diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/asn1')
136 files changed, 3282 insertions, 1175 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/BERTags.java b/bcprov/src/main/java/org/bouncycastle/asn1/BERTags.java index 7281a6a..98ab0d6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/BERTags.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/BERTags.java @@ -11,9 +11,9 @@ public interface BERTags public static final int EXTERNAL = 0x08; public static final int ENUMERATED = 0x0a; public static final int SEQUENCE = 0x10; - public static final int SEQUENCE_OF = 0x10; // for completeness + public static final int SEQUENCE_OF = 0x10; // for completeness - used to model a SEQUENCE of the same type. public static final int SET = 0x11; - public static final int SET_OF = 0x11; // for completeness + public static final int SET_OF = 0x11; // for completeness - used to model a SET of the same type. public static final int NUMERIC_STRING = 0x12; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java index 063e525..8b8d226 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java @@ -160,7 +160,7 @@ public class DERBoolean { if (value.length != 1) { - throw new IllegalArgumentException("byte value should have 1 byte in it"); + throw new IllegalArgumentException("BOOLEAN value should have 1 byte in it"); } if (value[0] == 0) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java b/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java index 2f299ee..9b1ef55 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java @@ -5,6 +5,9 @@ import java.math.BigInteger; import org.bouncycastle.util.Arrays; +/** + * Use ASN1Enumerated instead of this. + */ public class DEREnumerated extends ASN1Primitive { @@ -52,7 +55,7 @@ public class DEREnumerated * @exception IllegalArgumentException if the tagged object cannot * be converted. */ - public static DEREnumerated getInstance( + public static ASN1Enumerated getInstance( ASN1TaggedObject obj, boolean explicit) { @@ -68,18 +71,27 @@ public class DEREnumerated } } + /** + * @deprecated use ASN1Enumerated + */ public DEREnumerated( int value) { bytes = BigInteger.valueOf(value).toByteArray(); } + /** + * @deprecated use ASN1Enumerated + */ public DEREnumerated( BigInteger value) { bytes = value.toByteArray(); } + /** + * @deprecated use ASN1Enumerated + */ public DEREnumerated( byte[] bytes) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java index 3804450..57cc84a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java @@ -5,6 +5,9 @@ import java.math.BigInteger; import org.bouncycastle.util.Arrays; +/** + * Use ASN1Integer instead of this, + */ public class DERInteger extends ASN1Primitive { @@ -67,18 +70,27 @@ public class DERInteger } } + /** + * @deprecated use ASN1Integer constructor + */ public DERInteger( long value) { bytes = BigInteger.valueOf(value).toByteArray(); } + /** + * @deprecated use ASN1Integer constructor + */ public DERInteger( BigInteger value) { bytes = value.toByteArray(); } + /** + * @deprecated use ASN1Integer constructor + */ public DERInteger( byte[] bytes) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java index e1de22a..3d4d04c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java @@ -6,6 +6,9 @@ import java.math.BigInteger; import org.bouncycastle.util.Arrays; +/** + * Use ASN1ObjectIdentifier instead of this, + */ public class DERObjectIdentifier extends ASN1Primitive { @@ -38,7 +41,22 @@ public class DERObjectIdentifier if (obj instanceof byte[]) { - return ASN1ObjectIdentifier.fromOctetString((byte[])obj); + byte[] enc = (byte[])obj; + if (enc[0] == BERTags.OBJECT_IDENTIFIER) + { + try + { + return (ASN1ObjectIdentifier)fromByteArray(enc); + } + catch (IOException e) + { + throw new IllegalArgumentException("failed to construct sequence from byte[]: " + e.getMessage()); + } + } + else + { // TODO: this really shouldn't be supported here... + return ASN1ObjectIdentifier.fromOctetString((byte[])obj); + } } throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); @@ -148,6 +166,9 @@ public class DERObjectIdentifier this.body = Arrays.clone(bytes); } + /** + * @deprecated use ASN1ObjectIdentifier constructor. + */ public DERObjectIdentifier( String identifier) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DLSequence.java b/bcprov/src/main/java/org/bouncycastle/asn1/DLSequence.java index bb8ec4e..b5cc59a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DLSequence.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DLSequence.java @@ -3,20 +3,23 @@ package org.bouncycastle.asn1; import java.io.IOException; import java.util.Enumeration; +/** + * The DLSequence encodes a SEQUENCE using definite length form. + */ public class DLSequence extends ASN1Sequence { private int bodyLength = -1; /** - * create an empty sequence + * Create an empty sequence */ public DLSequence() { } /** - * create a sequence containing one object + * Create a sequence containing one object */ public DLSequence( ASN1Encodable obj) @@ -25,7 +28,7 @@ public class DLSequence } /** - * create a sequence containing a vector of objects. + * Create a sequence containing a vector of objects. */ public DLSequence( ASN1EncodableVector v) @@ -34,7 +37,7 @@ public class DLSequence } /** - * create a sequence containing an array of objects. + * Create a sequence containing an array of objects. */ public DLSequence( ASN1Encodable[] array) @@ -51,7 +54,7 @@ public class DLSequence for (Enumeration e = this.getObjects(); e.hasMoreElements();) { - Object obj = e.nextElement(); + Object obj = e.nextElement(); length += ((ASN1Encodable)obj).toASN1Primitive().toDLObject().encodedLength(); } @@ -65,12 +68,12 @@ public class DLSequence int encodedLength() throws IOException { - int length = getBodyLength(); + int length = getBodyLength(); return 1 + StreamUtil.calculateBodyLength(length) + length; } - /* + /** * A note on the implementation: * <p> * As DL requires the constructed, definite-length model to @@ -82,17 +85,17 @@ public class DLSequence ASN1OutputStream out) throws IOException { - ASN1OutputStream dOut = out.getDLSubStream(); - int length = getBodyLength(); + ASN1OutputStream dOut = out.getDLSubStream(); + int length = getBodyLength(); out.write(BERTags.SEQUENCE | BERTags.CONSTRUCTED); out.writeLength(length); for (Enumeration e = this.getObjects(); e.hasMoreElements();) { - Object obj = e.nextElement(); + Object obj = e.nextElement(); dOut.writeObject((ASN1Encodable)obj); } } -} +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java b/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java index 755754b..91e83fa 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java @@ -4,7 +4,52 @@ import java.io.IOException; import java.util.Enumeration; /** - * A DER encoded set object + * The DLSet encodes ASN.1 SET value without element ordering, + * and always using definite length form. + * <hr> + * <h2>X.690</h2> + * <h3>8: Basic encoding rules</h3> + * <h4>8.11 Encoding of a set value </h4> + * <b>8.11.1</b> The encoding of a set value shall be constructed + * <p/> + * <b>8.11.2</b> The contents octets shall consist of the complete + * encoding of a data value from each of the types listed in the + * ASN.1 definition of the set type, in an order chosen by the sender, + * unless the type was referenced with the keyword + * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. + * <p/> + * <b>8.11.3</b> The encoding of a data value may, but need not, + * be present for a type which was referenced with the keyword + * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. + * <blockquote> + * NOTE — The order of data values in a set value is not significant, + * and places no constraints on the order during transfer + * </blockquote> + * <h3>9: Canonical encoding rules</h3> + * <h4>9.3 Set components</h4> + * The encodings of the component values of a set value shall + * appear in an order determined by their tags as specified + * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1. + * Additionally, for the purposes of determining the order in which + * components are encoded when one or more component is an untagged + * choice type, each untagged choice type is ordered as though it + * has a tag equal to that of the smallest tag in that choice type + * or any untagged choice types nested within. + * <h3>10: Distinguished encoding rules</h3> + * <h4>10.3 Set components</h4> + * The encodings of the component values of a set value shall appear + * in an order determined by their tags as specified + * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1. + * <blockquote> + * NOTE — Where a component of the set is an untagged choice type, + * the location of that component in the ordering will depend on + * the tag of the choice component being encoded. + * </blockquote> + * <h3>11: Restrictions on BER employed by both CER and DER</h3> + * <h4>11.5 Set and sequence components with default value </h4> + * The encoding of a set value or sequence value shall not include + * an encoding for any component value which is equal to + * its default value. */ public class DLSet extends ASN1Set @@ -54,7 +99,7 @@ public class DLSet for (Enumeration e = this.getObjects(); e.hasMoreElements();) { - Object obj = e.nextElement(); + Object obj = e.nextElement(); length += ((ASN1Encodable)obj).toASN1Primitive().toDLObject().encodedLength(); } @@ -68,12 +113,12 @@ public class DLSet int encodedLength() throws IOException { - int length = getBodyLength(); + int length = getBodyLength(); return 1 + StreamUtil.calculateBodyLength(length) + length; } - /* + /** * A note on the implementation: * <p> * As DL requires the constructed, definite-length model to @@ -85,17 +130,17 @@ public class DLSet ASN1OutputStream out) throws IOException { - ASN1OutputStream dOut = out.getDLSubStream(); - int length = getBodyLength(); + ASN1OutputStream dOut = out.getDLSubStream(); + int length = getBodyLength(); out.write(BERTags.SET | BERTags.CONSTRUCTED); out.writeLength(length); for (Enumeration e = this.getObjects(); e.hasMoreElements();) { - Object obj = e.nextElement(); + Object obj = e.nextElement(); dOut.writeObject((ASN1Encodable)obj); } } -} +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java index 18fc66c..16a6768 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java @@ -2,50 +2,70 @@ package org.bouncycastle.asn1.bc; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle + * <p> + * 1.3.6.1.4.1.22554 + */ public interface BCObjectIdentifiers { /** * iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle - * + *<p> * 1.3.6.1.4.1.22554 */ public static final ASN1ObjectIdentifier bc = new ASN1ObjectIdentifier("1.3.6.1.4.1.22554"); /** * pbe(1) algorithms + * <p> + * 1.3.6.1.4.1.22554.1 */ - public static final ASN1ObjectIdentifier bc_pbe = new ASN1ObjectIdentifier(bc.getId() + ".1"); + public static final ASN1ObjectIdentifier bc_pbe = bc.branch("1"); /** * SHA-1(1) + * <p> + * 1.3.6.1.4.1.22554.1.1 */ - public static final ASN1ObjectIdentifier bc_pbe_sha1 = new ASN1ObjectIdentifier(bc_pbe.getId() + ".1"); + public static final ASN1ObjectIdentifier bc_pbe_sha1 = bc_pbe.branch("1"); - /** - * SHA-2(2) . (SHA-256(1)|SHA-384(2)|SHA-512(3)|SHA-224(4)) - */ - public static final ASN1ObjectIdentifier bc_pbe_sha256 = new ASN1ObjectIdentifier(bc_pbe.getId() + ".2.1"); - public static final ASN1ObjectIdentifier bc_pbe_sha384 = new ASN1ObjectIdentifier(bc_pbe.getId() + ".2.2"); - public static final ASN1ObjectIdentifier bc_pbe_sha512 = new ASN1ObjectIdentifier(bc_pbe.getId() + ".2.3"); - public static final ASN1ObjectIdentifier bc_pbe_sha224 = new ASN1ObjectIdentifier(bc_pbe.getId() + ".2.4"); + /** SHA-2.SHA-256; 1.3.6.1.4.1.22554.1.2.1 */ + public static final ASN1ObjectIdentifier bc_pbe_sha256 = bc_pbe.branch("2.1"); + /** SHA-2.SHA-384; 1.3.6.1.4.1.22554.1.2.2 */ + public static final ASN1ObjectIdentifier bc_pbe_sha384 = bc_pbe.branch("2.2"); + /** SHA-2.SHA-512; 1.3.6.1.4.1.22554.1.2.3 */ + public static final ASN1ObjectIdentifier bc_pbe_sha512 = bc_pbe.branch("2.3"); + /** SHA-2.SHA-224; 1.3.6.1.4.1.22554.1.2.4 */ + public static final ASN1ObjectIdentifier bc_pbe_sha224 = bc_pbe.branch("2.4"); /** * PKCS-5(1)|PKCS-12(2) */ - public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs5 = new ASN1ObjectIdentifier(bc_pbe_sha1.getId() + ".1"); - public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12 = new ASN1ObjectIdentifier(bc_pbe_sha1.getId() + ".2"); + /** SHA-1.PKCS5; 1.3.6.1.4.1.22554.1.1.1 */ + public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs5 = bc_pbe_sha1.branch("1"); + /** SHA-1.PKCS12; 1.3.6.1.4.1.22554.1.1.2 */ + public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12 = bc_pbe_sha1.branch("2"); - public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs5 = new ASN1ObjectIdentifier(bc_pbe_sha256.getId() + ".1"); - public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12 = new ASN1ObjectIdentifier(bc_pbe_sha256.getId() + ".2"); + /** SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.1 */ + public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs5 = bc_pbe_sha256.branch("1"); + /** SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.2 */ + public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12 = bc_pbe_sha256.branch("2"); /** * AES(1) . (CBC-128(2)|CBC-192(22)|CBC-256(42)) */ - public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes128_cbc = new ASN1ObjectIdentifier(bc_pbe_sha1_pkcs12.getId() + ".1.2"); - public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes192_cbc = new ASN1ObjectIdentifier(bc_pbe_sha1_pkcs12.getId() + ".1.22"); - public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes256_cbc = new ASN1ObjectIdentifier(bc_pbe_sha1_pkcs12.getId() + ".1.42"); + /** 1.3.6.1.4.1.22554.1.1.2.1.2 */ + public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes128_cbc = bc_pbe_sha1_pkcs12.branch("1.2"); + /** 1.3.6.1.4.1.22554.1.1.2.1.22 */ + public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes192_cbc = bc_pbe_sha1_pkcs12.branch("1.22"); + /** 1.3.6.1.4.1.22554.1.1.2.1.42 */ + public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes256_cbc = bc_pbe_sha1_pkcs12.branch("1.42"); - public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes128_cbc = new ASN1ObjectIdentifier(bc_pbe_sha256_pkcs12.getId() + ".1.2"); - public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes192_cbc = new ASN1ObjectIdentifier(bc_pbe_sha256_pkcs12.getId() + ".1.22"); - public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes256_cbc = new ASN1ObjectIdentifier(bc_pbe_sha256_pkcs12.getId() + ".1.42"); + /** 1.3.6.1.4.1.22554.1.1.2.2.2 */ + public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes128_cbc = bc_pbe_sha256_pkcs12.branch("1.2"); + /** 1.3.6.1.4.1.22554.1.1.2.2.22 */ + public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes192_cbc = bc_pbe_sha256_pkcs12.branch("1.22"); + /** 1.3.6.1.4.1.22554.1.1.2.2.42 */ + public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes256_cbc = bc_pbe_sha256_pkcs12.branch("1.42"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPObjectIdentifiers.java index c43afe6..51aba65 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPObjectIdentifiers.java @@ -6,10 +6,10 @@ public interface CMPObjectIdentifiers { // RFC 4210 - // id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13} + /** id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13} */ static final ASN1ObjectIdentifier passwordBasedMac = new ASN1ObjectIdentifier("1.2.840.113533.7.66.13"); - // id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30} + /** id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30} */ static final ASN1ObjectIdentifier dhBasedMac = new ASN1ObjectIdentifier("1.2.840.113533.7.66.30"); // Example InfoTypeAndValue contents include, but are not limited @@ -52,19 +52,36 @@ public interface CMPObjectIdentifiers // dod(6) internet(1) security(5) mechanisms(5) pkix(7)} // and // id-it OBJECT IDENTIFIER ::= {id-pkix 4} + + /** RFC 4120: it-id: PKIX.4 = 1.3.6.1.5.5.7.4 */ + + /** RFC 4120: 1.3.6.1.5.5.7.4.1 */ static final ASN1ObjectIdentifier it_caProtEncCert = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.1"); + /** RFC 4120: 1.3.6.1.5.5.7.4.2 */ static final ASN1ObjectIdentifier it_signKeyPairTypes = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.2"); + /** RFC 4120: 1.3.6.1.5.5.7.4.3 */ static final ASN1ObjectIdentifier it_encKeyPairTypes = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.3"); + /** RFC 4120: 1.3.6.1.5.5.7.4.4 */ static final ASN1ObjectIdentifier it_preferredSymAlg = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.4"); + /** RFC 4120: 1.3.6.1.5.5.7.4.5 */ static final ASN1ObjectIdentifier it_caKeyUpdateInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.5"); + /** RFC 4120: 1.3.6.1.5.5.7.4.6 */ static final ASN1ObjectIdentifier it_currentCRL = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.6"); + /** RFC 4120: 1.3.6.1.5.5.7.4.7 */ static final ASN1ObjectIdentifier it_unsupportedOIDs = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.7"); + /** RFC 4120: 1.3.6.1.5.5.7.4.10 */ static final ASN1ObjectIdentifier it_keyPairParamReq = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.10"); + /** RFC 4120: 1.3.6.1.5.5.7.4.11 */ static final ASN1ObjectIdentifier it_keyPairParamRep = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.11"); + /** RFC 4120: 1.3.6.1.5.5.7.4.12 */ static final ASN1ObjectIdentifier it_revPassphrase = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.12"); + /** RFC 4120: 1.3.6.1.5.5.7.4.13 */ static final ASN1ObjectIdentifier it_implicitConfirm = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.13"); + /** RFC 4120: 1.3.6.1.5.5.7.4.14 */ static final ASN1ObjectIdentifier it_confirmWaitTime = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.14"); + /** RFC 4120: 1.3.6.1.5.5.7.4.15 */ static final ASN1ObjectIdentifier it_origPKIMessage = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.15"); + /** RFC 4120: 1.3.6.1.5.5.7.4.16 */ static final ASN1ObjectIdentifier it_suppLangTags = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.16"); // RFC 4211 @@ -81,26 +98,44 @@ public interface CMPObjectIdentifiers // arc for Registration Info in CRMF // id-regInfo OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) } + /** RFC 4211: it-pkip: PKIX.5 = 1.3.6.1.5.5.7.5 */ + static final ASN1ObjectIdentifier id_pkip = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5"); + + /** RFC 4211: it-regCtrl: 1.3.6.1.5.5.7.5.1 */ + static final ASN1ObjectIdentifier id_regCtrl = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1"); + /** RFC 4211: it-regInfo: 1.3.6.1.5.5.7.5.2 */ + static final ASN1ObjectIdentifier id_regInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.2"); + + + /** 1.3.6.1.5.5.7.5.1.1 */ static final ASN1ObjectIdentifier regCtrl_regToken = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.1"); + /** 1.3.6.1.5.5.7.5.1.2 */ static final ASN1ObjectIdentifier regCtrl_authenticator = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.2"); + /** 1.3.6.1.5.5.7.5.1.3 */ static final ASN1ObjectIdentifier regCtrl_pkiPublicationInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.3"); + /** 1.3.6.1.5.5.7.5.1.4 */ static final ASN1ObjectIdentifier regCtrl_pkiArchiveOptions = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.4"); + /** 1.3.6.1.5.5.7.5.1.5 */ static final ASN1ObjectIdentifier regCtrl_oldCertID = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.5"); + /** 1.3.6.1.5.5.7.5.1.6 */ static final ASN1ObjectIdentifier regCtrl_protocolEncrKey = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.6"); - // From RFC4210: - // id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7} + /** From RFC4210: + * id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7}; 1.3.6.1.5.5.7.1.7 */ static final ASN1ObjectIdentifier regCtrl_altCertTemplate = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.7"); + /** RFC 4211: it-regInfo-utf8Pairs: 1.3.6.1.5.5.7.5.2.1 */ static final ASN1ObjectIdentifier regInfo_utf8Pairs = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.2.1"); + /** RFC 4211: it-regInfo-certReq: 1.3.6.1.5.5.7.5.2.1 */ static final ASN1ObjectIdentifier regInfo_certReq = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.2.2"); - // id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2) - // us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 } - // - // id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types - // - // id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} + /** + * 1.2.840.113549.1.9.16.1.21 + * <p> + * id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types + * <p> + * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} + */ static final ASN1ObjectIdentifier ct_encKeyWithID = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.1.21"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html deleted file mode 100644 index eb713c9..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting PKIX-CMP as described RFC 2510. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java index b5a2f34..066cf69 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java @@ -10,6 +10,27 @@ import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSequence; +/** + * <a href="http://tools.ietf.org/html/rfc5652#page-14">RFC 5652</a>: + * Attribute is a pair of OID (as type identifier) + set of values. + * <p> + * <pre> + * Attribute ::= SEQUENCE { + * attrType OBJECT IDENTIFIER, + * attrValues SET OF AttributeValue + * } + * + * AttributeValue ::= ANY + * </pre> + * <p> + * General rule on values is that same AttributeValue must not be included + * multiple times into the set. That is, if the value is a SET OF INTEGERs, + * then having same value repeated is wrong: (1, 1), but different values is OK: (1, 2). + * Normally the AttributeValue syntaxes are more complicated than that. + * <p> + * General rule of Attribute usage is that the {@link Attributes} containers + * must not have multiple Attribute:s with same attrType (OID) there. + */ public class Attribute extends ASN1Object { @@ -17,7 +38,14 @@ public class Attribute private ASN1Set attrValues; /** - * return an Attribute object from the given object. + * Return an Attribute object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link Attribute} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with Attribute structure inside + * </ul> * * @param o the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -81,12 +109,6 @@ public class Attribute /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * Attribute ::= SEQUENCE { - * attrType OBJECT IDENTIFIER, - * attrValues SET OF AttributeValue - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java index f114623..02b6cc1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java @@ -11,6 +11,9 @@ import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSet; +/** + * This is helper tool to construct {@link Attributes} sets. + */ public class AttributeTable { private Hashtable attributes = new Hashtable(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attributes.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attributes.java index 614e224..e21c8a7 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attributes.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attributes.java @@ -6,6 +6,21 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.DLSet; +/** + * <a href="http://tools.ietf.org/html/rfc5652">RFC 5652</a> defines + * 5 "SET OF Attribute" entities with 5 different names. + * This is common implementation for them all: + * <pre> + * SignedAttributes ::= SET SIZE (1..MAX) OF Attribute + * UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute + * UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute + * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute + * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute + * + * Attributes ::= + * SET SIZE(1..MAX) OF Attribute + * </pre> + */ public class Attributes extends ASN1Object { @@ -21,6 +36,19 @@ public class Attributes attributes = new DLSet(v); } + /** + * Return an Attribute set object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link Attributes} object + * <li> {@link org.bouncycastle.asn1.ASN1Set#getInstance(java.lang.Object) ASN1Set} input formats with Attributes structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static Attributes getInstance(Object obj) { if (obj instanceof Attributes) @@ -47,12 +75,8 @@ public class Attributes return rv; } - /** - * <pre> - * Attributes ::= - * SET SIZE(1..MAX) OF Attribute -- according to RFC 5652 - * </pre> - * @return + /** + * Produce an object suitable for an ASN1OutputStream. */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedData.java index 5152dc9..034753f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedData.java @@ -11,6 +11,27 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5083">RFC 5083</a>: + * + * CMS AuthEnveloped Data object. + * <p> + * ASN.1: + * <pre> + * id-ct-authEnvelopedData OBJECT IDENTIFIER ::= { iso(1) + * member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) + * smime(16) ct(1) 23 } + * + * AuthEnvelopedData ::= SEQUENCE { + * version CMSVersion, + * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, + * recipientInfos RecipientInfos, + * authEncryptedContentInfo EncryptedContentInfo, + * authAttrs [1] IMPLICIT AuthAttributes OPTIONAL, + * mac MessageAuthenticationCode, + * unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL } + * </pre> + */ public class AuthEnvelopedData extends ASN1Object { @@ -51,6 +72,12 @@ public class AuthEnvelopedData this.unauthAttrs = unauthAttrs; } + /** + * Constructs AuthEnvelopedData by parsing supplied ASN1Sequence + * <p> + * @param seq An ASN1Sequence with AuthEnvelopedData + * @deprecated use getInstance(). + */ public AuthEnvelopedData( ASN1Sequence seq) { @@ -98,8 +125,14 @@ public class AuthEnvelopedData } /** - * return an AuthEnvelopedData object from a tagged object. + * Return an AuthEnvelopedData object from a tagged object. + * <p> + * Accepted inputs: + * <ul> + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats + * </ul> * + * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly * tagged false otherwise. @@ -114,10 +147,17 @@ public class AuthEnvelopedData } /** - * return an AuthEnvelopedData object from the given object. + * Return an AuthEnvelopedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link AuthEnvelopedData} object + * <li> {@link ASN1Sequence org.bouncycastle.asn1.ASN1Sequence} input formats with AuthEnvelopedData structure inside + * </ul> * - * @param obj the object we want converted. - * @throws IllegalArgumentException if the object cannot be converted. + * @param obj The object we want converted. + * @throws IllegalArgumentException if the object cannot be converted, or was null. */ public static AuthEnvelopedData getInstance( Object obj) @@ -172,16 +212,6 @@ public class AuthEnvelopedData /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * AuthEnvelopedData ::= SEQUENCE { - * version CMSVersion, - * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, - * recipientInfos RecipientInfos, - * authEncryptedContentInfo EncryptedContentInfo, - * authAttrs [1] IMPLICIT AuthAttributes OPTIONAL, - * mac MessageAuthenticationCode, - * unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java index 55569a7..8460c33 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java @@ -11,7 +11,7 @@ import org.bouncycastle.asn1.ASN1TaggedObjectParser; import org.bouncycastle.asn1.BERTags; /** - * Produce an object suitable for an ASN1OutputStream. + * Parse {@link AuthEnvelopedData} input stream. * * <pre> * AuthEnvelopedData ::= SEQUENCE { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedData.java index bbf98f1..c0945f3 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedData.java @@ -14,6 +14,30 @@ import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-9.1">RFC 5652</a> section 9.1: + * The AuthenticatedData carries AuthAttributes and other data + * which define what really is being signed. + * <p> + * <pre> + * AuthenticatedData ::= SEQUENCE { + * version CMSVersion, + * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, + * recipientInfos RecipientInfos, + * macAlgorithm MessageAuthenticationCodeAlgorithm, + * digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL, + * encapContentInfo EncapsulatedContentInfo, + * authAttrs [2] IMPLICIT AuthAttributes OPTIONAL, + * mac MessageAuthenticationCode, + * unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL } + * + * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute + * + * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute + * + * MessageAuthenticationCode ::= OCTET STRING + * </pre> + */ public class AuthenticatedData extends ASN1Object { @@ -57,6 +81,9 @@ public class AuthenticatedData this.unauthAttrs = unauthAttrs; } + /** + * @deprecated use getInstance() + */ public AuthenticatedData( ASN1Sequence seq) { @@ -102,7 +129,7 @@ public class AuthenticatedData } /** - * return an AuthenticatedData object from a tagged object. + * Return an AuthenticatedData object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -118,7 +145,14 @@ public class AuthenticatedData } /** - * return an AuthenticatedData object from the given object. + * Return an AuthenticatedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link AuthenticatedData} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with AuthenticatedData structure inside + * </ul> * * @param obj the object we want converted. * @throws IllegalArgumentException if the object cannot be converted. @@ -186,24 +220,6 @@ public class AuthenticatedData /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * AuthenticatedData ::= SEQUENCE { - * version CMSVersion, - * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, - * recipientInfos RecipientInfos, - * macAlgorithm MessageAuthenticationCodeAlgorithm, - * digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL, - * encapContentInfo EncapsulatedContentInfo, - * authAttrs [2] IMPLICIT AuthAttributes OPTIONAL, - * mac MessageAuthenticationCode, - * unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL } - * - * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute - * - * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute - * - * MessageAuthenticationCode ::= OCTET STRING - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedDataParser.java index fd867e2..ce9aa4f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedDataParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedDataParser.java @@ -13,7 +13,7 @@ import org.bouncycastle.asn1.BERTags; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; /** - * Produce an object suitable for an ASN1OutputStream. + * Parse {@link AuthenticatedData} stream. * <pre> * AuthenticatedData ::= SEQUENCE { * version CMSVersion, @@ -127,9 +127,18 @@ public class AuthenticatedDataParser return null; } + /** + * @deprecated use getEncapsulatedContentInfo() + */ public ContentInfoParser getEnapsulatedContentInfo() throws IOException { + return getEncapsulatedContentInfo(); + } + + public ContentInfoParser getEncapsulatedContentInfo() + throws IOException + { if (nextObject == null) { nextObject = seq.readObject(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CCMParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CCMParameters.java new file mode 100644 index 0000000..3277bb2 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CCMParameters.java @@ -0,0 +1,102 @@ +package org.bouncycastle.asn1.cms; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Object; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.util.Arrays; + +/** + * <a href="http://tools.ietf.org/html/rfc5084">RFC 5084</a>: CCMParameters object. + * <p> + * <pre> + CCMParameters ::= SEQUENCE { + aes-nonce OCTET STRING, -- recommended size is 12 octets + aes-ICVlen AES-CCM-ICVlen DEFAULT 12 } + * </pre> + */ +public class CCMParameters + extends ASN1Object +{ + private byte[] nonce; + private int icvLen; + + /** + * Return an CCMParameters object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link org.bouncycastle.asn1.cms.CCMParameters} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(Object) ASN1Sequence} input formats with CCMParameters structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ + public static CCMParameters getInstance( + Object obj) + { + if (obj instanceof CCMParameters) + { + return (CCMParameters)obj; + } + else if (obj != null) + { + return new CCMParameters(ASN1Sequence.getInstance(obj)); + } + + return null; + } + + private CCMParameters( + ASN1Sequence seq) + { + this.nonce = ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets(); + + if (seq.size() == 2) + { + this.icvLen = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue().intValue(); + } + else + { + this.icvLen = 12; + } + } + + public CCMParameters( + byte[] nonce, + int icvLen) + { + this.nonce = Arrays.clone(nonce); + this.icvLen = icvLen; + } + + public byte[] getNonce() + { + return Arrays.clone(nonce); + } + + public int getIcvLen() + { + return icvLen; + } + + public ASN1Primitive toASN1Primitive() + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new DEROctetString(nonce)); + + if (icvLen != 12) + { + v.add(new ASN1Integer(icvLen)); + } + + return new DERSequence(v); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSAttributes.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSAttributes.java index 5e97324..d2fc7d1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSAttributes.