jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384920517
##########
src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java:
##########
@@ -81,4 +94,212 @@ private static AlgorithmParameterSpec
constructBlockCipherParametersForGCMAlgori
LOG.log(Level.DEBUG, "Successfully created GCMParameterSpec");
return gcmSpec;
}
+
+ /**
+ * Method buildOAEPParameters from given parameters and returns
OAEPParameterSpec. If encryptionAlgorithmURI is
+ * not RSA_OAEP or RSA_OAEP_11, null is returned.
+ *
+ * @param encryptionAlgorithmURI the encryption algorithm URI (RSA_OAEP or
RSA_OAEP_11)
+ * @param digestAlgorithmURI the digest algorithm URI
+ * @param mgfAlgorithmURI the MGF algorithm URI if
encryptionAlgorithmURI is RSA_OAEP_11, otherwise parameter is ignored
+ * @param oaepParams the OAEP parameters bytes
+ * @return OAEPParameterSpec or null if encryptionAlgorithmURI is not
RSA_OAEP or RSA_OAEP_11
+ */
+ public static OAEPParameterSpec constructOAEPParameters(
+ String encryptionAlgorithmURI,
+ String digestAlgorithmURI,
+ String mgfAlgorithmURI,
+ byte[] oaepParams
+ ) {
+ if (XMLCipher.RSA_OAEP.equals(encryptionAlgorithmURI)
+ || XMLCipher.RSA_OAEP_11.equals(encryptionAlgorithmURI)) {
+
+ String jceDigestAlgorithm = "SHA-1";
+ if (digestAlgorithmURI != null) {
+ jceDigestAlgorithm =
JCEMapper.translateURItoJCEID(digestAlgorithmURI);
+ }
+
+ PSource.PSpecified pSource = oaepParams == null ?
+ PSource.PSpecified.DEFAULT : new
PSource.PSpecified(oaepParams);
+
+ MGF1ParameterSpec mgfParameterSpec = new
MGF1ParameterSpec("SHA-1");
+ if (XMLCipher.RSA_OAEP_11.equals(encryptionAlgorithmURI)) {
+ mgfParameterSpec = constructMGF1Parameter(mgfAlgorithmURI);
+ }
+ return new OAEPParameterSpec(jceDigestAlgorithm, "MGF1",
mgfParameterSpec, pSource);
+ }
+ return null;
+ }
+
+ /**
+ * Create MGF1ParameterSpec for the given algorithm URI
+ *
+ * @param mgh1AlgorithmURI the algorithm URI. If null or empty, SHA-1 is
used as default MGF1 digest algorithm.
+ * @return the MGF1ParameterSpec for the given algorithm URI
+ */
+ public static MGF1ParameterSpec constructMGF1Parameter(String
mgh1AlgorithmURI) {
+ LOG.log(Level.DEBUG, "Creating MGF1ParameterSpec for [{0}]",
mgh1AlgorithmURI);
+ if (mgh1AlgorithmURI == null || mgh1AlgorithmURI.isEmpty()) {
+ LOG.log(Level.WARNING,"MGF1 algorithm URI is null or empty. Using
SHA-1 as default.");
+ return new MGF1ParameterSpec("SHA-1");
+ }
+
+ switch (mgh1AlgorithmURI) {
+ case EncryptionConstants.MGF1_SHA1:
+ return new MGF1ParameterSpec("SHA-1");
+ case EncryptionConstants.MGF1_SHA224:
+ return new MGF1ParameterSpec("SHA-224");
+ case EncryptionConstants.MGF1_SHA256:
+ return new MGF1ParameterSpec("SHA-256");
+ case EncryptionConstants.MGF1_SHA384:
+ return new MGF1ParameterSpec("SHA-384");
+ case EncryptionConstants.MGF1_SHA512:
+ return new MGF1ParameterSpec("SHA-512");
+ default:
+ LOG.log(Level.WARNING, "Unsupported MGF algorithm: [{0}] Using
SHA-1 as default.", mgh1AlgorithmURI);
+ return new MGF1ParameterSpec("SHA-1");
+ }
+ }
+
+ /**
+ * Get the MGF1 algorithm URI for the given MGF1ParameterSpec
+ *
+ * @param parameterSpec the MGF1ParameterSpec
+ * @return the MGF1 algorithm URI for the given MGF1ParameterSpec
+ */
+ public static String getMgf1URIForParameter(MGF1ParameterSpec
parameterSpec) {
+ String digestAlgorithm = parameterSpec.getDigestAlgorithm();
+ LOG.log(Level.DEBUG, "Get MGF1 URI for digest algorithm [{0}]",
digestAlgorithm);
Review Comment:
For one liners we let log engine to handle it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@santuario.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
