001/*
002 * Copyright 2017-2024 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2017-2024 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2017-2024 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.util.ssl.cert;
037
038
039
040import com.unboundid.util.NotNull;
041import com.unboundid.util.Nullable;
042import com.unboundid.util.OID;
043import com.unboundid.util.ThreadSafety;
044import com.unboundid.util.ThreadSafetyLevel;
045
046
047
048/**
049 * This enum defines a set of algorithm names and OIDs.
050 */
051@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
052public enum SignatureAlgorithmIdentifier
053{
054  /**
055   * The algorithm identifier for the MD2 message digest with RSA encryption.
056   * This identifier is defined in RFC 3279 section 2.2.1.
057   */
058  MD2_WITH_RSA("1.2.840.113549.1.1.2", "MD2withRSA", "MD2 with RSA"),
059
060
061
062  /**
063   * The algorithm identifier for the MD5 message digest with RSA encryption.
064   * This identifier is defined in RFC 3279 section 2.2.1.
065   */
066  MD5_WITH_RSA("1.2.840.113549.1.1.4", "MD5withRSA", "MD5 with RSA"),
067
068
069
070  /**
071   * The algorithm identifier for the SHA-1 message digest with RSA encryption.
072   * This identifier is defined in RFC 3279 section 2.2.1.
073   */
074  SHA_1_WITH_RSA("1.2.840.113549.1.1.5", "SHA1withRSA", "SHA-1 with RSA"),
075
076
077
078  /**
079   * The algorithm identifier for the 224-bit SHA-2 message digest with RSA
080   * encryption.  This identifier is defined in RFC 4055 section 5.
081   */
082  SHA_224_WITH_RSA("1.2.840.113549.1.1.14", "SHA224withRSA",
083       "SHA-224 with RSA"),
084
085
086
087  /**
088   * The algorithm identifier for the 256-bit SHA-2 message digest with RSA
089   * encryption.  This identifier is defined in RFC 4055 section 5.
090   */
091  SHA_256_WITH_RSA("1.2.840.113549.1.1.11", "SHA256withRSA",
092       "SHA-256 with RSA"),
093
094
095
096  /**
097   * The algorithm identifier for the 384-bit SHA-2 message digest with RSA
098   * encryption.  This identifier is defined in RFC 4055 section 5.
099   */
100  SHA_384_WITH_RSA("1.2.840.113549.1.1.12", "SHA384withRSA",
101       "SHA-384 with RSA"),
102
103
104
105  /**
106   * The algorithm identifier for the 512-bit SHA-2 message digest with RSA
107   * encryption.  This identifier is defined in RFC 4055 section 5.
108   */
109  SHA_512_WITH_RSA("1.2.840.113549.1.1.13", "SHA512withRSA",
110       "SHA-512 with RSA"),
111
112
113
114  /**
115   * The algorithm identifier for the SHA-1 message digest with the DSA
116   * signature algorithm.  This identifier is defined in RFC 3279 section 2.2.2.
117   */
118  SHA_1_WITH_DSA("1.2.840.10040.4.3", "SHA1withDSA", "SHA-1 with DSA"),
119
120
121
122  /**
123   * The algorithm identifier for the 224-bit SHA-2 message digest with the DSA
124   * signature algorithm.  This identifier is defined in RFC 5758 section 3.1.
125   */
126  SHA_224_WITH_DSA("2.16.840.1.101.3.4.3.1", "SHA224withDSA",
127       "SHA-224 with DSA"),
128
129
130
131  /**
132   * The algorithm identifier for the 256-bit SHA-2 message digest with the DSA
133   * signature algorithm.  This identifier is defined in RFC 5758 section 3.1.
134   */
135  SHA_256_WITH_DSA("2.16.840.1.101.3.4.3.2", "SHA256withDSA",
136       "SHA-256 with DSA"),
137
138
139
140  /**
141   * The algorithm identifier for the SHA-1 message digest with the ECDSA
142   * signature algorithm.  This identifier is defined in RFC 3279 section 2.2.3.
143   */
144  SHA_1_WITH_ECDSA("1.2.840.10045.4.1", "SHA1withECDSA", "SHA-1 with ECDSA"),
145
146
147
148  /**
149   * The algorithm identifier for the 224-bit SHA-2 message digest with the
150   * ECDSA signature algorithm.  This identifier is defined in RFC 5758 section
151   * 3.2.
152   */
153  SHA_224_WITH_ECDSA("1.2.840.10045.4.3.1", "SHA224withECDSA",
154       "SHA-224 with ECDSA"),
155
156
157
158  /**
159   * The algorithm identifier for the 256-bit SHA-2 message digest with the
160   * ECDSA signature algorithm.  This identifier is defined in RFC 5758 section
161   * 3.2.
162   */
163  SHA_256_WITH_ECDSA("1.2.840.10045.4.3.2", "SHA256withECDSA",
164       "SHA-256 with ECDSA"),
165
166
167
168  /**
169   * The algorithm identifier for the 384-bit SHA-2 message digest with the
170   * ECDSA signature algorithm.  This identifier is defined in RFC 5758 section
171   * 3.2.
172   */
173  SHA_384_WITH_ECDSA("1.2.840.10045.4.3.3", "SHA384withECDSA",
174       "SHA-384 with ECDSA"),
175
176
177
178  /**
179   * The algorithm identifier for the 512-bit SHA-2 message digest with the
180   * ECDSA signature algorithm.  This identifier is defined in RFC 5758 section
181   * 3.2.
