKey();
String algorithm = publicKey.getAlgorithm();
-
- if ("DSA".equals(algorithm)) {
- signatureAlgorithmURI = SignatureMethod.DSA_SHA1;
+
+ if ("DSA".equals(algorithm)) {
+ signatureAlgorithmURI = SignatureMethod.DSA_SHA1;
} else if ("RSA".equals(algorithm)) {
int keyLength = 0;
@@ -93,7 +93,7 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
} else {
signatureAlgorithmURI = SignatureMethod.RSA_SHA1;
}
-
+
} else if (("EC".equals(algorithm)) || ("ECDSA".equals(algorithm))) {
int fieldSize = 0;
@@ -114,58 +114,58 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
} else {
signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA1;
}
-
- } else {
- throw new NoSuchAlgorithmException("Public key algorithm '" + algorithm
- + "' not supported.");
- }
-
- }
-
- /*
- * (non-Javadoc)
- *
- * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#
- * createCanonicalizationMethod
- * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext)
- */
- @Override
- public CanonicalizationMethod createCanonicalizationMethod(
- SignatureContext signatureContext) throws NoSuchAlgorithmException,
- InvalidAlgorithmParameterException {
-
- return signatureContext.getSignatureFactory().newCanonicalizationMethod(
- CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null);
-
- }
-
- /*
- * (non-Javadoc)
- *
- * @see
- * at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#createDigestMethod
- * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext)
- */
- @Override
- public DigestMethod createDigestMethod(SignatureContext signatureContext)
- throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
-
- return signatureContext.getSignatureFactory().newDigestMethod(
- digestAlgorithmURI, (DigestMethodParameterSpec) null);
- }
-
- /*
- * (non-Javadoc)
- *
- * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#
- * createSignatureMethod
- * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext)
- */
- @Override
- public SignatureMethod createSignatureMethod(SignatureContext signatureContext)
- throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
-
- return new STALSignatureMethod(signatureAlgorithmURI, signatureMethodParameterSpec);
- }
-
-}
+
+ } else {
+ throw new NoSuchAlgorithmException("Public key algorithm '" + algorithm
+ + "' not supported.");
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#
+ * createCanonicalizationMethod
+ * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext)
+ */
+ @Override
+ public CanonicalizationMethod createCanonicalizationMethod(
+ SignatureContext signatureContext) throws NoSuchAlgorithmException,
+ InvalidAlgorithmParameterException {
+
+ return signatureContext.getSignatureFactory().newCanonicalizationMethod(
+ CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null);
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#createDigestMethod
+ * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext)
+ */
+ @Override
+ public DigestMethod createDigestMethod(SignatureContext signatureContext)
+ throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
+
+ return signatureContext.getSignatureFactory().newDigestMethod(
+ digestAlgorithmURI, (DigestMethodParameterSpec) null);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#
+ * createSignatureMethod
+ * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext)
+ */
+ @Override
+ public SignatureMethod createSignatureMethod(SignatureContext signatureContext)
+ throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
+
+ return new STALSignatureMethod(signatureAlgorithmURI, signatureMethodParameterSpec);
+ }
+
+}