davidb/jdnssec-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Add aliases defined in RFC 5155 (NSEC3); formatting.

Browse Source 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@113 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
This commit is contained in:
David Blacka 2009-02-02 04:51:15 +00:00
parent e5270de8ee
commit 4073e6a576
1 changed files with 64 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/com/verisignlabs/dnssec/security/DnsKeyAlgorithm.java
View File

@ -41,13 +41,13 @@ import java.util.logging.Logger;
import org.xbill.DNS.DNSSEC; import org.xbill.DNS.DNSSEC;
/** /**
* This class handles translated DNS signing algorithm identifiers into * This class handles translated DNS signing algorithm identifiers into various
* various usable java implementations. * usable java implementations.
* *
* Besides centralizing the logic surrounding matching a DNSKEY algorithm * Besides centralizing the logic surrounding matching a DNSKEY algorithm
* identifier with various crypto implementations, it also handles algorithm * identifier with various crypto implementations, it also handles algorithm
* aliasing -- that is, defining a new algorithm identifier to be equivalent * aliasing -- that is, defining a new algorithm identifier to be equivalent to
* to an existing identifier. * an existing identifier.
* *
* @author David Blacka (orig) * @author David Blacka (orig)
* @author $Author: davidb $ (latest) * @author $Author: davidb $ (latest)
@ -74,9 +74,8 @@ public class DnsKeyAlgorithm
} }
/** /**
* This is a mapping of algorithm identifier to Entry. The Entry contains * This is a mapping of algorithm identifier to Entry. The Entry contains the
* the data needed to map the algorithm to the various crypto * data needed to map the algorithm to the various crypto implementations.
* implementations.
*/ */
private HashMap mAlgorithmMap; private HashMap mAlgorithmMap;
/** /**
@ -84,8 +83,8 @@ public class DnsKeyAlgorithm
*/ */
private HashMap mMnemonicToIdMap; private HashMap mMnemonicToIdMap;
/** /**
* This is a mapping of identifiers to preferred mnemonic -- the preferred * This is a mapping of identifiers to preferred mnemonic -- the preferred one
* one is the first defined one * is the first defined one
*/ */
private HashMap mIdToMnemonicMap; private HashMap mIdToMnemonicMap;
@ -119,6 +118,10 @@ public class DnsKeyAlgorithm
addAlgorithm(DNSSEC.RSASHA1, new Entry("SHA1withRSA", RSA)); addAlgorithm(DNSSEC.RSASHA1, new Entry("SHA1withRSA", RSA));
addMnemonic("RSASHA1", DNSSEC.RSASHA1); addMnemonic("RSASHA1", DNSSEC.RSASHA1);
addMnemonic("RSA", DNSSEC.RSASHA1); addMnemonic("RSA", DNSSEC.RSASHA1);
// Load the (now) standard aliases
addAlias(6, "DSA-NSEC3-SHA1", DNSSEC.DSA);
addAlias(7, "RSA-NSEC3-SHA1", DNSSEC.RSASHA1);
} }
private void addAlgorithm(int algorithm, Entry entry) private void addAlgorithm(int algorithm, Entry entry)
@ -243,11 +246,13 @@ public class DnsKeyAlgorithm
RSAKeyGenParameterSpec rsa_spec; RSAKeyGenParameterSpec rsa_spec;
if (useLargeExp) if (useLargeExp)
{ {
rsa_spec = new RSAKeyGenParameterSpec(keysize, RSAKeyGenParameterSpec.F4); rsa_spec = new RSAKeyGenParameterSpec(keysize,
RSAKeyGenParameterSpec.F4);
} }
else else
{ {
rsa_spec = new RSAKeyGenParameterSpec(keysize, RSAKeyGenParameterSpec.F0); rsa_spec = new RSAKeyGenParameterSpec(keysize,
RSAKeyGenParameterSpec.F0);
} }
try try
{ {