From 0ab2acec3b22feaeb19767a64281054a7437552b Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 11 Jan 2011 19:22:01 +0000 Subject: enable SHA-2 for RSA >= 2048 or ECDSA >= 256 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.3.4-update1-sha2@889 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../impl/xsect/AlgorithmMethodFactoryImpl.java | 190 ++++++++++----------- 1 file changed, 95 insertions(+), 95 deletions(-) diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java index f1219a6c..d2c4106b 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java @@ -14,8 +14,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.slcommands.impl.xsect; - +package at.gv.egiz.bku.slcommands.impl.xsect; + import iaik.security.ecc.interfaces.ECDSAParams; import iaik.xml.crypto.XmldsigMore; @@ -33,53 +33,53 @@ import javax.xml.crypto.dsig.SignatureMethod; import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec; import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec; - -/** - * An implementation of the AlgorithmMethod factory that uses the signing - * certificate to choose appropriate algorithms. - * - * @author mcentner - */ -public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory { + +/** + * An implementation of the AlgorithmMethod factory that uses the signing + * certificate to choose appropriate algorithms. + * + * @author mcentner + */ +public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory { /** * Use SHA-2? */ - private static boolean SHA2 = false; - - /** - * The signature algorithm URI. - */ + private static boolean SHA2 = true; + + /** + * The signature algorithm URI. + */ private String signatureAlgorithmURI; /** * the digest algorithm URI. */ - private String digestAlgorithmURI = DigestMethod.SHA1; - - /** - * The algorithm parameters for the signature algorithm. - */ - private SignatureMethodParameterSpec signatureMethodParameterSpec; - - /** - * Creates a new AlgrithmMethodFactory with the given - * signingCertificate. - * - * @param signingCertificate - * - * @throws NoSuchAlgorithmException - * if the public key algorithm of the given - * signingCertificate is not supported - */ - public AlgorithmMethodFactoryImpl(X509Certificate signingCertificate) - throws NoSuchAlgorithmException { - - PublicKey publicKey = signingCertificate.getPublicKey(); + private String digestAlgorithmURI = DigestMethod.SHA1; + + /** + * The algorithm parameters for the signature algorithm. + */ + private SignatureMethodParameterSpec signatureMethodParameterSpec; + + /** + * Creates a new AlgrithmMethodFactory with the given + * signingCertificate. + * + * @param signingCertificate + * + * @throws NoSuchAlgorithmException + * if the public key algorithm of the given + * signingCertificate is not supported + */ + public AlgorithmMethodFactoryImpl(X509Certificate signingCertificate) + throws NoSuchAlgorithmException { + + PublicKey publicKey = signingCertificate.getPublicKey(); String algorithm = publicKey.getAlgorithm(); - - if ("DSA".equals(algorithm)) { - signatureAlgorithmURI = SignatureMethod.DSA_SHA1; + + if ("DSA".equals(algorithm)) { + signatureAlgorithmURI = SignatureMethod.DSA_SHA1; } else if ("RSA".equals(algorithm)) { int keyLength = 0; @@ -93,7 +93,7 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory { } else { signatureAlgorithmURI = SignatureMethod.RSA_SHA1; } - + } else if (("EC".equals(algorithm)) || ("ECDSA".equals(algorithm))) { int fieldSize = 0; @@ -114,58 +114,58 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory { } else { signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA1; } - - } else { - throw new NoSuchAlgorithmException("Public key algorithm '" + algorithm - + "' not supported."); - } - - } - - /* - * (non-Javadoc) - * - * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory# - * createCanonicalizationMethod - * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) - */ - @Override - public CanonicalizationMethod createCanonicalizationMethod( - SignatureContext signatureContext) throws NoSuchAlgorithmException, - InvalidAlgorithmParameterException { - - return signatureContext.getSignatureFactory().newCanonicalizationMethod( - CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null); - - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#createDigestMethod - * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) - */ - @Override - public DigestMethod createDigestMethod(SignatureContext signatureContext) - throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { - - return signatureContext.getSignatureFactory().newDigestMethod( - digestAlgorithmURI, (DigestMethodParameterSpec) null); - } - - /* - * (non-Javadoc) - * - * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory# - * createSignatureMethod - * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) - */ - @Override - public SignatureMethod createSignatureMethod(SignatureContext signatureContext) - throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { - - return new STALSignatureMethod(signatureAlgorithmURI, signatureMethodParameterSpec); - } - -} + + } else { + throw new NoSuchAlgorithmException("Public key algorithm '" + algorithm + + "' not supported."); + } + + } + + /* + * (non-Javadoc) + * + * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory# + * createCanonicalizationMethod + * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) + */ + @Override + public CanonicalizationMethod createCanonicalizationMethod( + SignatureContext signatureContext) throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException { + + return signatureContext.getSignatureFactory().newCanonicalizationMethod( + CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null); + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#createDigestMethod + * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) + */ + @Override + public DigestMethod createDigestMethod(SignatureContext signatureContext) + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { + + return signatureContext.getSignatureFactory().newDigestMethod( + digestAlgorithmURI, (DigestMethodParameterSpec) null); + } + + /* + * (non-Javadoc) + * + * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory# + * createSignatureMethod + * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) + */ + @Override + public SignatureMethod createSignatureMethod(SignatureContext signatureContext) + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { + + return new STALSignatureMethod(signatureAlgorithmURI, signatureMethodParameterSpec); + } + +} -- cgit v1.2.3