1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
package model.pki;
import annotations.Assoc;
import model.asn1.ASN1Object;
import model.asn1.ObjectIdentifier;
import model.asn1.Tag;
import model.asn1.exceptions.ParseException;
import model.asn1.parsing.BytesReader;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.stream.Stream;
/**
* Implements the following:
* <pre>
* AttributeTypeAndValue ::= SEQUENCE {
* type ATTRIBUTE.&id({SupportedAttributes}),
* value ATTRIBUTE.&Type({SupportedAttributes}{@type}) OPTIONAL,
* ... }
* </pre>
*/
public class AlgorithmIdentifier extends ASN1Object {
/**
* The type of that attribute. For example, <pre>1.2.840.113549.1.1.11</pre> is sha256WithRSAEncryption.
*/
@Assoc(partOf = true)
private final ObjectIdentifier type;
/**
* Additional parameters for that algorithm. Optional, and could be ASN.1 NULL or Java null (absent).
* According to RFC8017$A.2, it should be NULL for a number of algorithms:
* <pre>
* PKCS1Algorithms ALGORITHM-IDENTIFIER ::= {
* { OID rsaEncryption PARAMETERS NULL } |
* { OID md2WithRSAEncryption PARAMETERS NULL } |
* { OID md5WithRSAEncryption PARAMETERS NULL } |
* { OID sha1WithRSAEncryption PARAMETERS NULL } |
* { OID sha224WithRSAEncryption PARAMETERS NULL } |
* { OID sha256WithRSAEncryption PARAMETERS NULL } |
* { OID sha384WithRSAEncryption PARAMETERS NULL } |
* { OID sha512WithRSAEncryption PARAMETERS NULL } |
* { OID sha512-224WithRSAEncryption PARAMETERS NULL } |
* { OID sha512-256WithRSAEncryption PARAMETERS NULL } |
* { OID id-RSAES-OAEP PARAMETERS RSAES-OAEP-params } |
* PKCS1PSourceAlgorithms |
* { OID id-RSASSA-PSS PARAMETERS RSASSA-PSS-params },
* ... -- Allows for future expansion --
* }
* </pre>
*/
@Assoc(partOf = true, lowerBond = 0)
private final ASN1Object parameters;
/**
* EFFECT: Init the object with tag, parentTag, type, and parameters. For tag and parentTag, see {@link ASN1Object}.
* REQUIRES: The values must match the type. Type tag should be UNIVERSAL OID. Parameters nullable.
*/
public AlgorithmIdentifier(Tag tag, Tag parentTag,
ObjectIdentifier type, ASN1Object parameters) {
super(tag, parentTag);
this.type = type;
this.parameters = parameters;
}
/**
* EFFECTS: Parse input DER. Parameters are not checked against the type.
* Throws {@link ASN1Object} if invalid:
* - Any fields missing
* - Any fields having an incorrect tag (as seen in the ASN.1 definition)
* - Any fields with encoding instructions that violate implicit / explicit encoding rules
* - Other issues found during parsing the object, like early EOF (see {@link ASN1Object})
* MODIFIES: this, encoded
*/
public AlgorithmIdentifier(BytesReader encoded, boolean hasParentTag) throws ParseException {
super(encoded, hasParentTag);
int i = encoded.getIndex();
this.type = new ObjectIdentifier(encoded, false);
this.type.getTag().enforce(ObjectIdentifier.TAG);
i = encoded.getIndex() - i;
if (getLength() > i) {
this.parameters = ASN1Object.parse(encoded, false);
} else {
this.parameters = null;
}
}
/**
* EFFECTS: Encode the fields into DER, in the order.
*/
@Override
public Byte[] encodeValueDER() {
return Stream.of(Arrays.asList(type.encodeDER()),
parameters == null ? Collections.<Byte>emptyList() : Arrays.asList(parameters.encodeDER()))
.flatMap(Collection::stream)
.toArray(Byte[]::new);
}
public ObjectIdentifier getType() {
return type;
}
public ASN1Object getParameters() {
return parameters;
}
}
|