如何将 OID 转换为 JCE 算法名称?
How to translate an OID to a JCE algorithm name?
我正在寻找一个可以接受诸如 1.2.840.10040.4.3
之类的 oid 并将其转换为其标准名称的库(在本例中为 SHA1withDSA
)
使用org.cesecore.certificates.util.AlgorithmTools
,我能够实现一些需要的功能,但它非常有限。
这是当前代码:
String signatureAlgorithmName = AlgorithmTools.getAlgorithmNameFromOID(oid);
注:
可以找到标准名称here
oid-info.com 有一个 OID 在线数据库供您使用。
如您所见,OID 数据库非常庞大。除此之外,由于公司在其基本OID下定义了自己的OID,因此许多OID实际上是未知的。
AlgorithmTools
class 只是简单地为签名算法定义了一个 OID 列表,它不会尝试通过使用 OID 作为别名来动态找出哪些算法可用。
请注意,某些 OID 用于多个 classes。例如,您可以使用 RSA Cipher
、KeyFactory
和 KeyPairGenerator
.
但是您可以找出哪些 OID 可用于当前安装的提供程序:
package nl.owlstead.Whosebug;
import java.security.Provider;
import java.security.Provider.Service;
import java.security.Security;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class GetOIDToAlgorithmNameMapping {
private static final Pattern KEY_TYPE_PATTERN = Pattern.compile("^(\w+)[.].*$");
private static final Pattern KEY_ALIAS_TYPE_PATTERN = Pattern.compile("^Alg[.]Alias[.](\w+).*$");
private static final Pattern KEY_OID_PATTERN = Pattern.compile(".*?(\d+(?:[.]\d+){3,})$");
public static void main(String[] args) throws Exception {
Provider[] provs = Security.getProviders();
for (Provider prov : provs) {
System.out.printf("%n >>> Provider: %s <<< %n%n", prov.getName());
SortedSet<String> typeAndOID = getTypeAndOIDStrings(prov);
for (String entry : typeAndOID) {
String[] typeAndOIDArray = entry.split("-");
String type = typeAndOIDArray[0];
String oid = typeAndOIDArray[1];
Service service = prov.getService(type, oid);
String algo = service.getAlgorithm();
System.out.printf("Type: %s, OID: %s, algo: %s%n", type, oid, algo);
}
}
}
private static SortedSet<String> getTypeAndOIDStrings(Provider prov) {
SortedSet<String> typeAndOID = new TreeSet<>();
Set<Object> keys = prov.keySet();
for (Object key : keys) {
String keyString = key.toString();
Matcher oidMatcher = KEY_OID_PATTERN.matcher(keyString);
if (oidMatcher.matches()) {
// get OID from matched keyString
String oid = oidMatcher.group(1);
// determine type
String type;
Matcher aliasTypeMatcher = KEY_ALIAS_TYPE_PATTERN.matcher(keyString);
if (aliasTypeMatcher.matches()) {
type = aliasTypeMatcher.group(1);
} else {
Matcher typeMatcher = KEY_TYPE_PATTERN.matcher(keyString);
typeMatcher.matches();
type = typeMatcher.group(1);
}
// algorithm parameters are not algorithms, so skip them
if (type.equals("AlgorithmParameters")) {
continue;
}
// auto-removes dupes
typeAndOID.add(type + "-" + oid);
}
}
return typeAndOID;
}
}
示例输出:
>>> Provider: SUN <<<
Type: KeyFactory, OID: 1.2.840.10040.4.1, algo: DSA
Type: KeyFactory, OID: 1.3.14.3.2.12, algo: DSA
Type: KeyPairGenerator, OID: 1.2.840.10040.4.1, algo: DSA
Type: KeyPairGenerator, OID: 1.3.14.3.2.12, algo: DSA
Type: MessageDigest, OID: 1.3.14.3.2.26, algo: SHA
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.1, algo: SHA-256
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.2, algo: SHA-384
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.3, algo: SHA-512
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.4, algo: SHA-224
Type: Signature, OID: 1.2.840.10040.4.3, algo: SHA1withDSA
Type: Signature, OID: 1.3.14.3.2.13, algo: SHA1withDSA
Type: Signature, OID: 1.3.14.3.2.27, algo: SHA1withDSA
Type: Signature, OID: 2.16.840.1.101.3.4.3.1, algo: SHA224withDSA
Type: Signature, OID: 2.16.840.1.101.3.4.3.2, algo: SHA256withDSA
