23 * questions. |
23 * questions. |
24 */ |
24 */ |
25 |
25 |
26 package java.security.spec; |
26 package java.security.spec; |
27 |
27 |
28 import java.math.BigInteger; |
28 import java.util.Objects; |
29 import java.security.spec.MGF1ParameterSpec; |
29 import java.security.spec.MGF1ParameterSpec; |
30 |
30 |
31 /** |
31 /** |
32 * This class specifies a parameter spec for RSA-PSS signature scheme, |
32 * This class specifies a parameter spec for RSASSA-PSS signature scheme, |
33 * as defined in the |
33 * as defined in the |
34 * <a href="http://www.ietf.org/rfc/rfc3447.txt">PKCS#1 v2.1</a> |
34 * <a href="https://tools.ietf.org/rfc/rfc8017.txt">PKCS#1 v2.2</a> standard. |
35 * standard. |
|
36 * |
35 * |
37 * <p>Its ASN.1 definition in PKCS#1 standard is described below: |
36 * <p>Its ASN.1 definition in PKCS#1 standard is described below: |
38 * <pre> |
37 * <pre> |
39 * RSASSA-PSS-params ::= SEQUENCE { |
38 * RSASSA-PSS-params ::= SEQUENCE { |
40 * hashAlgorithm [0] OAEP-PSSDigestAlgorithms DEFAULT sha1, |
39 * hashAlgorithm [0] HashAlgorithm DEFAULT sha1, |
41 * maskGenAlgorithm [1] PKCS1MGFAlgorithms DEFAULT mgf1SHA1, |
40 * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1, |
42 * saltLength [2] INTEGER DEFAULT 20, |
41 * saltLength [2] INTEGER DEFAULT 20, |
43 * trailerField [3] INTEGER DEFAULT 1 |
42 * trailerField [3] TrailerField DEFAULT trailerFieldBC(1) |
44 * } |
43 * } |
45 * </pre> |
44 * </pre> |
46 * where |
45 * where |
47 * <pre> |
46 * <pre> |
|
47 * HashAlgorithm ::= AlgorithmIdentifier { |
|
48 * {OAEP-PSSDigestAlgorithms} |
|
49 * } |
|
50 * MaskGenAlgorithm ::= AlgorithmIdentifier { {PKCS1MGFAlgorithms} } |
|
51 * TrailerField ::= INTEGER { trailerFieldBC(1) } |
|
52 * |
48 * OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= { |
53 * OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= { |
49 * { OID id-sha1 PARAMETERS NULL }| |
54 * { OID id-sha1 PARAMETERS NULL }| |
50 * { OID id-sha224 PARAMETERS NULL }| |
55 * { OID id-sha224 PARAMETERS NULL }| |
51 * { OID id-sha256 PARAMETERS NULL }| |
56 * { OID id-sha256 PARAMETERS NULL }| |
52 * { OID id-sha384 PARAMETERS NULL }| |
57 * { OID id-sha384 PARAMETERS NULL }| |
53 * { OID id-sha512 PARAMETERS NULL }, |
58 * { OID id-sha512 PARAMETERS NULL }| |
|
59 * { OID id-sha512-224 PARAMETERS NULL }| |
|
60 * { OID id-sha512-256 PARAMETERS NULL }, |
54 * ... -- Allows for future expansion -- |
61 * ... -- Allows for future expansion -- |
55 * } |
62 * } |
56 * |
|
57 * PKCS1MGFAlgorithms ALGORITHM-IDENTIFIER ::= { |
63 * PKCS1MGFAlgorithms ALGORITHM-IDENTIFIER ::= { |
58 * { OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms }, |
64 * { OID id-mgf1 PARAMETERS HashAlgorithm }, |
59 * ... -- Allows for future expansion -- |
65 * ... -- Allows for future expansion -- |
60 * } |
66 * } |
61 * </pre> |
67 * </pre> |
62 * <p>Note: the PSSParameterSpec.DEFAULT uses the following: |
68 * <p>Note: the PSSParameterSpec.DEFAULT uses the following: |
63 * message digest -- "SHA-1" |
69 * message digest -- "SHA-1" |
76 * @since 1.4 |
82 * @since 1.4 |
77 */ |
83 */ |
78 |
84 |
79 public class PSSParameterSpec implements AlgorithmParameterSpec { |
85 public class PSSParameterSpec implements AlgorithmParameterSpec { |
80 |
86 |
81 private String mdName = "SHA-1"; |
87 private final String mdName; |
82 private String mgfName = "MGF1"; |
88 |
83 private AlgorithmParameterSpec mgfSpec = MGF1ParameterSpec.SHA1; |
89 private final String mgfName; |
84 private int saltLen = 20; |
90 |
85 private int trailerField = 1; |
91 private final AlgorithmParameterSpec mgfSpec; |