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSAttributes.java @@ -3,11 +3,28 @@ package org.bouncycastle.asn1.cms; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +/** + * <a href="http://tools.ietf.org/html/rfc5652">RFC 5652</a> CMS attribute OID constants. + * <pre> + * contentType ::= 1.2.840.113549.1.9.3 + * messageDigest ::= 1.2.840.113549.1.9.4 + * signingTime ::= 1.2.840.113549.1.9.5 + * counterSignature ::= 1.2.840.113549.1.9.6 + * + * contentHint ::= 1.2.840.113549.1.9.16.2.4 + * </pre> + */ + public interface CMSAttributes { + /** PKCS#9: 1.2.840.113549.1.9.3 */ public static final ASN1ObjectIdentifier contentType = PKCSObjectIdentifiers.pkcs_9_at_contentType; + /** PKCS#9: 1.2.840.113549.1.9.4 */ public static final ASN1ObjectIdentifier messageDigest = PKCSObjectIdentifiers.pkcs_9_at_messageDigest; + /** PKCS#9: 1.2.840.113549.1.9.5 */ public static final ASN1ObjectIdentifier signingTime = PKCSObjectIdentifiers.pkcs_9_at_signingTime; + /** PKCS#9: 1.2.840.113549.1.9.6 */ public static final ASN1ObjectIdentifier counterSignature = PKCSObjectIdentifiers.pkcs_9_at_counterSignature; + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.4 - See <a href="http://tools.ietf.org/html/rfc2634">RFC 2634</a> */ public static final ASN1ObjectIdentifier contentHint = PKCSObjectIdentifiers.id_aa_contentHint; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSObjectIdentifiers.java index 6294d97..b88bf6e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CMSObjectIdentifiers.java @@ -5,24 +5,39 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; public interface CMSObjectIdentifiers { + /** PKCS#7: 1.2.840.113549.1.7.1 */ static final ASN1ObjectIdentifier data = PKCSObjectIdentifiers.data; + /** PKCS#7: 1.2.840.113549.1.7.2 */ static final ASN1ObjectIdentifier signedData = PKCSObjectIdentifiers.signedData; + /** PKCS#7: 1.2.840.113549.1.7.3 */ static final ASN1ObjectIdentifier envelopedData = PKCSObjectIdentifiers.envelopedData; + /** PKCS#7: 1.2.840.113549.1.7.4 */ static final ASN1ObjectIdentifier signedAndEnvelopedData = PKCSObjectIdentifiers.signedAndEnvelopedData; + /** PKCS#7: 1.2.840.113549.1.7.5 */ static final ASN1ObjectIdentifier digestedData = PKCSObjectIdentifiers.digestedData; + /** PKCS#7: 1.2.840.113549.1.7.6 */ static final ASN1ObjectIdentifier encryptedData = PKCSObjectIdentifiers.encryptedData; + /** PKCS#9: 1.2.840.113549.1.9.16.1.2 -- smime ct authData */ static final ASN1ObjectIdentifier authenticatedData = PKCSObjectIdentifiers.id_ct_authData; + /** PKCS#9: 1.2.840.113549.1.9.16.1.9 -- smime ct compressedData */ static final ASN1ObjectIdentifier compressedData = PKCSObjectIdentifiers.id_ct_compressedData; + /** PKCS#9: 1.2.840.113549.1.9.16.1.23 -- smime ct authEnvelopedData */ static final ASN1ObjectIdentifier authEnvelopedData = PKCSObjectIdentifiers.id_ct_authEnvelopedData; + /** PKCS#9: 1.2.840.113549.1.9.16.1.31 -- smime ct timestampedData*/ static final ASN1ObjectIdentifier timestampedData = PKCSObjectIdentifiers.id_ct_timestampedData; /** * The other Revocation Info arc + * <p> + * <pre> * id-ri OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) - * dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) } + * dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) } + * </pre> */ static final ASN1ObjectIdentifier id_ri = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.16"); + /** 1.3.6.1.5.5.7.16.2 */ static final ASN1ObjectIdentifier id_ri_ocsp_response = id_ri.branch("2"); + /** 1.3.6.1.5.5.7.16.4 */ static final ASN1ObjectIdentifier id_ri_scvp = id_ri.branch("4"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedData.java index e9d9f67..e546470 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedData.java @@ -10,12 +10,13 @@ import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; /** - * RFC 3274 - CMS Compressed Data. + * <a href="http://tools.ietf.org/html/rfc3274">RFC 3274</a>: CMS Compressed Data. + * * <pre> * CompressedData ::= SEQUENCE { - * version CMSVersion, - * compressionAlgorithm CompressionAlgorithmIdentifier, - * encapContentInfo EncapsulatedContentInfo + * version CMSVersion, + * compressionAlgorithm CompressionAlgorithmIdentifier, + * encapContentInfo EncapsulatedContentInfo * } * </pre> */ @@ -41,27 +42,33 @@ public class CompressedData this.version = (ASN1Integer)seq.getObjectAt(0); this.compressionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1)); this.encapContentInfo = ContentInfo.getInstance(seq.getObjectAt(2)); - } /** - * return a CompressedData object from a tagged object. + * Return a CompressedData object from a tagged object. * - * @param _ato the tagged object holding the object we want. - * @param _explicit true if the object is meant to be explicitly + * @param ato the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly * tagged false otherwise. * @exception IllegalArgumentException if the object held by the * tagged object cannot be converted. */ public static CompressedData getInstance( - ASN1TaggedObject _ato, - boolean _explicit) + ASN1TaggedObject ato, + boolean isExplicit) { - return getInstance(ASN1Sequence.getInstance(_ato, _explicit)); + return getInstance(ASN1Sequence.getInstance(ato, isExplicit)); } /** - * return a CompressedData object from the given object. + * Return a CompressedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link CompressedData} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with CompressedData structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedDataParser.java index 035e19d..41895ce 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedDataParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedDataParser.java @@ -7,12 +7,13 @@ import org.bouncycastle.asn1.ASN1SequenceParser; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; /** - * RFC 3274 - CMS Compressed Data. + * Parser of <a href="http://tools.ietf.org/html/rfc3274">RFC 3274</a> {@link CompressedData} object. + * <p> * <pre> * CompressedData ::= SEQUENCE { - * version CMSVersion, - * compressionAlgorithm CompressionAlgorithmIdentifier, - * encapContentInfo EncapsulatedContentInfo + * version CMSVersion, + * compressionAlgorithm CompressionAlgorithmIdentifier, + * encapContentInfo EncapsulatedContentInfo * } * </pre> */ diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java index 345cf2c..2e8e039 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java @@ -10,6 +10,22 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.BERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-3">RFC 5652</a> ContentInfo, and + * <a href="http://tools.ietf.org/html/rfc5652#section-5.2">RFC 5652</a> EncapsulatedContentInfo objects. + * + * <pre> + * ContentInfo ::= SEQUENCE { + * contentType ContentType, + * content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL + * } + * + * EncapsulatedContentInfo ::= SEQUENCE { + * eContentType ContentType, + * eContent [0] EXPLICIT OCTET STRING OPTIONAL + * } + * </pre> + */ public class ContentInfo extends ASN1Object implements CMSObjectIdentifiers @@ -17,6 +33,19 @@ public class ContentInfo private ASN1ObjectIdentifier contentType; private ASN1Encodable content; + /** + * Return an ContentInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link ContentInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with ContentInfo structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static ContentInfo getInstance( Object obj) { @@ -84,12 +113,6 @@ public class ContentInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * ContentInfo ::= SEQUENCE { - * contentType ContentType, - * content - * [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfoParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfoParser.java index bbc3176..19f0ec8 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfoParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfoParser.java @@ -8,12 +8,12 @@ import org.bouncycastle.asn1.ASN1SequenceParser; import org.bouncycastle.asn1.ASN1TaggedObjectParser; /** - * Produce an object suitable for an ASN1OutputStream. + * <a href="http://tools.ietf.org/html/rfc5652#section-3">RFC 5652</a> {@link ContentInfo} object parser. + * * <pre> * ContentInfo ::= SEQUENCE { - * contentType ContentType, - * content - * [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } + * contentType ContentType, + * content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } * </pre> */ public class ContentInfoParser diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/DigestedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/DigestedData.java index 32b7e40..0f3b906 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/DigestedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/DigestedData.java @@ -12,13 +12,13 @@ import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; /** - * RFC 3274 - CMS Digest Data. + * <a href="http://tools.ietf.org/html/rfc5652#section-7">RFC 5652</a> DigestedData object. * <pre> * DigestedData ::= SEQUENCE { - * version CMSVersion, - * digestAlgorithm DigestAlgorithmIdentifier, - * encapContentInfo EncapsulatedContentInfo, - * digest Digest } + * version CMSVersion, + * digestAlgorithm DigestAlgorithmIdentifier, + * encapContentInfo EncapsulatedContentInfo, + * digest Digest } * </pre> */ public class DigestedData @@ -50,23 +50,30 @@ public class DigestedData } /** - * return a CompressedData object from a tagged object. + * Return a DigestedData object from a tagged object. * - * @param _ato the tagged object holding the object we want. - * @param _explicit true if the object is meant to be explicitly + * @param ato the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly * tagged false otherwise. * @exception IllegalArgumentException if the object held by the * tagged object cannot be converted. */ public static DigestedData getInstance( - ASN1TaggedObject _ato, - boolean _explicit) + ASN1TaggedObject ato, + boolean isExplicit) { - return getInstance(ASN1Sequence.getInstance(_ato, _explicit)); + return getInstance(ASN1Sequence.getInstance(ato, isExplicit)); } /** - * return a CompressedData object from the given object. + * Return a DigestedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link DigestedData} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfo.java index 14265e5..64d887d 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfo.java @@ -11,6 +11,17 @@ import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.BERTaggedObject; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> EncryptedContentInfo object. + * + * <pre> + * EncryptedContentInfo ::= SEQUENCE { + * contentType ContentType, + * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, + * encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL + * } + * </pre> + */ public class EncryptedContentInfo extends ASN1Object { @@ -47,7 +58,14 @@ public class EncryptedContentInfo } /** - * return an EncryptedContentInfo object from the given object. + * Return an EncryptedContentInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link EncryptedContentInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -84,13 +102,6 @@ public class EncryptedContentInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * EncryptedContentInfo ::= SEQUENCE { - * contentType ContentType, - * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, - * encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java index 1e6f040..77fb0bb 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java @@ -9,6 +9,8 @@ import org.bouncycastle.asn1.ASN1TaggedObjectParser; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; /** + * Parser for <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> EncryptedContentInfo object. + * <p> * <pre> * EncryptedContentInfo ::= SEQUENCE { * contentType ContentType, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java index 9d61b33..2c83958 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java @@ -9,6 +9,16 @@ import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.BERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-8">RFC 5652</a> EncryptedData object. + * <p> + * <pre> + * EncryptedData ::= SEQUENCE { + * version CMSVersion, + * encryptedContentInfo EncryptedContentInfo, + * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } + * </pre> + */ public class EncryptedData extends ASN1Object { @@ -16,6 +26,19 @@ public class EncryptedData private EncryptedContentInfo encryptedContentInfo; private ASN1Set unprotectedAttrs; + /** + * Return an EncryptedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link EncryptedData} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats + * </ul> + * + * @param o the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static EncryptedData getInstance(Object o) { if (o instanceof EncryptedData) @@ -70,12 +93,6 @@ public class EncryptedData } /** - * <pre> - * EncryptedData ::= SEQUENCE { - * version CMSVersion, - * encryptedContentInfo EncryptedContentInfo, - * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } - * </pre> * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedData.java index 6d8b484..994575a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedData.java @@ -12,6 +12,18 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> EnvelopedData object. + * <pre> + * EnvelopedData ::= SEQUENCE { + * version CMSVersion, + * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, + * recipientInfos RecipientInfos, + * encryptedContentInfo EncryptedContentInfo, + * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL + * } + * </pre> + */ public class EnvelopedData extends ASN1Object { @@ -78,7 +90,7 @@ public class EnvelopedData } /** - * return an EnvelopedData object from a tagged object. + * Return an EnvelopedData object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -94,7 +106,14 @@ public class EnvelopedData } /** - * return an EnvelopedData object from the given object. + * Return an EnvelopedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link EnvelopedData} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with EnvelopedData structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -142,15 +161,6 @@ public class EnvelopedData /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * EnvelopedData ::= SEQUENCE { - * version CMSVersion, - * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, - * recipientInfos RecipientInfos, - * encryptedContentInfo EncryptedContentInfo, - * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedDataParser.java index 73529fd..774813a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedDataParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedDataParser.java @@ -10,6 +10,8 @@ import org.bouncycastle.asn1.ASN1TaggedObjectParser; import org.bouncycastle.asn1.BERTags; /** + * Parser of <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> {@link EnvelopedData} object. + * <p> * <pre> * EnvelopedData ::= SEQUENCE { * version CMSVersion, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Evidence.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Evidence.java index c68ec9a..4dcbfde 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Evidence.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Evidence.java @@ -6,6 +6,18 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>: + * Binding Documents with Time-Stamps; Evidence object. + * <p> + * <pre> + * Evidence ::= CHOICE { + * tstEvidence [0] TimeStampTokenEvidence, -- see RFC 3161 + * ersEvidence [1] EvidenceRecord, -- see RFC 4998 + * otherEvidence [2] OtherEvidence + * } + * </pre> + */ public class Evidence extends ASN1Object implements ASN1Choice @@ -25,6 +37,18 @@ public class Evidence } } + /** + * Return an Evidence object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> {@link Evidence} object + * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} input formats with Evidence data inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static Evidence getInstance(Object obj) { if (obj == null || obj instanceof Evidence) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/GCMParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/GCMParameters.java new file mode 100644 index 0000000..0f03c87 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/GCMParameters.java @@ -0,0 +1,102 @@ +package org.bouncycastle.asn1.cms; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Object; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.util.Arrays; + +/** + * <a href="http://tools.ietf.org/html/rfc5084">RFC 5084</a>: GCMParameters object. + * <p> + * <pre> + GCMParameters ::= SEQUENCE { + aes-nonce OCTET STRING, -- recommended size is 12 octets + aes-ICVlen AES-GCM-ICVlen DEFAULT 12 } + * </pre> + */ +public class GCMParameters + extends ASN1Object +{ + private byte[] nonce; + private int icvLen; + + /** + * Return an GCMParameters object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link org.bouncycastle.asn1.cms.GCMParameters} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(Object) ASN1Sequence} input formats with GCMParameters structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ + public static GCMParameters getInstance( + Object obj) + { + if (obj instanceof GCMParameters) + { + return (GCMParameters)obj; + } + else if (obj != null) + { + return new GCMParameters(ASN1Sequence.getInstance(obj)); + } + + return null; + } + + private GCMParameters( + ASN1Sequence seq) + { + this.nonce = ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets(); + + if (seq.size() == 2) + { + this.icvLen = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue().intValue(); + } + else + { + this.icvLen = 12; + } + } + + public GCMParameters( + byte[] nonce, + int icvLen) + { + this.nonce = Arrays.clone(nonce); + this.icvLen = icvLen; + } + + public byte[] getNonce() + { + return Arrays.clone(nonce); + } + + public int getIcvLen() + { + return icvLen; + } + + public ASN1Primitive toASN1Primitive() + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new DEROctetString(nonce)); + + if (icvLen != 12) + { + v.add(new ASN1Integer(icvLen)); + } + + return new DERSequence(v); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/IssuerAndSerialNumber.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/IssuerAndSerialNumber.java index ad0dbb1..d46cbfb 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/IssuerAndSerialNumber.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/IssuerAndSerialNumber.java @@ -13,12 +13,37 @@ import org.bouncycastle.asn1.x509.Certificate; import org.bouncycastle.asn1.x509.X509CertificateStructure; import org.bouncycastle.asn1.x509.X509Name; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.4">RFC 5652</a>: IssuerAndSerialNumber object. + * <p> + * <pre> + * IssuerAndSerialNumber ::= SEQUENCE { + * issuer Name, + * serialNumber CertificateSerialNumber + * } + * + * CertificateSerialNumber ::= INTEGER -- See RFC 5280 + * </pre> + */ public class IssuerAndSerialNumber extends ASN1Object { private X500Name name; private ASN1Integer serialNumber; + /** + * Return an IssuerAndSerialNumber object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link IssuerAndSerialNumber} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with IssuerAndSerialNumber structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static IssuerAndSerialNumber getInstance( Object obj) { @@ -36,7 +61,6 @@ public class IssuerAndSerialNumber /** * @deprecated use getInstance() method. - * @param seq */ public IssuerAndSerialNumber( ASN1Sequence seq) @@ -52,6 +76,9 @@ public class IssuerAndSerialNumber this.serialNumber = certificate.getSerialNumber(); } + /** + * @deprecated use constructor taking Certificate + */ public IssuerAndSerialNumber( X509CertificateStructure certificate) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKIdentifier.java index 67c68ab..0361e9f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKIdentifier.java @@ -10,6 +10,18 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.3">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <p> + * <pre> + * KEKIdentifier ::= SEQUENCE { + * keyIdentifier OCTET STRING, + * date GeneralizedTime OPTIONAL, + * other OtherKeyAttribute OPTIONAL + * } + * </pre> + */ public class KEKIdentifier extends ASN1Object { @@ -56,7 +68,7 @@ public class KEKIdentifier } /** - * return a KEKIdentifier object from a tagged object. + * Return a KEKIdentifier object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -72,7 +84,14 @@ public class KEKIdentifier } /** - * return a KEKIdentifier object from the given object. + * Return a KEKIdentifier object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link KEKIdentifier} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KEKIdentifier structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -110,13 +129,6 @@ public class KEKIdentifier /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * KEKIdentifier ::= SEQUENCE { - * keyIdentifier OCTET STRING, - * date GeneralizedTime OPTIONAL, - * other OtherKeyAttribute OPTIONAL - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKRecipientInfo.java index 6c67772..2d0cfa6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKRecipientInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKRecipientInfo.java @@ -10,6 +10,19 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.3">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <p> + * <pre> + * KEKRecipientInfo ::= SEQUENCE { + * version CMSVersion, -- always set to 4 + * kekid KEKIdentifier, + * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + * encryptedKey EncryptedKey + * } + * </pre> + */ public class KEKRecipientInfo extends ASN1Object { @@ -39,7 +52,7 @@ public class KEKRecipientInfo } /** - * return a KEKRecipientInfo object from a tagged object. + * Return a KEKRecipientInfo object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -55,7 +68,14 @@ public class KEKRecipientInfo } /** - * return a KEKRecipientInfo object from the given object. + * Return a KEKRecipientInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link KEKRecipientInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KEKRecipientInfo structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -63,17 +83,17 @@ public class KEKRecipientInfo public static KEKRecipientInfo getInstance( Object obj) { - if (obj == null || obj instanceof KEKRecipientInfo) + if (obj instanceof KEKRecipientInfo) { return (KEKRecipientInfo)obj; } - if(obj instanceof ASN1Sequence) + if (obj != null) { - return new KEKRecipientInfo((ASN1Sequence)obj); + return new KEKRecipientInfo(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException("Invalid KEKRecipientInfo: " + obj.getClass().getName()); + return null; } public ASN1Integer getVersion() @@ -98,14 +118,6 @@ public class KEKRecipientInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * KEKRecipientInfo ::= SEQUENCE { - * version CMSVersion, -- always set to 4 - * kekid KEKIdentifier, - * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, - * encryptedKey EncryptedKey - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java index 29f455a..6580cd4 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java @@ -7,6 +7,16 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <p> + * <pre> + * KeyAgreeRecipientIdentifier ::= CHOICE { + * issuerAndSerialNumber IssuerAndSerialNumber, + * rKeyId [0] IMPLICIT RecipientKeyIdentifier } + * </pre> + */ public class KeyAgreeRecipientIdentifier extends ASN1Object implements ASN1Choice @@ -15,7 +25,7 @@ public class KeyAgreeRecipientIdentifier private RecipientKeyIdentifier rKeyID; /** - * return an KeyAgreeRecipientIdentifier object from a tagged object. + * Return an KeyAgreeRecipientIdentifier object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -31,7 +41,16 @@ public class KeyAgreeRecipientIdentifier } /** - * return an KeyAgreeRecipientIdentifier object from the given object. + * Return an KeyAgreeRecipientIdentifier object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> {@link KeyAgreeRecipientIdentifier} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with IssuerAndSerialNumber structure inside + * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} with tag value 0: a KeyAgreeRecipientIdentifier data structure + * </ul> + * <p> + * Note: no byte[] input! * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -84,12 +103,6 @@ public class KeyAgreeRecipientIdentifier /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * KeyAgreeRecipientIdentifier ::= CHOICE { - * issuerAndSerialNumber IssuerAndSerialNumber, - * rKeyId [0] IMPLICIT RecipientKeyIdentifier - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java index c6e5744..224932a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java @@ -11,6 +11,22 @@ import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <p> + * <pre> + * KeyAgreeRecipientInfo ::= SEQUENCE { + * version CMSVersion, -- always set to 3 + * originator [0] EXPLICIT OriginatorIdentifierOrKey, + * ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, + * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + * recipientEncryptedKeys RecipientEncryptedKeys + * } + * + * UserKeyingMaterial ::= OCTET STRING + * </pre> + */ public class KeyAgreeRecipientInfo extends ASN1Object { @@ -32,7 +48,10 @@ public class KeyAgreeRecipientInfo this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; this.recipientEncryptedKeys = recipientEncryptedKeys; } - + + /** + * @deprecated use getInstance() + */ public KeyAgreeRecipientInfo( ASN1Sequence seq) { @@ -55,7 +74,7 @@ public class KeyAgreeRecipientInfo } /** - * return a KeyAgreeRecipientInfo object from a tagged object. + * Return a KeyAgreeRecipientInfo object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -71,7 +90,14 @@ public class KeyAgreeRecipientInfo } /** - * return a KeyAgreeRecipientInfo object from the given object. + * Return a KeyAgreeRecipientInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link KeyAgreeRecipientInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KeyAgreeRecipientInfo structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -79,19 +105,17 @@ public class KeyAgreeRecipientInfo public static KeyAgreeRecipientInfo getInstance( Object obj) { - if (obj == null || obj instanceof KeyAgreeRecipientInfo) + if (obj instanceof KeyAgreeRecipientInfo) { return (KeyAgreeRecipientInfo)obj; } - if (obj instanceof ASN1Sequence) + if (obj != null) { - return new KeyAgreeRecipientInfo((ASN1Sequence)obj); + return new KeyAgreeRecipientInfo(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException( - "Illegal object in KeyAgreeRecipientInfo: " + obj.getClass().getName()); - + return null; } public ASN1Integer getVersion() @@ -121,17 +145,6 @@ public class KeyAgreeRecipientInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * KeyAgreeRecipientInfo ::= SEQUENCE { - * version CMSVersion, -- always set to 3 - * originator [0] EXPLICIT OriginatorIdentifierOrKey, - * ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, - * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, - * recipientEncryptedKeys RecipientEncryptedKeys - * } - * - * UserKeyingMaterial ::= OCTET STRING - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java index 8b0a545..7d31111 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java @@ -10,6 +10,18 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.1">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <pre> + * KeyTransRecipientInfo ::= SEQUENCE { + * version CMSVersion, -- always set to 0 or 2 + * rid RecipientIdentifier, + * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + * encryptedKey EncryptedKey + * } + * </pre> + */ public class KeyTransRecipientInfo extends ASN1Object { @@ -36,7 +48,10 @@ public class KeyTransRecipientInfo this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; this.encryptedKey = encryptedKey; } - + + /** + * @deprecated use getInstance() + */ public KeyTransRecipientInfo( ASN1Sequence seq) { @@ -47,7 +62,14 @@ public class KeyTransRecipientInfo } /** - * return a KeyTransRecipientInfo object from the given object. + * Return a KeyTransRecipientInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link KeyTransRecipientInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KeyTransRecipientInfo structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -55,18 +77,17 @@ public class KeyTransRecipientInfo public static KeyTransRecipientInfo getInstance( Object obj) { - if (obj == null || obj instanceof KeyTransRecipientInfo) + if (obj instanceof KeyTransRecipientInfo) { return (KeyTransRecipientInfo)obj; } - if(obj instanceof ASN1Sequence) + if(obj != null) { - return new KeyTransRecipientInfo((ASN1Sequence)obj); + return new KeyTransRecipientInfo(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException( - "Illegal object in KeyTransRecipientInfo: " + obj.getClass().getName()); + return null; } public ASN1Integer getVersion() @@ -91,14 +112,6 @@ public class KeyTransRecipientInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * KeyTransRecipientInfo ::= SEQUENCE { - * version CMSVersion, -- always set to 0 or 2 - * rid RecipientIdentifier, - * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, - * encryptedKey EncryptedKey - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/MetaData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/MetaData.java index 73db22e..667187b 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/MetaData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/MetaData.java @@ -9,6 +9,19 @@ import org.bouncycastle.asn1.DERIA5String; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERUTF8String; +/** + * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>: + * Binding Documents with Time-Stamps; MetaData object. + * <p> + * <pre> + * MetaData ::= SEQUENCE { + * hashProtected BOOLEAN, + * fileName UTF8String OPTIONAL, + * mediaType IA5String OPTIONAL, + * otherMetaData Attributes OPTIONAL + * } + * </pre> + */ public class MetaData extends ASN1Object { @@ -49,6 +62,19 @@ public class MetaData } } + /** + * Return a MetaData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link MetaData} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with MetaData structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static MetaData getInstance(Object obj) { if (obj instanceof MetaData) @@ -63,17 +89,6 @@ public class MetaData return null; } - /** - * <pre> - * MetaData ::= SEQUENCE { - * hashProtected BOOLEAN, - * fileName UTF8String OPTIONAL, - * mediaType IA5String OPTIONAL, - * otherMetaData Attributes OPTIONAL - * } - * </pre> - * @return - */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java index c7c3ecb..2096be2 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java @@ -9,6 +9,19 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <pre> + * OriginatorIdentifierOrKey ::= CHOICE { + * issuerAndSerialNumber IssuerAndSerialNumber, + * subjectKeyIdentifier [0] SubjectKeyIdentifier, + * originatorKey [1] OriginatorPublicKey + * } + * + * SubjectKeyIdentifier ::= OCTET STRING + * </pre> + */ public class OriginatorIdentifierOrKey extends ASN1Object implements ASN1Choice @@ -52,7 +65,7 @@ public class OriginatorIdentifierOrKey } /** - * return an OriginatorIdentifierOrKey object from a tagged object. + * Return an OriginatorIdentifierOrKey object from a tagged object. * * @param o the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -74,7 +87,17 @@ public class OriginatorIdentifierOrKey } /** - * return an OriginatorIdentifierOrKey object from the given object. + * Return an OriginatorIdentifierOrKey object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link OriginatorIdentifierOrKey} object + * <li> {@link IssuerAndSerialNumber} object + * <li> {@link SubjectKeyIdentifier} object + * <li> {@link OriginatorPublicKey} object + * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} input formats with IssuerAndSerialNumber structure inside + * </ul> * * @param o the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -148,15 +171,6 @@ public class OriginatorIdentifierOrKey /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * OriginatorIdentifierOrKey ::= CHOICE { - * issuerAndSerialNumber IssuerAndSerialNumber, - * subjectKeyIdentifier [0] SubjectKeyIdentifier, - * originatorKey [1] OriginatorPublicKey - * } - * - * SubjectKeyIdentifier ::= OCTET STRING - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorInfo.java index d87054b..96abf7d 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorInfo.java @@ -9,6 +9,36 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.1">RFC 5652</a>: OriginatorInfo object. + * <pre> + * RFC 3369: + * + * OriginatorInfo ::= SEQUENCE { + * certs [0] IMPLICIT CertificateSet OPTIONAL, + * crls [1] IMPLICIT CertificateRevocationLists OPTIONAL + * } + * CertificateRevocationLists ::= SET OF CertificateList (from X.509) + * + * RFC 3582 / 5652: + * + * OriginatorInfo ::= SEQUENCE { + * certs [0] IMPLICIT CertificateSet OPTIONAL, + * crls [1] IMPLICIT RevocationInfoChoices OPTIONAL + * } + * RevocationInfoChoices ::= SET OF RevocationInfoChoice + * RevocationInfoChoice ::= CHOICE { + * crl CertificateList, + * other [1] IMPLICIT OtherRevocationInfoFormat } + * + * OtherRevocationInfoFormat ::= SEQUENCE { + * otherRevInfoFormat OBJECT IDENTIFIER, + * otherRevInfo ANY DEFINED BY otherRevInfoFormat } + * </pre> + * <p> + * TODO: RevocationInfoChoices / RevocationInfoChoice. + * Constructor using CertificateSet, CertificationInfoChoices + */ public class OriginatorInfo extends ASN1Object { @@ -54,7 +84,7 @@ public class OriginatorInfo } /** - * return an OriginatorInfo object from a tagged object. + * Return an OriginatorInfo object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -70,7 +100,14 @@ public class OriginatorInfo } /** - * return an OriginatorInfo object from the given object. + * Return an OriginatorInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link OriginatorInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OriginatorInfo structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -86,7 +123,7 @@ public class OriginatorInfo { return new OriginatorInfo(ASN1Sequence.getInstance(obj)); } - + return null; } @@ -102,12 +139,6 @@ public class OriginatorInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * OriginatorInfo ::= SEQUENCE { - * certs [0] IMPLICIT CertificateSet OPTIONAL, - * crls [1] IMPLICIT CertificateRevocationLists OPTIONAL - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorPublicKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorPublicKey.java index 5d95d13..b9bc52f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorPublicKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorPublicKey.java @@ -9,7 +9,17 @@ import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; - +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <p> + * <pre> + * OriginatorPublicKey ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * publicKey BIT STRING + * } + * </pre> + */ public class OriginatorPublicKey extends ASN1Object { @@ -23,7 +33,10 @@ public class OriginatorPublicKey this.algorithm = algorithm; this.publicKey = new DERBitString(publicKey); } - + + /** + * @deprecated use getInstance() + */ public OriginatorPublicKey( ASN1Sequence seq) { @@ -32,7 +45,7 @@ public class OriginatorPublicKey } /** - * return an OriginatorPublicKey object from a tagged object. + * Return an OriginatorPublicKey object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -48,7 +61,14 @@ public class OriginatorPublicKey } /** - * return an OriginatorPublicKey object from the given object. + * Return an OriginatorPublicKey object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link OriginatorPublicKey} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OriginatorPublicKey structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -56,17 +76,17 @@ public class OriginatorPublicKey public static OriginatorPublicKey getInstance( Object obj) { - if (obj == null || obj instanceof OriginatorPublicKey) + if (obj instanceof OriginatorPublicKey) { return (OriginatorPublicKey)obj; } - if (obj instanceof ASN1Sequence) + if (obj != null) { - return new OriginatorPublicKey((ASN1Sequence)obj); + return new OriginatorPublicKey(ASN1Sequence.getInstance(obj)); } - - throw new IllegalArgumentException("Invalid OriginatorPublicKey: " + obj.getClass().getName()); + + return null; } public AlgorithmIdentifier getAlgorithm() @@ -81,12 +101,6 @@ public class OriginatorPublicKey /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * OriginatorPublicKey ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * publicKey BIT STRING - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherKeyAttribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherKeyAttribute.java index 1336bb6..7363c81 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherKeyAttribute.