Java 类org.bouncycastle.asn1.nist.NISTObjectIdentifiers 实例源码

static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key)
{
    int length = key.getKey().length * 8;
    ASN1ObjectIdentifier wrapOid;

    if (length == 128)
    {
        wrapOid = NISTObjectIdentifiers.id_aes128_wrap;
    }
    else if (length == 192)
    {
        wrapOid = NISTObjectIdentifiers.id_aes192_wrap;
    }
    else if (length == 256)
    {
        wrapOid = NISTObjectIdentifiers.id_aes256_wrap;
    }
    else
    {
        throw new IllegalArgumentException("illegal keysize in AES");
    }

    return new AlgorithmIdentifier(wrapOid); // parameters absent
}

public static ASN1ObjectIdentifier getOIDForHashAlgorithm(int hashAlgorithm)
{
    switch (hashAlgorithm)
    {
    case HashAlgorithm.md5:
        return PKCSObjectIdentifiers.md5;
    case HashAlgorithm.sha1:
        return X509ObjectIdentifiers.id_SHA1;
    case HashAlgorithm.sha224:
        return NISTObjectIdentifiers.id_sha224;
    case HashAlgorithm.sha256:
        return NISTObjectIdentifiers.id_sha256;
    case HashAlgorithm.sha384:
        return NISTObjectIdentifiers.id_sha384;
    case HashAlgorithm.sha512:
        return NISTObjectIdentifiers.id_sha512;
    default:
        throw new IllegalArgumentException("unknown HashAlgorithm");
    }
}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA-512", PREFIX + "$Digest");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");

    provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");

    provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");

    provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");

    addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
    addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);

    addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224",  PREFIX + "$KeyGeneratorT224");
    addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256",  PREFIX + "$KeyGeneratorT256");
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

public static boolean isRSASigAlgId(AlgorithmIdentifier algId) {
    ParamUtil.requireNonNull("algId", algId);
    ASN1ObjectIdentifier oid = algId.getAlgorithm();
    if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(oid)
            || PKCSObjectIdentifiers.sha224WithRSAEncryption.equals(oid)
            || PKCSObjectIdentifiers.sha256WithRSAEncryption.equals(oid)
            || PKCSObjectIdentifiers.sha384WithRSAEncryption.equals(oid)
            || PKCSObjectIdentifiers.sha512WithRSAEncryption.equals(oid)
            || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224.equals(oid)
            || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256.equals(oid)
            || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384.equals(oid)
            || NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512.equals(oid)
            || PKCSObjectIdentifiers.id_RSASSA_PSS.equals(oid)) {
        return true;
    }

    return false;
}

private static boolean isECDSASigAlg(AlgorithmIdentifier algId) {
    ParamUtil.requireNonNull("algId", algId);

    ASN1ObjectIdentifier oid = algId.getAlgorithm();
    if (X9ObjectIdentifiers.ecdsa_with_SHA1.equals(oid)
            || X9ObjectIdentifiers.ecdsa_with_SHA224.equals(oid)
            || X9ObjectIdentifiers.ecdsa_with_SHA256.equals(oid)
            || X9ObjectIdentifiers.ecdsa_with_SHA384.equals(oid)
            || X9ObjectIdentifiers.ecdsa_with_SHA512.equals(oid)
            || NISTObjectIdentifiers.id_ecdsa_with_sha3_224.equals(oid)
            || NISTObjectIdentifiers.id_ecdsa_with_sha3_256.equals(oid)
            || NISTObjectIdentifiers.id_ecdsa_with_sha3_384.equals(oid)
            || NISTObjectIdentifiers.id_ecdsa_with_sha3_512.equals(oid)) {
        return true;
    }

    return false;
}

public static boolean isDSASigAlg(AlgorithmIdentifier algId) {
    ParamUtil.requireNonNull("algId", algId);

    ASN1ObjectIdentifier oid = algId.getAlgorithm();
    if (X9ObjectIdentifiers.id_dsa_with_sha1.equals(oid)
            || NISTObjectIdentifiers.dsa_with_sha224.equals(oid)
            || NISTObjectIdentifiers.dsa_with_sha256.equals(oid)
            || NISTObjectIdentifiers.dsa_with_sha384.equals(oid)
            || NISTObjectIdentifiers.dsa_with_sha512.equals(oid)
            || NISTObjectIdentifiers.id_dsa_with_sha3_224.equals(oid)
            || NISTObjectIdentifiers.id_dsa_with_sha3_256.equals(oid)
            || NISTObjectIdentifiers.id_dsa_with_sha3_384.equals(oid)
            || NISTObjectIdentifiers.id_dsa_with_sha3_512.equals(oid)) {
        return true;
    }

    return false;
}

static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key)
{
    int length = key.getKey().length * 8;
    ASN1ObjectIdentifier wrapOid;