182   */
183  SHA_512_WITH_ECDSA("1.2.840.10045.4.3.4", "SHA512withECDSA",
184       "SHA-512 with ECDSA");
185
186
187
188  // The OID for this signature algorithm.
189  @NotNull private final OID oid;
190
191  // The name for this signature algorithm as it would be used internally by
192  // Java.
193  @NotNull private final String javaName;
194
195  // The user-friendly name for this signature algorithm.
196  @NotNull private final String userFriendlyName;
197
198
199
200  /**
201   * Creates a new signature algorithm with the provided information.
202   *
203   * @param  oidString         The string representation of the OID for this
204   *                           signature algorithm.
205   * @param  javaName          The name for this signature algorithm as it would
206   *                           be used internally by Java.
207   * @param  userFriendlyName  The user-friendly name for this signature
208   *                           algorithm.
209   */
210  SignatureAlgorithmIdentifier(@NotNull final String oidString,
211                               @NotNull final String javaName,
212                               @NotNull final String userFriendlyName)
213  {
214    this.javaName = javaName;
215    this.userFriendlyName = userFriendlyName;
216
217    oid = new OID(oidString);
218  }
219
220
221
222  /**
223   * Retrieves the OID for this signature algorithm.
224   *
225   * @return  The OID for this signature algorithm.
226   */
227  @NotNull()
228  public OID getOID()
229  {
230    return oid;
231  }
232
233
234
235  /**
236   * Retrieves the name for this signature algorithm as it would be used
237   * internally by Java.
238   *
239   * @return  The name for this signature algorithm as it would be used
240   *          internally by Java.
241   */
242  @NotNull()
243  public String getJavaName()
244  {
245    return javaName;
246  }
247
248
249
250  /**
251   * Retrieves the user-friendly name for this signature algorithm.
252   *
253   * @return  The user-friendly name for this signature algorithm.
254   */
255  @NotNull()
256  public String getUserFriendlyName()
257  {
258    return userFriendlyName;
259  }
260
261
262
263  /**
264   * Retrieves the signature algorithm identifier instance with the specified
265   * OID.
266   *
267   * @param  oid  The OID for the signature algorithm identifier instance to
268   *              retrieve.
269   *
270   * @return  The appropriate signature algorithm identifier instance, or
271   *          {@code null} if the provided OID does not reference a known
272   *          signature algorithm identifier.
273   */
274  @Nullable()
275  public static SignatureAlgorithmIdentifier forOID(@NotNull final OID oid)
276  {
277    for (final SignatureAlgorithmIdentifier v : values())
278    {
279      if (v.oid.equals(oid))
280      {
281        return v;
282      }
283    }
284
285    return null;
286  }
287
288
289
290  /**
291   * Retrieves the signature algorithm identifier instance with the specified
292   * name.
293   *
294   * @param  name  The name of the signature algorithm identifier instance to
295   *               retrieve.
296   *
297   * @return  The appropriate signature algorithm identifier instance, or
298   *          {@code null} if the provided name does not reference a known
299   *          signature algorithm identifier.
300   */
301  @Nullable()
302  public static SignatureAlgorithmIdentifier forName(@NotNull final String name)
303  {
304    final String preparedName = prepareName(name);
305    for (final SignatureAlgorithmIdentifier v : values())
306    {
307      if (v.javaName.equalsIgnoreCase(preparedName))
308      {
309        return v;
310      }
311    }
312
313    return null;
314  }
315
316
317
318  /**
319   * Prepares the provided name to be used by the {@link #forName(String)}
320   * method.  All spaces, dashes, and underscores will be removed.
321   *
322   * @param  name  The name to be compared.
323   *
324   * @return  The prepared version of the provided name.
325   */
326  @NotNull()
327  private static String prepareName(@NotNull final String name)
328  {
329    final StringBuilder buffer = new StringBuilder(name.length());
330
331    for (final char c : name.toCharArray())
332    {
333      switch (c)
334      {
335        case ' ':
336        case '-':
337        case '_':
338          // This character will be omitted.
339          break;
340        default:
341          // This character will be used.
342          buffer.append(c);
343      }
344    }
345
346    return buffer.toString();
347  }
348
349
350
351  /**
352   * Retrieves the user-friendly name for the signature algorithm identifier
353   * value with the provided OID, or a string representation of the OID if there
354   * is no value with that OID.
355   *
356   * @param  oid  The OID for the signature algorithm identifier to retrieve.
357   *
358   * @return  The user-friendly name for the signature algorithm identifier
359   *          value with the provided OID, or a string representation of the OID
360   *          if there is no value with that OID.
361   */
362  @NotNull()
363  public static String getNameOrOID(@NotNull final OID oid)
364  {
365    final SignatureAlgorithmIdentifier id = forOID(oid);
366    if (id == null)
367    {
368      return oid.toString();
369    }
370    else
371    {
372      return id.userFriendlyName;
373    }
374  }
375
376
377
378  /**
379   * Retrieves a string representation of this signature algorithm identifier.
380   *
381   * @return  A string representation of this signature algorithm identifier.
382   */
383  @Override()
384  @NotNull()
385  public String toString()
386  {
387    return userFriendlyName;
388  }
389}