com.ibm.security.x509
Class AlgorithmId

com.ibm.security.x509.AlgorithmId

public class AlgorithmId
implements Serializable

See Also:
Serialized Form

Field Summary
static ObjectIdentifier DESCBC_oid
          Identifies the Data Encryption Standard (DES) symmetric key cryptographic algorithm in Cipher Block Chaining (CBC) mode; defined in NIST OIW.
static ObjectIdentifier DH_oid
          Algorithm ID for Diffie Hellman Key agreement, from PKCS #3.
static ObjectIdentifier DH_PKIX_oid
          Algorithm ID for the Diffie Hellman Key Agreement (DH), from the IETF PKIX IPKI Part I.
static ObjectIdentifier DSA_oid
          Algorithm ID for the Digital Signing Algorithm (DSA), from the IETF PKIX IPKI Part I.
static ObjectIdentifier DSA_OIW_oid
          Algorithm ID for the Digital Signing Algorithm (DSA), from the NIST OIW Stable Agreements part 12.
static ObjectIdentifier HmacSHA1_oid
          Message Authentication Code (MAC) ID for HmacSHA1 from RFC 2630.
static ObjectIdentifier MD2_oid
          Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319.
static ObjectIdentifier md2WithRSAEncryption_oid
          Identifies a signing algorithm where an MD2 digest is encrypted using an RSA private key; defined in PKCS #1.
static ObjectIdentifier MD5_oid
          Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321.
static ObjectIdentifier md5WithRSAEncryption_oid
          Identifies a signing algorithm where an MD5 digest is encrypted using an RSA private key; defined in PKCS #1.
protected  com.ibm.security.util.DerValue params
          Parameters for this algorithm.
static ObjectIdentifier PasswordBasedMac_oid
          ID for PasswordBasedMac (PBM) from RFC 2510.
static ObjectIdentifier RC2CBC_oid
          Identifies the Rivest Cipher 2 (RC2) symmetric key cryptographic algorithm in Cipher Block Chaining (CBC) mode.
static ObjectIdentifier RSA_oid
          Algorithm ID for RSA keys used for any purpose, as defined in X.509.
static ObjectIdentifier RSAEncryption_oid
          Algorithm ID for RSA keys used with RSA encryption, as defined in PKCS #1.
static ObjectIdentifier SHA_oid
          Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1.
static ObjectIdentifier sha1WithDSA_oid
          Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1 digest is signed using the Digital Signing Algorithm (DSA).
static ObjectIdentifier sha1WithDSA_OIW_oid
          Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1 digest is signed using the Digital Signing Algorithm (DSA).
static ObjectIdentifier sha1WithRSAEncryption_oid
          Identifies a signing algorithm where a SHA1 digest is encrypted using an RSA private key; defined by RSA DSI.
static ObjectIdentifier sha1WithRSAEncryption_OIW_oid
          Identifies a signing algorithm where a SHA1 digest is encrypted using an RSA private key; defined in NIST OIW.
static ObjectIdentifier shaWithDSA_OIW_oid
          Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA digest is signed using the Digital Signing Algorithm (DSA).
static ObjectIdentifier tripleDESCBC_oid
          Identifies the Triple Data Encryption Standard (DESede or "Triple DES") symmetric key cryptographic algorithm in Cipher Block Chaining (CBC) mode.
 
Constructor Summary
AlgorithmId(com.ibm.security.util.DerValue val)
          Constructs an algorithm identifier from its ASN.1 encoding.
AlgorithmId(com.ibm.security.util.DerValue val, String provider)
          Constructs an algorithm identifier from its ASN.1 encoding.
AlgorithmId(ObjectIdentifier oid)
          Constructs a parameterless algorithm ID.
AlgorithmId(ObjectIdentifier oid, byte[] params)
          Constructs an algorithm identifier from an oid and ASN.1 encoded parameters.
AlgorithmId(ObjectIdentifier oid, byte[] params, String provider)
          Constructs an algorithm identifier from an oid and ASN.1 encoded parameters.
AlgorithmId(ObjectIdentifier oid, String provider)
          Constructs a parameterless algorithm ID.
AlgorithmId(String oid, byte[] params)
          Constructs an algorithm identifier from an oid in string representation and ASN.1 encoded parameters.
AlgorithmId(String oid, byte[] params, String provider)
          Constructs an algorithm identifier from an oid in string representation and ASN.1 encoded parameters.
 