    if (length == 128)
    {
        wrapOid = NISTObjectIdentifiers.id_aes128_wrap;
    }
    else if (length == 192)
    {
        wrapOid = NISTObjectIdentifiers.id_aes192_wrap;
    }
    else if (length == 256)
    {
        wrapOid = NISTObjectIdentifiers.id_aes256_wrap;
    }
    else
    {
        throw new IllegalArgumentException("illegal keysize in AES");
    }

    return new AlgorithmIdentifier(wrapOid); // parameters absent
}

public static ASN1ObjectIdentifier getOIDForHashAlgorithm(short hashAlgorithm)
{
    switch (hashAlgorithm)
    {
    case HashAlgorithm.md5:
        return PKCSObjectIdentifiers.md5;
    case HashAlgorithm.sha1:
        return X509ObjectIdentifiers.id_SHA1;
    case HashAlgorithm.sha224:
        return NISTObjectIdentifiers.id_sha224;
    case HashAlgorithm.sha256:
        return NISTObjectIdentifiers.id_sha256;
    case HashAlgorithm.sha384:
        return NISTObjectIdentifiers.id_sha384;
    case HashAlgorithm.sha512:
        return NISTObjectIdentifiers.id_sha512;
    default:
        throw new IllegalArgumentException("unknown HashAlgorithm");
    }
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

@Override
    public Attribute getValue() throws SignerException {
        try {
            X509Certificate cert = (X509Certificate) certificates[0];
            X509Certificate issuerCert = (X509Certificate) certificates[1];
            Digest digest = DigestFactory.getInstance().factoryDefault();
            digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
            byte[] certHash = digest.digest(cert.getEncoded());
            X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
            GeneralName name = new GeneralName(dirName);
            GeneralNames issuer = new GeneralNames(name);
            ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
            IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
            AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);// SHA-256
            ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
//          return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
            return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(
                    new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
        } catch (CertificateEncodingException ex) {
            throw new SignerException(ex.getMessage());
        }
    }

static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key)
{
    int length = key.getKey().length * 8;
    ASN1ObjectIdentifier wrapOid;

    if (length == 128)
    {
        wrapOid = NISTObjectIdentifiers.id_aes128_wrap;
    }
    else if (length == 192)
    {
        wrapOid = NISTObjectIdentifiers.id_aes192_wrap;
    }
    else if (length == 256)
    {
        wrapOid = NISTObjectIdentifiers.id_aes256_wrap;
    }
    else
    {
        throw new IllegalArgumentException("illegal keysize in AES");
    }

    return new AlgorithmIdentifier(wrapOid); // parameters absent
}

public static ASN1ObjectIdentifier getOIDForHashAlgorithm(short hashAlgorithm)
{
    switch (hashAlgorithm)
    {
    case HashAlgorithm.md5:
        return PKCSObjectIdentifiers.md5;
    case HashAlgorithm.sha1:
        return X509ObjectIdentifiers.id_SHA1;
    case HashAlgorithm.sha224:
        return NISTObjectIdentifiers.id_sha224;
    case HashAlgorithm.sha256:
        return NISTObjectIdentifiers.id_sha256;
    case HashAlgorithm.sha384:
        return NISTObjectIdentifiers.id_sha384;
    case HashAlgorithm.sha512:
        return NISTObjectIdentifiers.id_sha512;
    default:
        throw new IllegalArgumentException("unknown HashAlgorithm");
    }
}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA-512", PREFIX + "$Digest");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");

    provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");

    provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");

    provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");

    addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
    addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);

    addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224",  PREFIX + "$KeyGeneratorT224");
    addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256",  PREFIX + "$KeyGeneratorT256");
}

protected static String getAlgorithm(String algDetails)
{
    if (algDetails.indexOf('[') > 0)
    {
        return algDetails.substring(0, algDetails.indexOf('['));
    }

    if (algDetails.startsWith(NISTObjectIdentifiers.aes.getId()))
    {
        return "AES";
    }
    if (algDetails.startsWith(GNUObjectIdentifiers.Serpent.getId()))
    {
        return "Serpent";
    }

    String name = (String)nameTable.get(Strings.toUpperCase(algDetails));

    if (name != null)
    {
        return name;
    }

    return algDetails;
}

DefaultSecretKeyProvider()
{
    Map keySizes = new HashMap();

    keySizes.put(new ASN1ObjectIdentifier("1.2.840.113533.7.66.10"), Integers.valueOf(128));

    keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC, Integers.valueOf(192));

    keySizes.put(NISTObjectIdentifiers.id_aes128_CBC, Integers.valueOf(128));
    keySizes.put(NISTObjectIdentifiers.id_aes192_CBC, Integers.valueOf(192));
    keySizes.put(NISTObjectIdentifiers.id_aes256_CBC, Integers.valueOf(256));

    keySizes.put(NTTObjectIdentifiers.id_camellia128_cbc, Integers.valueOf(128));
    keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
    keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));

    keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));