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherKeyAttribute.java @@ -8,6 +8,16 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERSequence; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.7">RFC 5652</a>: OtherKeyAttribute object. + * <p> + * <pre> + * OtherKeyAttribute ::= SEQUENCE { + * keyAttrId OBJECT IDENTIFIER, + * keyAttr ANY DEFINED BY keyAttrId OPTIONAL + * } + * </pre> + */ public class OtherKeyAttribute extends ASN1Object { @@ -15,7 +25,14 @@ public class OtherKeyAttribute private ASN1Encodable keyAttr; /** - * return an OtherKeyAttribute object from the given object. + * Return an OtherKeyAttribute object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link OtherKeyAttribute} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OtherKeyAttribute structure inside + * </ul> * * @param o the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -23,19 +40,22 @@ public class OtherKeyAttribute public static OtherKeyAttribute getInstance( Object o) { - if (o == null || o instanceof OtherKeyAttribute) + if (o instanceof OtherKeyAttribute) { return (OtherKeyAttribute)o; } - if (o instanceof ASN1Sequence) + if (o != null) { - return new OtherKeyAttribute((ASN1Sequence)o); + return new OtherKeyAttribute(ASN1Sequence.getInstance(o)); } - throw new IllegalArgumentException("unknown object in factory: " + o.getClass().getName()); + return null; } - + + /** + * @deprecated use getInstance() + */ public OtherKeyAttribute( ASN1Sequence seq) { @@ -63,12 +83,6 @@ public class OtherKeyAttribute /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * OtherKeyAttribute ::= SEQUENCE { - * keyAttrId OBJECT IDENTIFIER, - * keyAttr ANY DEFINED BY keyAttrId OPTIONAL - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRecipientInfo.java index 692c96c..b77b150 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRecipientInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRecipientInfo.java @@ -9,6 +9,15 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.5">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <pre> + * OtherRecipientInfo ::= SEQUENCE { + * oriType OBJECT IDENTIFIER, + * oriValue ANY DEFINED BY oriType } + * </pre> + */ public class OtherRecipientInfo extends ASN1Object { @@ -25,7 +34,6 @@ public class OtherRecipientInfo /** * @deprecated use getInstance(). - * @param seq */ public OtherRecipientInfo( ASN1Sequence seq) @@ -35,7 +43,7 @@ public class OtherRecipientInfo } /** - * return a OtherRecipientInfo object from a tagged object. + * Return a OtherRecipientInfo object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -51,7 +59,14 @@ public class OtherRecipientInfo } /** - * return a OtherRecipientInfo object from the given object. + * Return a OtherRecipientInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link PasswordRecipientInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OtherRecipientInfo structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -84,11 +99,6 @@ public class OtherRecipientInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * OtherRecipientInfo ::= SEQUENCE { - * oriType OBJECT IDENTIFIER, - * oriValue ANY DEFINED BY oriType } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java index ae6518a..a8348ff 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java @@ -9,6 +9,15 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.1">RFC 5652</a>: OtherRevocationInfoFormat object. + * <p> + * <pre> + * OtherRevocationInfoFormat ::= SEQUENCE { + * otherRevInfoFormat OBJECT IDENTIFIER, + * otherRevInfo ANY DEFINED BY otherRevInfoFormat } + * </pre> + */ public class OtherRevocationInfoFormat extends ASN1Object { @@ -31,7 +40,7 @@ public class OtherRevocationInfoFormat } /** - * return a OtherRevocationInfoFormat object from a tagged object. + * Return a OtherRevocationInfoFormat object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -47,7 +56,14 @@ public class OtherRevocationInfoFormat } /** - * return a OtherRevocationInfoFormat object from the given object. + * Return a OtherRevocationInfoFormat object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link OtherRevocationInfoFormat} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OtherRevocationInfoFormat structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -80,11 +96,6 @@ public class OtherRevocationInfoFormat /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * OtherRevocationInfoFormat ::= SEQUENCE { - * otherRevInfoFormat OBJECT IDENTIFIER, - * otherRevInfo ANY DEFINED BY otherRevInfoFormat } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/PasswordRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/PasswordRecipientInfo.java index f325fcd..7ed16cf 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/PasswordRecipientInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/PasswordRecipientInfo.java @@ -11,6 +11,18 @@ import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.7">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <pre> + * PasswordRecipientInfo ::= SEQUENCE { + * version CMSVersion, -- Always set to 0 + * keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier + * OPTIONAL, + * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + * encryptedKey EncryptedKey } + * </pre> + */ public class PasswordRecipientInfo extends ASN1Object { @@ -38,7 +50,10 @@ public class PasswordRecipientInfo this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; this.encryptedKey = encryptedKey; } - + + /** + * @deprecated use getInstance() method. + */ public PasswordRecipientInfo( ASN1Sequence seq) { @@ -57,7 +72,7 @@ public class PasswordRecipientInfo } /** - * return a PasswordRecipientInfo object from a tagged object. + * Return a PasswordRecipientInfo object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -73,7 +88,14 @@ public class PasswordRecipientInfo } /** - * return a PasswordRecipientInfo object from the given object. + * Return a PasswordRecipientInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link PasswordRecipientInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with PasswordRecipientInfo structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -81,17 +103,17 @@ public class PasswordRecipientInfo public static PasswordRecipientInfo getInstance( Object obj) { - if (obj == null || obj instanceof PasswordRecipientInfo) + if (obj instanceof PasswordRecipientInfo) { return (PasswordRecipientInfo)obj; } - if(obj instanceof ASN1Sequence) + if (obj != null) { - return new PasswordRecipientInfo((ASN1Sequence)obj); + return new PasswordRecipientInfo(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException("Invalid PasswordRecipientInfo: " + obj.getClass().getName()); + return null; } public ASN1Integer getVersion() @@ -116,14 +138,6 @@ public class PasswordRecipientInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * PasswordRecipientInfo ::= SEQUENCE { - * version CMSVersion, -- Always set to 0 - * keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier - * OPTIONAL, - * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, - * encryptedKey EncryptedKey } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientEncryptedKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientEncryptedKey.java index 2f2a173..5062c10 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientEncryptedKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientEncryptedKey.java @@ -8,7 +8,16 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; - +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <pre> + * RecipientEncryptedKey ::= SEQUENCE { + * rid KeyAgreeRecipientIdentifier, + * encryptedKey EncryptedKey + * } + * </pre> + */ public class RecipientEncryptedKey extends ASN1Object { @@ -23,7 +32,7 @@ public class RecipientEncryptedKey } /** - * return an RecipientEncryptedKey object from a tagged object. + * Return an RecipientEncryptedKey object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -39,7 +48,14 @@ public class RecipientEncryptedKey } /** - * return a RecipientEncryptedKey object from the given object. + * Return a RecipientEncryptedKey object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link RecipientEncryptedKey} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with RecipientEncryptedKey structure inside + * </ul> * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -47,17 +63,17 @@ public class RecipientEncryptedKey public static RecipientEncryptedKey getInstance( Object obj) { - if (obj == null || obj instanceof RecipientEncryptedKey) + if (obj instanceof RecipientEncryptedKey) { return (RecipientEncryptedKey)obj; } - if (obj instanceof ASN1Sequence) + if (obj != null) { - return new RecipientEncryptedKey((ASN1Sequence)obj); + return new RecipientEncryptedKey(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException("Invalid RecipientEncryptedKey: " + obj.getClass().getName()); + return null; } public RecipientEncryptedKey( @@ -80,12 +96,6 @@ public class RecipientEncryptedKey /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * RecipientEncryptedKey ::= SEQUENCE { - * rid KeyAgreeRecipientIdentifier, - * encryptedKey EncryptedKey - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientIdentifier.java index 8aa992d..66b154a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientIdentifier.java @@ -8,6 +8,18 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.1">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <pre> + * RecipientIdentifier ::= CHOICE { + * issuerAndSerialNumber IssuerAndSerialNumber, + * subjectKeyIdentifier [0] SubjectKeyIdentifier + * } + * + * SubjectKeyIdentifier ::= OCTET STRING + * </pre> + */ public class RecipientIdentifier extends ASN1Object implements ASN1Choice @@ -33,7 +45,16 @@ public class RecipientIdentifier } /** - * return a RecipientIdentifier object from the given object. + * Return a RecipientIdentifier object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link RecipientIdentifier} object + * <li> {@link IssuerAndSerialNumber} object + * <li> {@link org.bouncycastle.asn1.ASN1OctetString#getInstance(java.lang.Object) ASN1OctetString} input formats (OctetString, byte[]) with value of KeyIdentifier in DER form + * <li> {@link org.bouncycastle.asn1.ASN1Primitive ASN1Primitive} for RecipientIdentifier constructor + * </ul> * * @param o the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -82,14 +103,6 @@ public class RecipientIdentifier /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * RecipientIdentifier ::= CHOICE { - * issuerAndSerialNumber IssuerAndSerialNumber, - * subjectKeyIdentifier [0] SubjectKeyIdentifier - * } - * - * SubjectKeyIdentifier ::= OCTET STRING - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientInfo.java index 7593a7a..39a7bb2 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientInfo.java @@ -9,6 +9,19 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <p> + * <pre> + * RecipientInfo ::= CHOICE { + * ktri KeyTransRecipientInfo, + * kari [1] KeyAgreeRecipientInfo, + * kekri [2] KEKRecipientInfo, + * pwri [3] PasswordRecipientInfo, + * ori [4] OtherRecipientInfo } + * </pre> + */ public class RecipientInfo extends ASN1Object implements ASN1Choice @@ -51,6 +64,20 @@ public class RecipientInfo this.info = info; } + /** + * Return a RecipientInfo object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link RecipientInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with RecipientInfo structure inside + * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} input formats with RecipientInfo structure inside + * </ul> + * + * @param o the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static RecipientInfo getInstance( Object o) { @@ -138,14 +165,6 @@ public class RecipientInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * RecipientInfo ::= CHOICE { - * ktri KeyTransRecipientInfo, - * kari [1] KeyAgreeRecipientInfo, - * kekri [2] KEKRecipientInfo, - * pwri [3] PasswordRecipientInfo, - * ori [4] OtherRecipientInfo } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java index 076761b..f0eae59 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java @@ -10,6 +10,20 @@ import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>: + * Content encryption key delivery mechanisms. + * <p> + * <pre> + * RecipientKeyIdentifier ::= SEQUENCE { + * subjectKeyIdentifier SubjectKeyIdentifier, + * date GeneralizedTime OPTIONAL, + * other OtherKeyAttribute OPTIONAL + * } + * + * SubjectKeyIdentifier ::= OCTET STRING + * </pre> + */ public class RecipientKeyIdentifier extends ASN1Object { @@ -43,6 +57,9 @@ public class RecipientKeyIdentifier this(subjectKeyIdentifier, null, null); } + /** + * @deprecated use getInstance() + */ public RecipientKeyIdentifier( ASN1Sequence seq) { @@ -73,38 +90,45 @@ public class RecipientKeyIdentifier } /** - * return a RecipientKeyIdentifier object from a tagged object. + * Return a RecipientKeyIdentifier object from a tagged object. * - * @param _ato the tagged object holding the object we want. - * @param _explicit true if the object is meant to be explicitly + * @param ato the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly * tagged false otherwise. * @exception IllegalArgumentException if the object held by the * tagged object cannot be converted. */ - public static RecipientKeyIdentifier getInstance(ASN1TaggedObject _ato, boolean _explicit) + public static RecipientKeyIdentifier getInstance(ASN1TaggedObject ato, boolean isExplicit) { - return getInstance(ASN1Sequence.getInstance(_ato, _explicit)); + return getInstance(ASN1Sequence.getInstance(ato, isExplicit)); } /** - * return a RecipientKeyIdentifier object from the given object. + * Return a RecipientKeyIdentifier object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link RecipientKeyIdentifier} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with RecipientKeyIdentifier structure inside + * </ul> * - * @param _obj the object we want converted. + * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. */ - public static RecipientKeyIdentifier getInstance(Object _obj) + public static RecipientKeyIdentifier getInstance(Object obj) { - if(_obj == null || _obj instanceof RecipientKeyIdentifier) + if (obj instanceof RecipientKeyIdentifier) { - return (RecipientKeyIdentifier)_obj; + return (RecipientKeyIdentifier)obj; } - if(_obj instanceof ASN1Sequence) + if(obj != null) { - return new RecipientKeyIdentifier((ASN1Sequence)_obj); + return new RecipientKeyIdentifier(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException("Invalid RecipientKeyIdentifier: " + _obj.getClass().getName()); + return null; } public ASN1OctetString getSubjectKeyIdentifier() @@ -125,15 +149,6 @@ public class RecipientKeyIdentifier /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * RecipientKeyIdentifier ::= SEQUENCE { - * subjectKeyIdentifier SubjectKeyIdentifier, - * date GeneralizedTime OPTIONAL, - * other OtherKeyAttribute OPTIONAL - * } - * - * SubjectKeyIdentifier ::= OCTET STRING - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SCVPReqRes.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SCVPReqRes.java index e9b91eb..52279c3 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SCVPReqRes.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SCVPReqRes.java @@ -8,12 +8,35 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5940">RFC 5940</a>: + * Additional Cryptographic Message Syntax (CMS) Revocation Information Choices. + * <p> + * <pre> + * SCVPReqRes ::= SEQUENCE { + * request [0] EXPLICIT ContentInfo OPTIONAL, + * response ContentInfo } + * </pre> + */ public class SCVPReqRes extends ASN1Object { private final ContentInfo request; private final ContentInfo response; + /** + * Return a SCVPReqRes object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link SCVPReqRes} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with SCVPReqRes structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static SCVPReqRes getInstance( Object obj) { @@ -67,11 +90,6 @@ public class SCVPReqRes } /** - * <pre> - * SCVPReqRes ::= SEQUENCE { - * request [0] EXPLICIT ContentInfo OPTIONAL, - * response ContentInfo } - * </pre> * @return the ASN.1 primitive representation. */ public ASN1Primitive toASN1Primitive() diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedData.java index fd2718a..8c7fcc2 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedData.java @@ -16,7 +16,45 @@ import org.bouncycastle.asn1.BERTaggedObject; import org.bouncycastle.asn1.DERTaggedObject; /** - * a signed data object. + * <a href="http://tools.ietf.org/html/rfc5652#section-5.1">RFC 5652</a>: + * <p> + * A signed data object containing multitude of {@link SignerInfo}s. + * <pre> + * SignedData ::= SEQUENCE { + * version CMSVersion, + * digestAlgorithms DigestAlgorithmIdentifiers, + * encapContentInfo EncapsulatedContentInfo, + * certificates [0] IMPLICIT CertificateSet OPTIONAL, + * crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, + * signerInfos SignerInfos + * } + * + * DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier + * + * SignerInfos ::= SET OF SignerInfo + * </pre> + * <p> + * The version calculation uses following ruleset from RFC 3852 section 5.1: + * <pre> + * IF ((certificates is present) AND + * (any certificates with a type of other are present)) OR + * ((crls is present) AND + * (any crls with a type of other are present)) + * THEN version MUST be 5 + * ELSE + * IF (certificates is present) AND + * (any version 2 attribute certificates are present) + * THEN version MUST be 4 + * ELSE + * IF ((certificates is present) AND + * (any version 1 attribute certificates are present)) OR + * (any SignerInfo structures are version 3) OR + * (encapContentInfo eContentType is other than id-data) + * THEN version MUST be 3 + * ELSE version MUST be 1 + * </pre> + * <p> + * @todo Check possible update for this to RFC 5652 level */ public class SignedData extends ASN1Object @@ -35,6 +73,19 @@ public class SignedData private boolean certsBer; private boolean crlsBer; + /** + * Return a SignedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link SignedData} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with SignedData structure inside + * </ul> + * + * @param o the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static SignedData getInstance( Object o) { @@ -68,24 +119,6 @@ public class SignedData } - // RFC3852, section 5.1: - // IF ((certificates is present) AND - // (any certificates with a type of other are present)) OR - // ((crls is present) AND - // (any crls with a type of other are present)) - // THEN version MUST be 5 - // ELSE - // IF (certificates is present) AND - // (any version 2 attribute certificates are present) - // THEN version MUST be 4 - // ELSE - // IF ((certificates is present) AND - // (any version 1 attribute certificates are present)) OR - // (any SignerInfo structures are version 3) OR - // (encapContentInfo eContentType is other than id-data) - // THEN version MUST be 3 - // ELSE version MUST be 1 - // private ASN1Integer calculateVersion( ASN1ObjectIdentifier contentOid, ASN1Set certs, @@ -257,16 +290,6 @@ public class SignedData /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * SignedData ::= SEQUENCE { - * version CMSVersion, - * digestAlgorithms DigestAlgorithmIdentifiers, - * encapContentInfo EncapsulatedContentInfo, - * certificates [0] IMPLICIT CertificateSet OPTIONAL, - * crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, - * signerInfos SignerInfos - * } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedDataParser.java index 6e23b29..df22b8e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedDataParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedDataParser.java @@ -11,6 +11,8 @@ import org.bouncycastle.asn1.ASN1TaggedObjectParser; import org.bouncycastle.asn1.BERTags; /** + * Parser for <a href="http://tools.ietf.org/html/rfc5652#section-5.1">RFC 5652</a>: {@link SignedData} object. + * <p> * <pre> * SignedData ::= SEQUENCE { * version CMSVersion, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerIdentifier.java index 37b6b31..2543eb1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerIdentifier.java @@ -8,6 +8,21 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERTaggedObject; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-5.3">RFC 5652</a>: + * Identify who signed the containing {@link SignerInfo} object. + * <p> + * The certificates referred to by this are at containing {@link SignedData} structure. + * <p> + * <pre> + * SignerIdentifier ::= CHOICE { + * issuerAndSerialNumber IssuerAndSerialNumber, + * subjectKeyIdentifier [0] SubjectKeyIdentifier + * } + * + * SubjectKeyIdentifier ::= OCTET STRING + * </pre> + */ public class SignerIdentifier extends ASN1Object implements ASN1Choice @@ -33,7 +48,16 @@ public class SignerIdentifier } /** - * return a SignerIdentifier object from the given object. + * Return a SignerIdentifier object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link SignerIdentifier} object + * <li> {@link IssuerAndSerialNumber} object + * <li> {@link org.bouncycastle.asn1.ASN1OctetString#getInstance(java.lang.Object) ASN1OctetString} input formats with SignerIdentifier structure inside + * <li> {@link org.bouncycastle.asn1.ASN1Primitive ASN1Primitive} for SignerIdentifier constructor. + * </ul> * * @param o the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. @@ -82,14 +106,6 @@ public class SignerIdentifier /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * SignerIdentifier ::= CHOICE { - * issuerAndSerialNumber IssuerAndSerialNumber, - * subjectKeyIdentifier [0] SubjectKeyIdentifier - * } - * - * SubjectKeyIdentifier ::= OCTET STRING - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerInfo.java index 8aafd67..4209045 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignerInfo.java @@ -15,6 +15,63 @@ import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-5.3">RFC 5652</a>: + * Signature container per Signer, see {@link SignerIdentifier}. + * <pre> + * PKCS#7: + * + * SignerInfo ::= SEQUENCE { + * version Version, + * sid SignerIdentifier, + * digestAlgorithm DigestAlgorithmIdentifier, + * authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL, + * digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, + * encryptedDigest EncryptedDigest, + * unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL + * } + * + * EncryptedDigest ::= OCTET STRING + * + * DigestAlgorithmIdentifier ::= AlgorithmIdentifier + * + * DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + * + * ----------------------------------------- + * + * RFC 5256: + * + * SignerInfo ::= SEQUENCE { + * version CMSVersion, + * sid SignerIdentifier, + * digestAlgorithm DigestAlgorithmIdentifier, + * signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, + * signatureAlgorithm SignatureAlgorithmIdentifier, + * signature SignatureValue, + * unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL + * } + * + * -- {@link SignerIdentifier} referenced certificates are at containing + * -- {@link SignedData} certificates element. + * + * SignerIdentifier ::= CHOICE { + * issuerAndSerialNumber {@link IssuerAndSerialNumber}, + * subjectKeyIdentifier [0] SubjectKeyIdentifier } + * + * -- See {@link Attributes} for generalized SET OF {@link Attribute} + * + * SignedAttributes ::= SET SIZE (1..MAX) OF Attribute + * UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute + * + * {@link Attribute} ::= SEQUENCE { + * attrType OBJECT IDENTIFIER, + * attrValues SET OF AttributeValue } + * + * AttributeValue ::= ANY + * + * SignatureValue ::= OCTET STRING + * </pre> + */ public class SignerInfo extends ASN1Object { @@ -26,22 +83,44 @@ public class SignerInfo private ASN1OctetString encryptedDigest; private ASN1Set unauthenticatedAttributes; + /** + * Return a SignerInfo object from the given input + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link SignerInfo} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with SignerInfo structure inside + * </ul> + * + * @param o the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static SignerInfo getInstance( Object o) throws IllegalArgumentException { - if (o == null || o instanceof SignerInfo) + if (o instanceof SignerInfo) { return (SignerInfo)o; } - else if (o instanceof ASN1Sequence) + else if (o != null) { - return new SignerInfo((ASN1Sequence)o); + return new SignerInfo(ASN1Sequence.getInstance(o)); } - throw new IllegalArgumentException("unknown object in factory: " + o.getClass().getName()); + return null; } + /** + * + * @param sid + * @param digAlgorithm CMS knows as 'digestAlgorithm' + * @param authenticatedAttributes CMS knows as 'signedAttrs' + * @param digEncryptionAlgorithm CMS knows as 'signatureAlgorithm' + * @param encryptedDigest CMS knows as 'signature' + * @param unauthenticatedAttributes CMS knows as 'unsignedAttrs' + */ public SignerInfo( SignerIdentifier sid, AlgorithmIdentifier digAlgorithm, @@ -67,6 +146,15 @@ public class SignerInfo this.unauthenticatedAttributes = unauthenticatedAttributes; } + /** + * + * @param sid + * @param digAlgorithm CMS knows as 'digestAlgorithm' + * @param authenticatedAttributes CMS knows as 'signedAttrs' + * @param digEncryptionAlgorithm CMS knows as 'signatureAlgorithm' + * @param encryptedDigest CMS knows as 'signature' + * @param unauthenticatedAttributes CMS knows as 'unsignedAttrs' + */ public SignerInfo( SignerIdentifier sid, AlgorithmIdentifier digAlgorithm, @@ -167,23 +255,6 @@ public class SignerInfo /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * SignerInfo ::= SEQUENCE { - * version Version, - * SignerIdentifier sid, - * digestAlgorithm DigestAlgorithmIdentifier, - * authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL, - * digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, - * encryptedDigest EncryptedDigest, - * unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL - * } - * - * EncryptedDigest ::= OCTET STRING - * - * DigestAlgorithmIdentifier ::= AlgorithmIdentifier - * - * DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java index 2087248..977fce6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java @@ -12,6 +12,22 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERUTCTime; +/** + * <a href="http://tools.ietf.org/html/rfc5652#section-11.3">RFC 5652</a>: + * Dual-mode timestamp format producing either UTCTIme or GeneralizedTime. + * <p> + * <pre> + * Time ::= CHOICE { + * utcTime UTCTime, + * generalTime GeneralizedTime } + * </pre> + * <p> + * This has a constructor using java.util.Date for input which generates + * a {@link org.bouncycastle.asn1.DERUTCTime DERUTCTime} object if the + * supplied datetime is in range 1950-01-01-00:00:00 UTC until 2049-12-31-23:59:60 UTC. + * If the datetime value is outside that range, the generated object will be + * {@link org.bouncycastle.asn1.DERGeneralizedTime DERGeneralizedTime}. + */ public class Time extends ASN1Object implements ASN1Choice @@ -25,6 +41,9 @@ public class Time return getInstance(obj.getObject()); } + /** + * @deprecated use getInstance() + */ public Time( ASN1Primitive time) { @@ -38,7 +57,7 @@ public class Time } /** - * creates a time object from a given date - if the date is between 1950 + * Create a time object from a given date - if the year is in between 1950 * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime * is used. */ @@ -63,6 +82,20 @@ public class Time } } + /** + * Return a Time object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link Time} object + * <li> {@link org.bouncycastle.asn1.DERUTCTime DERUTCTime} object + * <li> {@link org.bouncycastle.asn1.DERGeneralizedTime DERGeneralizedTime} object + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static Time getInstance( Object obj) { @@ -82,6 +115,9 @@ public class Time throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName()); } + /** + * Get the date+tine as a String in full form century format. + */ public String getTime() { if (time instanceof DERUTCTime) @@ -94,6 +130,9 @@ public class Time } } + /** + * Get java.util.Date version of date+time. + */ public Date getDate() { try @@ -115,11 +154,6 @@ public class Time /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * Time ::= CHOICE { - * utcTime UTCTime, - * generalTime GeneralizedTime } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampAndCRL.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampAndCRL.java index ee1044f..f6d8d5a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampAndCRL.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampAndCRL.java @@ -7,6 +7,16 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.x509.CertificateList; +/** + * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a> + * Binding Documents with Time-Stamps; TimeStampAndCRL object. + * <pre> + * TimeStampAndCRL ::= SEQUENCE { + * timeStamp TimeStampToken, -- according to RFC 3161 + * crl CertificateList OPTIONAL -- according to RFC 5280 + * } + * </pre> + */ public class TimeStampAndCRL extends ASN1Object { @@ -27,6 +37,19 @@ public class TimeStampAndCRL } } + /** + * Return a TimeStampAndCRL object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link TimeStampAndCRL} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with TimeStampAndCRL structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static TimeStampAndCRL getInstance(Object obj) { if (obj instanceof TimeStampAndCRL) @@ -57,15 +80,6 @@ public class TimeStampAndCRL return this.crl; } - /** - * <pre> - * TimeStampAndCRL ::= SEQUENCE { - * timeStamp TimeStampToken, -- according to RFC 3161 - * crl CertificateList OPTIONAL -- according to RFC 5280 - * } - * </pre> - * @return - */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java index 6adefbb..5461147 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java @@ -9,6 +9,14 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; +/** + * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a> + * Binding Documents with Time-Stamps; TimeStampTokenEvidence object. + * <pre> + * TimeStampTokenEvidence ::= + * SEQUENCE SIZE(1..MAX) OF TimeStampAndCRL + * </pre> + */ public class TimeStampTokenEvidence extends ASN1Object { @@ -43,6 +51,19 @@ public class TimeStampTokenEvidence return getInstance(ASN1Sequence.getInstance(tagged, explicit)); } + /** + * Return a TimeStampTokenEvidence object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link TimeStampTokenEvidence} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with TimeStampTokenEvidence structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static TimeStampTokenEvidence getInstance(Object obj) { if (obj instanceof TimeStampTokenEvidence) @@ -62,13 +83,6 @@ public class TimeStampTokenEvidence return timeStampAndCRLs; } - /** - * <pre> - * TimeStampTokenEvidence ::= - * SEQUENCE SIZE(1..MAX) OF TimeStampAndCRL - * </pre> - * @return - */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedData.java index ca8b696..f19061e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedData.java @@ -9,6 +9,20 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.DERIA5String; +/** + * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>: + * Binding Documents with Time-Stamps; TimeStampedData object. + * <p> + * <pre> + * TimeStampedData ::= SEQUENCE { + * version INTEGER { v1(1) }, + * dataUri IA5String OPTIONAL, + * metaData MetaData OPTIONAL, + * content OCTET STRING OPTIONAL, + * temporalEvidence Evidence + * } + * </pre> + */ public class TimeStampedData extends ASN1Object { @@ -47,18 +61,26 @@ public class TimeStampedData this.temporalEvidence = Evidence.getInstance(seq.getObjectAt(index)); } + /** + * Return a TimeStampedData object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link RecipientKeyIdentifier} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with TimeStampedData structure inside + * </ul> + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ public static TimeStampedData getInstance(Object obj) { - if (obj instanceof TimeStampedData) + if (obj == null || obj instanceof TimeStampedData) { return (TimeStampedData)obj; } - else if (obj != null) - { - return new TimeStampedData(ASN1Sequence.getInstance(obj)); - } - - return null; + return new TimeStampedData(ASN1Sequence.getInstance(obj)); } public DERIA5String getDataUri() @@ -81,18 +103,6 @@ public class TimeStampedData return temporalEvidence; } - /** - * <pre> - * TimeStampedData ::= SEQUENCE { - * version INTEGER { v1(1) }, - * dataUri IA5String OPTIONAL, - * metaData MetaData OPTIONAL, - * content OCTET STRING OPTIONAL, - * temporalEvidence Evidence - * } - * </pre> - * @return - */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedDataParser.java index 0d050eb..f53e00f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedDataParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedDataParser.java @@ -12,6 +12,20 @@ import org.bouncycastle.asn1.ASN1SequenceParser; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.DERIA5String; +/** + * Parser for <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>: + * {@link TimeStampedData} object. + * <p> + * <pre> + * TimeStampedData ::= SEQUENCE { + * version INTEGER { v1(1) }, + * dataUri IA5String OPTIONAL, + * metaData MetaData OPTIONAL, + * content OCTET STRING OPTIONAL, + * temporalEvidence Evidence + * } + * </pre> + */ public class TimeStampedDataParser { private ASN1Integer version; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/MQVuserKeyingMaterial.