Method Summary
protected  void decodeParams()
          LOCKDOWN remove default ctor public AlgorithmId() { }
 void derEncode(OutputStream out)
          DER encode this object onto an output stream.
 byte[] encode()
          Returns the DER-encoded X.509 AlgorithmId as a byte array.
 void encode(com.ibm.security.util.DerOutputStream out)
          Marshal a DER-encoded "AlgorithmID" sequence on the DER stream.
 boolean equals(AlgorithmId other)
          Returns true iff the argument indicates the same algorithm with the same parameters.
 boolean equals(Object other)
          Compares this AlgorithmID to another.
 boolean equals(ObjectIdentifier id)
          Compares two algorithm IDs for equality.
static AlgorithmId get(String algname)
          Returns one of the algorithm IDs most commonly associated with this algorithm name.
static AlgorithmId get(String algname, String provider)
          Returns one of the algorithm IDs most commonly associated with this algorithm name.
static AlgorithmId getAlgorithmId(String algname)
          Deprecated. use the short get form of this method.
 AlgorithmParameters getAlgParameters()
          Returns the algorithm parameters.
 byte[] getEncodedParams()
          Returns the DER encoded parameter, which can then be used to initialize java.security.AlgorithmParamters.
 String getName()
          Returns a name for the algorithm which may be more intelligible to humans than the algorithm's OID, but which won't necessarily be comprehensible on other systems.
 ObjectIdentifier getOID()
          Returns the ISO OID for this algorithm.
 byte[] getParameters()
          Returns the ASN.1 encoded parameters.
protected  String paramsToString()
          Provides a human-readable description of the algorithm parameters.
static AlgorithmId parse(com.ibm.security.util.DerValue val)
          Parse (unmarshal) an ID from a DER sequence input value.
static AlgorithmId parse(com.ibm.security.util.DerValue val, String provider)
          Parse (unmarshal) an ID from a DER sequence input value.
 String toString()
          Returns a string describing the algorithm and its parameters.
 

Field Detail

params

protected com.ibm.security.util.DerValue params
Parameters for this algorithm. These are stored in unparsed DER-encoded form; subclasses can be made to automatically parse them so there is fast access to these parameters.

MD2_oid

public static ObjectIdentifier MD2_oid
Algorithm ID for the MD2 Message Digest Algorthm, from RFC 1319. OID = 1.2.840.113549.2.2

MD5_oid

public static ObjectIdentifier MD5_oid
Algorithm ID for the MD5 Message Digest Algorthm, from RFC 1321. OID = 1.2.840.113549.2.5

SHA_oid

public static ObjectIdentifier SHA_oid
Algorithm ID for the SHA1 Message Digest Algorithm, from FIPS 180-1. This is sometimes called "SHA", though that is often confusing since many people refer to FIPS 180 (which has an error) as defining SHA. OID = 1.3.14.3.2.26

HmacSHA1_oid

public static ObjectIdentifier HmacSHA1_oid
Message Authentication Code (MAC) ID for HmacSHA1 from RFC 2630. OID = 1.3.6.1.5.5.8.1.2

PasswordBasedMac_oid

public static ObjectIdentifier PasswordBasedMac_oid
ID for PasswordBasedMac (PBM) from RFC 2510. OID = 1.2.840.113533.7.66.30

DH_oid

public static ObjectIdentifier DH_oid
Algorithm ID for Diffie Hellman Key agreement, from PKCS #3. Parameters include public values P and G, and may optionally specify the length of the private key X. Alternatively, algorithm parameters may be derived from another source such as a Certificate Authority's certificate. OID = 1.2.840.113549.1.3.1

DH_PKIX_oid

public static ObjectIdentifier DH_PKIX_oid
Algorithm ID for the Diffie Hellman Key Agreement (DH), from the IETF PKIX IPKI Part I. Parameters may include public values P and G. OID = 1.2.840.10046.2.1

DSA_OIW_oid

public static ObjectIdentifier DSA_OIW_oid
Algorithm ID for the Digital Signing Algorithm (DSA), from the NIST OIW Stable Agreements part 12. Parameters may include public values P, Q, and G; or these may be derived from another source such as a Certificate Authority's certificate. OID = 1.3.14.3.2.12

DSA_oid

public static ObjectIdentifier DSA_oid
Algorithm ID for the Digital Signing Algorithm (DSA), from the IETF PKIX IPKI Part I. Parameters may include public values P, Q, and G; or these may be derived from another source such as a Certificate Authority's certificate. OID = 1.2.840.10040.4.1