    KEY_SIZES = Collections.unmodifiableMap(keySizes);
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

public static ASN1ObjectIdentifier getOIDForHashAlgorithm(short hashAlgorithm)
{
    switch (hashAlgorithm)
    {
    case HashAlgorithm.md5:
        return PKCSObjectIdentifiers.md5;
    case HashAlgorithm.sha1:
        return X509ObjectIdentifiers.id_SHA1;
    case HashAlgorithm.sha224:
        return NISTObjectIdentifiers.id_sha224;
    case HashAlgorithm.sha256:
        return NISTObjectIdentifiers.id_sha256;
    case HashAlgorithm.sha384:
        return NISTObjectIdentifiers.id_sha384;
    case HashAlgorithm.sha512:
        return NISTObjectIdentifiers.id_sha512;
    default:
        throw new IllegalArgumentException("unknown HashAlgorithm");
    }
}

public static ASN1ObjectIdentifier getOIDForHashAlgorithm(short hashAlgorithm)
{
    switch (hashAlgorithm)
    {
    case HashAlgorithm.md5:
        return PKCSObjectIdentifiers.md5;
    case HashAlgorithm.sha1:
        return X509ObjectIdentifiers.id_SHA1;
    case HashAlgorithm.sha224:
        return NISTObjectIdentifiers.id_sha224;
    case HashAlgorithm.sha256:
        return NISTObjectIdentifiers.id_sha256;
    case HashAlgorithm.sha384:
        return NISTObjectIdentifiers.id_sha384;
    case HashAlgorithm.sha512:
        return NISTObjectIdentifiers.id_sha512;
    default:
        throw new IllegalArgumentException("unknown HashAlgorithm");
    }
}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA-512", PREFIX + "$Digest");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");

    provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");

    provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");

    provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");

    addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
    addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);

    addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224",  PREFIX + "$KeyGeneratorT224");
    addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256",  PREFIX + "$KeyGeneratorT256");
}

DefaultSecretKeyProvider()
{
    Map keySizes = new HashMap();

    keySizes.put(new ASN1ObjectIdentifier("1.2.840.113533.7.66.10"), Integers.valueOf(128));

    keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), Integers.valueOf(192));

    keySizes.put(NISTObjectIdentifiers.id_aes128_CBC, Integers.valueOf(128));
    keySizes.put(NISTObjectIdentifiers.id_aes192_CBC, Integers.valueOf(192));
    keySizes.put(NISTObjectIdentifiers.id_aes256_CBC, Integers.valueOf(256));

    keySizes.put(NTTObjectIdentifiers.id_camellia128_cbc, Integers.valueOf(128));
    keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
    keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));

    keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));

    KEY_SIZES = Collections.unmodifiableMap(keySizes);
}

static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key)
{
    int length = key.getKey().length * 8;
    ASN1ObjectIdentifier wrapOid;

    if (length == 128)
    {
        wrapOid = NISTObjectIdentifiers.id_aes128_wrap;
    }
    else if (length == 192)
    {
        wrapOid = NISTObjectIdentifiers.id_aes192_wrap;
    }
    else if (length == 256)
    {
        wrapOid = NISTObjectIdentifiers.id_aes256_wrap;
    }
    else
    {
        throw new IllegalArgumentException("illegal keysize in AES");
    }

    return new AlgorithmIdentifier(wrapOid); // parameters absent
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

DefaultSecretKeyProvider()
{
    Map keySizes = new HashMap();

    keySizes.put(new ASN1ObjectIdentifier("1.2.840.113533.7.66.10"), Integers.valueOf(128));

    keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), Integers.valueOf(192));

    keySizes.put(NISTObjectIdentifiers.id_aes128_CBC, Integers.valueOf(128));
    keySizes.put(NISTObjectIdentifiers.id_aes192_CBC, Integers.valueOf(192));
    keySizes.put(NISTObjectIdentifiers.id_aes256_CBC, Integers.valueOf(256));

    keySizes.put(NTTObjectIdentifiers.id_camellia128_cbc, Integers.valueOf(128));
    keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
    keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));

    keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));

    KEY_SIZES = Collections.unmodifiableMap(keySizes);
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384");
    provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");

    addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
    addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384);
}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA-224", PREFIX + "$Digest");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA224", "SHA-224");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha224, "SHA-224");

    addHMACAlgorithm(provider, "SHA224", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
    addHMACAlias(provider, "SHA224", PKCSObjectIdentifiers.id_hmacWithSHA224);