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/MQVuserKeyingMaterial.java index 7beb6a4..bd7267b 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/MQVuserKeyingMaterial.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/MQVuserKeyingMaterial.java @@ -10,6 +10,14 @@ import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.cms.OriginatorPublicKey; +/** + * <a href="http://tools.ietf.org/html/rfc5753">RFC 5753/3278</a>: MQVuserKeyingMaterial object. + * <pre> + * MQVuserKeyingMaterial ::= SEQUENCE { + * ephemeralPublicKey OriginatorPublicKey, + * addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL } + * </pre> + */ public class MQVuserKeyingMaterial extends ASN1Object { @@ -42,7 +50,7 @@ public class MQVuserKeyingMaterial } /** - * return an MQVuserKeyingMaterial object from a tagged object. + * Return an MQVuserKeyingMaterial object from a tagged object. * * @param obj the tagged object holding the object we want. * @param explicit true if the object is meant to be explicitly @@ -58,7 +66,14 @@ public class MQVuserKeyingMaterial } /** - * return an MQVuserKeyingMaterial object from the given object. + * Return an MQVuserKeyingMaterial object from the given object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link MQVuserKeyingMaterial} object + * <li> {@link org.bouncycastle.asn1.ASN1Sequence ASN1Sequence} with MQVuserKeyingMaterial inside it. + * </ul> * * @param obj the object we want converted. * @throws IllegalArgumentException if the object cannot be converted. @@ -91,11 +106,6 @@ public class MQVuserKeyingMaterial /** * Produce an object suitable for an ASN1OutputStream. - * <pre> - * MQVuserKeyingMaterial ::= SEQUENCE { - * ephemeralPublicKey OriginatorPublicKey, - * addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL } - * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html deleted file mode 100644 index c165a7a..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting Cryptographic Message Syntax as described in PKCS#7 and RFC 3369 (formerly RFC 2630). -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CRMFObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CRMFObjectIdentifiers.java index c36084d..c298a7e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CRMFObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CRMFObjectIdentifiers.java @@ -5,17 +5,25 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; public interface CRMFObjectIdentifiers { + /** 1.3.6.1.5.5.7 */ static final ASN1ObjectIdentifier id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7"); // arc for Internet X.509 PKI protocols and their components - static final ASN1ObjectIdentifier id_pkip = id_pkix.branch("5"); + /** 1.3.6.1.5.5.7.5 */ + static final ASN1ObjectIdentifier id_pkip = id_pkix.branch("5"); + /** 1.3.6.1.5.5.7.1 */ static final ASN1ObjectIdentifier id_regCtrl = id_pkip.branch("1"); - static final ASN1ObjectIdentifier id_regCtrl_regToken = id_regCtrl.branch("1"); - static final ASN1ObjectIdentifier id_regCtrl_authenticator = id_regCtrl.branch("2"); + /** 1.3.6.1.5.5.7.1.1 */ + static final ASN1ObjectIdentifier id_regCtrl_regToken = id_regCtrl.branch("1"); + /** 1.3.6.1.5.5.7.1.2 */ + static final ASN1ObjectIdentifier id_regCtrl_authenticator = id_regCtrl.branch("2"); + /** 1.3.6.1.5.5.7.1.3 */ static final ASN1ObjectIdentifier id_regCtrl_pkiPublicationInfo = id_regCtrl.branch("3"); - static final ASN1ObjectIdentifier id_regCtrl_pkiArchiveOptions = id_regCtrl.branch("4"); + /** 1.3.6.1.5.5.7.1.4 */ + static final ASN1ObjectIdentifier id_regCtrl_pkiArchiveOptions = id_regCtrl.branch("4"); - static final ASN1ObjectIdentifier id_ct_encKeyWithID = new ASN1ObjectIdentifier(PKCSObjectIdentifiers.id_ct + ".21"); + /** 1.2.840.113549.1.9.16.1,21 */ + static final ASN1ObjectIdentifier id_ct_encKeyWithID = PKCSObjectIdentifiers.id_ct.branch("21"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/CryptoProObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/CryptoProObjectIdentifiers.java index fb5ae79..c6e8e0d 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/CryptoProObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/CryptoProObjectIdentifiers.java @@ -2,47 +2,100 @@ package org.bouncycastle.asn1.cryptopro; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * <pre> + * GOST Algorithms OBJECT IDENTIFIERS : + * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)} + * </pre> + */ public interface CryptoProObjectIdentifiers { - // GOST Algorithms OBJECT IDENTIFIERS : - // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)} - static final ASN1ObjectIdentifier GOST_id = new ASN1ObjectIdentifier("1.2.643.2.2"); + /** Base OID: 1.2.643.2.2 */ + static final ASN1ObjectIdentifier GOST_id = new ASN1ObjectIdentifier("1.2.643.2.2"); + /** Gost R3411 OID: 1.2.643.2.2.9 */ static final ASN1ObjectIdentifier gostR3411 = GOST_id.branch("9"); + /** Gost R3411 HMAC OID: 1.2.643.2.2.10 */ static final ASN1ObjectIdentifier gostR3411Hmac = GOST_id.branch("10"); - static final ASN1ObjectIdentifier gostR28147_cbc = new ASN1ObjectIdentifier(GOST_id+".21"); + /** Gost R28147 OID: 1.2.643.2.2.21 */ + static final ASN1ObjectIdentifier gostR28147_gcfb = GOST_id.branch("21"); + /** Gost R28147-89-CryotoPro-A-ParamSet OID: 1.2.643.2.2.31.1 */ static final ASN1ObjectIdentifier id_Gost28147_89_CryptoPro_A_ParamSet = GOST_id.branch("31.1"); - static final ASN1ObjectIdentifier gostR3410_94 = new ASN1ObjectIdentifier(GOST_id+".20"); - static final ASN1ObjectIdentifier gostR3410_2001 = new ASN1ObjectIdentifier(GOST_id+".19"); - static final ASN1ObjectIdentifier gostR3411_94_with_gostR3410_94 = new ASN1ObjectIdentifier(GOST_id+".4"); - static final ASN1ObjectIdentifier gostR3411_94_with_gostR3410_2001 = new ASN1ObjectIdentifier(GOST_id+".3"); - - // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) hashes(30) } - static final ASN1ObjectIdentifier gostR3411_94_CryptoProParamSet = new ASN1ObjectIdentifier(GOST_id+".30.1"); - - // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) signs(32) } - static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_A = new ASN1ObjectIdentifier(GOST_id+".32.2"); - static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_B = new ASN1ObjectIdentifier(GOST_id+".32.3"); - static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_C = new ASN1ObjectIdentifier(GOST_id+".32.4"); - static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_D = new ASN1ObjectIdentifier(GOST_id+".32.5"); - - // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) exchanges(33) } - static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_XchA = new ASN1ObjectIdentifier(GOST_id+".33.1"); - static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_XchB = new ASN1ObjectIdentifier(GOST_id+".33.2"); - static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_XchC = new ASN1ObjectIdentifier(GOST_id+".33.3"); - - //{ iso(1) member-body(2)ru(643) rans(2) cryptopro(2) ecc-signs(35) } - static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_A = new ASN1ObjectIdentifier(GOST_id+".35.1"); - static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_B = new ASN1ObjectIdentifier(GOST_id+".35.2"); - static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_C = new ASN1ObjectIdentifier(GOST_id+".35.3"); - - // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) ecc-exchanges(36) } - static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_XchA = new ASN1ObjectIdentifier(GOST_id+".36.0"); - static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_XchB = new ASN1ObjectIdentifier(GOST_id+".36.1"); + /** Gost R28147-89-CryotoPro-B-ParamSet OID: 1.2.643.2.2.31.2 */ + static final ASN1ObjectIdentifier id_Gost28147_89_CryptoPro_B_ParamSet = GOST_id.branch("31.2"); + + /** Gost R28147-89-CryotoPro-C-ParamSet OID: 1.2.643.2.2.31.3 */ + static final ASN1ObjectIdentifier id_Gost28147_89_CryptoPro_C_ParamSet = GOST_id.branch("31.3"); + + /** Gost R28147-89-CryotoPro-D-ParamSet OID: 1.2.643.2.2.31.4 */ + static final ASN1ObjectIdentifier id_Gost28147_89_CryptoPro_D_ParamSet = GOST_id.branch("31.4"); + + /** Gost R3410-94 OID: 1.2.643.2.2.20 */ + static final ASN1ObjectIdentifier gostR3410_94 = GOST_id.branch("20"); + /** Gost R3410-2001 OID: 1.2.643.2.2.19 */ + static final ASN1ObjectIdentifier gostR3410_2001 = GOST_id.branch("19"); + + /** Gost R3411-94-with-R3410-94 OID: 1.2.643.2.2.4 */ + static final ASN1ObjectIdentifier gostR3411_94_with_gostR3410_94 = GOST_id.branch("4"); + /** Gost R3411-94-with-R3410-2001 OID: 1.2.643.2.2.3 */ + static final ASN1ObjectIdentifier gostR3411_94_with_gostR3410_2001 = GOST_id.branch("3"); + + /** + * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) hashes(30) } + * <p> + * Gost R3411-94-CryptoProParamSet OID: 1.2.643.2.2.30.1 + */ + static final ASN1ObjectIdentifier gostR3411_94_CryptoProParamSet = GOST_id.branch("30.1"); + + /** + * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) signs(32) } + * <p> + * Gost R3410-94-CryptoPro-A OID: 1.2.643.2.2.32.2 + */ + static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_A = GOST_id.branch("32.2"); + /** Gost R3410-94-CryptoPro-B OID: 1.2.643.2.2.32.3 */ + static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_B = GOST_id.branch("32.3"); + /** Gost R3410-94-CryptoPro-C OID: 1.2.643.2.2.32.4 */ + static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_C = GOST_id.branch("32.4"); + /** Gost R3410-94-CryptoPro-D OID: 1.2.643.2.2.32.5 */ + static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_D = GOST_id.branch("32.5"); + + /** + * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) exchanges(33) } + * <p> + * Gost R3410-94-CryptoPro-XchA OID: 1.2.643.2.2.33.1 + */ + static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_XchA = GOST_id.branch("33.1"); + /** Gost R3410-94-CryptoPro-XchB OID: 1.2.643.2.2.33.2 */ + static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_XchB = GOST_id.branch("33.2"); + /** Gost R3410-94-CryptoPro-XchC OID: 1.2.643.2.2.33.3 */ + static final ASN1ObjectIdentifier gostR3410_94_CryptoPro_XchC = GOST_id.branch("33.3"); + + /** + * { iso(1) member-body(2)ru(643) rans(2) cryptopro(2) ecc-signs(35) } + * <p> + * Gost R3410-2001-CryptoPro-A OID: 1.2.643.2.2.35.1 + */ + static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_A = GOST_id.branch("35.1"); + /** Gost R3410-2001-CryptoPro-B OID: 1.2.643.2.2.35.2 */ + static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_B = GOST_id.branch("35.2"); + /** Gost R3410-2001-CryptoPro-C OID: 1.2.643.2.2.35.3 */ + static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_C = GOST_id.branch("35.3"); + + /** + * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) ecc-exchanges(36) } + * <p> + * Gost R3410-2001-CryptoPro-XchA OID: 1.2.643.2.2.36.0 + */ + static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_XchA = GOST_id.branch("36.0"); + /** Gost R3410-2001-CryptoPro-XchA OID: 1.2.643.2.2.36.1 */ + static final ASN1ObjectIdentifier gostR3410_2001_CryptoPro_XchB = GOST_id.branch("36.1"); - static final ASN1ObjectIdentifier gost_ElSgDH3410_default = new ASN1ObjectIdentifier(GOST_id+".36.0"); - static final ASN1ObjectIdentifier gost_ElSgDH3410_1 = new ASN1ObjectIdentifier(GOST_id+".36.1"); + /** Gost R3410-ElSqDH3410-default OID: 1.2.643.2.2.36.0 */ + static final ASN1ObjectIdentifier gost_ElSgDH3410_default = GOST_id.branch("36.0"); + /** Gost R3410-ElSqDH3410-1 OID: 1.2.643.2.2.36.1 */ + static final ASN1ObjectIdentifier gost_ElSgDH3410_1 = GOST_id.branch("36.1"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java index e203505..fb1d9e9 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java @@ -7,7 +7,6 @@ import java.util.Hashtable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.math.ec.ECCurve; -import org.bouncycastle.math.ec.ECFieldElement; import org.bouncycastle.math.ec.ECPoint; /** @@ -23,7 +22,7 @@ public class ECGOST3410NamedCurves { BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); - + ECCurve.Fp curve = new ECCurve.Fp( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a @@ -31,33 +30,33 @@ public class ECGOST3410NamedCurves ECDomainParameters ecParams = new ECDomainParameters( curve, - new ECPoint.Fp(curve, - new ECFieldElement.Fp(curve.getQ(),new BigInteger("1")), // x - new ECFieldElement.Fp(curve.getQ(),new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"))), // y + curve.createPoint( + new BigInteger("1"), // x + new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y mod_q); - + params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A, ecParams); - + mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); - + curve = new ECCurve.Fp( - mod_p, // p - new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), - new BigInteger("166")); + mod_p, // p + new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), + new BigInteger("166")); ecParams = new ECDomainParameters( - curve, - new ECPoint.Fp(curve, - new ECFieldElement.Fp(curve.getQ(),new BigInteger("1")), // x - new ECFieldElement.Fp(curve.getQ(),new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"))), // y - mod_q); + curve, + curve.createPoint( + new BigInteger("1"), // x + new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y + mod_q); params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchA, ecParams); - + mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q - + curve = new ECCurve.Fp( mod_p, // p new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a @@ -65,30 +64,30 @@ public class ECGOST3410NamedCurves ecParams = new ECDomainParameters( curve, - new ECPoint.Fp(curve, - new ECFieldElement.Fp(mod_p,new BigInteger("1")), // x - new ECFieldElement.Fp(mod_p,new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124"))), // y + curve.createPoint( + new BigInteger("1"), // x + new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124")), // y mod_q); // q params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B, ecParams); - + mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); - + curve = new ECCurve.Fp( - mod_p, // p - new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), - new BigInteger("32858")); + mod_p, // p + new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), + new BigInteger("32858")); ecParams = new ECDomainParameters( - curve, - new ECPoint.Fp(curve, - new ECFieldElement.Fp(mod_p,new BigInteger("0")), - new ECFieldElement.Fp(mod_p,new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"))), + curve, + curve.createPoint( + new BigInteger("0"), + new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), mod_q); - + params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchB, ecParams); - + mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q curve = new ECCurve.Fp( @@ -98,19 +97,19 @@ public class ECGOST3410NamedCurves ecParams = new ECDomainParameters( curve, - new ECPoint.Fp(curve, - new ECFieldElement.Fp(mod_p,new BigInteger("0")), // x - new ECFieldElement.Fp(mod_p,new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"))), // y + curve.createPoint( + new BigInteger("0"), // x + new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), // y mod_q); // q params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C, ecParams); - + objIds.put("GostR3410-2001-CryptoPro-A", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A); objIds.put("GostR3410-2001-CryptoPro-B", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B); objIds.put("GostR3410-2001-CryptoPro-C", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C); objIds.put("GostR3410-2001-CryptoPro-XchA", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchA); objIds.put("GostR3410-2001-CryptoPro-XchB", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchB); - + names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A, "GostR3410-2001-CryptoPro-A"); names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B, "GostR3410-2001-CryptoPro-B"); names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C, "GostR3410-2001-CryptoPro-C"); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST28147Parameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST28147Parameters.java index a0459c1..124bca6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST28147Parameters.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST28147Parameters.java @@ -11,11 +11,14 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERSequence; +/** + * ASN.1 algorithm identifier parameters for GOST-28147 + */ public class GOST28147Parameters extends ASN1Object { - ASN1OctetString iv; - ASN1ObjectIdentifier paramSet; + private ASN1OctetString iv; + private ASN1ObjectIdentifier paramSet; public static GOST28147Parameters getInstance( ASN1TaggedObject obj, @@ -27,19 +30,22 @@ public class GOST28147Parameters public static GOST28147Parameters getInstance( Object obj) { - if(obj == null || obj instanceof GOST28147Parameters) + if (obj instanceof GOST28147Parameters) { return (GOST28147Parameters)obj; } - if(obj instanceof ASN1Sequence) + if (obj != null) { - return new GOST28147Parameters((ASN1Sequence)obj); + return new GOST28147Parameters(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException("Invalid GOST3410Parameter: " + obj.getClass().getName()); + return null; } + /** + * @deprecated use the getInstance() method. This constructor will vanish! + */ public GOST28147Parameters( ASN1Sequence seq) { @@ -69,4 +75,24 @@ public class GOST28147Parameters return new DERSequence(v); } + + /** + * Return the OID representing the sBox to use. + * + * @return the sBox OID. + */ + public ASN1ObjectIdentifier getEncryptionParamSet() + { + return paramSet; + } + + /** + * Return the initialisation vector to use. + * + * @return the IV. + */ + public byte[] getIV() + { + return iv.getOctets(); + } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410PublicKeyAlgParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410PublicKeyAlgParameters.java index 0307f50..45d7814 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410PublicKeyAlgParameters.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410PublicKeyAlgParameters.java @@ -57,6 +57,9 @@ public class GOST3410PublicKeyAlgParameters this.encryptionParamSet = encryptionParamSet; } + /** + * @deprecated use getInstance() + */ public GOST3410PublicKeyAlgParameters( ASN1Sequence seq) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html deleted file mode 100644 index 2b0af9e..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes for CRYPTO-PRO related objects - such as GOST identifiers. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSObjectIdentifiers.java index 1a88c34..d5f6ab6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSObjectIdentifiers.java @@ -2,35 +2,28 @@ package org.bouncycastle.asn1.dvcs; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * OIDs for <a href="http://tools.ietf.org/html/rfc3029">RFC 3029</a> + * Data Validation and Certification Server Protocols + */ public interface DVCSObjectIdentifiers { + /** Base OID id-pkix: 1.3.6.1.5.5.7 */ + static final ASN1ObjectIdentifier id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7"); + /** Base OID id-smime: 1.2.840.113549.1.9.16 */ + static final ASN1ObjectIdentifier id_smime = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16"); - // id-pkix OBJECT IDENTIFIER ::= {iso(1) - // identified-organization(3) dod(6) - // internet(1) security(5) mechanisms(5) pkix(7)} - // - // id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2) - // us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 16 } - public static final ASN1ObjectIdentifier id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7"); - public static final ASN1ObjectIdentifier id_smime = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16"); + /** Authority Information Access for DVCS; id-ad-dcvs; OID: 1.3.6.1.5.5.7.48.4 */ + static final ASN1ObjectIdentifier id_ad_dvcs = id_pkix.branch("48.4"); - // -- Authority Information Access for DVCS - // - // id-ad-dvcs OBJECT IDENTIFIER ::= {id-pkix id-ad(48) 4} - public static final ASN1ObjectIdentifier id_ad_dvcs = id_pkix.branch("48.4"); + /** Key Purpose for DVCS; id-kp-dvcs; OID: 1.3.6.1.5.5.7.3.10 */ + static final ASN1ObjectIdentifier id_kp_dvcs = id_pkix.branch("3.10"); - // -- Key Purpose for DVCS - // - // id-kp-dvcs OBJECT IDENTIFIER ::= {id-pkix id-kp(3) 10} - public static final ASN1ObjectIdentifier id_kp_dvcs = id_pkix.branch("3.10"); + /** SMIME eContentType id-ct-DVCSRequestData; OID: 1.2.840.113549.1.9.16.1.7 */ + static final ASN1ObjectIdentifier id_ct_DVCSRequestData = id_smime.branch("1.7"); + /** SMIME eContentType id-ct-DVCSResponseData; OID: 1.2.840.113549.1.9.16.1.8 */ + static final ASN1ObjectIdentifier id_ct_DVCSResponseData = id_smime.branch("1.8"); - // id-ct-DVCSRequestData OBJECT IDENTIFIER ::= { id-smime ct(1) 7 } - // id-ct-DVCSResponseData OBJECT IDENTIFIER ::= { id-smime ct(1) 8 } - public static final ASN1ObjectIdentifier id_ct_DVCSRequestData = id_smime.branch("1.7"); - public static final ASN1ObjectIdentifier id_ct_DVCSResponseData = id_smime.branch("1.8"); - - // -- Data validation certificate attribute - // - // id-aa-dvcs-dvc OBJECT IDENTIFIER ::= { id-smime aa(2) 29 } - public static final ASN1ObjectIdentifier id_aa_dvcs_dvc = id_smime.branch("2.29"); + /** SMIME DataValidation certificate attribute id-aa-dvcs-dvc; OID: 1.2.840.113549.1.9.16.2,29 */ + static final ASN1ObjectIdentifier id_aa_dvcs_dvc = id_smime.branch("2.29"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html deleted file mode 100644 index a941922..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and processing Data Validation and Certification Server (DVCS) protocols as described in RFC 3029. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java index bef8620..77416dc 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java @@ -2,54 +2,109 @@ package org.bouncycastle.asn1.eac; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * German Federal Office for Information Security + * (Bundesamt für Sicherheit in der Informationstechnik) + * <a href="http://www.bsi.bund.de/">http://www.bsi.bund.de/</a> + * <p> + * <a href="https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html">BSI TR-03110</a> + * Technical Guideline Advanced Security Mechanisms for Machine Readable Travel Documents + * <p> + * <a href="https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/TR-03110_v2.1_P3pdf.pdf?__blob=publicationFile">Technical Guideline TR-03110-3</a> + * Advanced Security Mechanisms for Machine Readable Travel Documents; + * Part 3: Common Specifications. + */ + public interface EACObjectIdentifiers { - // bsi-de OBJECT IDENTIFIER ::= { - // itu-t(0) identified-organization(4) etsi(0) - // reserved(127) etsi-identified-organization(0) 7 - // } + /** + * <pre> + * bsi-de OBJECT IDENTIFIER ::= { + * itu-t(0) identified-organization(4) etsi(0) + * reserved(127) etsi-identified-organization(0) 7 + * } + * </pre> + * OID: 0.4.0.127.0.7 + */ static final ASN1ObjectIdentifier bsi_de = new ASN1ObjectIdentifier("0.4.0.127.0.7"); - // id-PK OBJECT IDENTIFIER ::= { - // bsi-de protocols(2) smartcard(2) 1 - // } - static final ASN1ObjectIdentifier id_PK = bsi_de.branch("2.2.1"); + /** + * <pre> + * id-PK OBJECT IDENTIFIER ::= { + * bsi-de protocols(2) smartcard(2) 1 + * } + * </pre> + * OID: 0.4.0.127.0.7.2.2.1 + */ + static final ASN1ObjectIdentifier id_PK = bsi_de.branch("2.2.1"); - static final ASN1ObjectIdentifier id_PK_DH = id_PK.branch("1"); + /** OID: 0.4.0.127.0.7.2.2.1.1 */ + static final ASN1ObjectIdentifier id_PK_DH = id_PK.branch("1"); + /** OID: 0.4.0.127.0.7.2.2.1.2 */ static final ASN1ObjectIdentifier id_PK_ECDH = id_PK.branch("2"); - // id-CA OBJECT IDENTIFIER ::= { - // bsi-de protocols(2) smartcard(2) 3 - // } - static final ASN1ObjectIdentifier id_CA = bsi_de.branch("2.2.3"); - static final ASN1ObjectIdentifier id_CA_DH = id_CA.branch("1"); - static final ASN1ObjectIdentifier id_CA_DH_3DES_CBC_CBC = id_CA_DH.branch("1"); - static final ASN1ObjectIdentifier id_CA_ECDH = id_CA.branch("2"); + /** + * <pre> + * id-CA OBJECT IDENTIFIER ::= { + * bsi-de protocols(2) smartcard(2) 3 + * } + * </pre> + * OID: 0.4.0.127.0.7.2.2.3 + */ + static final ASN1ObjectIdentifier id_CA = bsi_de.branch("2.2.3"); + /** OID: 0.4.0.127.0.7.2.2.3.1 */ + static final ASN1ObjectIdentifier id_CA_DH = id_CA.branch("1"); + /** OID: 0.4.0.127.0.7.2.2.3.1.1 */ + static final ASN1ObjectIdentifier id_CA_DH_3DES_CBC_CBC = id_CA_DH.branch("1"); + /** OID: 0.4.0.127.0.7.2.2.3.2 */ + static final ASN1ObjectIdentifier id_CA_ECDH = id_CA.branch("2"); + /** OID: 0.4.0.127.0.7.2.2.3.2.1 */ static final ASN1ObjectIdentifier id_CA_ECDH_3DES_CBC_CBC = id_CA_ECDH.branch("1"); - // - // id-TA OBJECT IDENTIFIER ::= { - // bsi-de protocols(2) smartcard(2) 2 - // } + /** + * <pre> + * id-TA OBJECT IDENTIFIER ::= { + * bsi-de protocols(2) smartcard(2) 2 + * } + * </pre> + * OID: 0.4.0.127.0.7.2.2.2 + */ static final ASN1ObjectIdentifier id_TA = bsi_de.branch("2.2.2"); - static final ASN1ObjectIdentifier id_TA_RSA = id_TA.branch("1"); - static final ASN1ObjectIdentifier id_TA_RSA_v1_5_SHA_1 = id_TA_RSA .branch("1"); + /** OID: 0.4.0.127.0.7.2.2.2.1 */ + static final ASN1ObjectIdentifier id_TA_RSA = id_TA.branch("1"); + /** OID: 0.4.0.127.0.7.2.2.2.1.1 */ + static final ASN1ObjectIdentifier id_TA_RSA_v1_5_SHA_1 = id_TA_RSA.branch("1"); + /** OID: 0.4.0.127.0.7.2.2.2.1.2 */ static final ASN1ObjectIdentifier id_TA_RSA_v1_5_SHA_256 = id_TA_RSA.branch("2"); - static final ASN1ObjectIdentifier id_TA_RSA_PSS_SHA_1 = id_TA_RSA.branch("3"); - static final ASN1ObjectIdentifier id_TA_RSA_PSS_SHA_256 = id_TA_RSA.branch("4"); + /** OID: 0.4.0.127.0.7.2.2.2.1.3 */ + static final ASN1ObjectIdentifier id_TA_RSA_PSS_SHA_1 = id_TA_RSA.branch("3"); + /** OID: 0.4.0.127.0.7.2.2.2.1.4 */ + static final ASN1ObjectIdentifier id_TA_RSA_PSS_SHA_256 = id_TA_RSA.branch("4"); + /** OID: 0.4.0.127.0.7.2.2.2.1.5 */ static final ASN1ObjectIdentifier id_TA_RSA_v1_5_SHA_512 = id_TA_RSA.branch("5"); - static final ASN1ObjectIdentifier id_TA_RSA_PSS_SHA_512 = id_TA_RSA.branch("6"); - static final ASN1ObjectIdentifier id_TA_ECDSA = id_TA.branch("2"); - static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_1 = id_TA_ECDSA.branch("1"); - static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_224 = id_TA_ECDSA.branch("2"); - static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_256 = id_TA_ECDSA.branch("3"); - static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_384 = id_TA_ECDSA.branch("4"); - static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_512 = id_TA_ECDSA.branch("5"); + /** OID: 0.4.0.127.0.7.2.2.2.1.6 */ + static final ASN1ObjectIdentifier id_TA_RSA_PSS_SHA_512 = id_TA_RSA.branch("6"); + /** OID: 0.4.0.127.0.7.2.2.2.2 */ + static final ASN1ObjectIdentifier id_TA_ECDSA = id_TA.branch("2"); + /** OID: 0.4.0.127.0.7.2.2.2.2.1 */ + static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_1 = id_TA_ECDSA.branch("1"); + /** OID: 0.4.0.127.0.7.2.2.2.2.2 */ + static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_224 = id_TA_ECDSA.branch("2"); + /** OID: 0.4.0.127.0.7.2.2.2.2.3 */ + static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_256 = id_TA_ECDSA.branch("3"); + /** OID: 0.4.0.127.0.7.2.2.2.2.4 */ + static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_384 = id_TA_ECDSA.branch("4"); + /** OID: 0.4.0.127.0.7.2.2.2.2.5 */ + static final ASN1ObjectIdentifier id_TA_ECDSA_SHA_512 = id_TA_ECDSA.branch("5"); /** + * <pre> * id-EAC-ePassport OBJECT IDENTIFIER ::= { - * bsi-de applications(3) mrtd(1) roles(2) 1} + * bsi-de applications(3) mrtd(1) roles(2) 1 + * } + * </pre> + * OID: 0.4.0.127.0.7.3.1.2.1 */ static final ASN1ObjectIdentifier id_EAC_ePassport = bsi_de.branch("3.1.2.1"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html deleted file mode 100644 index de27367..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html +++ /dev/null @@ -1,6 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting [ESF] RFC3126 -Electronic Signature Formats for long term electronic signatures. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html deleted file mode 100644 index 21854b3..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting Enhanced Security Services for S/MIME as described RFC 2634 and RFC 5035. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/gnu/GNUObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/gnu/GNUObjectIdentifiers.java index 084a020..a329e63 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/gnu/GNUObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/gnu/GNUObjectIdentifiers.java @@ -2,29 +2,57 @@ package org.bouncycastle.asn1.gnu; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * GNU project OID collection<p> + * { iso(1) identifier-organization(3) dod(6) internet(1) private(4) } == IETF defined things + */ public interface GNUObjectIdentifiers { - public static final ASN1ObjectIdentifier GNU = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.1"); // GNU Radius - public static final ASN1ObjectIdentifier GnuPG = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.2"); // GnuPG (Ägypten) + /** 1.3.6.1.4.1.11591.1 -- used by GNU Radius */ + public static final ASN1ObjectIdentifier GNU = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.1"); // GNU Radius + /** 1.3.6.1.4.1.11591.2 -- used by GNU PG */ + public static final ASN1ObjectIdentifier GnuPG = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.2"); // GnuPG (Ägypten) + /** 1.3.6.1.4.1.11591.2.1 -- notation */ public static final ASN1ObjectIdentifier notation = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.2.1"); // notation + /** 1.3.6.1.4.1.11591.2.1.1 -- pkaAddress */ public static final ASN1ObjectIdentifier pkaAddress = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.2.1.1"); // pkaAddress + /** 1.3.6.1.4.1.11591.3 -- GNU Radar */ public static final ASN1ObjectIdentifier GnuRadar = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.3"); // GNU Radar + /** 1.3.6.1.4.1.11591.12 -- digestAlgorithm */ public static final ASN1ObjectIdentifier digestAlgorithm = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.12"); // digestAlgorithm + /** 1.3.6.1.4.1.11591.12.2 -- TIGER/192 */ public static final ASN1ObjectIdentifier Tiger_192 = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.12.2"); // TIGER/192 + /** 1.3.6.1.4.1.11591.13 -- encryptionAlgorithm */ public static final ASN1ObjectIdentifier encryptionAlgorithm = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13"); // encryptionAlgorithm + /** 1.3.6.1.4.1.11591.13.2 -- Serpent */ public static final ASN1ObjectIdentifier Serpent = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2"); // Serpent + /** 1.3.6.1.4.1.11591.13.2.1 -- Serpent-128-ECB */ public static final ASN1ObjectIdentifier Serpent_128_ECB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.1"); // Serpent-128-ECB + /** 1.3.6.1.4.1.11591.13.2.2 -- Serpent-128-CBC */ public static final ASN1ObjectIdentifier Serpent_128_CBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.2"); // Serpent-128-CBC + /** 1.3.6.1.4.1.11591.13.2.3 -- Serpent-128-OFB */ public static final ASN1ObjectIdentifier Serpent_128_OFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.3"); // Serpent-128-OFB + /** 1.3.6.1.4.1.11591.13.2.4 -- Serpent-128-CFB */ public static final ASN1ObjectIdentifier Serpent_128_CFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.4"); // Serpent-128-CFB + /** 1.3.6.1.4.1.11591.13.2.21 -- Serpent-192-ECB */ public static final ASN1ObjectIdentifier Serpent_192_ECB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.21"); // Serpent-192-ECB + /** 1.3.6.1.4.1.11591.13.2.22 -- Serpent-192-CCB */ public static final ASN1ObjectIdentifier Serpent_192_CBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.22"); // Serpent-192-CBC + /** 1.3.6.1.4.1.11591.13.2.23 -- Serpent-192-OFB */ public static final ASN1ObjectIdentifier Serpent_192_OFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.23"); // Serpent-192-OFB + /** 1.3.6.1.4.1.11591.13.2.24 -- Serpent-192-CFB */ public static final ASN1ObjectIdentifier Serpent_192_CFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.24"); // Serpent-192-CFB + /** 1.3.6.1.4.1.11591.13.2.41 -- Serpent-256-ECB */ public static final ASN1ObjectIdentifier Serpent_256_ECB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.41"); // Serpent-256-ECB + /** 1.3.6.1.4.1.11591.13.2.42 -- Serpent-256-CBC */ public static final ASN1ObjectIdentifier Serpent_256_CBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.42"); // Serpent-256-CBC + /** 1.3.6.1.4.1.11591.13.2.43 -- Serpent-256-OFB */ public static final ASN1ObjectIdentifier Serpent_256_OFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.43"); // Serpent-256-OFB + /** 1.3.6.1.4.1.11591.13.2.44 -- Serpent-256-CFB */ public static final ASN1ObjectIdentifier Serpent_256_CFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.44"); // Serpent-256-CFB + + /** 1.3.6.1.4.1.11591.14 -- CRC algorithms */ public static final ASN1ObjectIdentifier CRC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.14"); // CRC algorithms + /** 1.3.6.1.4.1.11591.14,1 -- CRC32 */ public static final ASN1ObjectIdentifier CRC32 = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.14.1"); // CRC 32 } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/iana/IANAObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/iana/IANAObjectIdentifiers.java index e9ab8d6..5bfdbab 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/iana/IANAObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/iana/IANAObjectIdentifiers.java @@ -2,19 +2,59 @@ package org.bouncycastle.asn1.iana; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * IANA: + * { iso(1) identifier-organization(3) dod(6) internet(1) } == IETF defined things + */ public interface IANAObjectIdentifiers { + + /** { iso(1) identifier-organization(3) dod(6) internet(1) } == IETF defined things */ + static final ASN1ObjectIdentifier internet = new ASN1ObjectIdentifier("1.3.6.1"); + /** 1.3.6.1.1: Internet directory: X.500 */ + static final ASN1ObjectIdentifier directory = internet.branch("1"); + /** 1.3.6.1.2: Internet management */ + static final ASN1ObjectIdentifier mgmt = internet.branch("2"); + /** 1.3.6.1.3: */ + static final ASN1ObjectIdentifier experimental = internet.branch("3"); + /** 1.3.6.1.4: */ + static final ASN1ObjectIdentifier _private = internet.branch("4"); + /** 1.3.6.1.5: Security services */ + static final ASN1ObjectIdentifier security = internet.branch("5"); + /** 1.3.6.1.6: SNMPv2 -- never really used */ + static final ASN1ObjectIdentifier SNMPv2 = internet.branch("6"); + /** 1.3.6.1.7: mail -- never really used */ + static final ASN1ObjectIdentifier mail = internet.branch("7"); + + // id-SHA1 OBJECT IDENTIFIER ::= // {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1)} // - static final ASN1ObjectIdentifier isakmpOakley = new ASN1ObjectIdentifier("1.3.6.1.5.5.8.1"); - static final ASN1ObjectIdentifier hmacMD5 = new ASN1ObjectIdentifier(isakmpOakley + ".1"); - static final ASN1ObjectIdentifier hmacSHA1 = new ASN1ObjectIdentifier(isakmpOakley + ".2"); + /** IANA security mechanisms; 1.3.6.1.5.5 */ + static final ASN1ObjectIdentifier security_mechanisms = security.branch("5"); + /** IANA security nametypes; 1.3.6.1.5.6 */ + static final ASN1ObjectIdentifier security_nametypes = security.branch("6"); + + /** PKIX base OID: 1.3.6.1.5.6.6 */ + static final ASN1ObjectIdentifier pkix = security_mechanisms.branch("6"); + + + /** IPSEC base OID: 1.3.6.1.5.5.8 */ + static final ASN1ObjectIdentifier ipsec = security_mechanisms.branch("8"); + /** IPSEC ISAKMP-Oakley OID: 1.3.6.1.5.5.8.1 */ + static final ASN1ObjectIdentifier isakmpOakley = ipsec.branch("1"); + + /** IPSEC ISAKMP-Oakley hmacMD5 OID: 1.3.6.1.5.5.8.1.1 */ + static final ASN1ObjectIdentifier hmacMD5 = isakmpOakley.branch("1"); + /** IPSEC ISAKMP-Oakley hmacSHA1 OID: 1.3.6.1.5.5.8.1.2 */ + static final ASN1ObjectIdentifier hmacSHA1 = isakmpOakley.branch("2"); - static final ASN1ObjectIdentifier hmacTIGER = new ASN1ObjectIdentifier(isakmpOakley + ".3"); + /** IPSEC ISAKMP-Oakley hmacTIGER OID: 1.3.6.1.5.5.8.1.3 */ + static final ASN1ObjectIdentifier hmacTIGER = isakmpOakley.branch("3"); - static final ASN1ObjectIdentifier hmacRIPEMD160 = new ASN1ObjectIdentifier(isakmpOakley + ".4"); + /** IPSEC ISAKMP-Oakley hmacRIPEMD160 OID: 1.3.6.1.5.5.8.1.4 */ + static final ASN1ObjectIdentifier hmacRIPEMD160 = isakmpOakley.branch("4"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/ICAOObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/icao/ICAOObjectIdentifiers.java index 0b5da2b..3c271da 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/ICAOObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/icao/ICAOObjectIdentifiers.java @@ -2,32 +2,48 @@ package org.bouncycastle.asn1.icao; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * + * { ISOITU(2) intorgs(23) icao(136) } + */ public interface ICAOObjectIdentifiers { // // base id // + /** 2.23.136 */ static final ASN1ObjectIdentifier id_icao = new ASN1ObjectIdentifier("2.23.136"); + /** 2.23.136.1 */ static final ASN1ObjectIdentifier id_icao_mrtd = id_icao.branch("1"); + /** 2.23.136.1.1 */ static final ASN1ObjectIdentifier id_icao_mrtd_security = id_icao_mrtd.branch("1"); - // LDS security object, see ICAO Doc 9303-Volume 2-Section IV-A3.2 + /** LDS security object, see ICAO Doc 9303-Volume 2-Section IV-A3.2<p> + * 2.23.136.1.1.1 */ static final ASN1ObjectIdentifier id_icao_ldsSecurityObject = id_icao_mrtd_security.branch("1"); - // CSCA master list, see TR CSCA Countersigning and Master List issuance + /** CSCA master list, see TR CSCA Countersigning and Master List issuance<p> + * 2.23.136.1.1.2 + */ static final ASN1ObjectIdentifier id_icao_cscaMasterList = id_icao_mrtd_security.branch("2"); + /** 2.23.136.1.1.3 */ static final ASN1ObjectIdentifier id_icao_cscaMasterListSigningKey = id_icao_mrtd_security.branch("3"); - // document type list, see draft TR LDS and PKI Maintenance, par. 3.2.1 + /** document type list, see draft TR LDS and PKI Maintenance, par. 3.2.1 <p> + * 2.23.136.1.1.4 + */ static final ASN1ObjectIdentifier id_icao_documentTypeList = id_icao_mrtd_security.branch("4"); - // Active Authentication protocol, see draft TR LDS and PKI Maintenance, - // par. 5.2.2 + /** Active Authentication protocol, see draft TR LDS and PKI Maintenance, par. 5.2.2<p> + * 2.23.136.1.1.5 + */ static final ASN1ObjectIdentifier id_icao_aaProtocolObject = id_icao_mrtd_security.branch("5"); - // CSCA name change and key reoll-over, see draft TR LDS and PKI - // Maintenance, par. 3.2.1 + /** CSCA name change and key reoll-over, see draft TR LDS and PKI Maintenance, par. 3.2.1<p> + * 2.23.136.1.1.6 + */ static final ASN1ObjectIdentifier id_icao_extensions = id_icao_mrtd_security.branch("6"); + /** 2.23.136.1.1.6.1 */ static final ASN1ObjectIdentifier id_icao_extensions_namechangekeyrollover = id_icao_extensions.branch("1"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html deleted file mode 100644 index f2301db..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -ICAO ASN.1 classes for electronic passport. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ISISMTTObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ISISMTTObjectIdentifiers.java index bc2ac8d..6b75fde 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ISISMTTObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ISISMTTObjectIdentifiers.java @@ -2,11 +2,16 @@ package org.bouncycastle.asn1.isismtt; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * ISISMT -- Industrial Signature Interoperability Specification + */ public interface ISISMTTObjectIdentifiers { + /** 1.3.36.8 */ static final ASN1ObjectIdentifier id_isismtt = new ASN1ObjectIdentifier("1.3.36.8"); + /** 1.3.36.8.1 */ static final ASN1ObjectIdentifier id_isismtt_cp = id_isismtt.branch("1"); /** @@ -15,29 +20,37 @@ public interface ISISMTTObjectIdentifiers * Parliament and of the Council of 13 December 1999 on a Community * Framework for Electronic Signatures, which additionally conforms the * special requirements of the SigG and has been issued by an accredited CA. + * <p> + * 1.3.36.8.1.1 */ + static final ASN1ObjectIdentifier id_isismtt_cp_accredited = id_isismtt_cp.branch("1"); + /** 1.3.36.8.3 */ static final ASN1ObjectIdentifier id_isismtt_at = id_isismtt.branch("3"); /** * Certificate extensionDate of certificate generation - * * <pre> - * DateOfCertGenSyntax ::= GeneralizedTime + * DateOfCertGenSyntax ::= GeneralizedTime * </pre> + * OID: 1.3.36.8.3.1 */ static final ASN1ObjectIdentifier id_isismtt_at_dateOfCertGen = id_isismtt_at.branch("1"); /** * Attribute to indicate that the certificate holder may sign in the name of * a third person. May also be used as extension in a certificate. + * <p> + * OID: 1.3.36.8.3.2 */ static final ASN1ObjectIdentifier id_isismtt_at_procuration = id_isismtt_at.branch("2"); /** * Attribute to indicate admissions to certain professions. May be used as * attribute in attribute certificate or as extension in a certificate + * <p> + * OID: 1.3.36.8.3.3 */ static final ASN1ObjectIdentifier id_isismtt_at_admission = id_isismtt_at.branch("3"); @@ -47,33 +60,37 @@ public interface ISISMTTObjectIdentifiers * MonetaryLimit since January 1, 2004. For the sake of backward * compatibility with certificates already in use, SigG conforming * components MUST support MonetaryLimit (as well as QcEuLimitValue). + * <p> + * OID: 1.3.36.8.3.4 */ static final ASN1ObjectIdentifier id_isismtt_at_monetaryLimit = id_isismtt_at.branch("4"); /** * A declaration of majority. May be used as attribute in attribute * certificate or as extension in a certificate + * <p> + * OID: 1.3.36.8.3.5 */ static final ASN1ObjectIdentifier id_isismtt_at_declarationOfMajority = id_isismtt_at.branch("5"); /** - * * Serial number of the smart card containing the corresponding private key - * * <pre> - * ICCSNSyntax ::= OCTET STRING (SIZE(8..20)) + * ICCSNSyntax ::= OCTET STRING (SIZE(8..20)) * </pre> + * <p> + * OID: 1.3.36.8.3.6 */ static final ASN1ObjectIdentifier id_isismtt_at_iCCSN = id_isismtt_at.branch("6"); /** - * * Reference for a file of a smartcard that stores the public key of this - * certificate and that is used as �security anchor�. - * + * certificate and that is used as "security anchor". * <pre> - * PKReferenceSyntax ::= OCTET STRING (SIZE(20)) + * PKReferenceSyntax ::= OCTET STRING (SIZE(20)) * </pre> + * <p> + * OID: 1.3.36.8.3.7 */ static final ASN1ObjectIdentifier id_isismtt_at_PKReference = id_isismtt_at.branch("7"); @@ -81,28 +98,28 @@ public interface ISISMTTObjectIdentifiers * Some other restriction regarding the usage of this certificate. May be * used as attribute in attribute certificate or as extension in a * certificate. - * * <pre> - * RestrictionSyntax ::= DirectoryString (SIZE(1..1024)) + * RestrictionSyntax ::= DirectoryString (SIZE(1..1024)) * </pre> + * <p> + * OID: 1.3.36.8.3.8 * * @see org.bouncycastle.asn1.isismtt.x509.Restriction */ static final ASN1ObjectIdentifier id_isismtt_at_restriction = id_isismtt_at.branch("8"); /** - * * (Single)Request extension: Clients may include this extension in a * (single) Request to request the responder to send the certificate in the * response message along with the status information. Besides the LDAP * service, this extension provides another mechanism for the distribution * of certificates, which MAY optionally be provided by certificate * repositories. - * * <pre> - * RetrieveIfAllowed ::= BOOLEAN - * + * RetrieveIfAllowed ::= BOOLEAN * </pre> + * <p> + * OID: 1.3.36.8.3.9 */ static final ASN1ObjectIdentifier id_isismtt_at_retrieveIfAllowed = id_isismtt_at.branch("9"); @@ -110,6 +127,8 @@ public interface ISISMTTObjectIdentifiers * SingleOCSPResponse extension: The certificate requested by the client by * inserting the RetrieveIfAllowed extension in the request, will be * returned in this extension. + * <p> + * OID: 1.3.36.8.3.10 * * @see org.bouncycastle.asn1.isismtt.ocsp.RequestedCertificate */ @@ -117,6 +136,8 @@ public interface ISISMTTObjectIdentifiers /** * Base ObjectIdentifier for naming authorities + * <p> + * OID: 1.3.36.8.3.11 */ static final ASN1ObjectIdentifier id_isismtt_at_namingAuthorities = id_isismtt_at.branch("11"); @@ -127,13 +148,17 @@ public interface ISISMTTObjectIdentifiers * this extension in the responses. * * <pre> - * CertInDirSince ::= GeneralizedTime + * CertInDirSince ::= GeneralizedTime * </pre> + * <p> + * OID: 1.3.36.8.3.12 */ static final ASN1ObjectIdentifier id_isismtt_at_certInDirSince = id_isismtt_at.branch("12"); /** * Hash of a certificate in OCSP. + * <p> + * OID: 1.3.36.8.3.13 * * @see org.bouncycastle.asn1.isismtt.ocsp.CertHash */ @@ -141,11 +166,13 @@ public interface ISISMTTObjectIdentifiers /** * <pre> - * NameAtBirth ::= DirectoryString(SIZE(1..64) + * NameAtBirth ::= DirectoryString(SIZE(1..64) * </pre> * * Used in * {@link org.bouncycastle.asn1.x509.SubjectDirectoryAttributes SubjectDirectoryAttributes} + * <p> + * OID: 1.3.36.8.3.14 */ static final ASN1ObjectIdentifier id_isismtt_at_nameAtBirth = id_isismtt_at.branch("14"); @@ -155,8 +182,10 @@ public interface ISISMTTObjectIdentifiers * extension in a certificate. * * <pre> - * AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048)) + * AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048)) * </pre> + * <p> + * OID: 1.3.36.8.3.15 * * @see org.bouncycastle.asn1.isismtt.x509.AdditionalInformationSyntax */ @@ -171,10 +200,11 @@ public interface ISISMTTObjectIdentifiers * PKC as base certificate) contains some attribute that restricts the * usability of the PKC too. Attribute certificates with restricting content * MUST always be included in the signed document. - * * <pre> - * LiabilityLimitationFlagSyntax ::= BOOLEAN + * LiabilityLimitationFlagSyntax ::= BOOLEAN * </pre> + * <p> + * OID: 0.2.262.1.10.12.0 */ static final ASN1ObjectIdentifier id_isismtt_at_liabilityLimitationFlag = new ASN1ObjectIdentifier("0.2.262.1.10.12.0"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/kisa/KISAObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/kisa/KISAObjectIdentifiers.java index 73e0c58..73575f1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/kisa/KISAObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/kisa/KISAObjectIdentifiers.java @@ -2,8 +2,30 @@ package org.bouncycastle.asn1.kisa; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * Korea Information Security Agency (KISA) + * ({iso(1) member-body(2) kr(410) kisa(200004)}) + * <p> + * See <a href="http://tools.ietf.org/html/rfc4010">RFC 4010</a> + * Use of the SEED Encryption Algorithm + * in Cryptographic Message Syntax (CMS), + * and <a href="http://tools.ietf.org/html/rfc4269">RFC 4269</a> + * The SEED Encryption Algorithm + */ public interface KISAObjectIdentifiers { - public static final ASN1ObjectIdentifier id_seedCBC = new ASN1ObjectIdentifier("1.2.410.200004.1.4"); - public static final ASN1ObjectIdentifier id_npki_app_cmsSeed_wrap = new ASN1ObjectIdentifier("1.2.410.200004.7.1.1.1"); + /** RFC 4010, 4269: id-seedCBC; OID 1.2.410.200004.1.4 */ + static final ASN1ObjectIdentifier id_seedCBC = new ASN1ObjectIdentifier("1.2.410.200004.1.4"); + + /** RFC 4269: id-seedMAC; OID 1.2.410.200004.1.7 */ + static final ASN1ObjectIdentifier id_seedMAC = new ASN1ObjectIdentifier("1.2.410.200004.1.7"); + + /** RFC 4269: pbeWithSHA1AndSEED-CBC; OID 1.2.410.200004.1.15 */ + static final ASN1ObjectIdentifier pbeWithSHA1AndSEED_CBC = new ASN1ObjectIdentifier("1.2.410.200004.1.15"); + + /** RFC 4010: id-npki-app-cmsSeed-wrap; OID 1.2.410.200004.7.1.1.1 */ + static final ASN1ObjectIdentifier id_npki_app_cmsSeed_wrap = new ASN1ObjectIdentifier("1.2.410.200004.7.1.1.1"); + + /** RFC 4010: SeedEncryptionAlgorithmInCMS; OID 1.2.840.113549.1.9.16.0.24 */ + static final ASN1ObjectIdentifier id_mod_cms_seed = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.0.24"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java index f40a943..8ba2cf5 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java @@ -2,16 +2,27 @@ package org.bouncycastle.asn1.microsoft; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * Microsoft + * <p> + * Object identifier base: + * <pre> + * iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) + * </pre> + * 1.3.6.1.4.1.311 + */ public interface MicrosoftObjectIdentifiers { - // - // Microsoft - // iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) - // + /** Base OID: 1.3.6.1.4.1.311 */ static final ASN1ObjectIdentifier microsoft = new ASN1ObjectIdentifier("1.3.6.1.4.1.311"); + /** OID: 1.3.6.1.4.1.311.20.2 */ static final ASN1ObjectIdentifier microsoftCertTemplateV1 = microsoft.branch("20.2"); + /** OID: 1.3.6.1.4.1.311.21.1 */ static final ASN1ObjectIdentifier microsoftCaVersion = microsoft.branch("21.1"); + /** OID: 1.3.6.1.4.1.311.21.2 */ static final ASN1ObjectIdentifier microsoftPrevCaCertHash = microsoft.branch("21.2"); + /** OID: 1.3.6.1.4.1.311.21.7 */ static final ASN1ObjectIdentifier microsoftCertTemplateV2 = microsoft.branch("21.7"); + /** OID: 1.3.6.1.4.1.311.21.10 */ static final ASN1ObjectIdentifier microsoftAppPolicies = microsoft.branch("21.10"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java index debf268..6aff988 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java @@ -8,40 +8,52 @@ public interface MiscObjectIdentifiers // Netscape // iso/itu(2) joint-assign(16) us(840) uscompany(1) netscape(113730) cert-extensions(1) } // + /** Netscape cert extensions OID base: 2.16.840.1.113730.1 */ static final ASN1ObjectIdentifier netscape = new ASN1ObjectIdentifier("2.16.840.1.113730.1"); + /** Netscape cert CertType OID: 2.16.840.1.113730.1.1 */ static final ASN1ObjectIdentifier netscapeCertType = netscape.branch("1"); + /** Netscape cert BaseURL OID: 2.16.840.1.113730.1.2 */ static final ASN1ObjectIdentifier netscapeBaseURL = netscape.branch("2"); + /** Netscape cert RevocationURL OID: 2.16.840.1.113730.1.3 */ static final ASN1ObjectIdentifier netscapeRevocationURL = netscape.branch("3"); + /** Netscape cert CARevocationURL OID: 2.16.840.1.113730.1.4 */ static final ASN1ObjectIdentifier netscapeCARevocationURL = netscape.branch("4"); + /** Netscape cert RenewalURL OID: 2.16.840.1.113730.1.7 */ static final ASN1ObjectIdentifier netscapeRenewalURL = netscape.branch("7"); + /** Netscape cert CApolicyURL OID: 2.16.840.1.113730.1.8 */ static final ASN1ObjectIdentifier netscapeCApolicyURL = netscape.branch("8"); + /** Netscape cert SSLServerName OID: 2.16.840.1.113730.1.12 */ static final ASN1ObjectIdentifier netscapeSSLServerName = netscape.branch("12"); + /** Netscape cert CertComment OID: 2.16.840.1.113730.1.13 */ static final ASN1ObjectIdentifier netscapeCertComment = netscape.branch("13"); // // Verisign // iso/itu(2) joint-assign(16) us(840) uscompany(1) verisign(113733) cert-extensions(1) } // + /** Verisign OID base: 2.16.840.1.113733.1 */ static final ASN1ObjectIdentifier verisign = new ASN1ObjectIdentifier("2.16.840.1.113733.1"); - // - // CZAG - country, zip, age, and gender - // + /** Verisign CZAG (Country,Zip,Age,Gender) Extension OID: 2.16.840.1.113733.1.6.3 */ static final ASN1ObjectIdentifier verisignCzagExtension = verisign.branch("6.3"); - // D&B D-U-N-S number + /** Verisign D&B D-U-N-S number Extension OID: 2.16.840.1.113733.1.6.15 */ static final ASN1ObjectIdentifier verisignDnbDunsNumber = verisign.branch("6.15"); // // Novell // iso/itu(2) country(16) us(840) organization(1) novell(113719) // + /** Novell OID base: 2.16.840.1.113719 */ static final ASN1ObjectIdentifier novell = new ASN1ObjectIdentifier("2.16.840.1.113719"); + /** Novell SecurityAttribs OID: 2.16.840.1.113719.1.9.4.1 */ static final ASN1ObjectIdentifier novellSecurityAttribs = novell.branch("1.9.4.1"); // // Entrust // iso(1) member-body(16) us(840) nortelnetworks(113533) entrust(7) // + /** NortelNetworks Entrust OID base: 1.2.840.113533.7 */ static final ASN1ObjectIdentifier entrust = new ASN1ObjectIdentifier("1.2.840.113533.7"); + /** NortelNetworks Entrust VersionExtension OID: 1.2.840.113533.7.65.0 */ static final ASN1ObjectIdentifier entrustVersionExtension = entrust.branch("65.0"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html deleted file mode 100644 index e3bda64..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Miscellaneous object identifiers and objects. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html deleted file mode 100644 index 40776b0..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding objects used by mozilla. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/nist/NISTObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/nist/NISTObjectIdentifiers.java index afa93c4..e3613c6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/nist/NISTObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/nist/NISTObjectIdentifiers.java @@ -2,59 +2,95 @@ package org.bouncycastle.asn1.nist; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * + * NIST: + * iso/itu(2) joint-assign(16) us(840) organization(1) gov(101) csor(3) + */ public interface NISTObjectIdentifiers { // - // NIST - // iso/itu(2) joint-assign(16) us(840) organization(1) gov(101) csor(3) - - // // nistalgorithms(4) // + /** 2.16.840.1.101.3.4 -- algorithms */ static final ASN1ObjectIdentifier nistAlgorithm = new ASN1ObjectIdentifier("2.16.840.1.101.3.4"); + /** 2.16.840.1.101.3.4.2 */ static final ASN1ObjectIdentifier hashAlgs = nistAlgorithm.branch("2"); + /** 2.16.840.1.101.3.4.2.1 */ static final ASN1ObjectIdentifier id_sha256 = hashAlgs.branch("1"); + /** 2.16.840.1.101.3.4.2.2 */ static final ASN1ObjectIdentifier id_sha384 = hashAlgs.branch("2"); + /** 2.16.840.1.101.3.4.2.3 */ static final ASN1ObjectIdentifier id_sha512 = hashAlgs.branch("3"); + /** 2.16.840.1.101.3.4.2.4 */ static final ASN1ObjectIdentifier id_sha224 = hashAlgs.branch("4"); + /** 2.16.840.1.101.3.4.2.5 */ static final ASN1ObjectIdentifier id_sha512_224 = hashAlgs.branch("5"); + /** 2.16.840.1.101.3.4.2.6 */ static final ASN1ObjectIdentifier id_sha512_256 = hashAlgs.branch("6"); - static final ASN1ObjectIdentifier aes = nistAlgorithm.branch("1"); + /** 2.16.840.1.101.3.4.1 */ + static final ASN1ObjectIdentifier aes = nistAlgorithm.branch("1"); + /** 2.16.840.1.101.3.4.1.1 */ static final ASN1ObjectIdentifier id_aes128_ECB = aes.branch("1"); + /** 2.16.840.1.101.3.4.1.2 */ static final ASN1ObjectIdentifier id_aes128_CBC = aes.branch("2"); + /** 2.16.840.1.101.3.4.1.3 */ static final ASN1ObjectIdentifier id_aes128_OFB = aes.branch("3"); + /** 2.16.840.1.101.3.4.1.4 */ static final ASN1ObjectIdentifier id_aes128_CFB = aes.branch("4"); + /** 2.16.840.1.101.3.4.1.5 */ static final ASN1ObjectIdentifier id_aes128_wrap = aes.branch("5"); + /** 2.16.840.1.101.3.4.1.6 */ static final ASN1ObjectIdentifier id_aes128_GCM = aes.branch("6"); + /** 2.16.840.1.101.3.4.1.7 */ static final ASN1ObjectIdentifier id_aes128_CCM = aes.branch("7"); + /** 2.16.840.1.101.3.4.1.21 */ static final ASN1ObjectIdentifier id_aes192_ECB = aes.branch("21"); + /** 2.16.840.1.101.3.4.1.22 */ static final ASN1ObjectIdentifier id_aes192_CBC = aes.branch("22"); + /** 2.16.840.1.101.3.4.1.23 */ static final ASN1ObjectIdentifier id_aes192_OFB = aes.branch("23"); + /** 2.16.840.1.101.3.4.1.24 */ static final ASN1ObjectIdentifier id_aes192_CFB = aes.branch("24"); + /** 2.16.840.1.101.3.4.1.25 */ static final ASN1ObjectIdentifier id_aes192_wrap = aes.branch("25"); + /** 2.16.840.1.101.3.4.1.26 */ static final ASN1ObjectIdentifier id_aes192_GCM = aes.branch("26"); + /** 2.16.840.1.101.3.4.1.27 */ static final ASN1ObjectIdentifier id_aes192_CCM = aes.branch("27"); + /** 2.16.840.1.101.3.4.1.41 */ static final ASN1ObjectIdentifier id_aes256_ECB = aes.branch("41"); + /** 2.16.840.1.101.3.4.1.42 */ static final ASN1ObjectIdentifier id_aes256_CBC = aes.branch("42"); + /** 2.16.840.1.101.3.4.1.43 */ static final ASN1ObjectIdentifier id_aes256_OFB = aes.branch("43"); + /** 2.16.840.1.101.3.4.1.44 */ static final ASN1ObjectIdentifier id_aes256_CFB = aes.branch("44"); + /** 2.16.840.1.101.3.4.1.45 */ static final ASN1ObjectIdentifier id_aes256_wrap = aes.branch("45"); + /** 2.16.840.1.101.3.4.1.46 */ static final ASN1ObjectIdentifier id_aes256_GCM = aes.branch("46"); + /** 2.16.840.1.101.3.4.1.47 */ static final ASN1ObjectIdentifier id_aes256_CCM = aes.branch("47"); // // signatures // + /** 2.16.840.1.101.3.4.3 */ static final ASN1ObjectIdentifier id_dsa_with_sha2 = nistAlgorithm.branch("3"); + /** 2.16.840.1.101.3.4.3.1 */ static final ASN1ObjectIdentifier dsa_with_sha224 = id_dsa_with_sha2.branch("1"); + /** 2.16.840.1.101.3.4.3.2 */ static final ASN1ObjectIdentifier dsa_with_sha256 = id_dsa_with_sha2.branch("2"); + /** 2.16.840.1.101.3.4.3.3 */ static final ASN1ObjectIdentifier dsa_with_sha384 = id_dsa_with_sha2.branch("3"); + /** 2.16.840.1.101.3.4.3.4 */ static final ASN1ObjectIdentifier dsa_with_sha512 = id_dsa_with_sha2.branch("4"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html deleted file mode 100644 index 1cdca76..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes for NIST related objects. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ntt/NTTObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/ntt/NTTObjectIdentifiers.java index 2e4132a..fa32068 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ntt/NTTObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ntt/NTTObjectIdentifiers.java @@ -3,15 +3,23 @@ package org.bouncycastle.asn1.ntt; import org.bouncycastle.asn1.ASN1ObjectIdentifier; /** - * From RFC 3657 + * From <a href="http://tools.ietf.org/html/rfc3657">RFC 3657</a> + * Use of the Camellia Encryption Algorithm + * in Cryptographic Message Syntax (CMS) */ public interface NTTObjectIdentifiers { - public static final ASN1ObjectIdentifier id_camellia128_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.2"); - public static final ASN1ObjectIdentifier id_camellia192_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.3"); - public static final ASN1ObjectIdentifier id_camellia256_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.4"); + /** id-camellia128-cbc; OID 1.2.392.200011.61.1.1.1.2 */ + static final ASN1ObjectIdentifier id_camellia128_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.2"); + /** id-camellia192-cbc; OID 1.2.392.200011.61.1.1.1.3 */ + static final ASN1ObjectIdentifier id_camellia192_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.3"); + /** id-camellia256-cbc; OID 1.2.392.200011.61.1.1.1.4 */ + static final ASN1ObjectIdentifier id_camellia256_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.4"); - public static final ASN1ObjectIdentifier id_camellia128_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.2"); - public static final ASN1ObjectIdentifier id_camellia192_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.3"); - public static final ASN1ObjectIdentifier id_camellia256_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.4"); + /** id-camellia128-wrap; OID 1.2.392.200011.61.1.1.3.2 */ + static final ASN1ObjectIdentifier id_camellia128_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.2"); + /** id-camellia192-wrap; OID 1.2.392.200011.61.1.1.3.3 */ + static final ASN1ObjectIdentifier id_camellia192_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.3"); + /** id-camellia256-wrap; OID 1.2.392.200011.61.1.1.3.4 */ + static final ASN1ObjectIdentifier id_camellia256_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.4"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java index 40b15e9..f8ea8f7 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java @@ -2,21 +2,28 @@ package org.bouncycastle.asn1.ocsp; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * OIDs for <a href="http://tools.ietf.org/html/rfc2560">RFC 2560</a> + * Online Certificate Status Protocol - OCSP. + */ public interface OCSPObjectIdentifiers { - public static final String pkix_ocsp = "1.3.6.1.5.5.7.48.1"; - - public static final ASN1ObjectIdentifier id_pkix_ocsp = new ASN1ObjectIdentifier(pkix_ocsp); - public static final ASN1ObjectIdentifier id_pkix_ocsp_basic = new ASN1ObjectIdentifier(pkix_ocsp + ".1"); + /** OID: 1.3.6.1.5.5.7.48.1 */ + static final ASN1ObjectIdentifier id_pkix_ocsp = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1"); + /** OID: 1.3.6.1.5.5.7.48.1.1 */ + static final ASN1ObjectIdentifier id_pkix_ocsp_basic = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.1"); - // - // extensions - // - public static final ASN1ObjectIdentifier id_pkix_ocsp_nonce = new ASN1ObjectIdentifier(pkix_ocsp + ".2"); - public static final ASN1ObjectIdentifier id_pkix_ocsp_crl = new ASN1ObjectIdentifier(pkix_ocsp + ".3"); + /** OID: 1.3.6.1.5.5.7.48.1.2 */ + static final ASN1ObjectIdentifier id_pkix_ocsp_nonce = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.2"); + /** OID: 1.3.6.1.5.5.7.48.1.3 */ + static final ASN1ObjectIdentifier id_pkix_ocsp_crl = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.3"); - public static final ASN1ObjectIdentifier id_pkix_ocsp_response = new ASN1ObjectIdentifier(pkix_ocsp + ".4"); - public static final ASN1ObjectIdentifier id_pkix_ocsp_nocheck = new ASN1ObjectIdentifier(pkix_ocsp + ".5"); - public static final ASN1ObjectIdentifier id_pkix_ocsp_archive_cutoff = new ASN1ObjectIdentifier(pkix_ocsp + ".6"); - public static final ASN1ObjectIdentifier id_pkix_ocsp_service_locator = new ASN1ObjectIdentifier(pkix_ocsp + ".7"); + /** OID: 1.3.6.1.5.5.7.48.1.4 */ + static final ASN1ObjectIdentifier id_pkix_ocsp_response = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.4"); + /** OID: 1.3.6.1.5.5.7.48.1.5 */ + static final ASN1ObjectIdentifier id_pkix_ocsp_nocheck = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.5"); + /** OID: 1.3.6.1.5.5.7.48.1.6 */ + static final ASN1ObjectIdentifier id_pkix_ocsp_archive_cutoff = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.6"); + /** OID: 1.3.6.1.5.5.7.48.1.7 */ + static final ASN1ObjectIdentifier id_pkix_ocsp_service_locator = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.7"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/RevokedInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/RevokedInfo.java index 7279ae1..6770050 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/RevokedInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/RevokedInfo.java @@ -1,12 +1,12 @@ package org.bouncycastle.asn1.ocsp; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Enumerated; import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DEREnumerated; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.CRLReason; @@ -32,8 +32,8 @@ public class RevokedInfo if (seq.size() > 1) { - this.revocationReason = CRLReason.getInstance(DEREnumerated.getInstance( - (ASN1TaggedObject)seq.getObjectAt(1), true)); + this.revocationReason = CRLReason.getInstance(ASN1Enumerated.getInstance( + (ASN1TaggedObject)seq.getObjectAt(1), true)); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html deleted file mode 100644 index 22c560d..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting OCSP objects. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.java index c8ce26b..c169c16 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.java @@ -2,30 +2,49 @@ package org.bouncycastle.asn1.oiw; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * OIW organization's OIDs: + * <p> + * id-SHA1 OBJECT IDENTIFIER ::= + * {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } + */ public interface OIWObjectIdentifiers { - // id-SHA1 OBJECT IDENTIFIER ::= - // {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } // + /** OID: 1.3.14.3.2.2 */ static final ASN1ObjectIdentifier md4WithRSA = new ASN1ObjectIdentifier("1.3.14.3.2.2"); + /** OID: 1.3.14.3.2.3 */ static final ASN1ObjectIdentifier md5WithRSA = new ASN1ObjectIdentifier("1.3.14.3.2.3"); + /** OID: 1.3.14.3.2.4 */ static final ASN1ObjectIdentifier md4WithRSAEncryption = new ASN1ObjectIdentifier("1.3.14.3.2.4"); + /** OID: 1.3.14.3.2.6 */ static final ASN1ObjectIdentifier desECB = new ASN1ObjectIdentifier("1.3.14.3.2.6"); + /** OID: 1.3.14.3.2.7 */ static final ASN1ObjectIdentifier desCBC = new ASN1ObjectIdentifier("1.3.14.3.2.7"); + /** OID: 1.3.14.3.2.8 */ static final ASN1ObjectIdentifier desOFB = new ASN1ObjectIdentifier("1.3.14.3.2.8"); + /** OID: 1.3.14.3.2.9 */ static final ASN1ObjectIdentifier desCFB = new ASN1ObjectIdentifier("1.3.14.3.2.9"); + /** OID: 1.3.14.3.2.17 */ static final ASN1ObjectIdentifier desEDE = new ASN1ObjectIdentifier("1.3.14.3.2.17"); + /** OID: 1.3.14.3.2.26 */ static final ASN1ObjectIdentifier idSHA1 = new ASN1ObjectIdentifier("1.3.14.3.2.26"); + /** OID: 1.3.14.3.2.27 */ static final ASN1ObjectIdentifier dsaWithSHA1 = new ASN1ObjectIdentifier("1.3.14.3.2.27"); + /** OID: 1.3.14.3.2.29 */ static final ASN1ObjectIdentifier sha1WithRSA = new ASN1ObjectIdentifier("1.3.14.3.2.29"); - // ElGamal Algorithm OBJECT IDENTIFIER ::= - // {iso(1) identified-organization(3) oiw(14) dirservsig(7) algorithm(2) encryption(1) 1 } - // + /** + * <pre> + * ElGamal Algorithm OBJECT IDENTIFIER ::= + * {iso(1) identified-organization(3) oiw(14) dirservsig(7) algorithm(2) encryption(1) 1 } + * </pre> + * OID: 1.3.14.7.2.1.1 + */ static final ASN1ObjectIdentifier elGamalAlgorithm = new ASN1ObjectIdentifier("1.3.14.7.2.1.1"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html deleted file mode 100644 index 44eb2fe..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Objects and OID for the support of ISO OIW. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/package.html deleted file mode 100644 index 1ac16a5..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -A library for parsing and writing ASN.1 objects. Support is provided for DER and BER encoding. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PBKDF2Params.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PBKDF2Params.java index 65c0fa8..92c4e8f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PBKDF2Params.