davidb/jdnssec-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Add aliases defined in RFC 5155 (NSEC3); formatting.

Browse Source 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@113 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
This commit is contained in:
David Blacka 2009-02-02 04:51:15 +00:00
parent e5270de8ee
commit 4073e6a576
1 changed files with 64 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
src/com/verisignlabs/dnssec/security/DnsKeyAlgorithm.java
View File

@ -41,13 +41,13 @@ import java.util.logging.Logger;
import org.xbill.DNS.DNSSEC;
/**
* This class handles translated DNS signing algorithm identifiers into
* various usable java implementations.
* This class handles translated DNS signing algorithm identifiers into various
* usable java implementations.
*
* Besides centralizing the logic surrounding matching a DNSKEY algorithm
* identifier with various crypto implementations, it also handles algorithm
* aliasing -- that is, defining a new algorithm identifier to be equivalent
* to an existing identifier.
* aliasing -- that is, defining a new algorithm identifier to be equivalent to
* an existing identifier.
*
* @author David Blacka (orig)
* @author $Author: davidb $ (latest)
@ -74,9 +74,8 @@ public class DnsKeyAlgorithm
}
/**
* This is a mapping of algorithm identifier to Entry. The Entry contains
* the data needed to map the algorithm to the various crypto
* implementations.
* This is a mapping of algorithm identifier to Entry. The Entry contains the
* data needed to map the algorithm to the various crypto implementations.
*/
private HashMap mAlgorithmMap;
/**
@ -84,8 +83,8 @@ public class DnsKeyAlgorithm
*/
private HashMap mMnemonicToIdMap;
/**
* This is a mapping of identifiers to preferred mnemonic -- the preferred
* one is the first defined one
* This is a mapping of identifiers to preferred mnemonic -- the preferred one
* is the first defined one
*/
private HashMap mIdToMnemonicMap;
@ -119,6 +118,10 @@ public class DnsKeyAlgorithm
addAlgorithm(DNSSEC.RSASHA1, new Entry("SHA1withRSA", RSA));
addMnemonic("RSASHA1", DNSSEC.RSASHA1);
addMnemonic("RSA", DNSSEC.RSASHA1);
// Load the (now) standard aliases
addAlias(6, "DSA-NSEC3-SHA1", DNSSEC.DSA);
addAlias(7, "RSA-NSEC3-SHA1", DNSSEC.RSASHA1);
}
private void addAlgorithm(int algorithm, Entry entry)
@ -131,7 +134,7 @@ public class DnsKeyAlgorithm
{
Integer a = new Integer(alg);
mMnemonicToIdMap.put(m.toUpperCase(), a);
if (! mIdToMnemonicMap.containsKey(a))
if (!mIdToMnemonicMap.containsKey(a))
{
mIdToMnemonicMap.put(a, m);
}
@ -212,13 +215,13 @@ public class DnsKeyAlgorithm
{
switch (baseType(algorithm))
{
case RSA :
case RSA:
return DNSSEC.RSASHA1;
case DSA :
case DSA:
return DNSSEC.DSA;
case DH :
case DH:
return DNSSEC.DH;
default :
default:
return UNKNOWN;
}
}
@ -234,7 +237,7 @@ public class DnsKeyAlgorithm
KeyPair pair = null;
switch (baseType(algorithm))
{
case RSA :
case RSA:
if (mRSAKeyGenerator == null)
{
mRSAKeyGenerator = KeyPairGenerator.getInstance("RSA");
@ -243,11 +246,13 @@ public class DnsKeyAlgorithm
RSAKeyGenParameterSpec rsa_spec;
if (useLargeExp)
{
rsa_spec = new RSAKeyGenParameterSpec(keysize, RSAKeyGenParameterSpec.F4);
rsa_spec = new RSAKeyGenParameterSpec(keysize,
RSAKeyGenParameterSpec.F4);
}
else
{
rsa_spec = new RSAKeyGenParameterSpec(keysize, RSAKeyGenParameterSpec.F0);
rsa_spec = new RSAKeyGenParameterSpec(keysize,
RSAKeyGenParameterSpec.F0);
}
try
{
@ -262,7 +267,7 @@ public class DnsKeyAlgorithm
pair = mRSAKeyGenerator.generateKeyPair();
break;
case DSA :
case DSA:
if (mDSAKeyGenerator == null)
{
mDSAKeyGenerator = KeyPairGenerator.getInstance("DSA");
@ -270,7 +275,7 @@ public class DnsKeyAlgorithm
mDSAKeyGenerator.initialize(keysize);
pair = mDSAKeyGenerator.generateKeyPair();
break;
default :
default:
throw new NoSuchAlgorithmException("Alg " + algorithm);
}