>>> Provider: SunRsaSign <<<
Type: KeyFactory, OID: 1.2.840.113549.1.1, algo: RSA
Type: KeyPairGenerator, OID: 1.2.840.113549.1.1, algo: RSA
Type: Signature, OID: 1.2.840.113549.1.1.11, algo: SHA256withRSA
Type: Signature, OID: 1.2.840.113549.1.1.12, algo: SHA384withRSA
Type: Signature, OID: 1.2.840.113549.1.1.13, algo: SHA512withRSA
Type: Signature, OID: 1.2.840.113549.1.1.14, algo: SHA224withRSA
Type: Signature, OID: 1.2.840.113549.1.1.2, algo: MD2withRSA
Type: Signature, OID: 1.2.840.113549.1.1.4, algo: MD5withRSA
Type: Signature, OID: 1.2.840.113549.1.1.5, algo: SHA1withRSA
Type: Signature, OID: 1.3.14.3.2.29, algo: SHA1withRSA
>>> Provider: SunEC <<<
Type: Signature, OID: 1.2.840.10045.4.1, algo: SHA1withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.1, algo: SHA224withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.2, algo: SHA256withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.3, algo: SHA384withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.4, algo: SHA512withECDSA
>>> Provider: SunJSSE <<<
Type: KeyFactory, OID: 1.2.840.113549.1.1, algo: RSA
Type: KeyPairGenerator, OID: 1.2.840.113549.1.1, algo: RSA
Type: Signature, OID: 1.2.840.113549.1.1.2, algo: MD2withRSA
Type: Signature, OID: 1.2.840.113549.1.1.4, algo: MD5withRSA
Type: Signature, OID: 1.2.840.113549.1.1.5, algo: SHA1withRSA
Type: Signature, OID: 1.3.14.3.2.29, algo: SHA1withRSA
>>> Provider: SunJCE <<<
Type: AlgorithmParameterGenerator, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: Cipher, OID: 1.2.840.113549.1.12.1.1, algo: PBEWithSHA1AndRC4_128
Type: Cipher, OID: 1.2.840.113549.1.12.1.2, algo: PBEWithSHA1AndRC4_40
Type: Cipher, OID: 1.2.840.113549.1.12.1.3, algo: PBEWithSHA1AndDESede
Type: Cipher, OID: 1.2.840.113549.1.12.1.5, algo: PBEWithSHA1AndRC2_128
Type: Cipher, OID: 1.2.840.113549.1.12.1.6, algo: PBEWithSHA1AndRC2_40
Type: Cipher, OID: 1.2.840.113549.1.5.3, algo: PBEWithMD5AndDES
Type: Cipher, OID: 2.16.840.1.101.3.4.1.1, algo: AES_128/ECB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.2, algo: AES_128/CBC/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.21, algo: AES_192/ECB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.22, algo: AES_192/CBC/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.23, algo: AES_192/OFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.24, algo: AES_192/CFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.25, algo: AESWrap_192
Type: Cipher, OID: 2.16.840.1.101.3.4.1.26, algo: AES_192/GCM/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.3, algo: AES_128/OFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.4, algo: AES_128/CFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.41, algo: AES_256/ECB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.42, algo: AES_256/CBC/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.43, algo: AES_256/OFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.44, algo: AES_256/CFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.45, algo: AESWrap_256
Type: Cipher, OID: 2.16.840.1.101.3.4.1.46, algo: AES_256/GCM/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.5, algo: AESWrap_128
Type: Cipher, OID: 2.16.840.1.101.3.4.1.6, algo: AES_128/GCM/NoPadding
Type: KeyAgreement, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: KeyFactory, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: KeyGenerator, OID: 1.2.840.113549.2.10, algo: HmacSHA384
