31689
|
1 |
/*
|
|
2 |
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
|
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
4 |
*
|
|
5 |
* This code is free software; you can redistribute it and/or modify it
|
|
6 |
* under the terms of the GNU General Public License version 2 only, as
|
|
7 |
* published by the Free Software Foundation. Oracle designates this
|
|
8 |
* particular file as subject to the "Classpath" exception as provided
|
|
9 |
* by Oracle in the LICENSE file that accompanied this code.
|
|
10 |
*
|
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that
|
|
15 |
* accompanied this code).
|
|
16 |
*
|
|
17 |
* You should have received a copy of the GNU General Public License version
|
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
20 |
*
|
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
22 |
* or visit www.oracle.com if you need additional information or have any
|
|
23 |
* questions.
|
|
24 |
*/
|
|
25 |
|
|
26 |
package sun.security.util;
|
|
27 |
|
|
28 |
import java.util.HashSet;
|
|
29 |
import java.util.Set;
|
|
30 |
import java.util.regex.Pattern;
|
|
31 |
|
|
32 |
/**
|
|
33 |
* The class decomposes standard algorithms into sub-elements.
|
|
34 |
*/
|
|
35 |
public class AlgorithmDecomposer {
|
|
36 |
|
|
37 |
private static final Pattern transPattern = Pattern.compile("/");
|
|
38 |
private static final Pattern pattern =
|
|
39 |
Pattern.compile("with|and|in", Pattern.CASE_INSENSITIVE);
|
|
40 |
|
|
41 |
/**
|
|
42 |
* Decompose the standard algorithm name into sub-elements.
|
|
43 |
* <p>
|
|
44 |
* For example, we need to decompose "SHA1WithRSA" into "SHA1" and "RSA"
|
|
45 |
* so that we can check the "SHA1" and "RSA" algorithm constraints
|
|
46 |
* separately.
|
|
47 |
* <p>
|
|
48 |
* Please override the method if need to support more name pattern.
|
|
49 |
*/
|
|
50 |
public Set<String> decompose(String algorithm) {
|
|
51 |
if (algorithm == null || algorithm.length() == 0) {
|
|
52 |
return new HashSet<>();
|
|
53 |
}
|
|
54 |
|
|
55 |
// algorithm/mode/padding
|
|
56 |
String[] transTockens = transPattern.split(algorithm);
|
|
57 |
|
|
58 |
Set<String> elements = new HashSet<>();
|
|
59 |
for (String transTocken : transTockens) {
|
|
60 |
if (transTocken == null || transTocken.length() == 0) {
|
|
61 |
continue;
|
|
62 |
}
|
|
63 |
|
|
64 |
// PBEWith<digest>And<encryption>
|
|
65 |
// PBEWith<prf>And<encryption>
|
|
66 |
// OAEPWith<digest>And<mgf>Padding
|
|
67 |
// <digest>with<encryption>
|
|
68 |
// <digest>with<encryption>and<mgf>
|
|
69 |
// <digest>with<encryption>in<format>
|
|
70 |
String[] tokens = pattern.split(transTocken);
|
|
71 |
|
|
72 |
for (String token : tokens) {
|
|
73 |
if (token == null || token.length() == 0) {
|
|
74 |
continue;
|
|
75 |
}
|
|
76 |
|
|
77 |
elements.add(token);
|
|
78 |
}
|
|
79 |
}
|
|
80 |
|
|
81 |
// In Java standard algorithm name specification, for different
|
|
82 |
// purpose, the SHA-1 and SHA-2 algorithm names are different. For
|
|
83 |
// example, for MessageDigest, the standard name is "SHA-256", while
|
|
84 |
// for Signature, the digest algorithm component is "SHA256" for
|
|
85 |
// signature algorithm "SHA256withRSA". So we need to check both
|
|
86 |
// "SHA-256" and "SHA256" to make the right constraint checking.
|
|
87 |
|
|
88 |
// handle special name: SHA-1 and SHA1
|
|
89 |
if (elements.contains("SHA1") && !elements.contains("SHA-1")) {
|
|
90 |
elements.add("SHA-1");
|
|
91 |
}
|
|
92 |
if (elements.contains("SHA-1") && !elements.contains("SHA1")) {
|
|
93 |
elements.add("SHA1");
|
|
94 |
}
|
|
95 |
|
|
96 |
// handle special name: SHA-224 and SHA224
|
|
97 |
if (elements.contains("SHA224") && !elements.contains("SHA-224")) {
|
|
98 |
elements.add("SHA-224");
|
|
99 |
}
|
|
100 |
if (elements.contains("SHA-224") && !elements.contains("SHA224")) {
|
|
101 |
elements.add("SHA224");
|
|
102 |
}
|
|
103 |
|
|
104 |
// handle special name: SHA-256 and SHA256
|
|
105 |
if (elements.contains("SHA256") && !elements.contains("SHA-256")) {
|
|
106 |
elements.add("SHA-256");
|
|
107 |
}
|
|
108 |
if (elements.contains("SHA-256") && !elements.contains("SHA256")) {
|
|
109 |
elements.add("SHA256");
|
|
110 |
}
|
|
111 |
|
|
112 |
// handle special name: SHA-384 and SHA384
|
|
113 |
if (elements.contains("SHA384") && !elements.contains("SHA-384")) {
|
|
114 |
elements.add("SHA-384");
|
|
115 |
}
|
|
116 |
if (elements.contains("SHA-384") && !elements.contains("SHA384")) {
|
|
117 |
elements.add("SHA384");
|
|
118 |
}
|
|
119 |
|
|
120 |
// handle special name: SHA-512 and SHA512
|
|
121 |
if (elements.contains("SHA512") && !elements.contains("SHA-512")) {
|
|
122 |
elements.add("SHA-512");
|
|
123 |
}
|
|
124 |
if (elements.contains("SHA-512") && !elements.contains("SHA512")) {
|
|
125 |
elements.add("SHA512");
|
|
126 |
}
|
|
127 |
|
|
128 |
return elements;
|
|
129 |
}
|
|
130 |
|
|
131 |
}
|