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PBKDF2Params.java @@ -9,16 +9,39 @@ import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; - +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; + +/** + * <pre> + * PBKDF2-params ::= SEQUENCE { + * salt CHOICE { + * specified OCTET STRING, + * otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}} + * }, + * iterationCount INTEGER (1..MAX), + * keyLength INTEGER (1..MAX) OPTIONAL, + * prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 } + * </pre> + */ public class PBKDF2Params extends ASN1Object { + private static final AlgorithmIdentifier algid_hmacWithSHA1 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA1, DERNull.INSTANCE); + private ASN1OctetString octStr; private ASN1Integer iterationCount; private ASN1Integer keyLength; - + private AlgorithmIdentifier prf; + + /** + * Create PBKDF2Params from the passed in object, + * + * @param obj either PBKDF2Params or an ASN2Sequence. + * @return a PBKDF2Params instance. + */ public static PBKDF2Params getInstance( Object obj) { @@ -34,7 +57,13 @@ public class PBKDF2Params return null; } - + + /** + * Create a PBKDF2Params with the specified salt, iteration count, and algid-hmacWithSHA1 for the prf. + * + * @param salt input salt. + * @param iterationCount input iteration count. + */ public PBKDF2Params( byte[] salt, int iterationCount) @@ -43,6 +72,13 @@ public class PBKDF2Params this.iterationCount = new ASN1Integer(iterationCount); } + /** + * Create a PBKDF2Params with the specified salt, iteration count, keyLength, and algid-hmacWithSHA1 for the prf. + * + * @param salt input salt. + * @param iterationCount input iteration count. + * @param keyLength intended key length to be produced. + */ public PBKDF2Params( byte[] salt, int iterationCount, @@ -53,6 +89,42 @@ public class PBKDF2Params this.keyLength = new ASN1Integer(keyLength); } + /** + * Create a PBKDF2Params with the specified salt, iteration count, keyLength, and a defined prf. + * + * @param salt input salt. + * @param iterationCount input iteration count. + * @param keyLength intended key length to be produced. + * @param prf the pseudo-random function to use. + */ + public PBKDF2Params( + byte[] salt, + int iterationCount, + int keyLength, + AlgorithmIdentifier prf) + { + this(salt, iterationCount); + + this.keyLength = new ASN1Integer(keyLength); + this.prf = prf; + } + + /** + * Create a PBKDF2Params with the specified salt, iteration count, and a defined prf. + * + * @param salt input salt. + * @param iterationCount input iteration count. + * @param prf the pseudo-random function to use. + */ + public PBKDF2Params( + byte[] salt, + int iterationCount, + AlgorithmIdentifier prf) + { + this(salt, iterationCount); + this.prf = prf; + } + private PBKDF2Params( ASN1Sequence seq) { @@ -63,24 +135,57 @@ public class PBKDF2Params if (e.hasMoreElements()) { - keyLength = (ASN1Integer)e.nextElement(); - } - else - { - keyLength = null; + Object o = e.nextElement(); + + if (o instanceof ASN1Integer) + { + keyLength = ASN1Integer.getInstance(o); + if (e.hasMoreElements()) + { + o = e.nextElement(); + } + else + { + o = null; + } + } + else + { + keyLength = null; + } + + if (o != null) + { + prf = AlgorithmIdentifier.getInstance(o); + } } } + /** + * Return the salt to use. + * + * @return the input salt. + */ public byte[] getSalt() { return octStr.getOctets(); } + /** + * Return the iteration count to use. + * + * @return the input iteration count. + */ public BigInteger getIterationCount() { return iterationCount.getValue(); } + /** + * Return the intended length in octets of the derived key. + * + * @return length in octets for derived key, if specified. + */ public BigInteger getKeyLength() { if (keyLength != null) @@ -91,6 +196,36 @@ public class PBKDF2Params return null; } + /** + * Return true if the PRF is the default (hmacWithSHA1) + * + * @return true if PRF is default, false otherwise. + */ + public boolean isDefaultPrf() + { + return prf == null || prf.equals(algid_hmacWithSHA1); + } + + /** + * Return the algId of the underlying pseudo random function to use. + * + * @return the prf algorithm identifier. + */ + public AlgorithmIdentifier getPrf() + { + if (prf != null) + { + return prf; + } + + return algid_hmacWithSHA1; + } + + /** + * Return an ASN.1 structure suitable for encoding. + * + * @return the object as an ASN.1 encodable structure. + */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); @@ -103,6 +238,11 @@ public class PBKDF2Params v.add(keyLength); } + if (prf != null && !prf.equals(algid_hmacWithSHA1)) + { + v.add(prf); + } + return new DERSequence(v); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java index 405d0b4..05fced0 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java @@ -2,257 +2,389 @@ package org.bouncycastle.asn1.pkcs; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * pkcs-1 OBJECT IDENTIFIER ::=<p> + * { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } + * + */ public interface PKCSObjectIdentifiers { - // - // pkcs-1 OBJECT IDENTIFIER ::= { - // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } - // + /** PKCS#1: 1.2.840.113549.1.1 */ static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); + /** PKCS#1: 1.2.840.113549.1.1.1 */ static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); + /** PKCS#1: 1.2.840.113549.1.1.2 */ static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); + /** PKCS#1: 1.2.840.113549.1.1.3 */ static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); + /** PKCS#1: 1.2.840.113549.1.1.4 */ static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); + /** PKCS#1: 1.2.840.113549.1.1.5 */ static final ASN1ObjectIdentifier sha1WithRSAEncryption = pkcs_1.branch("5"); + /** PKCS#1: 1.2.840.113549.1.1.6 */ static final ASN1ObjectIdentifier srsaOAEPEncryptionSET = pkcs_1.branch("6"); + /** PKCS#1: 1.2.840.113549.1.1.7 */ static final ASN1ObjectIdentifier id_RSAES_OAEP = pkcs_1.branch("7"); + /** PKCS#1: 1.2.840.113549.1.1.8 */ static final ASN1ObjectIdentifier id_mgf1 = pkcs_1.branch("8"); + /** PKCS#1: 1.2.840.113549.1.1.9 */ static final ASN1ObjectIdentifier id_pSpecified = pkcs_1.branch("9"); + /** PKCS#1: 1.2.840.113549.1.1.10 */ static final ASN1ObjectIdentifier id_RSASSA_PSS = pkcs_1.branch("10"); + /** PKCS#1: 1.2.840.113549.1.1.11 */ static final ASN1ObjectIdentifier sha256WithRSAEncryption = pkcs_1.branch("11"); + /** PKCS#1: 1.2.840.113549.1.1.12 */ static final ASN1ObjectIdentifier sha384WithRSAEncryption = pkcs_1.branch("12"); + /** PKCS#1: 1.2.840.113549.1.1.13 */ static final ASN1ObjectIdentifier sha512WithRSAEncryption = pkcs_1.branch("13"); + /** PKCS#1: 1.2.840.113549.1.1.14 */ static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); // // pkcs-3 OBJECT IDENTIFIER ::= { // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 3 } // + /** PKCS#3: 1.2.840.113549.1.3 */ static final ASN1ObjectIdentifier pkcs_3 = new ASN1ObjectIdentifier("1.2.840.113549.1.3"); + /** PKCS#3: 1.2.840.113549.1.3.1 */ static final ASN1ObjectIdentifier dhKeyAgreement = pkcs_3.branch("1"); // // pkcs-5 OBJECT IDENTIFIER ::= { // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } // + /** PKCS#5: 1.2.840.113549.1.5 */ static final ASN1ObjectIdentifier pkcs_5 = new ASN1ObjectIdentifier("1.2.840.113549.1.5"); + /** PKCS#5: 1.2.840.113549.1.5.1 */ static final ASN1ObjectIdentifier pbeWithMD2AndDES_CBC = pkcs_5.branch("1"); + /** PKCS#5: 1.2.840.113549.1.5.4 */ static final ASN1ObjectIdentifier pbeWithMD2AndRC2_CBC = pkcs_5.branch("4"); + /** PKCS#5: 1.2.840.113549.1.5.3 */ static final ASN1ObjectIdentifier pbeWithMD5AndDES_CBC = pkcs_5.branch("3"); + /** PKCS#5: 1.2.840.113549.1.5.6 */ static final ASN1ObjectIdentifier pbeWithMD5AndRC2_CBC = pkcs_5.branch("6"); + /** PKCS#5: 1.2.840.113549.1.5.10 */ static final ASN1ObjectIdentifier pbeWithSHA1AndDES_CBC = pkcs_5.branch("10"); + /** PKCS#5: 1.2.840.113549.1.5.11 */ static final ASN1ObjectIdentifier pbeWithSHA1AndRC2_CBC = pkcs_5.branch("11"); - + /** PKCS#5: 1.2.840.113549.1.5.13 */ static final ASN1ObjectIdentifier id_PBES2 = pkcs_5.branch("13"); - + /** PKCS#5: 1.2.840.113549.1.5.12 */ static final ASN1ObjectIdentifier id_PBKDF2 = pkcs_5.branch("12"); // // encryptionAlgorithm OBJECT IDENTIFIER ::= { // iso(1) member-body(2) us(840) rsadsi(113549) 3 } // + /** 1.2.840.113549.3 */ static final ASN1ObjectIdentifier encryptionAlgorithm = new ASN1ObjectIdentifier("1.2.840.113549.3"); + /** 1.2.840.113549.3.7 */ static final ASN1ObjectIdentifier des_EDE3_CBC = encryptionAlgorithm.branch("7"); + /** 1.2.840.113549.3.2 */ static final ASN1ObjectIdentifier RC2_CBC = encryptionAlgorithm.branch("2"); + /** 1.2.840.113549.3.4 */ static final ASN1ObjectIdentifier rc4 = encryptionAlgorithm.branch("4"); // // object identifiers for digests // + /** 1.2.840.113549.2 */ static final ASN1ObjectIdentifier digestAlgorithm = new ASN1ObjectIdentifier("1.2.840.113549.2"); // // md2 OBJECT IDENTIFIER ::= // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} // + /** 1.2.840.113549.2.2 */ static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); // // md4 OBJECT IDENTIFIER ::= // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} // - static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); + /** 1.2.840.113549.2.4 */ + static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); // // md5 OBJECT IDENTIFIER ::= // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 5} // - static final ASN1ObjectIdentifier md5 = digestAlgorithm.branch("5"); + /** 1.2.840.113549.2.5 */ + static final ASN1ObjectIdentifier md5 = digestAlgorithm.branch("5"); - static final ASN1ObjectIdentifier id_hmacWithSHA1 = digestAlgorithm.branch("7"); - static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); - static final ASN1ObjectIdentifier id_hmacWithSHA256 = digestAlgorithm.branch("9"); - static final ASN1ObjectIdentifier id_hmacWithSHA384 = digestAlgorithm.branch("10"); - static final ASN1ObjectIdentifier id_hmacWithSHA512 = digestAlgorithm.branch("11"); + /** 1.2.840.113549.2.7 */ + static final ASN1ObjectIdentifier id_hmacWithSHA1 = digestAlgorithm.branch("7"); + /** 1.2.840.113549.2.8 */ + static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); + /** 1.2.840.113549.2.9 */ + static final ASN1ObjectIdentifier id_hmacWithSHA256 = digestAlgorithm.branch("9"); + /** 1.2.840.113549.2.10 */ + static final ASN1ObjectIdentifier id_hmacWithSHA384 = digestAlgorithm.branch("10"); + /** 1.2.840.113549.2.11 */ + static final ASN1ObjectIdentifier id_hmacWithSHA512 = digestAlgorithm.branch("11"); // // pkcs-7 OBJECT IDENTIFIER ::= { // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 7 } // - static final String pkcs_7 = "1.2.840.113549.1.7"; - static final ASN1ObjectIdentifier data = new ASN1ObjectIdentifier(pkcs_7 + ".1"); - static final ASN1ObjectIdentifier signedData = new ASN1ObjectIdentifier(pkcs_7 + ".2"); - static final ASN1ObjectIdentifier envelopedData = new ASN1ObjectIdentifier(pkcs_7 + ".3"); - static final ASN1ObjectIdentifier signedAndEnvelopedData = new ASN1ObjectIdentifier(pkcs_7 + ".4"); - static final ASN1ObjectIdentifier digestedData = new ASN1ObjectIdentifier(pkcs_7 + ".5"); - static final ASN1ObjectIdentifier encryptedData = new ASN1ObjectIdentifier(pkcs_7 + ".6"); + /** pkcs#7: 1.2.840.113549.1.7 */ + static final ASN1ObjectIdentifier pkcs_7 = new ASN1ObjectIdentifier("1.2.840.113549.1.7"); + /** PKCS#7: 1.2.840.113549.1.7.1 */ + static final ASN1ObjectIdentifier data = new ASN1ObjectIdentifier("1.2.840.113549.1.7.1"); + /** PKCS#7: 1.2.840.113549.1.7.2 */ + static final ASN1ObjectIdentifier signedData = new ASN1ObjectIdentifier("1.2.840.113549.1.7.2"); + /** PKCS#7: 1.2.840.113549.1.7.3 */ + static final ASN1ObjectIdentifier envelopedData = new ASN1ObjectIdentifier("1.2.840.113549.1.7.3"); + /** PKCS#7: 1.2.840.113549.1.7.4 */ + static final ASN1ObjectIdentifier signedAndEnvelopedData = new ASN1ObjectIdentifier("1.2.840.113549.1.7.4"); + /** PKCS#7: 1.2.840.113549.1.7.5 */ + static final ASN1ObjectIdentifier digestedData = new ASN1ObjectIdentifier("1.2.840.113549.1.7.5"); + /** PKCS#7: 1.2.840.113549.1.7.76 */ + static final ASN1ObjectIdentifier encryptedData = new ASN1ObjectIdentifier("1.2.840.113549.1.7.6"); // // pkcs-9 OBJECT IDENTIFIER ::= { // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } // + /** PKCS#9: 1.2.840.113549.1.9 */ static final ASN1ObjectIdentifier pkcs_9 = new ASN1ObjectIdentifier("1.2.840.113549.1.9"); - static final ASN1ObjectIdentifier pkcs_9_at_emailAddress = pkcs_9.branch("1"); - static final ASN1ObjectIdentifier pkcs_9_at_unstructuredName = pkcs_9.branch("2"); - static final ASN1ObjectIdentifier pkcs_9_at_contentType = pkcs_9.branch("3"); - static final ASN1ObjectIdentifier pkcs_9_at_messageDigest = pkcs_9.branch("4"); - static final ASN1ObjectIdentifier pkcs_9_at_signingTime = pkcs_9.branch("5"); - static final ASN1ObjectIdentifier pkcs_9_at_counterSignature = pkcs_9.branch("6"); - static final ASN1ObjectIdentifier pkcs_9_at_challengePassword = pkcs_9.branch("7"); + /** PKCS#9: 1.2.840.113549.1.9.1 */ + static final ASN1ObjectIdentifier pkcs_9_at_emailAddress = pkcs_9.branch("1"); + /** PKCS#9: 1.2.840.113549.1.9.2 */ + static final ASN1ObjectIdentifier pkcs_9_at_unstructuredName = pkcs_9.branch("2"); + /** PKCS#9: 1.2.840.113549.1.9.3 */ + static final ASN1ObjectIdentifier pkcs_9_at_contentType = pkcs_9.branch("3"); + /** PKCS#9: 1.2.840.113549.1.9.4 */ + static final ASN1ObjectIdentifier pkcs_9_at_messageDigest = pkcs_9.branch("4"); + /** PKCS#9: 1.2.840.113549.1.9.5 */ + static final ASN1ObjectIdentifier pkcs_9_at_signingTime = pkcs_9.branch("5"); + /** PKCS#9: 1.2.840.113549.1.9.6 */ + static final ASN1ObjectIdentifier pkcs_9_at_counterSignature = pkcs_9.branch("6"); + /** PKCS#9: 1.2.840.113549.1.9.7 */ + static final ASN1ObjectIdentifier pkcs_9_at_challengePassword = pkcs_9.branch("7"); + /** PKCS#9: 1.2.840.113549.1.9.8 */ static final ASN1ObjectIdentifier pkcs_9_at_unstructuredAddress = pkcs_9.branch("8"); + /** PKCS#9: 1.2.840.113549.1.9.9 */ static final ASN1ObjectIdentifier pkcs_9_at_extendedCertificateAttributes = pkcs_9.branch("9"); + /** PKCS#9: 1.2.840.113549.1.9.13 */ static final ASN1ObjectIdentifier pkcs_9_at_signingDescription = pkcs_9.branch("13"); - static final ASN1ObjectIdentifier pkcs_9_at_extensionRequest = pkcs_9.branch("14"); - static final ASN1ObjectIdentifier pkcs_9_at_smimeCapabilities = pkcs_9.branch("15"); - + /** PKCS#9: 1.2.840.113549.1.9.14 */ + static final ASN1ObjectIdentifier pkcs_9_at_extensionRequest = pkcs_9.branch("14"); + /** PKCS#9: 1.2.840.113549.1.9.15 */ + static final ASN1ObjectIdentifier pkcs_9_at_smimeCapabilities = pkcs_9.branch("15"); + /** PKCS#9: 1.2.840.113549.1.9.16 */ + static final ASN1ObjectIdentifier id_smime = pkcs_9.branch("16"); + + /** PKCS#9: 1.2.840.113549.1.9.20 */ static final ASN1ObjectIdentifier pkcs_9_at_friendlyName = pkcs_9.branch("20"); + /** PKCS#9: 1.2.840.113549.1.9.21 */ static final ASN1ObjectIdentifier pkcs_9_at_localKeyId = pkcs_9.branch("21"); - /** @deprecated use x509Certificate instead */ + /** PKCS#9: 1.2.840.113549.1.9.22.1 + * @deprecated use x509Certificate instead */ static final ASN1ObjectIdentifier x509certType = pkcs_9.branch("22.1"); + /** PKCS#9: 1.2.840.113549.1.9.22 */ static final ASN1ObjectIdentifier certTypes = pkcs_9.branch("22"); + /** PKCS#9: 1.2.840.113549.1.9.22.1 */ static final ASN1ObjectIdentifier x509Certificate = certTypes.branch("1"); + /** PKCS#9: 1.2.840.113549.1.9.22.2 */ static final ASN1ObjectIdentifier sdsiCertificate = certTypes.branch("2"); + /** PKCS#9: 1.2.840.113549.1.9.23 */ static final ASN1ObjectIdentifier crlTypes = pkcs_9.branch("23"); + /** PKCS#9: 1.2.840.113549.1.9.23.1 */ static final ASN1ObjectIdentifier x509Crl = crlTypes.branch("1"); - static final ASN1ObjectIdentifier id_alg_PWRI_KEK = pkcs_9.branch("16.3.9"); - // // SMIME capability sub oids. // + /** PKCS#9: 1.2.840.113549.1.9.15.1 -- smime capability */ static final ASN1ObjectIdentifier preferSignedData = pkcs_9.branch("15.1"); + /** PKCS#9: 1.2.840.113549.1.9.15.2 -- smime capability */ static final ASN1ObjectIdentifier canNotDecryptAny = pkcs_9.branch("15.2"); + /** PKCS#9: 1.2.840.113549.1.9.15.3 -- smime capability */ static final ASN1ObjectIdentifier sMIMECapabilitiesVersions = pkcs_9.branch("15.3"); // // id-ct OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1)} // + /** PKCS#9: 1.2.840.113549.1.9.16.1 -- smime ct */ static final ASN1ObjectIdentifier id_ct = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.1"); + /** PKCS#9: 1.2.840.113549.1.9.16.1.2 -- smime ct authData */ static final ASN1ObjectIdentifier id_ct_authData = id_ct.branch("2"); + /** PKCS#9: 1.2.840.113549.1.9.16.1.4 -- smime ct TSTInfo*/ static final ASN1ObjectIdentifier id_ct_TSTInfo = id_ct.branch("4"); + /** PKCS#9: 1.2.840.113549.1.9.16.1.9 -- smime ct compressedData */ static final ASN1ObjectIdentifier id_ct_compressedData = id_ct.branch("9"); + /** PKCS#9: 1.2.840.113549.1.9.16.1.23 -- smime ct authEnvelopedData */ static final ASN1ObjectIdentifier id_ct_authEnvelopedData = id_ct.branch("23"); + /** PKCS#9: 1.2.840.113549.1.9.16.1.31 -- smime ct timestampedData*/ static final ASN1ObjectIdentifier id_ct_timestampedData = id_ct.branch("31"); + + /** S/MIME: Algorithm Identifiers ; 1.2.840.113549.1.9.16.3 */ + static final ASN1ObjectIdentifier id_alg = id_smime.branch("3"); + /** PKCS#9: 1.2.840.113549.1.9.16.3.9 */ + static final ASN1ObjectIdentifier id_alg_PWRI_KEK = id_alg.branch("9"); + // // id-cti OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6)} // + /** PKCS#9: 1.2.840.113549.1.9.16.6 -- smime cti */ static final ASN1ObjectIdentifier id_cti = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.6"); - static final ASN1ObjectIdentifier id_cti_ets_proofOfOrigin = id_cti.branch("1"); - static final ASN1ObjectIdentifier id_cti_ets_proofOfReceipt = id_cti.branch("2"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.1 -- smime cti proofOfOrigin */ + static final ASN1ObjectIdentifier id_cti_ets_proofOfOrigin = id_cti.branch("1"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2 -- smime cti proofOfReceipt*/ + static final ASN1ObjectIdentifier id_cti_ets_proofOfReceipt = id_cti.branch("2"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.3 -- smime cti proofOfDelivery */ static final ASN1ObjectIdentifier id_cti_ets_proofOfDelivery = id_cti.branch("3"); - static final ASN1ObjectIdentifier id_cti_ets_proofOfSender = id_cti.branch("4"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.4 -- smime cti proofOfSender */ + static final ASN1ObjectIdentifier id_cti_ets_proofOfSender = id_cti.branch("4"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.5 -- smime cti proofOfApproval */ static final ASN1ObjectIdentifier id_cti_ets_proofOfApproval = id_cti.branch("5"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.6 -- smime cti proofOfCreation */ static final ASN1ObjectIdentifier id_cti_ets_proofOfCreation = id_cti.branch("6"); // // id-aa OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) attributes(2)} // + /** PKCS#9: 1.2.840.113549.1.9.16.6.2 - smime attributes */ static final ASN1ObjectIdentifier id_aa = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.1 -- smime attribute receiptRequest */ static final ASN1ObjectIdentifier id_aa_receiptRequest = id_aa.branch("1"); - static final ASN1ObjectIdentifier id_aa_contentHint = id_aa.branch("4"); // See RFC 2634 - static final ASN1ObjectIdentifier id_aa_msgSigDigest = id_aa.branch("5"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.4 - See <a href="http://tools.ietf.org/html/rfc2634">RFC 2634</a> */ + static final ASN1ObjectIdentifier id_aa_contentHint = id_aa.branch("4"); // See RFC 2634 + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.5 */ + static final ASN1ObjectIdentifier id_aa_msgSigDigest = id_aa.branch("5"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.10 */ static final ASN1ObjectIdentifier id_aa_contentReference = id_aa.branch("10"); /* * id-aa-encrypKeyPref OBJECT IDENTIFIER ::= {id-aa 11} * */ - static final ASN1ObjectIdentifier id_aa_encrypKeyPref = id_aa.branch("11"); - static final ASN1ObjectIdentifier id_aa_signingCertificate = id_aa.branch("12"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.11 */ + static final ASN1ObjectIdentifier id_aa_encrypKeyPref = id_aa.branch("11"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.12 */ + static final ASN1ObjectIdentifier id_aa_signingCertificate = id_aa.branch("12"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.47 */ static final ASN1ObjectIdentifier id_aa_signingCertificateV2 = id_aa.branch("47"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.7 - See <a href="http://tools.ietf.org/html/rfc2634">RFC 2634</a> */ static final ASN1ObjectIdentifier id_aa_contentIdentifier = id_aa.branch("7"); // See RFC 2634 /* * RFC 3126 */ + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.14 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_signatureTimeStampToken = id_aa.branch("14"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.15 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_sigPolicyId = id_aa.branch("15"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.16 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_commitmentType = id_aa.branch("16"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.17 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_signerLocation = id_aa.branch("17"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.18 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_signerAttr = id_aa.branch("18"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.19 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_otherSigCert = id_aa.branch("19"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.20 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_contentTimestamp = id_aa.branch("20"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.21 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_certificateRefs = id_aa.branch("21"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.22 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_revocationRefs = id_aa.branch("22"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.23 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_certValues = id_aa.branch("23"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.24 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_revocationValues = id_aa.branch("24"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.25 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_escTimeStamp = id_aa.branch("25"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.26 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_certCRLTimestamp = id_aa.branch("26"); + /** PKCS#9: 1.2.840.113549.1.9.16.6.2.27 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */ static final ASN1ObjectIdentifier id_aa_ets_archiveTimestamp = id_aa.branch("27"); /** @deprecated use id_aa_ets_sigPolicyId instead */ - static final ASN1ObjectIdentifier id_aa_sigPolicyId = id_aa_ets_sigPolicyId; + static final ASN1ObjectIdentifier id_aa_sigPolicyId = id_aa_ets_sigPolicyId; /** @deprecated use id_aa_ets_commitmentType instead */ static final ASN1ObjectIdentifier id_aa_commitmentType = id_aa_ets_commitmentType; /** @deprecated use id_aa_ets_signerLocation instead */ static final ASN1ObjectIdentifier id_aa_signerLocation = id_aa_ets_signerLocation; /** @deprecated use id_aa_ets_otherSigCert instead */ - static final ASN1ObjectIdentifier id_aa_otherSigCert = id_aa_ets_otherSigCert; + static final ASN1ObjectIdentifier id_aa_otherSigCert = id_aa_ets_otherSigCert; - // - // id-spq OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) - // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-spq(5)} - // + /** + * id-spq OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) + * rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-spq(5)}; <p> + * 1.2.840.113549.1.9.16.5 + */ final String id_spq = "1.2.840.113549.1.9.16.5"; - static final ASN1ObjectIdentifier id_spq_ets_uri = new ASN1ObjectIdentifier(id_spq + ".1"); + /** SMIME SPQ URI: 1.2.840.113549.1.9.16.5.1 */ + static final ASN1ObjectIdentifier id_spq_ets_uri = new ASN1ObjectIdentifier(id_spq + ".1"); + /** SMIME SPQ UNOTICE: 1.2.840.113549.1.9.16.5.2 */ static final ASN1ObjectIdentifier id_spq_ets_unotice = new ASN1ObjectIdentifier(id_spq + ".2"); // // pkcs-12 OBJECT IDENTIFIER ::= { // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } // + /** PKCS#12: 1.2.840.113549.1.12 */ static final ASN1ObjectIdentifier pkcs_12 = new ASN1ObjectIdentifier("1.2.840.113549.1.12"); + /** PKCS#12: 1.2.840.113549.1.12.10.1 */ static final ASN1ObjectIdentifier bagtypes = pkcs_12.branch("10.1"); + /** PKCS#12: 1.2.840.113549.1.12.10.1.1 */ static final ASN1ObjectIdentifier keyBag = bagtypes.branch("1"); + /** PKCS#12: 1.2.840.113549.1.12.10.1.2 */ static final ASN1ObjectIdentifier pkcs8ShroudedKeyBag = bagtypes.branch("2"); + /** PKCS#12: 1.2.840.113549.1.12.10.1.3 */ static final ASN1ObjectIdentifier certBag = bagtypes.branch("3"); + /** PKCS#12: 1.2.840.113549.1.12.10.1.4 */ static final ASN1ObjectIdentifier crlBag = bagtypes.branch("4"); + /** PKCS#12: 1.2.840.113549.1.12.10.1.5 */ static final ASN1ObjectIdentifier secretBag = bagtypes.branch("5"); + /** PKCS#12: 1.2.840.113549.1.12.10.1.6 */ static final ASN1ObjectIdentifier safeContentsBag = bagtypes.branch("6"); - static final ASN1ObjectIdentifier pkcs_12PbeIds = pkcs_12.branch("1"); + /** PKCS#12: 1.2.840.113549.1.12.1 */ + static final ASN1ObjectIdentifier pkcs_12PbeIds = pkcs_12.branch("1"); - static final ASN1ObjectIdentifier pbeWithSHAAnd128BitRC4 = pkcs_12PbeIds.branch("1"); - static final ASN1ObjectIdentifier pbeWithSHAAnd40BitRC4 = pkcs_12PbeIds.branch("2"); + /** PKCS#12: 1.2.840.113549.1.12.1.1 */ + static final ASN1ObjectIdentifier pbeWithSHAAnd128BitRC4 = pkcs_12PbeIds.branch("1"); + /** PKCS#12: 1.2.840.113549.1.12.1.2 */ + static final ASN1ObjectIdentifier pbeWithSHAAnd40BitRC4 = pkcs_12PbeIds.branch("2"); + /** PKCS#12: 1.2.840.113549.1.12.1.3 */ static final ASN1ObjectIdentifier pbeWithSHAAnd3_KeyTripleDES_CBC = pkcs_12PbeIds.branch("3"); + /** PKCS#12: 1.2.840.113549.1.12.1.4 */ static final ASN1ObjectIdentifier pbeWithSHAAnd2_KeyTripleDES_CBC = pkcs_12PbeIds.branch("4"); - static final ASN1ObjectIdentifier pbeWithSHAAnd128BitRC2_CBC = pkcs_12PbeIds.branch("5"); - static final ASN1ObjectIdentifier pbeWithSHAAnd40BitRC2_CBC = pkcs_12PbeIds.branch("6"); + /** PKCS#12: 1.2.840.113549.1.12.1.5 */ + static final ASN1ObjectIdentifier pbeWithSHAAnd128BitRC2_CBC = pkcs_12PbeIds.branch("5"); + /** PKCS#12: 1.2.840.113549.1.12.1.6 */ + static final ASN1ObjectIdentifier pbeWithSHAAnd40BitRC2_CBC = pkcs_12PbeIds.branch("6"); /** + * PKCS#12: 1.2.840.113549.1.12.1.6 * @deprecated use pbeWithSHAAnd40BitRC2_CBC */ static final ASN1ObjectIdentifier pbewithSHAAnd40BitRC2_CBC = pkcs_12PbeIds.branch("6"); + /** PKCS#9: 1.2.840.113549.1.9.16.3.6 */ static final ASN1ObjectIdentifier id_alg_CMS3DESwrap = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"); - static final ASN1ObjectIdentifier id_alg_CMSRC2wrap = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.7"); + /** PKCS#9: 1.2.840.113549.1.9.16.3.7 */ + static final ASN1ObjectIdentifier id_alg_CMSRC2wrap = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.7"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java index 515b515..e707fd1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java @@ -57,7 +57,11 @@ public class RSAESOAEPparams this.maskGenAlgorithm = maskGenAlgorithm; this.pSourceAlgorithm = pSourceAlgorithm; } - + + /** + * @deprecated use getInstance() + * @param seq + */ public RSAESOAEPparams( ASN1Sequence seq) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html deleted file mode 100644 index ab800f4..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting the various RSA PKCS documents. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java index 4bf6b2b..df2238a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java @@ -62,7 +62,7 @@ public class ECPrivateKey public ECPrivateKey( BigInteger key, - ASN1Object parameters) + ASN1Encodable parameters) { this(key, null, parameters); } @@ -70,7 +70,7 @@ public class ECPrivateKey public ECPrivateKey( BigInteger key, DERBitString publicKey, - ASN1Object parameters) + ASN1Encodable parameters) { byte[] bytes = BigIntegers.asUnsignedByteArray(key); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java index 44c811b..50a7a63 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java @@ -15,6 +15,21 @@ import org.bouncycastle.util.encoders.Hex; public class SECNamedCurves { + private static ECCurve configureCurve(ECCurve curve) + { +// int coord = ECCurve.COORD_JACOBIAN_MODIFIED; +// +// if (curve.getCoordinateSystem() != coord && curve.supportsCoordinateSystem(coord)) +// { +// return curve.configure() +// .setCoordinateSystem(coord) +//// .setMultiplier(new WNafL2RMultiplier()) +// .create(); +// } + + return curve; + } + private static BigInteger fromHex( String hex) { @@ -36,7 +51,7 @@ public class SECNamedCurves BigInteger n = fromHex("DB7C2ABF62E35E7628DFAC6561C5"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "09487239995A5EE76B55F9C2F098")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -62,7 +77,7 @@ public class SECNamedCurves BigInteger n = fromHex("36DF0AAFD8B8D7597CA10520D04B"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "4BA30AB5E892B4E1649DD0928643")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -88,7 +103,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFE0000000075A30D1B9038A115"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "161FF7528B899B2D0C28607CA52C5B86")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -114,7 +129,7 @@ public class SECNamedCurves BigInteger n = fromHex("3FFFFFFF7FFFFFFFBE0024720613B5A3"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "7B6AA5D85E572983E6FB32A7CDEBC140")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -140,7 +155,7 @@ public class SECNamedCurves BigInteger n = fromHex("0100000000000000000001B8FA16DFAB9ACA16B6B3"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); // ECPoint G = curve.decodePoint(Hex.decode("02" // + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -166,7 +181,7 @@ public class SECNamedCurves BigInteger n = fromHex("0100000000000000000001F4C8F927AED3CA752257"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "4A96B5688EF573284664698968C38BB913CBFC82")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -192,7 +207,7 @@ public class SECNamedCurves BigInteger n = fromHex("0100000000000000000000351EE786A818F3A1A16B"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "52DCB034293A117E1F4FF11B30F7199D3144CE6D")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -218,7 +233,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -244,7 +259,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -270,7 +285,7 @@ public class SECNamedCurves BigInteger n = fromHex("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -296,7 +311,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -322,7 +337,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -348,7 +363,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -374,7 +389,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -400,7 +415,8 @@ public class SECNamedCurves BigInteger n = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = new ECCurve.Fp(p, a, b); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -410,7 +426,7 @@ public class SECNamedCurves return new X9ECParameters(curve, G, n, h, S); } }; - + /* * sect113r1 */ @@ -427,7 +443,7 @@ public class SECNamedCurves BigInteger n = fromHex("0100000000000000D9CCEC8A39E56F"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "009D73616F35F4AB1407D73562C10F")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -454,7 +470,7 @@ public class SECNamedCurves BigInteger n = fromHex("010000000000000108789B2496AF93"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "01A57A6A7B26CA5EF52FCDB8164797")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -483,7 +499,7 @@ public class SECNamedCurves BigInteger n = fromHex("0400000000000000023123953A9464B54D"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "0081BAF91FDF9833C40F9C181343638399")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -512,7 +528,7 @@ public class SECNamedCurves BigInteger n = fromHex("0400000000000000016954A233049BA98F"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "0356DCD8F2F95031AD652D23951BB366A8")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -541,7 +557,7 @@ public class SECNamedCurves BigInteger n = fromHex("04000000000000000000020108A2E0CC0D99F8A5EF"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -570,7 +586,7 @@ public class SECNamedCurves BigInteger n = fromHex("03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "0369979697AB43897789566789567F787A7876A654")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -599,7 +615,7 @@ public class SECNamedCurves BigInteger n = fromHex("040000000000000000000292FE77E70C12A4234C33"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "03F0EBA16286A2D57EA0991168D4994637E8343E36")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -626,7 +642,7 @@ public class SECNamedCurves BigInteger n = fromHex("01000000000000000000000000C7F34A778F443ACC920EBA49"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -653,7 +669,7 @@ public class SECNamedCurves BigInteger n = fromHex("010000000000000000000000015AAB561B005413CCD4EE99D5"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -680,7 +696,7 @@ public class SECNamedCurves BigInteger n = fromHex("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -707,7 +723,7 @@ public class SECNamedCurves BigInteger n = fromHex("01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -734,7 +750,7 @@ public class SECNamedCurves BigInteger n = fromHex("2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -763,7 +779,7 @@ public class SECNamedCurves BigInteger n = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -792,7 +808,7 @@ public class SECNamedCurves BigInteger n = fromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -819,7 +835,7 @@ public class SECNamedCurves BigInteger n = fromHex("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -846,7 +862,7 @@ public class SECNamedCurves BigInteger n = fromHex("010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -875,7 +891,7 @@ public class SECNamedCurves BigInteger n = fromHex("020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -904,7 +920,7 @@ public class SECNamedCurves BigInteger n = fromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47"); BigInteger h = BigInteger.valueOf(2); - ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); + ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19")); ECPoint G = curve.decodePoint(Hex.decode("04" diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java index 8b19cd6..fb60aca 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java @@ -3,48 +3,85 @@ package org.bouncycastle.asn1.sec; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +/** + * Certicom object identifiers + * <pre> + * ellipticCurve OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) + * } + * </pre> + */ public interface SECObjectIdentifiers { - /** - * ellipticCurve OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) curve(0) - * } - */ + /** Base OID: 1.3.132.0 */ static final ASN1ObjectIdentifier ellipticCurve = new ASN1ObjectIdentifier("1.3.132.0"); + /** sect163k1 OID: 1.3.132.0.1 */ static final ASN1ObjectIdentifier sect163k1 = ellipticCurve.branch("1"); + /** sect163r1 OID: 1.3.132.0.2 */ static final ASN1ObjectIdentifier sect163r1 = ellipticCurve.branch("2"); + /** sect239k1 OID: 1.3.132.0.3 */ static final ASN1ObjectIdentifier sect239k1 = ellipticCurve.branch("3"); + /** sect113r1 OID: 1.3.132.0.4 */ static final ASN1ObjectIdentifier sect113r1 = ellipticCurve.branch("4"); + /** sect113r2 OID: 1.3.132.0.5 */ static final ASN1ObjectIdentifier sect113r2 = ellipticCurve.branch("5"); + /** secp112r1 OID: 1.3.132.0.6 */ static final ASN1ObjectIdentifier secp112r1 = ellipticCurve.branch("6"); + /** secp112r2 OID: 1.3.132.0.7 */ static final ASN1ObjectIdentifier secp112r2 = ellipticCurve.branch("7"); + /** secp160r1 OID: 1.3.132.0.8 */ static final ASN1ObjectIdentifier secp160r1 = ellipticCurve.branch("8"); + /** secp160k1 OID: 1.3.132.0.9 */ static final ASN1ObjectIdentifier secp160k1 = ellipticCurve.branch("9"); + /** secp256k1 OID: 1.3.132.0.10 */ static final ASN1ObjectIdentifier secp256k1 = ellipticCurve.branch("10"); + /** sect163r2 OID: 1.3.132.0.15 */ static final ASN1ObjectIdentifier sect163r2 = ellipticCurve.branch("15"); + /** sect283k1 OID: 1.3.132.0.16 */ static final ASN1ObjectIdentifier sect283k1 = ellipticCurve.branch("16"); + /** sect283r1 OID: 1.3.132.0.17 */ static final ASN1ObjectIdentifier sect283r1 = ellipticCurve.branch("17"); + /** sect131r1 OID: 1.3.132.0.22 */ static final ASN1ObjectIdentifier sect131r1 = ellipticCurve.branch("22"); + /** sect131r2 OID: 1.3.132.0.23 */ static final ASN1ObjectIdentifier sect131r2 = ellipticCurve.branch("23"); + /** sect193r1 OID: 1.3.132.0.24 */ static final ASN1ObjectIdentifier sect193r1 = ellipticCurve.branch("24"); + /** sect193r2 OID: 1.3.132.0.25 */ static final ASN1ObjectIdentifier sect193r2 = ellipticCurve.branch("25"); + /** sect233k1 OID: 1.3.132.0.26 */ static final ASN1ObjectIdentifier sect233k1 = ellipticCurve.branch("26"); + /** sect233r1 OID: 1.3.132.0.27 */ static final ASN1ObjectIdentifier sect233r1 = ellipticCurve.branch("27"); + /** secp128r1 OID: 1.3.132.0.28 */ static final ASN1ObjectIdentifier secp128r1 = ellipticCurve.branch("28"); + /** secp128r2 OID: 1.3.132.0.29 */ static final ASN1ObjectIdentifier secp128r2 = ellipticCurve.branch("29"); + /** secp160r2 OID: 1.3.132.0.30 */ static final ASN1ObjectIdentifier secp160r2 = ellipticCurve.branch("30"); + /** secp192k1 OID: 1.3.132.0.31 */ static final ASN1ObjectIdentifier secp192k1 = ellipticCurve.branch("31"); + /** secp224k1 OID: 1.3.132.0.32 */ static final ASN1ObjectIdentifier secp224k1 = ellipticCurve.branch("32"); + /** secp224r1 OID: 1.3.132.0.33 */ static final ASN1ObjectIdentifier secp224r1 = ellipticCurve.branch("33"); + /** secp384r1 OID: 1.3.132.0.34 */ static final ASN1ObjectIdentifier secp384r1 = ellipticCurve.branch("34"); + /** secp521r1 OID: 1.3.132.0.35 */ static final ASN1ObjectIdentifier secp521r1 = ellipticCurve.branch("35"); + /** sect409k1 OID: 1.3.132.0.36 */ static final ASN1ObjectIdentifier sect409k1 = ellipticCurve.branch("36"); + /** sect409r1 OID: 1.3.132.0.37 */ static final ASN1ObjectIdentifier sect409r1 = ellipticCurve.branch("37"); + /** sect571k1 OID: 1.3.132.0.38 */ static final ASN1ObjectIdentifier sect571k1 = ellipticCurve.branch("38"); + /** sect571r1 OID: 1.3.132.0.39 */ static final ASN1ObjectIdentifier sect571r1 = ellipticCurve.branch("39"); + /** secp192r1 OID: 1.3.132.0.prime192v1 */ static final ASN1ObjectIdentifier secp192r1 = X9ObjectIdentifiers.prime192v1; + /** secp256r1 OID: 1.3.132.0.prime256v1 */ static final ASN1ObjectIdentifier secp256r1 = X9ObjectIdentifiers.prime256v1; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html deleted file mode 100644 index 5e34dec..