Type: KeyGenerator, OID: 1.2.840.113549.2.11, algo: HmacSHA512
Type: KeyGenerator, OID: 1.2.840.113549.2.7, algo: HmacSHA1
Type: KeyGenerator, OID: 1.2.840.113549.2.8, algo: HmacSHA224
Type: KeyGenerator, OID: 1.2.840.113549.2.9, algo: HmacSHA256
Type: KeyPairGenerator, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: Mac, OID: 1.2.840.113549.2.10, algo: HmacSHA384
Type: Mac, OID: 1.2.840.113549.2.11, algo: HmacSHA512
Type: Mac, OID: 1.2.840.113549.2.7, algo: HmacSHA1
Type: Mac, OID: 1.2.840.113549.2.8, algo: HmacSHA224
Type: Mac, OID: 1.2.840.113549.2.9, algo: HmacSHA256
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.1, algo: PBEWithSHA1AndRC4_128
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.2, algo: PBEWithSHA1AndRC4_40
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.3, algo: PBEWithSHA1AndDESede
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.5, algo: PBEWithSHA1AndRC2_128
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.6, algo: PBEWithSHA1AndRC2_40
Type: SecretKeyFactory, OID: 1.2.840.113549.1.5.12, algo: PBKDF2WithHmacSHA1
Type: SecretKeyFactory, OID: 1.2.840.113549.1.5.3, algo: PBEWithMD5AndDES
>>> Provider: SunJGSS <<<
Type: GssApiMechanism, OID: 1.2.840.113554.1.2.2, algo: 1.2.840.113554.1.2.2
Type: GssApiMechanism, OID: 1.3.6.1.5.5.2, algo: 1.3.6.1.5.5.2
>>> Provider: SunSASL <<<
>>> Provider: XMLDSig <<<
>>> Provider: SunPCSC <<<
>>> Provider: SunMSCAPI <<<
Type: Signature, OID: 1.2.840.113549.1.1.11, algo: SHA256withRSA
Type: Signature, OID: 1.2.840.113549.1.1.12, algo: SHA384withRSA
Type: Signature, OID: 1.2.840.113549.1.1.13, algo: SHA512withRSA
我正在寻找一个可以接受诸如 1.2.840.10040.4.3
之类的 oid 并将其转换为其标准名称的库(在本例中为 SHA1withDSA
)
使用org.cesecore.certificates.util.AlgorithmTools
,我能够实现一些需要的功能,但它非常有限。
这是当前代码:
String signatureAlgorithmName = AlgorithmTools.getAlgorithmNameFromOID(oid);
注:
可以找到标准名称here
oid-info.com 有一个 OID 在线数据库供您使用。
如您所见,OID 数据库非常庞大。除此之外,由于公司在其基本OID下定义了自己的OID,因此许多OID实际上是未知的。
AlgorithmTools
class 只是简单地为签名算法定义了一个 OID 列表,它不会尝试通过使用 OID 作为别名来动态找出哪些算法可用。
请注意,某些 OID 用于多个 classes。例如,您可以使用 RSA Cipher
、KeyFactory
和 KeyPairGenerator
.
但是您可以找出哪些 OID 可用于当前安装的提供程序:
package nl.owlstead.Whosebug;
import java.security.Provider;
import java.security.Provider.Service;
import java.security.Security;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class GetOIDToAlgorithmNameMapping {
private static final Pattern KEY_TYPE_PATTERN = Pattern.compile("^(\w+)[.].*$");
private static final Pattern KEY_ALIAS_TYPE_PATTERN = Pattern.compile("^Alg[.]Alias[.](\w+).*$");
private static final Pattern KEY_OID_PATTERN = Pattern.compile(".*?(\d+(?:[.]\d+){3,})$");
public static void main(String[] args) throws Exception {
Provider[] provs = Security.getProviders();
for (Provider prov : provs) {
System.out.printf("%n >>> Provider: %s <<< %n%n", prov.getName());
SortedSet<String> typeAndOID = getTypeAndOIDStrings(prov);
for (String entry : typeAndOID) {
String[] typeAndOIDArray = entry.split("-");
String type = typeAndOIDArray[0];
String oid = typeAndOIDArray[1];
Service service = prov.getService(type, oid);
String algo = service.getAlgorithm();
System.out.printf("Type: %s, OID: %s, algo: %s%n", type, oid, algo);
}
}
}
private static SortedSet<String> getTypeAndOIDStrings(Provider prov) {
