summaryrefslogtreecommitdiff
path: root/bkucommon
diff options
context:
space:
mode:
Diffstat (limited to 'bkucommon')
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java19
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java3
2 files changed, 15 insertions, 7 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
index 061fe707..8391e450 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
@@ -41,7 +41,12 @@ import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
* @author mcentner
*/
public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
-
+
+ /**
+ * Use SHA-2?
+ */
+ private static boolean SHA2 = false;
+
/**
* The signature algorithm URI.
*/
@@ -82,7 +87,7 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
keyLength = ((RSAPublicKey) publicKey).getModulus().bitLength();
}
- if (keyLength >= 2048) {
+ if (SHA2 && keyLength >= 2048) {
signatureAlgorithmURI = XmldsigMore.SIGNATURE_RSA_SHA256;
digestAlgorithmURI = DigestMethod.SHA256;
} else {
@@ -100,14 +105,14 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
fieldSize = params.getCurve().getField().getFieldSize();
}
- if (fieldSize < 256) {
- signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA1;
- } else if (fieldSize < 512) {
+ if (SHA2 && fieldSize >= 512) {
+ signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA512;
+ digestAlgorithmURI = DigestMethod.SHA512;
+ } else if (SHA2 && fieldSize >= 256) {
signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA256;
digestAlgorithmURI = DigestMethod.SHA256;
} else {
- signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA512;
- digestAlgorithmURI = DigestMethod.SHA512;
+ signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA1;
}
} else {
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java
index 42c6a4c5..9fb9a3f1 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java
@@ -54,6 +54,9 @@ public class STALProvider extends Provider {
IMPL_PACKAGE_NAME + ".STALSignature");
map.put("Signature." + XmldsigMore.SIGNATURE_ECDSA_SHA256,
IMPL_PACKAGE_NAME + ".STALSignature");
+ map.put("Signature." + XmldsigMore.SIGNATURE_ECDSA_SHA512,
+ IMPL_PACKAGE_NAME + ".STALSignature");
+
AccessController.doPrivileged(new PrivilegedAction<Void>() {
@Override
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 06:55:09 +0000