86 |
92 |
87 /** |
93 private final int saltLen; |
88 * The PSS parameter set with all default values. |
94 |
89 * @since 1.5 |
95 private final int trailerField; |
90 */ |
96 |
91 public static final PSSParameterSpec DEFAULT = new PSSParameterSpec(); |
97 /** |
92 |
98 * The {@code TrailerFieldBC} constant as defined in PKCS#1 |
93 /** |
99 * @since 11 |
94 * Constructs a new {@code PSSParameterSpec} as defined in |
100 */ |
95 * the PKCS #1 standard using the default values. |
101 public static final int TRAILER_FIELD_BC = 1; |
96 */ |
102 |
|
103 /** |
|
104 * The PSS parameter set with all default values |
|
105 * @since 1.5 |
|
106 */ |
|
107 public static final PSSParameterSpec DEFAULT = new PSSParameterSpec |
|
108 ("SHA-1", "MGF1", MGF1ParameterSpec.SHA1, 20, TRAILER_FIELD_BC); |
|
109 |
|
110 |
|
111 // disallowed |
97 private PSSParameterSpec() { |
112 private PSSParameterSpec() { |
98 } |
113 throw new RuntimeException("default constructor not allowed"); |
|
114 } |
|
115 |
99 |
116 |
100 /** |
117 /** |
101 * Creates a new {@code PSSParameterSpec} as defined in |
118 * Creates a new {@code PSSParameterSpec} as defined in |
102 * the PKCS #1 standard using the specified message digest, |
119 * the PKCS #1 standard using the specified message digest, |
103 * mask generation function, parameters for mask generation |
120 * mask generation function, parameters for mask generation |
104 * function, salt length, and trailer field values. |
121 * function, salt length, and trailer field values. |
105 * |
122 * |
106 * @param mdName the algorithm name of the hash function. |
123 * @param mdName the algorithm name of the hash function |
107 * @param mgfName the algorithm name of the mask generation |
124 * @param mgfName the algorithm name of the mask generation function |
108 * function. |
125 * @param mgfSpec the parameters for the mask generation function |
109 * @param mgfSpec the parameters for the mask generation |
126 * If null is specified, null will be returned by |
110 * function. If null is specified, null will be returned by |
127 * getMGFParameters() |
111 * getMGFParameters(). |
128 * @param saltLen the length of salt |
112 * @param saltLen the length of salt. |
129 * @param trailerField the value of the trailer field |
113 * @param trailerField the value of the trailer field. |
130 * @exception NullPointerException if {@code mdName}, or {@code mgfName} |
114 * @exception NullPointerException if {@code mdName}, |
131 * is null |
115 * or {@code mgfName} is null. |
132 * @exception IllegalArgumentException if {@code saltLen} or |
116 * @exception IllegalArgumentException if {@code saltLen} |
133 * {@code trailerField} is less than 0 |
117 * or {@code trailerField} is less than 0. |
|
118 * @since 1.5 |
134 * @since 1.5 |
119 */ |
135 */ |
120 public PSSParameterSpec(String mdName, String mgfName, |
136 public PSSParameterSpec(String mdName, String mgfName, |
121 AlgorithmParameterSpec mgfSpec, |
137 AlgorithmParameterSpec mgfSpec, int saltLen, int trailerField) { |
122 int saltLen, int trailerField) { |
138 Objects.requireNonNull(mdName, "digest algorithm is null"); |
123 if (mdName == null) { |
139 Objects.requireNonNull(mgfName, |
124 throw new NullPointerException("digest algorithm is null"); |
140 "mask generation function algorithm is null"); |
125 } |
|
126 if (mgfName == null) { |
|
127 throw new NullPointerException("mask generation function " + |
|
128 "algorithm is null"); |
|
129 } |
|
130 if (saltLen < 0) { |
141 if (saltLen < 0) { |