SortedSet<String> typeAndOID = new TreeSet<>();
Set<Object> keys = prov.keySet();
for (Object key : keys) {
String keyString = key.toString();
Matcher oidMatcher = KEY_OID_PATTERN.matcher(keyString);
if (oidMatcher.matches()) {
// get OID from matched keyString
String oid = oidMatcher.group(1);
// determine type
String type;
Matcher aliasTypeMatcher = KEY_ALIAS_TYPE_PATTERN.matcher(keyString);
if (aliasTypeMatcher.matches()) {
type = aliasTypeMatcher.group(1);
} else {
Matcher typeMatcher = KEY_TYPE_PATTERN.matcher(keyString);
typeMatcher.matches();
type = typeMatcher.group(1);
}
// algorithm parameters are not algorithms, so skip them
if (type.equals("AlgorithmParameters")) {
continue;
}
// auto-removes dupes
typeAndOID.add(type + "-" + oid);
}
}
return typeAndOID;
}
}
示例输出:
>>> Provider: SUN <<<
Type: KeyFactory, OID: 1.2.840.10040.4.1, algo: DSA
Type: KeyFactory, OID: 1.3.14.3.2.12, algo: DSA
Type: KeyPairGenerator, OID: 1.2.840.10040.4.1, algo: DSA
Type: KeyPairGenerator, OID: 1.3.14.3.2.12, algo: DSA
Type: MessageDigest, OID: 1.3.14.3.2.26, algo: SHA
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.1, algo: SHA-256
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.2, algo: SHA-384
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.3, algo: SHA-512
Type: MessageDigest, OID: 2.16.840.1.101.3.4.2.4, algo: SHA-224
Type: Signature, OID: 1.2.840.10040.4.3, algo: SHA1withDSA
Type: Signature, OID: 1.3.14.3.2.13, algo: SHA1withDSA
Type: Signature, OID: 1.3.14.3.2.27, algo: SHA1withDSA
Type: Signature, OID: 2.16.840.1.101.3.4.3.1, algo: SHA224withDSA
Type: Signature, OID: 2.16.840.1.101.3.4.3.2, algo: SHA256withDSA
>>> Provider: SunRsaSign <<<
Type: KeyFactory, OID: 1.2.840.113549.1.1, algo: RSA
Type: KeyPairGenerator, OID: 1.2.840.113549.1.1, algo: RSA
Type: Signature, OID: 1.2.840.113549.1.1.11, algo: SHA256withRSA
Type: Signature, OID: 1.2.840.113549.1.1.12, algo: SHA384withRSA
Type: Signature, OID: 1.2.840.113549.1.1.13, algo: SHA512withRSA
Type: Signature, OID: 1.2.840.113549.1.1.14, algo: SHA224withRSA
Type: Signature, OID: 1.2.840.113549.1.1.2, algo: MD2withRSA
Type: Signature, OID: 1.2.840.113549.1.1.4, algo: MD5withRSA
Type: Signature, OID: 1.2.840.113549.1.1.5, algo: SHA1withRSA
Type: Signature, OID: 1.3.14.3.2.29, algo: SHA1withRSA
>>> Provider: SunEC <<<
Type: Signature, OID: 1.2.840.10045.4.1, algo: SHA1withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.1, algo: SHA224withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.2, algo: SHA256withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.3, algo: SHA384withECDSA
Type: Signature, OID: 1.2.840.10045.4.3.4, algo: SHA512withECDSA
>>> Provider: SunJSSE <<<
Type: KeyFactory, OID: 1.2.840.113549.1.1, algo: RSA
Type: KeyPairGenerator, OID: 1.2.840.113549.1.1, algo: RSA
Type: Signature, OID: 1.2.840.113549.1.1.2, algo: MD2withRSA
Type: Signature, OID: 1.2.840.113549.1.1.4, algo: MD5withRSA
Type: Signature, OID: 1.2.840.113549.1.1.5, algo: SHA1withRSA
Type: Signature, OID: 1.3.14.3.2.29, algo: SHA1withRSA
>>> Provider: SunJCE <<<
Type: AlgorithmParameterGenerator, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: Cipher, OID: 1.2.840.113549.1.12.1.1, algo: PBEWithSHA1AndRC4_128
Type: Cipher, OID: 1.2.840.113549.1.12.1.2, algo: PBEWithSHA1AndRC4_40
Type: Cipher, OID: 1.2.840.113549.1.12.1.3, algo: PBEWithSHA1AndDESede