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Classes for support of the SEC standard for Elliptic Curve. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html deleted file mode 100644 index d527aba..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting S/MIME. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java index 17f0491..ba2f19e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java @@ -17,14 +17,19 @@ import org.bouncycastle.util.encoders.Hex; */ public class TeleTrusTNamedCurves { + private static ECCurve configureCurve(ECCurve curve) + { + return curve; + } + static X9ECParametersHolder brainpoolP160r1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q new BigInteger("340E7BE2A280EB74E2BE61BADA745D97E8F7C300", 16), // a - new BigInteger("1E589A8595423412134FAA2DBDEC95C8D8675E58", 16)); // b + new BigInteger("1E589A8595423412134FAA2DBDEC95C8D8675E58", 16))); // b return new X9ECParameters( curve, @@ -38,11 +43,11 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( // new BigInteger("24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B", 16), // Z new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620C", 16), // a' - new BigInteger("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", 16)); // b' + new BigInteger("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", 16))); // b' return new X9ECParameters( curve, @@ -56,10 +61,10 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q new BigInteger("6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", 16), // a - new BigInteger("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", 16)); // b + new BigInteger("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", 16))); // b return new X9ECParameters( curve, @@ -73,11 +78,11 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB") //Z new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", 16), // a' - new BigInteger("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", 16)); // b' + new BigInteger("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", 16))); // b' return new X9ECParameters( curve, @@ -91,10 +96,10 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q new BigInteger("68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", 16), // a - new BigInteger("2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", 16)); // b + new BigInteger("2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", 16))); // b return new X9ECParameters( curve, @@ -107,11 +112,11 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F") //Z new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", 16), // a' - new BigInteger("4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", 16)); // b' + new BigInteger("4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", 16))); // b' return new X9ECParameters( curve, @@ -124,10 +129,10 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q new BigInteger("7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", 16), // a - new BigInteger("26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", 16)); // b + new BigInteger("26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", 16))); // b return new X9ECParameters( curve, @@ -140,11 +145,11 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0") //Z new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", 16), // a' - new BigInteger("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16)); // b' + new BigInteger("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16))); // b' return new X9ECParameters( curve, @@ -157,10 +162,10 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q new BigInteger("3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", 16), // a - new BigInteger("520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", 16)); // b + new BigInteger("520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", 16))); // b return new X9ECParameters( curve, @@ -173,11 +178,11 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1") //Z new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", 16), // a' - new BigInteger("A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", 16)); // b' + new BigInteger("A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", 16))); // b' return new X9ECParameters( curve, @@ -190,10 +195,10 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q new BigInteger("7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", 16), // a - new BigInteger("4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", 16)); // b + new BigInteger("4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", 16))); // b return new X9ECParameters( curve, @@ -206,11 +211,11 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C") //Z new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", 16), // a' - new BigInteger("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16)); // b' + new BigInteger("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16))); // b' return new X9ECParameters( curve, @@ -223,10 +228,10 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q new BigInteger("7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", 16), // a - new BigInteger("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", 16)); // b + new BigInteger("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", 16))); // b return new X9ECParameters( curve, @@ -239,11 +244,11 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { - ECCurve curve = new ECCurve.Fp( + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB") //Z new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", 16), // a' - new BigInteger("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16)); // b' + new BigInteger("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16))); // b' return new X9ECParameters( curve, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java index df9a0ff..895f5e8 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java @@ -2,41 +2,74 @@ package org.bouncycastle.asn1.teletrust; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * TeleTrusT: + * { iso(1) identifier-organization(3) teleTrust(36) algorithm(3) + * + */ public interface TeleTrusTObjectIdentifiers { + /** 1.3.36.3 */ static final ASN1ObjectIdentifier teleTrusTAlgorithm = new ASN1ObjectIdentifier("1.3.36.3"); + /** 1.3.36.3.2.1 */ static final ASN1ObjectIdentifier ripemd160 = teleTrusTAlgorithm.branch("2.1"); + /** 1.3.36.3.2.2 */ static final ASN1ObjectIdentifier ripemd128 = teleTrusTAlgorithm.branch("2.2"); + /** 1.3.36.3.2.3 */ static final ASN1ObjectIdentifier ripemd256 = teleTrusTAlgorithm.branch("2.3"); + /** 1.3.36.3.3.1 */ static final ASN1ObjectIdentifier teleTrusTRSAsignatureAlgorithm = teleTrusTAlgorithm.branch("3.1"); - static final ASN1ObjectIdentifier rsaSignatureWithripemd160 = teleTrusTRSAsignatureAlgorithm.branch("2"); - static final ASN1ObjectIdentifier rsaSignatureWithripemd128 = teleTrusTRSAsignatureAlgorithm.branch("3"); - static final ASN1ObjectIdentifier rsaSignatureWithripemd256 = teleTrusTRSAsignatureAlgorithm.branch("4"); + /** 1.3.36.3.3.1.2 */ + static final ASN1ObjectIdentifier rsaSignatureWithripemd160 = teleTrusTRSAsignatureAlgorithm.branch("2"); + /** 1.3.36.3.3.1.3 */ + static final ASN1ObjectIdentifier rsaSignatureWithripemd128 = teleTrusTRSAsignatureAlgorithm.branch("3"); + /** 1.3.36.3.3.1.4 */ + static final ASN1ObjectIdentifier rsaSignatureWithripemd256 = teleTrusTRSAsignatureAlgorithm.branch("4"); - static final ASN1ObjectIdentifier ecSign = teleTrusTAlgorithm.branch("3.2"); + /** 1.3.36.3.3.2 */ + static final ASN1ObjectIdentifier ecSign = teleTrusTAlgorithm.branch("3.2"); - static final ASN1ObjectIdentifier ecSignWithSha1 = ecSign.branch("1"); + /** 1.3.36.3.3.2,1 */ + static final ASN1ObjectIdentifier ecSignWithSha1 = ecSign.branch("1"); + /** 1.3.36.3.3.2.2 */ static final ASN1ObjectIdentifier ecSignWithRipemd160 = ecSign.branch("2"); + /** 1.3.36.3.3.2.8 */ static final ASN1ObjectIdentifier ecc_brainpool = teleTrusTAlgorithm.branch("3.2.8"); + /** 1.3.36.3.3.2.8.1 */ static final ASN1ObjectIdentifier ellipticCurve = ecc_brainpool.branch("1"); + /** 1.3.36.3.3.2.8.1 */ static final ASN1ObjectIdentifier versionOne = ellipticCurve.branch("1"); + /** 1.3.36.3.3.2.8.1.1 */ static final ASN1ObjectIdentifier brainpoolP160r1 = versionOne.branch("1"); + /** 1.3.36.3.3.2.8.1.2 */ static final ASN1ObjectIdentifier brainpoolP160t1 = versionOne.branch("2"); + /** 1.3.36.3.3.2.8.1.3 */ static final ASN1ObjectIdentifier brainpoolP192r1 = versionOne.branch("3"); + /** 1.3.36.3.3.2.8.1.4 */ static final ASN1ObjectIdentifier brainpoolP192t1 = versionOne.branch("4"); + /** 1.3.36.3.3.2.8.1.5 */ static final ASN1ObjectIdentifier brainpoolP224r1 = versionOne.branch("5"); + /** 1.3.36.3.3.2.8.1.6 */ static final ASN1ObjectIdentifier brainpoolP224t1 = versionOne.branch("6"); + /** 1.3.36.3.3.2.8.1.7 */ static final ASN1ObjectIdentifier brainpoolP256r1 = versionOne.branch("7"); + /** 1.3.36.3.3.2.8.1.8 */ static final ASN1ObjectIdentifier brainpoolP256t1 = versionOne.branch("8"); + /** 1.3.36.3.3.2.8.1.9 */ static final ASN1ObjectIdentifier brainpoolP320r1 = versionOne.branch("9"); + /** 1.3.36.3.3.2.8.1.10 */ static final ASN1ObjectIdentifier brainpoolP320t1 = versionOne.branch("10"); + /** 1.3.36.3.3.2.8.1.11 */ static final ASN1ObjectIdentifier brainpoolP384r1 = versionOne.branch("11"); + /** 1.3.36.3.3.2.8.1.12 */ static final ASN1ObjectIdentifier brainpoolP384t1 = versionOne.branch("12"); + /** 1.3.36.3.3.2.8.1.13 */ static final ASN1ObjectIdentifier brainpoolP512r1 = versionOne.branch("13"); + /** 1.3.36.3.3.2.8.1.14 */ static final ASN1ObjectIdentifier brainpoolP512t1 = versionOne.branch("14"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html deleted file mode 100644 index 86606c3..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes for TeleTrust related objects. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html deleted file mode 100644 index d6265f0..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting Time Stamp Protocol as described RFC 3161. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java index 353c196..312bacb 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java @@ -34,16 +34,16 @@ public class DSTU4145NamedCurves curves[9] = new ECCurve.F2m(431, 1, 3, 5, ONE, new BigInteger("03CE10490F6A708FC26DFE8C3D27C4F94E690134D5BFF988D8D28AAEAEDE975936C66BAC536B18AE2DC312CA493117DAA469C640CAF3", 16)); ECPoint[] points = new ECPoint[10]; - points[0] = curves[0].createPoint(new BigInteger("2E2F85F5DD74CE983A5C4237229DAF8A3F35823BE", 16), new BigInteger("3826F008A8C51D7B95284D9D03FF0E00CE2CD723A", 16), false); - points[1] = curves[1].createPoint(new BigInteger("7A1F6653786A68192803910A3D30B2A2018B21CD54", 16), new BigInteger("5F49EB26781C0EC6B8909156D98ED435E45FD59918", 16), false); - points[2] = curves[2].createPoint(new BigInteger("4D41A619BCC6EADF0448FA22FAD567A9181D37389CA", 16), new BigInteger("10B51CC12849B234C75E6DD2028BF7FF5C1CE0D991A1", 16), false); - points[3] = curves[3].createPoint(new BigInteger("6BA06FE51464B2BD26DC57F48819BA9954667022C7D03", 16), new BigInteger("25FBC363582DCEC065080CA8287AAFF09788A66DC3A9E", 16), false); - points[4] = curves[4].createPoint(new BigInteger("714114B762F2FF4A7912A6D2AC58B9B5C2FCFE76DAEB7129", 16), new BigInteger("29C41E568B77C617EFE5902F11DB96FA9613CD8D03DB08DA", 16), false); - points[5] = curves[5].createPoint(new BigInteger("3FCDA526B6CDF83BA1118DF35B3C31761D3545F32728D003EEB25EFE96", 16), new BigInteger("9CA8B57A934C54DEEDA9E54A7BBAD95E3B2E91C54D32BE0B9DF96D8D35", 16), false); - points[6] = curves[6].createPoint(new BigInteger("02A29EF207D0E9B6C55CD260B306C7E007AC491CA1B10C62334A9E8DCD8D20FB7", 16), new BigInteger("10686D41FF744D4449FCCF6D8EEA03102E6812C93A9D60B978B702CF156D814EF", 16), false); - points[7] = curves[7].createPoint(new BigInteger("216EE8B189D291A0224984C1E92F1D16BF75CCD825A087A239B276D3167743C52C02D6E7232AA", 16), new BigInteger("5D9306BACD22B7FAEB09D2E049C6E2866C5D1677762A8F2F2DC9A11C7F7BE8340AB2237C7F2A0", 16), false); - points[8] = curves[8].createPoint(new BigInteger("324A6EDDD512F08C49A99AE0D3F961197A76413E7BE81A400CA681E09639B5FE12E59A109F78BF4A373541B3B9A1", 16), new BigInteger("1AB597A5B4477F59E39539007C7F977D1A567B92B043A49C6B61984C3FE3481AAF454CD41BA1F051626442B3C10", 16), false); - points[9] = curves[9].createPoint(new BigInteger("1A62BA79D98133A16BBAE7ED9A8E03C32E0824D57AEF72F88986874E5AAE49C27BED49A2A95058068426C2171E99FD3B43C5947C857D", 16), new BigInteger("70B5E1E14031C1F70BBEFE96BDDE66F451754B4CA5F48DA241F331AA396B8D1839A855C1769B1EA14BA53308B5E2723724E090E02DB9", 16), false); + points[0] = curves[0].createPoint(new BigInteger("2E2F85F5DD74CE983A5C4237229DAF8A3F35823BE", 16), new BigInteger("3826F008A8C51D7B95284D9D03FF0E00CE2CD723A", 16)); + points[1] = curves[1].createPoint(new BigInteger("7A1F6653786A68192803910A3D30B2A2018B21CD54", 16), new BigInteger("5F49EB26781C0EC6B8909156D98ED435E45FD59918", 16)); + points[2] = curves[2].createPoint(new BigInteger("4D41A619BCC6EADF0448FA22FAD567A9181D37389CA", 16), new BigInteger("10B51CC12849B234C75E6DD2028BF7FF5C1CE0D991A1", 16)); + points[3] = curves[3].createPoint(new BigInteger("6BA06FE51464B2BD26DC57F48819BA9954667022C7D03", 16), new BigInteger("25FBC363582DCEC065080CA8287AAFF09788A66DC3A9E", 16)); + points[4] = curves[4].createPoint(new BigInteger("714114B762F2FF4A7912A6D2AC58B9B5C2FCFE76DAEB7129", 16), new BigInteger("29C41E568B77C617EFE5902F11DB96FA9613CD8D03DB08DA", 16)); + points[5] = curves[5].createPoint(new BigInteger("3FCDA526B6CDF83BA1118DF35B3C31761D3545F32728D003EEB25EFE96", 16), new BigInteger("9CA8B57A934C54DEEDA9E54A7BBAD95E3B2E91C54D32BE0B9DF96D8D35", 16)); + points[6] = curves[6].createPoint(new BigInteger("02A29EF207D0E9B6C55CD260B306C7E007AC491CA1B10C62334A9E8DCD8D20FB7", 16), new BigInteger("10686D41FF744D4449FCCF6D8EEA03102E6812C93A9D60B978B702CF156D814EF", 16)); + points[7] = curves[7].createPoint(new BigInteger("216EE8B189D291A0224984C1E92F1D16BF75CCD825A087A239B276D3167743C52C02D6E7232AA", 16), new BigInteger("5D9306BACD22B7FAEB09D2E049C6E2866C5D1677762A8F2F2DC9A11C7F7BE8340AB2237C7F2A0", 16)); + points[8] = curves[8].createPoint(new BigInteger("324A6EDDD512F08C49A99AE0D3F961197A76413E7BE81A400CA681E09639B5FE12E59A109F78BF4A373541B3B9A1", 16), new BigInteger("1AB597A5B4477F59E39539007C7F977D1A567B92B043A49C6B61984C3FE3481AAF454CD41BA1F051626442B3C10", 16)); + points[9] = curves[9].createPoint(new BigInteger("1A62BA79D98133A16BBAE7ED9A8E03C32E0824D57AEF72F88986874E5AAE49C27BED49A2A95058068426C2171E99FD3B43C5947C857D", 16), new BigInteger("70B5E1E14031C1F70BBEFE96BDDE66F451754B4CA5F48DA241F331AA396B8D1839A855C1769B1EA14BA53308B5E2723724E090E02DB9", 16)); BigInteger[] n_s = new BigInteger[10]; n_s[0] = new BigInteger("400000000000000000002BEC12BE2262D39BCF14D", 16); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java index 0227d2a..8c16620 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java @@ -3,7 +3,6 @@ package org.bouncycastle.asn1.ua; import java.math.BigInteger; import java.util.Random; -import org.bouncycastle.asn1.x9.X9IntegerConverter; import org.bouncycastle.math.ec.ECConstants; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.math.ec.ECFieldElement; @@ -14,12 +13,8 @@ import org.bouncycastle.util.Arrays; * DSTU4145 encodes points somewhat differently than X9.62 * It compresses the point to the size of the field element */ - public abstract class DSTU4145PointEncoder { - - private static X9IntegerConverter converter = new X9IntegerConverter(); - private static BigInteger trace(ECFieldElement fe) { ECFieldElement t = fe; @@ -38,26 +33,23 @@ public abstract class DSTU4145PointEncoder * @return the solution for <code>z<sup>2</sup> + z = beta</code> or * <code>null</code> if no solution exists. */ - private static ECFieldElement solveQuadradicEquation(ECFieldElement beta) + private static ECFieldElement solveQuadraticEquation(ECCurve curve, ECFieldElement beta) { - ECFieldElement.F2m b = (ECFieldElement.F2m)beta; - ECFieldElement zeroElement = new ECFieldElement.F2m( - b.getM(), b.getK1(), b.getK2(), b.getK3(), ECConstants.ZERO); - - if (beta.toBigInteger().equals(ECConstants.ZERO)) + if (beta.isZero()) { - return zeroElement; + return beta; } + ECFieldElement zeroElement = curve.fromBigInteger(ECConstants.ZERO); + ECFieldElement z = null; - ECFieldElement gamma = zeroElement; + ECFieldElement gamma = null; Random rand = new Random(); - int m = b.getM(); + int m = beta.getFieldSize(); do { - ECFieldElement t = new ECFieldElement.F2m(b.getM(), b.getK1(), - b.getK2(), b.getK3(), new BigInteger(m, rand)); + ECFieldElement t = curve.fromBigInteger(new BigInteger(m, rand)); z = zeroElement; ECFieldElement w = beta; for (int i = 1; i <= m - 1; i++) @@ -66,13 +58,13 @@ public abstract class DSTU4145PointEncoder z = z.square().add(w2.multiply(t)); w = w2.add(beta); } - if (!w.toBigInteger().equals(ECConstants.ZERO)) + if (!w.isZero()) { return null; } gamma = z.square().add(z); } - while (gamma.toBigInteger().equals(ECConstants.ZERO)); + while (gamma.isZero()); return z; } @@ -91,12 +83,15 @@ public abstract class DSTU4145PointEncoder return Arrays.copyOfRange(bytes, 1, bytes.length);*/ - int byteCount = converter.getByteLength(Q.getX()); - byte[] bytes = converter.integerToBytes(Q.getX().toBigInteger(), byteCount); + Q = Q.normalize(); + + ECFieldElement x = Q.getAffineXCoord(); + + byte[] bytes = x.getEncoded(); - if (!(Q.getX().toBigInteger().equals(ECConstants.ZERO))) + if (!x.isZero()) { - ECFieldElement y = Q.getY().multiply(Q.getX().invert()); + ECFieldElement y = Q.getAffineYCoord().divide(x); if (trace(y).equals(ECConstants.ONE)) { bytes[bytes.length - 1] |= 0x01; @@ -129,13 +124,12 @@ public abstract class DSTU4145PointEncoder bytes = Arrays.clone(bytes); bytes[bytes.length - 1] ^= 0x01; } - ECCurve.F2m c = (ECCurve.F2m)curve; ECFieldElement xp = curve.fromBigInteger(new BigInteger(1, bytes)); ECFieldElement yp = null; - if (xp.toBigInteger().equals(ECConstants.ZERO)) + if (xp.isZero()) { yp = (ECFieldElement.F2m)curve.getB(); - for (int i = 0; i < c.getM() - 1; i++) + for (int i = 0; i < curve.getFieldSize() - 1; i++) { yp = yp.square(); } @@ -144,14 +138,14 @@ public abstract class DSTU4145PointEncoder { ECFieldElement beta = xp.add(curve.getA()).add( curve.getB().multiply(xp.square().invert())); - ECFieldElement z = solveQuadradicEquation(beta); + ECFieldElement z = solveQuadraticEquation(curve, beta); if (z == null) { throw new RuntimeException("Invalid point compression"); } if (!trace(z).equals(k)) { - z = z.add(curve.fromBigInteger(ECConstants.ONE)); + z = z.addOne(); } yp = xp.multiply(z); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/UAObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/UAObjectIdentifiers.java index 046bc6f..ccdb34e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/UAObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ua/UAObjectIdentifiers.java @@ -2,15 +2,22 @@ package org.bouncycastle.asn1.ua; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * Ukrainian object identifiers + * <p> + * {iso(1) member-body(2) Ukraine(804) root(2) security(1) cryptography(1) pki(1)} + * <p> + * { ... pki-alg(1) pki-alg-sym(3) Dstu4145WithGost34311(1) PB(1)} + * <p> + * DSTU4145 in polynomial basis has 2 oids, one for little-endian representation and one for big-endian + */ public interface UAObjectIdentifiers { - // Ukrainian object identifiers - // {iso(1) member-body(2) Ukraine(804 ) root(2) security(1) cryptography(1) pki(1)} - + /** Base OID: 1.2.804.2.1.1.1 */ static final ASN1ObjectIdentifier UaOid = new ASN1ObjectIdentifier("1.2.804.2.1.1.1"); - // {pki-alg(1) pki-alg-�sym(3) Dstu4145WithGost34311(1) PB(1)} - // DSTU4145 in polynomial basis has 2 oids, one for little-endian representation and one for big-endian + /** DSTU4145 Little Endian presentation. OID: 1.2.804.2.1.1.1.1.3.1.1 */ static final ASN1ObjectIdentifier dstu4145le = UaOid.branch("1.3.1.1"); + /** DSTU4145 Big Endian presentation. OID: 1.2.804.2.1.1.1.1.3.1.1.1 */ static final ASN1ObjectIdentifier dstu4145be = UaOid.branch("1.3.1.1.1.1"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html deleted file mode 100644 index 1db893d..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -An ASN.1 dump utility. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java index 714a32c..6842182 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java @@ -1,6 +1,7 @@ package org.bouncycastle.asn1.x500.style; import java.io.IOException; +import java.util.Enumeration; import java.util.Hashtable; import org.bouncycastle.asn1.ASN1Encodable; @@ -19,8 +20,6 @@ import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; public class BCStyle implements X500NameStyle { - public static final X500NameStyle INSTANCE = new BCStyle(); - /** * country code - StringType(SIZE(2)) */ @@ -273,9 +272,18 @@ public class BCStyle DefaultLookUp.put("name", NAME); } + /** + * Singleton instance. + */ + public static final X500NameStyle INSTANCE = new BCStyle(); + + protected final Hashtable defaultLookUp; + protected final Hashtable defaultSymbols; + protected BCStyle() { - + defaultSymbols = copyHashTable(DefaultSymbols); + defaultLookUp = copyHashTable(DefaultLookUp); } public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value) @@ -322,12 +330,12 @@ public class BCStyle public String[] oidToAttrNames(ASN1ObjectIdentifier oid) { - return IETFUtils.findAttrNamesForOID(oid, DefaultLookUp); + return IETFUtils.findAttrNamesForOID(oid, defaultLookUp); } public ASN1ObjectIdentifier attrNameToOID(String attrName) { - return IETFUtils.decodeAttrName(attrName, DefaultLookUp); + return IETFUtils.decodeAttrName(attrName, defaultLookUp); } public boolean areEqual(X500Name name1, X500Name name2) @@ -451,9 +459,23 @@ public class BCStyle buf.append(','); } - IETFUtils.appendRDN(buf, rdns[i], DefaultSymbols); + IETFUtils.appendRDN(buf, rdns[i], defaultSymbols); } return buf.toString(); } + + private static Hashtable copyHashTable(Hashtable paramsMap) + { + Hashtable newTable = new Hashtable(); + + Enumeration keys = paramsMap.keys(); + while (keys.hasMoreElements()) + { + Object key = keys.nextElement(); + newTable.put(key, paramsMap.get(key)); + } + + return newTable; + } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java index c73107e..b4f1794 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java @@ -405,7 +405,7 @@ public class IETFUtils int start = 0; if (vBuf.length() > 0) { - while (vBuf.charAt(start) == ' ') + while (vBuf.length() > start && vBuf.charAt(start) == ' ') { vBuf.insert(start, "\\"); start += 2; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java index 8486989..8c92257 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java @@ -1,6 +1,7 @@ package org.bouncycastle.asn1.x500.style; import java.io.IOException; +import java.util.Enumeration; import java.util.Hashtable; import org.bouncycastle.asn1.ASN1Encodable; @@ -16,8 +17,6 @@ import org.bouncycastle.asn1.x500.X500NameStyle; public class RFC4519Style implements X500NameStyle { - public static final X500NameStyle INSTANCE = new RFC4519Style(); - public static final ASN1ObjectIdentifier businessCategory = new ASN1ObjectIdentifier("2.5.4.15"); public static final ASN1ObjectIdentifier c = new ASN1ObjectIdentifier("2.5.4.6"); public static final ASN1ObjectIdentifier cn = new ASN1ObjectIdentifier("2.5.4.3"); @@ -166,9 +165,18 @@ public class RFC4519Style // TODO: need to add correct matching for equality comparisons. } + /** + * Singleton instance. + */ + public static final X500NameStyle INSTANCE = new RFC4519Style(); + + protected final Hashtable defaultLookUp; + protected final Hashtable defaultSymbols; + protected RFC4519Style() { - + defaultSymbols = copyHashTable(DefaultSymbols); + defaultLookUp = copyHashTable(DefaultLookUp); } public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value) @@ -211,12 +219,12 @@ public class RFC4519Style public String[] oidToAttrNames(ASN1ObjectIdentifier oid) { - return IETFUtils.findAttrNamesForOID(oid, DefaultLookUp); + return IETFUtils.findAttrNamesForOID(oid, defaultLookUp); } public ASN1ObjectIdentifier attrNameToOID(String attrName) { - return IETFUtils.decodeAttrName(attrName, DefaultLookUp); + return IETFUtils.decodeAttrName(attrName, defaultLookUp); } public boolean areEqual(X500Name name1, X500Name name2) @@ -350,9 +358,23 @@ public class RFC4519Style buf.append(','); } - IETFUtils.appendRDN(buf, rdns[i], DefaultSymbols); + IETFUtils.appendRDN(buf, rdns[i], defaultSymbols); } return buf.toString(); } + + private static Hashtable copyHashTable(Hashtable paramsMap) + { + Hashtable newTable = new Hashtable(); + + Enumeration keys = paramsMap.keys(); + while (keys.hasMoreElements()) + { + Object key = keys.nextElement(); + newTable.put(key, paramsMap.get(key)); + } + + return newTable; + } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java index 92aa0f7..73fe7b4 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java @@ -41,7 +41,10 @@ public class AttributeCertificate this.signatureAlgorithm = signatureAlgorithm; this.signatureValue = signatureValue; } - + + /** + * @deprecated use getInstance() method. + */ public AttributeCertificate( ASN1Sequence seq) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java index 7b9d450..ae539f4 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java @@ -13,7 +13,7 @@ import org.bouncycastle.asn1.DERSequence; public class AttributeCertificateInfo extends ASN1Object { - private ASN1Integer version; + private ASN1Integer version; private Holder holder; private AttCertIssuer issuer; private AlgorithmIdentifier signature; @@ -48,22 +48,33 @@ public class AttributeCertificateInfo private AttributeCertificateInfo( ASN1Sequence seq) { - if (seq.size() < 7 || seq.size() > 9) + if (seq.size() < 6 || seq.size() > 9) { throw new IllegalArgumentException("Bad sequence size: " + seq.size()); } - this.version = ASN1Integer.getInstance(seq.getObjectAt(0)); - this.holder = Holder.getInstance(seq.getObjectAt(1)); - this.issuer = AttCertIssuer.getInstance(seq.getObjectAt(2)); - this.signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(3)); - this.serialNumber = ASN1Integer.getInstance(seq.getObjectAt(4)); - this.attrCertValidityPeriod = AttCertValidityPeriod.getInstance(seq.getObjectAt(5)); - this.attributes = ASN1Sequence.getInstance(seq.getObjectAt(6)); + int start; + if (seq.getObjectAt(0) instanceof ASN1Integer) // in version 1 certs version is DEFAULT v1(0) + { + this.version = ASN1Integer.getInstance(seq.getObjectAt(0)); + start = 1; + } + else + { + this.version = new ASN1Integer(0); + start = 0; + } + + this.holder = Holder.getInstance(seq.getObjectAt(start)); + this.issuer = AttCertIssuer.getInstance(seq.getObjectAt(start + 1)); + this.signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(start + 2)); + this.serialNumber = ASN1Integer.getInstance(seq.getObjectAt(start + 3)); + this.attrCertValidityPeriod = AttCertValidityPeriod.getInstance(seq.getObjectAt(start + 4)); + this.attributes = ASN1Sequence.getInstance(seq.getObjectAt(start + 5)); - for (int i = 7; i < seq.size(); i++) + for (int i = start + 6; i < seq.size(); i++) { - ASN1Encodable obj = (ASN1Encodable)seq.getObjectAt(i); + ASN1Encodable obj = seq.getObjectAt(i); if (obj instanceof DERBitString) { @@ -143,7 +154,10 @@ public class AttributeCertificateInfo { ASN1EncodableVector v = new ASN1EncodableVector(); - v.add(version); + if (version.getValue().intValue() != 0) + { + v.add(version); + } v.add(holder); v.add(issuer); v.add(signature); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificateList.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificateList.java index 91a37ad..61d7d4a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificateList.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificateList.java @@ -31,6 +31,8 @@ public class CertificateList TBSCertList tbsCertList; AlgorithmIdentifier sigAlgId; DERBitString sig; + boolean isHashCodeSet = false; + int hashCodeValue; public static CertificateList getInstance( ASN1TaggedObject obj, @@ -54,6 +56,10 @@ public class CertificateList return null; } + /** + * @deprecated use getInstance() method. + * @param seq + */ public CertificateList( ASN1Sequence seq) { @@ -124,4 +130,15 @@ public class CertificateList return new DERSequence(v); } + + public int hashCode() + { + if (!isHashCodeSet) + { + hashCodeValue = super.hashCode(); + isHashCodeSet = true; + } + + return hashCodeValue; + } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePolicies.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePolicies.java index e42cefa..4d7fc0b 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePolicies.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePolicies.java @@ -1,6 +1,7 @@ package org.bouncycastle.asn1.x509; import org.bouncycastle.asn1.ASN1Object; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; @@ -35,6 +36,17 @@ public class CertificatePolicies } /** + * Retrieve a CertificatePolicies for a passed in Extensions object, if present. + * + * @param extensions the extensions object to be examined. + * @return the CertificatePolicies, null if the extension is not present. + */ + public static CertificatePolicies fromExtensions(Extensions extensions) + { + return CertificatePolicies.getInstance(extensions.getExtensionParsedValue(Extension.certificatePolicies)); + } + + /** * Construct a CertificatePolicies object containing one PolicyInformation. * * @param name the name to be contained. @@ -71,6 +83,19 @@ public class CertificatePolicies return tmp; } + public PolicyInformation getPolicyInformation(ASN1ObjectIdentifier policyIdentifier) + { + for (int i = 0; i != policyInformation.length; i++) + { + if (policyIdentifier.equals(policyInformation[i].getPolicyIdentifier())) + { + return policyInformation[i]; + } + } + + return null; + } + /** * Produce an object suitable for an ASN1OutputStream. * <pre> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/ExtendedKeyUsage.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/ExtendedKeyUsage.java index dcc1b1f..84d21ca 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/ExtendedKeyUsage.