RSA_oid

public static ObjectIdentifier RSA_oid
Algorithm ID for RSA keys used for any purpose, as defined in X.509. The algorithm parameter is a single value, the number of bits in the public modulus. OID = 1.2.5.8.1.1

RSAEncryption_oid

public static ObjectIdentifier RSAEncryption_oid
Algorithm ID for RSA keys used with RSA encryption, as defined in PKCS #1. There are no parameters associated with this algorithm. OID = 1.2.840.113549.1.1.1

md2WithRSAEncryption_oid

public static ObjectIdentifier md2WithRSAEncryption_oid
Identifies a signing algorithm where an MD2 digest is encrypted using an RSA private key; defined in PKCS #1. Use of this signing algorithm is discouraged due to MD2 vulnerabilities. OID = 1.2.840.113549.1.1.2

md5WithRSAEncryption_oid

public static ObjectIdentifier md5WithRSAEncryption_oid
Identifies a signing algorithm where an MD5 digest is encrypted using an RSA private key; defined in PKCS #1. OID = 1.2.840.113549.1.1.4

sha1WithRSAEncryption_oid

public static ObjectIdentifier sha1WithRSAEncryption_oid
Identifies a signing algorithm where a SHA1 digest is encrypted using an RSA private key; defined by RSA DSI. OID = 1.2.840.113549.1.1.5

sha1WithRSAEncryption_OIW_oid

public static ObjectIdentifier sha1WithRSAEncryption_OIW_oid
Identifies a signing algorithm where a SHA1 digest is encrypted using an RSA private key; defined in NIST OIW. OID = 1.3.14.3.2.29

shaWithDSA_OIW_oid

public static ObjectIdentifier shaWithDSA_OIW_oid
Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA digest is signed using the Digital Signing Algorithm (DSA). This should not be used. OID = 1.3.14.3.2.13

sha1WithDSA_OIW_oid

public static ObjectIdentifier sha1WithDSA_OIW_oid
Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1 digest is signed using the Digital Signing Algorithm (DSA). OID = 1.3.14.3.2.27

sha1WithDSA_oid

public static ObjectIdentifier sha1WithDSA_oid
Identifies the FIPS 186 "Digital Signature Standard" (DSS), where a SHA1 digest is signed using the Digital Signing Algorithm (DSA). OID = 1.2.840.10040.4.3

DESCBC_oid

public static ObjectIdentifier DESCBC_oid
Identifies the Data Encryption Standard (DES) symmetric key cryptographic algorithm in Cipher Block Chaining (CBC) mode; defined in NIST OIW. OID = 1.3.14.3.2.7

tripleDESCBC_oid

public static ObjectIdentifier tripleDESCBC_oid
Identifies the Triple Data Encryption Standard (DESede or "Triple DES") symmetric key cryptographic algorithm in Cipher Block Chaining (CBC) mode. OID = 1.2.840.113459.3.7

RC2CBC_oid

public static ObjectIdentifier RC2CBC_oid
Identifies the Rivest Cipher 2 (RC2) symmetric key cryptographic algorithm in Cipher Block Chaining (CBC) mode. OID = 1.2.840.113459.3.2
Constructor Detail

AlgorithmId

public AlgorithmId(com.ibm.security.util.DerValue val)
            throws IOException
Constructs an algorithm identifier from its ASN.1 encoding.

AlgorithmId

public AlgorithmId(com.ibm.security.util.DerValue val,
                   String provider)
            throws IOException
Constructs an algorithm identifier from its ASN.1 encoding.

AlgorithmId

public AlgorithmId(ObjectIdentifier oid,
                   byte[] params)
            throws IOException
Constructs an algorithm identifier from an oid and ASN.1 encoded parameters.

AlgorithmId

public AlgorithmId(ObjectIdentifier oid,
                   byte[] params,
                   String provider)
            throws IOException
Constructs an algorithm identifier from an oid and ASN.1 encoded parameters.

AlgorithmId

public AlgorithmId(String oid,
                   byte[] params)
            throws IOException
Constructs an algorithm identifier from an oid in string representation and ASN.1 encoded parameters.

AlgorithmId

public AlgorithmId(String oid,
                   byte[] params,
                   String provider)
            throws IOException
Constructs an algorithm identifier from an oid in string representation and ASN.1 encoded parameters.

AlgorithmId

public AlgorithmId(ObjectIdentifier oid)
Constructs a parameterless algorithm ID.
Parameters:
oid - the identifier for the algorithm

AlgorithmId

public AlgorithmId(ObjectIdentifier oid,
                   String provider)
Constructs a parameterless algorithm ID.
Parameters:
oid - the identifier for the algorithm
provider - the provider being used
Method Detail

getAlgorithmId

public static AlgorithmId getAlgorithmId(String algname)
                                  throws NoSuchAlgorithmException
Deprecated. use the short get form of this method.