131 throw new IllegalArgumentException("negative saltLen value: " + |
142 throw new IllegalArgumentException("negative saltLen value: " + |
132 saltLen); |
143 saltLen); |
133 } |
144 } |
134 if (trailerField < 0) { |
145 if (trailerField < 0) { |
145 /** |
156 /** |
146 * Creates a new {@code PSSParameterSpec} |
157 * Creates a new {@code PSSParameterSpec} |
147 * using the specified salt length and other default values as |
158 * using the specified salt length and other default values as |
148 * defined in PKCS#1. |
159 * defined in PKCS#1. |
149 * |
160 * |
150 * @param saltLen the length of salt in bits to be used in PKCS#1 |
161 * @param saltLen the length of salt in bytes to be used in PKCS#1 |
151 * PSS encoding. |
162 * PSS encoding |
152 * @exception IllegalArgumentException if {@code saltLen} is |
163 * @exception IllegalArgumentException if {@code saltLen} is |
153 * less than 0. |
164 * less than 0 |
154 */ |
165 */ |
155 public PSSParameterSpec(int saltLen) { |
166 public PSSParameterSpec(int saltLen) { |
156 if (saltLen < 0) { |
167 this("SHA-1", "MGF1", MGF1ParameterSpec.SHA1, saltLen, TRAILER_FIELD_BC); |
157 throw new IllegalArgumentException("negative saltLen value: " + |
|
158 saltLen); |
|
159 } |
|
160 this.saltLen = saltLen; |
|
161 } |
168 } |
162 |
169 |
163 /** |
170 /** |
164 * Returns the message digest algorithm name. |
171 * Returns the message digest algorithm name. |
165 * |
172 * |
166 * @return the message digest algorithm name. |
173 * @return the message digest algorithm name |
167 * @since 1.5 |
174 * @since 1.5 |
168 */ |
175 */ |
169 public String getDigestAlgorithm() { |
176 public String getDigestAlgorithm() { |
170 return mdName; |
177 return mdName; |
171 } |
178 } |
172 |
179 |
173 /** |
180 /** |
174 * Returns the mask generation function algorithm name. |
181 * Returns the mask generation function algorithm name. |
175 * |
182 * |
176 * @return the mask generation function algorithm name. |
183 * @return the mask generation function algorithm name |
177 * |
184 * |
178 * @since 1.5 |
185 * @since 1.5 |
179 */ |
186 */ |
180 public String getMGFAlgorithm() { |
187 public String getMGFAlgorithm() { |
181 return mgfName; |
188 return mgfName; |
182 } |
189 } |
183 |
190 |
184 /** |
191 /** |
185 * Returns the parameters for the mask generation function. |
192 * Returns the parameters for the mask generation function. |
186 * |
193 * |
187 * @return the parameters for the mask generation function. |
194 * @return the parameters for the mask generation function |
188 * @since 1.5 |
195 * @since 1.5 |
189 */ |
196 */ |
190 public AlgorithmParameterSpec getMGFParameters() { |
197 public AlgorithmParameterSpec getMGFParameters() { |
191 return mgfSpec; |
198 return mgfSpec; |
192 } |
199 } |
193 |
200 |
194 /** |
201 /** |
195 * Returns the salt length in bits. |
202 * Returns the salt length in bytes. |
196 * |
203 * |
197 * @return the salt length. |
204 * @return the salt length |
198 */ |
205 */ |
199 public int getSaltLength() { |
206 public int getSaltLength() { |
200 return saltLen; |
207 return saltLen; |
201 } |
208 } |
202 |
209 |
203 /** |
210 /** |
204 * Returns the value for the trailer field, i.e. bc in PKCS#1 v2.1. |
211 * Returns the value for the trailer field. |
205 * |
212 * |
206 * @return the value for the trailer field, i.e. bc in PKCS#1 v2.1. |
213 * @return the value for the trailer field |
207 * @since 1.5 |
214 * @since 1.5 |
208 */ |
215 */ |
209 public int getTrailerField() { |
216 public int getTrailerField() { |
210 return trailerField; |
217 return trailerField; |
211 } |
218 } |