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/ExtendedKeyUsage.java @@ -25,6 +25,13 @@ public class ExtendedKeyUsage Hashtable usageTable = new Hashtable(); ASN1Sequence seq; + /** + * Return an ExtendedKeyUsage from the passed in tagged object. + * + * @param obj the tagged object containing the ExtendedKeyUsage + * @param explicit true if the tagged object should be interpreted as explicitly tagged, false if implicit. + * @return the ExtendedKeyUsage contained. + */ public static ExtendedKeyUsage getInstance( ASN1TaggedObject obj, boolean explicit) @@ -32,6 +39,12 @@ public class ExtendedKeyUsage return getInstance(ASN1Sequence.getInstance(obj, explicit)); } + /** + * Return an ExtendedKeyUsage from the passed in object. + * + * @param obj an ExtendedKeyUsage, some form or encoding of one, or null. + * @return an ExtendedKeyUsage object, or null if null is passed in. + */ public static ExtendedKeyUsage getInstance( Object obj) { @@ -47,11 +60,22 @@ public class ExtendedKeyUsage return null; } + /** + * Retrieve an ExtendedKeyUsage for a passed in Extensions object, if present. + * + * @param extensions the extensions object to be examined. + * @return the ExtendedKeyUsage, null if the extension is not present. + */ public static ExtendedKeyUsage fromExtensions(Extensions extensions) { return ExtendedKeyUsage.getInstance(extensions.getExtensionParsedValue(Extension.extendedKeyUsage)); } + /** + * Base constructor, from a single KeyPurposeId. + * + * @param usage the keyPurposeId to be included. + */ public ExtendedKeyUsage( KeyPurposeId usage) { @@ -78,6 +102,11 @@ public class ExtendedKeyUsage } } + /** + * Base constructor, from multiple KeyPurposeIds. + * + * @param usages an array of KeyPurposeIds. + */ public ExtendedKeyUsage( KeyPurposeId[] usages) { @@ -103,7 +132,7 @@ public class ExtendedKeyUsage while (e.hasMoreElements()) { - ASN1Primitive o = (ASN1Primitive)e.nextElement(); + KeyPurposeId o = KeyPurposeId.getInstance(e.nextElement()); v.add(o); this.usageTable.put(o, o); @@ -112,6 +141,12 @@ public class ExtendedKeyUsage this.seq = new DERSequence(v); } + /** + * Return true if this ExtendedKeyUsage object contains the passed in keyPurposeId. + * + * @param keyPurposeId the KeyPurposeId of interest. + * @return true if the keyPurposeId is present, false otherwise. + */ public boolean hasKeyPurposeId( KeyPurposeId keyPurposeId) { @@ -120,7 +155,7 @@ public class ExtendedKeyUsage /** * Returns all extended key usages. - * The returned vector contains DERObjectIdentifiers. + * * @return An array with all key purposes. */ public KeyPurposeId[] getUsages() @@ -135,11 +170,21 @@ public class ExtendedKeyUsage return temp; } + /** + * Return the number of KeyPurposeIds present in this ExtendedKeyUsage. + * + * @return the number of KeyPurposeIds + */ public int size() { return usageTable.size(); } - + + /** + * Return the ASN.1 primitive form of this object. + * + * @return an ASN1Sequence. + */ public ASN1Primitive toASN1Primitive() { return seq; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Holder.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Holder.java index 6ae6e35..e854681 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Holder.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Holder.java @@ -31,9 +31,9 @@ import org.bouncycastle.asn1.DERTaggedObject; * * <pre> * subject CHOICE { - * baseCertificateID [0] IssuerSerial, + * baseCertificateID [0] EXPLICIT IssuerSerial, * -- associated with a Public Key Certificate - * subjectName [1] GeneralNames }, + * subjectName [1] EXPLICIT GeneralNames }, * -- associated with a name * </pre> */ @@ -79,10 +79,10 @@ public class Holder switch (tagObj.getTagNo()) { case 0: - baseCertificateID = IssuerSerial.getInstance(tagObj, false); + baseCertificateID = IssuerSerial.getInstance(tagObj, true); break; case 1: - entityName = GeneralNames.getInstance(tagObj, false); + entityName = GeneralNames.getInstance(tagObj, true); break; default: throw new IllegalArgumentException("unknown tag in Holder"); @@ -234,11 +234,11 @@ public class Holder { if (entityName != null) { - return new DERTaggedObject(false, 1, entityName); + return new DERTaggedObject(true, 1, entityName); } else { - return new DERTaggedObject(false, 0, baseCertificateID); + return new DERTaggedObject(true, 0, baseCertificateID); } } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/IssuerSerial.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/IssuerSerial.java index 8d3036b..fefc939 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/IssuerSerial.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/IssuerSerial.java @@ -10,6 +10,7 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.x500.X500Name; public class IssuerSerial extends ASN1Object @@ -59,6 +60,13 @@ public class IssuerSerial } public IssuerSerial( + X500Name issuer, + BigInteger serial) + { + this(new GeneralNames(new GeneralName(issuer)), new ASN1Integer(serial)); + } + + public IssuerSerial( GeneralNames issuer, BigInteger serial) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/KeyUsage.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/KeyUsage.java index 2943c0b..d4456b7 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/KeyUsage.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/KeyUsage.java @@ -74,6 +74,17 @@ public class KeyUsage this.bitString = bitString; } + /** + * Return true if a given usage bit is set, false otherwise. + * + * @param usages combination of usage flags. + * @return true if all bits are set, false otherwise. + */ + public boolean hasUsages(int usages) + { + return (bitString.intValue() & usages) == usages; + } + public byte[] getBytes() { return bitString.getBytes(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyConstraints.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyConstraints.java new file mode 100644 index 0000000..aeb53f0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyConstraints.java @@ -0,0 +1,106 @@ +package org.bouncycastle.asn1.x509; + +import java.math.BigInteger; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Object; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERTaggedObject; + +/** + * PKIX RFC 5280 + * <pre> + * id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } + * + * PolicyConstraints ::= SEQUENCE { + * requireExplicitPolicy [0] SkipCerts OPTIONAL, + * inhibitPolicyMapping [1] SkipCerts OPTIONAL } + * + * SkipCerts ::= INTEGER (0..MAX) + * </pre> + */ +public class PolicyConstraints + extends ASN1Object +{ + private BigInteger requireExplicitPolicyMapping; + private BigInteger inhibitPolicyMapping; + + public PolicyConstraints(BigInteger requireExplicitPolicyMapping, BigInteger inhibitPolicyMapping) + { + this.requireExplicitPolicyMapping = requireExplicitPolicyMapping; + this.inhibitPolicyMapping = inhibitPolicyMapping; + } + + private PolicyConstraints(ASN1Sequence seq) + { + for (int i = 0; i != seq.size(); i++) + { + ASN1TaggedObject to = ASN1TaggedObject.getInstance(seq.getObjectAt(i)); + + if (to.getTagNo() == 0) + { + requireExplicitPolicyMapping = ASN1Integer.getInstance(to, false).getValue(); + } + else if (to.getTagNo() == 1) + { + inhibitPolicyMapping = ASN1Integer.getInstance(to, false).getValue(); + } + else + { + throw new IllegalArgumentException("Unknown tag encountered."); + } + } + } + + public static PolicyConstraints getInstance( + Object obj) + { + if (obj instanceof PolicyConstraints) + { + return (PolicyConstraints)obj; + } + + if (obj != null) + { + return new PolicyConstraints(ASN1Sequence.getInstance(obj)); + } + + return null; + } + + public static PolicyConstraints fromExtensions(Extensions extensions) + { + return PolicyConstraints.getInstance(extensions.getExtensionParsedValue(Extension.policyConstraints)); + } + + public BigInteger getRequireExplicitPolicyMapping() + { + return requireExplicitPolicyMapping; + } + + public BigInteger getInhibitPolicyMapping() + { + return inhibitPolicyMapping; + } + + public ASN1Primitive toASN1Primitive() + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + if (requireExplicitPolicyMapping != null) + { + v.add(new DERTaggedObject(0, new ASN1Integer(requireExplicitPolicyMapping))); + } + + if (inhibitPolicyMapping != null) + { + v.add(new DERTaggedObject(1, new ASN1Integer(inhibitPolicyMapping))); + } + + return new DERSequence(v); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyQualifierInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyQualifierInfo.java index 295accf..fe09169 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyQualifierInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyQualifierInfo.java @@ -57,7 +57,8 @@ public class PolicyQualifierInfo * Creates a new <code>PolicyQualifierInfo</code> instance. * * @param as <code>PolicyQualifierInfo</code> X509 structure - * encoded as an ASN1Sequence. + * encoded as an ASN1Sequence. + * @deprecated use PolicyQualifierInfo.getInstance() */ public PolicyQualifierInfo( ASN1Sequence as) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java index f020bcb..f29284d 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java @@ -10,6 +10,7 @@ import org.bouncycastle.asn1.DERBoolean; /** * an object for the elements in the X.509 V3 extension block. + * @deprecated use Extension */ public class X509Extension { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java index af2c9a9..ff7af8c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java @@ -1238,49 +1238,47 @@ public class X509Name buf.append('='); - int index = buf.length(); - int start = index; - + int start = buf.length(); buf.append(value); - - int end = buf.length(); + int end = buf.length(); if (value.length() >= 2 && value.charAt(0) == '\\' && value.charAt(1) == '#') { - index += 2; - } - - while (index != end) - { - if ((buf.charAt(index) == ',') - || (buf.charAt(index) == '"') - || (buf.charAt(index) == '\\') - || (buf.charAt(index) == '+') - || (buf.charAt(index) == '=') - || (buf.charAt(index) == '<') - || (buf.charAt(index) == '>') - || (buf.charAt(index) == ';')) - { - buf.insert(index, "\\"); - index++; - end++; - } - - index++; + start += 2; } - while (buf.charAt(start) == ' ') + while (start < end && buf.charAt(start) == ' ') { buf.insert(start, "\\"); start += 2; + ++end; } - int endBuf = buf.length() - 1; + while (--end > start && buf.charAt(end) == ' ') + { + buf.insert(end, '\\'); + } - while (endBuf >= 0 && buf.charAt(endBuf) == ' ') + while (start <= end) { - buf.insert(endBuf, '\\'); - endBuf--; + switch (buf.charAt(start)) + { + case ',': + case '"': + case '\\': + case '+': + case '=': + case '<': + case '>': + case ';': + buf.insert(start, "\\"); + start += 2; + ++end; + break; + default: + ++start; + break; + } } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java index ed4dd32..e1c7a54 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java @@ -4,64 +4,78 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; public interface X509ObjectIdentifiers { - // - // base id - // - static final String id = "2.5.4"; - - static final ASN1ObjectIdentifier commonName = new ASN1ObjectIdentifier(id + ".3"); - static final ASN1ObjectIdentifier countryName = new ASN1ObjectIdentifier(id + ".6"); - static final ASN1ObjectIdentifier localityName = new ASN1ObjectIdentifier(id + ".7"); - static final ASN1ObjectIdentifier stateOrProvinceName = new ASN1ObjectIdentifier(id + ".8"); - static final ASN1ObjectIdentifier organization = new ASN1ObjectIdentifier(id + ".10"); - static final ASN1ObjectIdentifier organizationalUnitName = new ASN1ObjectIdentifier(id + ".11"); + + /** Subject RDN components: commonName = 2.5.4.3 */ + static final ASN1ObjectIdentifier commonName = new ASN1ObjectIdentifier("2.5.4.3"); + /** Subject RDN components: countryName = 2.5.4.6 */ + static final ASN1ObjectIdentifier countryName = new ASN1ObjectIdentifier("2.5.4.6"); + /** Subject RDN components: localityName = 2.5.4.7 */ + static final ASN1ObjectIdentifier localityName = new ASN1ObjectIdentifier("2.5.4.7"); + /** Subject RDN components: stateOrProvinceName = 2.5.4.8 */ + static final ASN1ObjectIdentifier stateOrProvinceName = new ASN1ObjectIdentifier("2.5.4.8"); + /** Subject RDN components: organization = 2.5.4.10 */ + static final ASN1ObjectIdentifier organization = new ASN1ObjectIdentifier("2.5.4.10"); + /** Subject RDN components: organizationalUnitName = 2.5.4.11 */ + static final ASN1ObjectIdentifier organizationalUnitName = new ASN1ObjectIdentifier("2.5.4.11"); + /** Subject RDN components: telephone_number = 2.5.4.20 */ static final ASN1ObjectIdentifier id_at_telephoneNumber = new ASN1ObjectIdentifier("2.5.4.20"); - static final ASN1ObjectIdentifier id_at_name = new ASN1ObjectIdentifier(id + ".41"); + /** Subject RDN components: name = 2.5.4.41 */ + static final ASN1ObjectIdentifier id_at_name = new ASN1ObjectIdentifier("2.5.4.41"); - // id-SHA1 OBJECT IDENTIFIER ::= - // {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } // + /** + * id-SHA1 OBJECT IDENTIFIER ::= + * {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } + * <p> + * OID: 1.3.14.3.2.27 + */ static final ASN1ObjectIdentifier id_SHA1 = new ASN1ObjectIdentifier("1.3.14.3.2.26"); - // - // ripemd160 OBJECT IDENTIFIER ::= - // {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) hashAlgorithm(2) RIPEMD-160(1)} - // + /** + * ripemd160 OBJECT IDENTIFIER ::= + * {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) hashAlgorithm(2) RIPEMD-160(1)} + * <p> + * OID: 1.3.36.3.2.1 + */ static final ASN1ObjectIdentifier ripemd160 = new ASN1ObjectIdentifier("1.3.36.3.2.1"); - // - // ripemd160WithRSAEncryption OBJECT IDENTIFIER ::= - // {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) rsaSignatureWithripemd160(2) } - // + /** + * ripemd160WithRSAEncryption OBJECT IDENTIFIER ::= + * {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) rsaSignatureWithripemd160(2) } + * <p> + * OID: 1.3.36.3.3.1.2 + */ static final ASN1ObjectIdentifier ripemd160WithRSAEncryption = new ASN1ObjectIdentifier("1.3.36.3.3.1.2"); + /** OID: 2.5.8.1.1 */ static final ASN1ObjectIdentifier id_ea_rsa = new ASN1ObjectIdentifier("2.5.8.1.1"); - // id-pkix - static final ASN1ObjectIdentifier id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7"); + /** id-pkix OID: 1.3.6.1.5.5.7 + */ + static final ASN1ObjectIdentifier id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7"); - // - // private internet extensions - // - static final ASN1ObjectIdentifier id_pe = new ASN1ObjectIdentifier(id_pkix + ".1"); + /** + * private internet extensions; OID = 1.3.6.1.5.5.7.1 + */ + static final ASN1ObjectIdentifier id_pe = id_pkix.branch("1"); - // - // ISO ARC for standard certificate and CRL extensions - // + /** + * ISO ARC for standard certificate and CRL extensions + * <p> + * OID: 2.5.29 + */ static final ASN1ObjectIdentifier id_ce = new ASN1ObjectIdentifier("2.5.29"); - // - // authority information access - // - static final ASN1ObjectIdentifier id_ad = new ASN1ObjectIdentifier(id_pkix + ".48"); - static final ASN1ObjectIdentifier id_ad_caIssuers = new ASN1ObjectIdentifier(id_ad + ".2"); - static final ASN1ObjectIdentifier id_ad_ocsp = new ASN1ObjectIdentifier(id_ad + ".1"); + /** id-pkix OID: 1.3.6.1.5.5.7.48 */ + static final ASN1ObjectIdentifier id_ad = id_pkix.branch("48"); + /** id-ad-caIssuers OID: 1.3.6.1.5.5.7.48.2 */ + static final ASN1ObjectIdentifier id_ad_caIssuers = id_ad.branch("2"); + /** id-ad-ocsp OID: 1.3.6.1.5.5.7.48.1 */ + static final ASN1ObjectIdentifier id_ad_ocsp = id_ad.branch("1"); - // - // OID for ocsp and crl uri in AuthorityInformationAccess extension - // + /** OID for ocsp uri in AuthorityInformationAccess extension */ static final ASN1ObjectIdentifier ocspAccessMethod = id_ad_ocsp; - static final ASN1ObjectIdentifier crlAccessMethod = id_ad_caIssuers; + /** OID for crl uri in AuthorityInformationAccess extension */ + static final ASN1ObjectIdentifier crlAccessMethod = id_ad_caIssuers; } - diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html deleted file mode 100644 index 728921a..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and processing X.509 certificates. -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/ETSIQCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/ETSIQCObjectIdentifiers.java index 19ef12b..22db8cb 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/ETSIQCObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/ETSIQCObjectIdentifiers.java @@ -4,13 +4,8 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; public interface ETSIQCObjectIdentifiers { - // - // base id - // - static final ASN1ObjectIdentifier id_etsi_qcs = new ASN1ObjectIdentifier("0.4.0.1862.1"); - - static final ASN1ObjectIdentifier id_etsi_qcs_QcCompliance = id_etsi_qcs.branch("1"); - static final ASN1ObjectIdentifier id_etsi_qcs_LimiteValue = id_etsi_qcs.branch("2"); - static final ASN1ObjectIdentifier id_etsi_qcs_RetentionPeriod = id_etsi_qcs.branch("3"); - static final ASN1ObjectIdentifier id_etsi_qcs_QcSSCD = id_etsi_qcs.branch("4"); + static final ASN1ObjectIdentifier id_etsi_qcs_QcCompliance = new ASN1ObjectIdentifier("0.4.0.1862.1.1"); + static final ASN1ObjectIdentifier id_etsi_qcs_LimiteValue = new ASN1ObjectIdentifier("0.4.0.1862.1.2"); + static final ASN1ObjectIdentifier id_etsi_qcs_RetentionPeriod = new ASN1ObjectIdentifier("0.4.0.1862.1.3"); + static final ASN1ObjectIdentifier id_etsi_qcs_QcSSCD = new ASN1ObjectIdentifier("0.4.0.1862.1.4"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/RFC3739QCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/RFC3739QCObjectIdentifiers.java index ecb5cce..0c840bd 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/RFC3739QCObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/RFC3739QCObjectIdentifiers.java @@ -4,11 +4,8 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; public interface RFC3739QCObjectIdentifiers { - // - // base id - // - static final ASN1ObjectIdentifier id_qcs = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.11"); - - static final ASN1ObjectIdentifier id_qcs_pkixQCSyntax_v1 = id_qcs.branch("1"); - static final ASN1ObjectIdentifier id_qcs_pkixQCSyntax_v2 = id_qcs.branch("2"); + /** OID: 1.3.6.1.5.5.7.11.1 */ + static final ASN1ObjectIdentifier id_qcs_pkixQCSyntax_v1 = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.11.1"); + /** OID: 1.3.6.1.5.5.7.11.2 */ + static final ASN1ObjectIdentifier id_qcs_pkixQCSyntax_v2 = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.11.2"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html deleted file mode 100644 index 28cfef9..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and processing messages based around RFC3739 -</body> -</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/SigIObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/SigIObjectIdentifiers.java index 8cac124..d338614 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/SigIObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/SigIObjectIdentifiers.java @@ -8,38 +8,53 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; */ public interface SigIObjectIdentifiers { + /** + * OID: 1.3.36.8 + */ public final static ASN1ObjectIdentifier id_sigi = new ASN1ObjectIdentifier("1.3.36.8"); /** * Key purpose IDs for German SigI (Signature Interoperability * Specification) + * <p> + * OID: 1.3.36.8.2 */ - public final static ASN1ObjectIdentifier id_sigi_kp = new ASN1ObjectIdentifier(id_sigi + ".2"); + public final static ASN1ObjectIdentifier id_sigi_kp = new ASN1ObjectIdentifier("1.3.36.8.2"); /** * Certificate policy IDs for German SigI (Signature Interoperability * Specification) + * <p> + * OID: 1.3.36.8.1 */ - public final static ASN1ObjectIdentifier id_sigi_cp = new ASN1ObjectIdentifier(id_sigi + ".1"); + public final static ASN1ObjectIdentifier id_sigi_cp = new ASN1ObjectIdentifier("1.3.36.8.1"); /** * Other Name IDs for German SigI (Signature Interoperability Specification) + * <p> + * OID: 1.3.36.8.4 */ - public final static ASN1ObjectIdentifier id_sigi_on = new ASN1ObjectIdentifier(id_sigi + ".4"); + public final static ASN1ObjectIdentifier id_sigi_on = new ASN1ObjectIdentifier("1.3.36.8.4"); /** * To be used for for the generation of directory service certificates. + * <p> + * OID: 1.3.36.8.2.1 */ - public static final ASN1ObjectIdentifier id_sigi_kp_directoryService = new ASN1ObjectIdentifier(id_sigi_kp + ".1"); + public static final ASN1ObjectIdentifier id_sigi_kp_directoryService = new ASN1ObjectIdentifier("1.3.36.8.2.1"); /** * ID for PersonalData + * <p> + * OID: 1.3.36.8.4.1 */ - public static final ASN1ObjectIdentifier id_sigi_on_personalData = new ASN1ObjectIdentifier(id_sigi_on + ".1"); + public static final ASN1ObjectIdentifier id_sigi_on_personalData = new ASN1ObjectIdentifier("1.3.36.8.4.1"); /** - * Certificate is conform to german signature law. + * Certificate is conformant to german signature law. + * <p> + * OID: 1.3.36.8.1.1 */ - public static final ASN1ObjectIdentifier id_sigi_cp_sigconform = new ASN1ObjectIdentifier(id_sigi_cp + ".1"); + public static final ASN1ObjectIdentifier id_sigi_cp_sigconform = new ASN1ObjectIdentifier("1.3.36.8.1.1"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java index fb545c2..eeae0de 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java @@ -65,6 +65,8 @@ public class ECNamedCurveTable ecP = TeleTrusTNamedCurves.getByOID(oid); } + // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup + return ecP; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java index e059089..60f9008 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java @@ -39,11 +39,21 @@ public class X9ECParameters } X9Curve x9c = new X9Curve( - new X9FieldID((ASN1Sequence)seq.getObjectAt(1)), - (ASN1Sequence)seq.getObjectAt(2)); + X9FieldID.getInstance(seq.getObjectAt(1)), + ASN1Sequence.getInstance(seq.getObjectAt(2))); this.curve = x9c.getCurve(); - this.g = new X9ECPoint(curve, (ASN1OctetString)seq.getObjectAt(3)).getPoint(); + Object p = seq.getObjectAt(3); + + if (p instanceof X9ECPoint) + { + this.g = ((X9ECPoint)p).getPoint(); + } + else + { + this.g = new X9ECPoint(curve, (ASN1OctetString)p).getPoint(); + } + this.n = ((ASN1Integer)seq.getObjectAt(4)).getValue(); this.seed = x9c.getSeed(); @@ -93,7 +103,7 @@ public class X9ECParameters byte[] seed) { this.curve = curve; - this.g = g; + this.g = g.normalize(); this.n = n; this.h = h; this.seed = seed; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECPoint.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECPoint.java index a4acb6e..cbb9116 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECPoint.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECPoint.java @@ -18,7 +18,7 @@ public class X9ECPoint public X9ECPoint( ECPoint p) { - this.p = p; + this.p = p.normalize(); } public X9ECPoint( diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java index 30598e2..a210352 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java @@ -71,11 +71,26 @@ public class X9FieldID this.parameters = new DERSequence(fieldIdParams); } - public X9FieldID( + private X9FieldID( ASN1Sequence seq) { - this.id = (ASN1ObjectIdentifier)seq.getObjectAt(0); - this.parameters = (ASN1Primitive)seq.getObjectAt(1); + this.id = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0)); + this.parameters = seq.getObjectAt(1).toASN1Primitive(); + } + + public static X9FieldID getInstance(Object obj) + { + if (obj instanceof X9FieldID) + { + return (X9FieldID)obj; + } + + if (obj != null) + { + return new X9FieldID(ASN1Sequence.getInstance(obj)); + } + + return null; } public ASN1ObjectIdentifier getIdentifier() diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java index f005cfa..eabf90e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java @@ -2,109 +2,172 @@ package org.bouncycastle.asn1.x9; import org.bouncycastle.asn1.ASN1ObjectIdentifier; +/** + * + * X9.62 + * <pre> + * ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2) + * us(840) ansi-x962(10045) } + * </pre> + */ public interface X9ObjectIdentifiers { - // - // X9.62 - // - // ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2) - // us(840) ansi-x962(10045) } - // + /** Base OID: 1.2.840.10045 */ static final ASN1ObjectIdentifier ansi_X9_62 = new ASN1ObjectIdentifier("1.2.840.10045"); + + /** OID: 1.2.840.10045.1 */ static final ASN1ObjectIdentifier id_fieldType = ansi_X9_62.branch("1"); + /** OID: 1.2.840.10045.1.1 */ static final ASN1ObjectIdentifier prime_field = id_fieldType.branch("1"); + /** OID: 1.2.840.10045.1.2 */ static final ASN1ObjectIdentifier characteristic_two_field = id_fieldType.branch("2"); + /** OID: 1.2.840.10045.1.2.3.1 */ static final ASN1ObjectIdentifier gnBasis = characteristic_two_field.branch("3.1"); + /** OID: 1.2.840.10045.1.2.3.2 */ static final ASN1ObjectIdentifier tpBasis = characteristic_two_field.branch("3.2"); + /** OID: 1.2.840.10045.1.2.3.3 */ static final ASN1ObjectIdentifier ppBasis = characteristic_two_field.branch("3.3"); + /** OID: 1.2.840.10045.4 */ static final ASN1ObjectIdentifier id_ecSigType = ansi_X9_62.branch("4"); - static final ASN1ObjectIdentifier ecdsa_with_SHA1 = new ASN1ObjectIdentifier(id_ecSigType + ".1"); + /** OID: 1.2.840.10045.4.1 */ + static final ASN1ObjectIdentifier ecdsa_with_SHA1 = id_ecSigType.branch("1"); + /** OID: 1.2.840.10045.2 */ static final ASN1ObjectIdentifier id_publicKeyType = ansi_X9_62.branch("2"); + /** OID: 1.2.840.10045.2.1 */ static final ASN1ObjectIdentifier id_ecPublicKey = id_publicKeyType.branch("1"); + /** OID: 1.2.840.10045.4.3 */ static final ASN1ObjectIdentifier ecdsa_with_SHA2 = id_ecSigType.branch("3"); + /** OID: 1.2.840.10045.4.3.1 */ static final ASN1ObjectIdentifier ecdsa_with_SHA224 = ecdsa_with_SHA2.branch("1"); + /** OID: 1.2.840.10045.4.3.2 */ static final ASN1ObjectIdentifier ecdsa_with_SHA256 = ecdsa_with_SHA2.branch("2"); + /** OID: 1.2.840.10045.4.3.3 */ static final ASN1ObjectIdentifier ecdsa_with_SHA384 = ecdsa_with_SHA2.branch("3"); + /** OID: 1.2.840.10045.4.3.4 */ static final ASN1ObjectIdentifier ecdsa_with_SHA512 = ecdsa_with_SHA2.branch("4"); - // - // named curves - // + /** + * Named curves base + * <p> + * OID: 1.2.840.10045.1 + */ static final ASN1ObjectIdentifier ellipticCurve = ansi_X9_62.branch("3"); - // - // Two Curves - // + /** + * Two Curves + * <p> + * OID: 1.2.840.10045.1.0 + */ static final ASN1ObjectIdentifier cTwoCurve = ellipticCurve.branch("0"); + /** Two Curve c2pnb163v1, OID: 1.2.840.10045.1.0.1 */ static final ASN1ObjectIdentifier c2pnb163v1 = cTwoCurve.branch("1"); + /** Two Curve c2pnb163v2, OID: 1.2.840.10045.1.0.2 */ static final ASN1ObjectIdentifier c2pnb163v2 = cTwoCurve.branch("2"); + /** Two Curve c2pnb163v3, OID: 1.2.840.10045.1.0.3 */ static final ASN1ObjectIdentifier c2pnb163v3 = cTwoCurve.branch("3"); + /** Two Curve c2pnb176w1, OID: 1.2.840.10045.1.0.4 */ static final ASN1ObjectIdentifier c2pnb176w1 = cTwoCurve.branch("4"); + /** Two Curve c2tnb191v1, OID: 1.2.840.10045.1.0.5 */ static final ASN1ObjectIdentifier c2tnb191v1 = cTwoCurve.branch("5"); + /** Two Curve c2tnb191v2, OID: 1.2.840.10045.1.0.6 */ static final ASN1ObjectIdentifier c2tnb191v2 = cTwoCurve.branch("6"); + /** Two Curve c2tnb191v3, OID: 1.2.840.10045.1.0.7 */ static final ASN1ObjectIdentifier c2tnb191v3 = cTwoCurve.branch("7"); + /** Two Curve c2onb191v4, OID: 1.2.840.10045.1.0.8 */ static final ASN1ObjectIdentifier c2onb191v4 = cTwoCurve.branch("8"); + /** Two Curve c2onb191v5, OID: 1.2.840.10045.1.0.9 */ static final ASN1ObjectIdentifier c2onb191v5 = cTwoCurve.branch("9"); + /** Two Curve c2pnb208w1, OID: 1.2.840.10045.1.0.10 */ static final ASN1ObjectIdentifier c2pnb208w1 = cTwoCurve.branch("10"); + /** Two Curve c2tnb239v1, OID: 1.2.840.10045.1.0.11 */ static final ASN1ObjectIdentifier c2tnb239v1 = cTwoCurve.branch("11"); + /** Two Curve c2tnb239v2, OID: 1.2.840.10045.1.0.12 */ static final ASN1ObjectIdentifier c2tnb239v2 = cTwoCurve.branch("12"); + /** Two Curve c2tnb239v3, OID: 1.2.840.10045.1.0.13 */ static final ASN1ObjectIdentifier c2tnb239v3 = cTwoCurve.branch("13"); + /** Two Curve c2onb239v4, OID: 1.2.840.10045.1.0.14 */ static final ASN1ObjectIdentifier c2onb239v4 = cTwoCurve.branch("14"); + /** Two Curve c2onb239v5, OID: 1.2.840.10045.1.0.15 */ static final ASN1ObjectIdentifier c2onb239v5 = cTwoCurve.branch("15"); + /** Two Curve c2pnb272w1, OID: 1.2.840.10045.1.0.16 */ static final ASN1ObjectIdentifier c2pnb272w1 = cTwoCurve.branch("16"); + /** Two Curve c2pnb304w1, OID: 1.2.840.10045.1.0.17 */ static final ASN1ObjectIdentifier c2pnb304w1 = cTwoCurve.branch("17"); + /** Two Curve c2tnb359v1, OID: 1.2.840.10045.1.0.18 */ static final ASN1ObjectIdentifier c2tnb359v1 = cTwoCurve.branch("18"); + /** Two Curve c2pnb368w1, OID: 1.2.840.10045.1.0.19 */ static final ASN1ObjectIdentifier c2pnb368w1 = cTwoCurve.branch("19"); + /** Two Curve c2tnb431r1, OID: 1.2.840.10045.1.0.20 */ static final ASN1ObjectIdentifier c2tnb431r1 = cTwoCurve.branch("20"); - // - // Prime - // + /** + * Prime Curves + * <p> + * OID: 1.2.840.10045.1.1 + */ static final ASN1ObjectIdentifier primeCurve = ellipticCurve.branch("1"); + /** Prime Curve prime192v1, OID: 1.2.840.10045.1.1.1 */ static final ASN1ObjectIdentifier prime192v1 = primeCurve.branch("1"); + /** Prime Curve prime192v2, OID: 1.2.840.10045.1.1.2 */ static final ASN1ObjectIdentifier prime192v2 = primeCurve.branch("2"); + /** Prime Curve prime192v3, OID: 1.2.840.10045.1.1.3 */ static final ASN1ObjectIdentifier prime192v3 = primeCurve.branch("3"); + /** Prime Curve prime239v1, OID: 1.2.840.10045.1.1.4 */ static final ASN1ObjectIdentifier prime239v1 = primeCurve.branch("4"); + /** Prime Curve prime239v2, OID: 1.2.840.10045.1.1.5 */ static final ASN1ObjectIdentifier prime239v2 = primeCurve.branch("5"); + /** Prime Curve prime239v3, OID: 1.2.840.10045.1.1.6 */ static final ASN1ObjectIdentifier prime239v3 = primeCurve.branch("6"); + /** Prime Curve prime256v1, OID: 1.2.840.10045.1.1.7 */ static final ASN1ObjectIdentifier prime256v1 = primeCurve.branch("7"); - // - // DSA - // - // dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) - // us(840) ansi-x957(10040) number-type(4) 1 } + /** + * DSA + * <pre> + * dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) + * us(840) ansi-x957(10040) number-type(4) 1 } + * </pre> + * Base OID: 1.2.840.10040.4.1 + */ static final ASN1ObjectIdentifier id_dsa = new ASN1ObjectIdentifier("1.2.840.10040.4.1"); /** - * id-dsa-with-sha1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) x9-57 - * (10040) x9cm(4) 3 } + * <pre> + * id-dsa-with-sha1 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 3 } + * </pre> + * OID: 1.2.840.10040.4.3 */ - public static final ASN1ObjectIdentifier id_dsa_with_sha1 = new ASN1ObjectIdentifier("1.2.840.10040.4.3"); + static final ASN1ObjectIdentifier id_dsa_with_sha1 = new ASN1ObjectIdentifier("1.2.840.10040.4.3"); /** - * X9.63 + * X9.63 - Signature Specification + * <p> + * Base OID: 1.3.133.16.840.63.0 */ - public static final ASN1ObjectIdentifier x9_63_scheme = new ASN1ObjectIdentifier("1.3.133.16.840.63.0"); - public static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha1kdf_scheme = x9_63_scheme.branch("2"); - public static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha1kdf_scheme = x9_63_scheme.branch("3"); - public static final ASN1ObjectIdentifier mqvSinglePass_sha1kdf_scheme = x9_63_scheme.branch("16"); + static final ASN1ObjectIdentifier x9_63_scheme = new ASN1ObjectIdentifier("1.3.133.16.840.63.0"); + /** OID: 1.3.133.16.840.63.0.2 */ + static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha1kdf_scheme = x9_63_scheme.branch("2"); + /** OID: 1.3.133.16.840.63.0.3 */ + static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha1kdf_scheme = x9_63_scheme.branch("3"); + /** OID: 1.3.133.16.840.63.0.16 */ + static final ASN1ObjectIdentifier mqvSinglePass_sha1kdf_scheme = x9_63_scheme.branch("16"); /** * X9.42 @@ -112,21 +175,33 @@ public interface X9ObjectIdentifiers static final ASN1ObjectIdentifier ansi_X9_42 = new ASN1ObjectIdentifier("1.2.840.10046"); - // - // Diffie-Hellman - // - // dhpublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) - // us(840) ansi-x942(10046) number-type(2) 1 } - // - public static final ASN1ObjectIdentifier dhpublicnumber = ansi_X9_42.branch("2.1"); - - public static final ASN1ObjectIdentifier x9_42_schemes = ansi_X9_42.branch("3"); - public static final ASN1ObjectIdentifier dhStatic = x9_42_schemes.branch("1"); - public static final ASN1ObjectIdentifier dhEphem = x9_42_schemes.branch("2"); - public static final ASN1ObjectIdentifier dhOneFlow = x9_42_schemes.branch("3"); - public static final ASN1ObjectIdentifier dhHybrid1 = x9_42_schemes.branch("4"); - public static final ASN1ObjectIdentifier dhHybrid2 = x9_42_schemes.branch("5"); - public static final ASN1ObjectIdentifier dhHybridOneFlow = x9_42_schemes.branch("6"); - public static final ASN1ObjectIdentifier mqv2 = x9_42_schemes.branch("7"); - public static final ASN1ObjectIdentifier mqv1 = x9_42_schemes.branch("8"); + /** + * Diffie-Hellman + * <pre> + * dhpublicnumber OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 + * } + * </pre> + * OID: 1.2.840.10046.2.1 + */ + static final ASN1ObjectIdentifier dhpublicnumber = ansi_X9_42.branch("2.1"); + + /** X9.42 schemas base OID: 1.2.840.10046.3 */ + static final ASN1ObjectIdentifier x9_42_schemes = ansi_X9_42.branch("3"); + /** X9.42 dhStatic OID: 1.2.840.10046.3.1 */ + static final ASN1ObjectIdentifier dhStatic = x9_42_schemes.branch("1"); + /** X9.42 dhEphem OID: 1.2.840.10046.3.2 */ + static final ASN1ObjectIdentifier dhEphem = x9_42_schemes.branch("2"); + /** X9.42 dhOneFlow OID: 1.2.840.10046.3.3 */ + static final ASN1ObjectIdentifier dhOneFlow = x9_42_schemes.branch("3"); + /** X9.42 dhHybrid1 OID: 1.2.840.10046.3.4 */ + static final ASN1ObjectIdentifier dhHybrid1 = x9_42_schemes.branch("4"); + /** X9.42 dhHybrid2 OID: 1.2.840.10046.3.5 */ + static final ASN1ObjectIdentifier dhHybrid2 = x9_42_schemes.branch("5"); + /** X9.42 dhHybridOneFlow OID: 1.2.840.10046.3.6 */ + static final ASN1ObjectIdentifier dhHybridOneFlow = x9_42_schemes.branch("6"); + /** X9.42 MQV2 OID: 1.2.840.10046.3.7 */ + static final ASN1ObjectIdentifier mqv2 = x9_42_schemes.branch("7"); + /** X9.42 MQV1 OID: 1.2.840.10046.3.8 */ + static final ASN1ObjectIdentifier mqv1 = x9_42_schemes.branch("8"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html deleted file mode 100644 index 42fc97c..0000000 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html +++ /dev/null @@ -1,5 +0,0 @@ -<html> -<body bgcolor="#ffffff"> -Support classes useful for encoding and supporting X9.62 elliptic curve. -</body> -</html> |