Returns one of the algorithm IDs most commonly associated with this algorithm name.
Parameters:
algname - the name being used
Throws:
NoSuchAlgorithmException - on error.

getAlgParameters

public AlgorithmParameters getAlgParameters()
Returns the algorithm parameters.

getParameters

public byte[] getParameters()
                     throws IOException
Returns the ASN.1 encoded parameters.
Throws:
IOException - on error.

get

public static AlgorithmId get(String algname)
                       throws NoSuchAlgorithmException
Returns one of the algorithm IDs most commonly associated with this algorithm name.
Parameters:
algname - the name being used
Throws:
NoSuchAlgorithmException - on error.

get

public static AlgorithmId get(String algname,
                              String provider)
                       throws NoSuchAlgorithmException
Returns one of the algorithm IDs most commonly associated with this algorithm name.
Parameters:
algname - the name being used
provider - the provider being used
Throws:
NoSuchAlgorithmException - on error.

parse

public static AlgorithmId parse(com.ibm.security.util.DerValue val)
                         throws IOException
Parse (unmarshal) an ID from a DER sequence input value. This form parsing might be used when expanding a value which has already been partially unmarshaled as a set or sequence member.
Parameters:
val - the input value, which contains the algid and, if there are any parameters, those parameters.
Returns:
an ID for the algorithm. If the system is configured appropriately, this may be an instance of a class with some kind of special support for this algorithm. In that case, you may "narrow" the type of the ID.
Throws:
IOException - on error.

parse

public static AlgorithmId parse(com.ibm.security.util.DerValue val,
                                String provider)
                         throws IOException
Parse (unmarshal) an ID from a DER sequence input value. This form parsing might be used when expanding a value which has already been partially unmarshaled as a set or sequence member.
Parameters:
val - the input value, which contains the algid and, if there are any parameters, those parameters.
provider - the provider being used
Returns:
an ID for the algorithm. If the system is configured appropriately, this may be an instance of a class with some kind of special support for this algorithm. In that case, you may "narrow" the type of the ID.
Throws:
IOException - on error.

decodeParams

protected void decodeParams()
                     throws IOException
LOCKDOWN remove default ctor public AlgorithmId() { }

encode

public final void encode(com.ibm.security.util.DerOutputStream out)
                  throws IOException
Marshal a DER-encoded "AlgorithmID" sequence on the DER stream.

derEncode

public void derEncode(OutputStream out)
               throws IOException
DER encode this object onto an output stream. Implements the DerEncoder interface.
Parameters:
out - the output stream on which to write the DER encoding.
Throws:
IOException - on encoding error.

encode

public final byte[] encode()
                    throws IOException
Returns the DER-encoded X.509 AlgorithmId as a byte array.

getOID

public final ObjectIdentifier getOID()
Returns the ISO OID for this algorithm. This is usually converted to a string and used as part of an algorithm name, for example "OID.1.3.14.3.2.13" style notation. Use the getName call when you do not need to ensure cross-system portability of algorithm names, or need a user friendly name.

getName

public String getName()
Returns a name for the algorithm which may be more intelligible to humans than the algorithm's OID, but which won't necessarily be comprehensible on other systems. For example, this might return a name such as "MD5withRSA" for a signature algorithm on some systems. It also returns names like "OID.1.2.3.4", when no particular name for the algorithm is known.

toString

public String toString()
Returns a string describing the algorithm and its parameters.

getEncodedParams

public byte[] getEncodedParams()
                        throws IOException
Returns the DER encoded parameter, which can then be used to initialize java.security.AlgorithmParamters.
Returns:
DER encoded parameters, or null if parameters are not present.

paramsToString

protected String paramsToString()
Provides a human-readable description of the algorithm parameters. This may be redefined by subclasses which parse those parameters.

equals

public boolean equals(AlgorithmId other)
Returns true iff the argument indicates the same algorithm with the same parameters.

equals

public boolean equals(Object other)
Compares this AlgorithmID to another. If algorithm parameters are available, they are compared. Otherwise, just the object IDs for the algorithm are compared.
Parameters:
other - preferably an AlgorithmId, else an ObjectIdentifier

equals

public final boolean equals(ObjectIdentifier id)
Compares two algorithm IDs for equality. Returns true iff they are the same algorithm, ignoring algorithm parameters.