Type: Cipher, OID: 1.2.840.113549.1.12.1.5, algo: PBEWithSHA1AndRC2_128
Type: Cipher, OID: 1.2.840.113549.1.12.1.6, algo: PBEWithSHA1AndRC2_40
Type: Cipher, OID: 1.2.840.113549.1.5.3, algo: PBEWithMD5AndDES
Type: Cipher, OID: 2.16.840.1.101.3.4.1.1, algo: AES_128/ECB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.2, algo: AES_128/CBC/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.21, algo: AES_192/ECB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.22, algo: AES_192/CBC/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.23, algo: AES_192/OFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.24, algo: AES_192/CFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.25, algo: AESWrap_192
Type: Cipher, OID: 2.16.840.1.101.3.4.1.26, algo: AES_192/GCM/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.3, algo: AES_128/OFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.4, algo: AES_128/CFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.41, algo: AES_256/ECB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.42, algo: AES_256/CBC/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.43, algo: AES_256/OFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.44, algo: AES_256/CFB/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.45, algo: AESWrap_256
Type: Cipher, OID: 2.16.840.1.101.3.4.1.46, algo: AES_256/GCM/NoPadding
Type: Cipher, OID: 2.16.840.1.101.3.4.1.5, algo: AESWrap_128
Type: Cipher, OID: 2.16.840.1.101.3.4.1.6, algo: AES_128/GCM/NoPadding
Type: KeyAgreement, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: KeyFactory, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: KeyGenerator, OID: 1.2.840.113549.2.10, algo: HmacSHA384
Type: KeyGenerator, OID: 1.2.840.113549.2.11, algo: HmacSHA512
Type: KeyGenerator, OID: 1.2.840.113549.2.7, algo: HmacSHA1
Type: KeyGenerator, OID: 1.2.840.113549.2.8, algo: HmacSHA224
Type: KeyGenerator, OID: 1.2.840.113549.2.9, algo: HmacSHA256
Type: KeyPairGenerator, OID: 1.2.840.113549.1.3.1, algo: DiffieHellman
Type: Mac, OID: 1.2.840.113549.2.10, algo: HmacSHA384
Type: Mac, OID: 1.2.840.113549.2.11, algo: HmacSHA512
Type: Mac, OID: 1.2.840.113549.2.7, algo: HmacSHA1
Type: Mac, OID: 1.2.840.113549.2.8, algo: HmacSHA224
Type: Mac, OID: 1.2.840.113549.2.9, algo: HmacSHA256
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.1, algo: PBEWithSHA1AndRC4_128
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.2, algo: PBEWithSHA1AndRC4_40
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.3, algo: PBEWithSHA1AndDESede
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.5, algo: PBEWithSHA1AndRC2_128
Type: SecretKeyFactory, OID: 1.2.840.113549.1.12.1.6, algo: PBEWithSHA1AndRC2_40
Type: SecretKeyFactory, OID: 1.2.840.113549.1.5.12, algo: PBKDF2WithHmacSHA1
Type: SecretKeyFactory, OID: 1.2.840.113549.1.5.3, algo: PBEWithMD5AndDES
>>> Provider: SunJGSS <<<
Type: GssApiMechanism, OID: 1.2.840.113554.1.2.2, algo: 1.2.840.113554.1.2.2
Type: GssApiMechanism, OID: 1.3.6.1.5.5.2, algo: 1.3.6.1.5.5.2
>>> Provider: SunSASL <<<
>>> Provider: XMLDSig <<<
>>> Provider: SunPCSC <<<
>>> Provider: SunMSCAPI <<<
Type: Signature, OID: 1.2.840.113549.1.1.11, algo: SHA256withRSA
Type: Signature, OID: 1.2.840.113549.1.1.12, algo: SHA384withRSA
Type: Signature, OID: 1.2.840.113549.1.1.13, algo: SHA512withRSA