}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA-256", PREFIX + "$Digest");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256");

    provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
    provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
    provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");

    addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
    addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256);
    addHMACAlias(provider, "SHA256", NISTObjectIdentifiers.id_sha256);
}

public String getHashAlgorithmName()
{
    if (certID != null)
    {
        return "SHA-1";
    }
    else
    {
        if (NISTObjectIdentifiers.id_sha256.equals(certIDv2.getHashAlgorithm().getAlgorithm()))
        {
            return "SHA-256";
        }
        return certIDv2.getHashAlgorithm().getAlgorithm().getId();
    }
}

P11MacContentSigner(P11CryptService cryptService, P11EntityIdentifier identityId,
        AlgorithmIdentifier macAlgId) throws XiSecurityException, P11TokenException {
    this.identityId = ParamUtil.requireNonNull("identityId", identityId);
    this.cryptService = ParamUtil.requireNonNull("cryptService", cryptService);
    this.algorithmIdentifier = ParamUtil.requireNonNull("macAlgId", macAlgId);
    try {
        this.encodedAlgorithmIdentifier = algorithmIdentifier.getEncoded();
    } catch (IOException ex) {
        throw new XiSecurityException("could not encode AlgorithmIdentifier", ex);
    }

    ASN1ObjectIdentifier oid = macAlgId.getAlgorithm();
    if (PKCSObjectIdentifiers.id_hmacWithSHA1.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA_1_HMAC;
    } else if (PKCSObjectIdentifiers.id_hmacWithSHA224.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA224_HMAC;
    } else if (PKCSObjectIdentifiers.id_hmacWithSHA256.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA256_HMAC;
    } else if (PKCSObjectIdentifiers.id_hmacWithSHA384.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA384_HMAC;
    } else if (PKCSObjectIdentifiers.id_hmacWithSHA512.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA512_HMAC;
    } else if (NISTObjectIdentifiers.id_hmacWithSHA3_224.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA3_224_HMAC;
    } else if (NISTObjectIdentifiers.id_hmacWithSHA3_256.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA3_256_HMAC;
    } else if (NISTObjectIdentifiers.id_hmacWithSHA3_384.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA3_384_HMAC;
    } else if (NISTObjectIdentifiers.id_hmacWithSHA3_512.equals(oid)) {
        mechanism = PKCS11Constants.CKM_SHA3_512_HMAC;
    } else {
        throw new IllegalArgumentException("unknown algorithm identifier " + oid.getId());
    }

    this.outputStream = new ByteArrayOutputStream();
}

public ConcurrentContentSigner createSigner(AlgorithmIdentifier signatureAlgId,
        int parallelism, SecureRandom random) throws XiSecurityException {
    ParamUtil.requireNonNull("signatureAlgId", signatureAlgId);
    ParamUtil.requireMin("parallelism", parallelism, 1);

    List<XiContentSigner> signers = new ArrayList<>(parallelism);

    boolean gmac = false;
    ASN1ObjectIdentifier oid = signatureAlgId.getAlgorithm();
    if (oid.equals(NISTObjectIdentifiers.id_aes128_GCM)
            || oid.equals(NISTObjectIdentifiers.id_aes192_GCM)
            || oid.equals(NISTObjectIdentifiers.id_aes256_GCM)) {
        gmac = true;
    }

    for (int i = 0; i < parallelism; i++) {
        XiContentSigner signer;
        if (gmac) {
            signer = new AESGmacContentSigner(oid, key);
        } else {
            signer = new HmacContentSigner(signatureAlgId, key);
        }
        signers.add(signer);
    }

    final boolean mac = true;
    DfltConcurrentContentSigner concurrentSigner;
    try {
        concurrentSigner = new DfltConcurrentContentSigner(mac, signers, key);
    } catch (NoSuchAlgorithmException ex) {
        throw new XiSecurityException(ex.getMessage(), ex);
    }
    concurrentSigner.setSha1DigestOfMacKey(HashAlgoType.SHA1.hash(key.getEncoded()));

    return concurrentSigner;
}

public static ASN1ObjectIdentifier getKeyEncryptionOID(int algID)
    throws PGPException
{
    switch (algID)
    {
    case SymmetricKeyAlgorithmTags.AES_128:
        return NISTObjectIdentifiers.id_aes128_wrap;
    case SymmetricKeyAlgorithmTags.AES_192:
        return NISTObjectIdentifiers.id_aes192_wrap;
    case SymmetricKeyAlgorithmTags.AES_256:
        return NISTObjectIdentifiers.id_aes256_wrap;
    default:
        throw new PGPException("unknown symmetric algorithm ID: " + algID);
    }
}

public String getHashAlgorithmName()
{
    if (certID != null)
    {
        return "SHA-1";
    }
    else
    {
        if (NISTObjectIdentifiers.id_sha256.equals(certIDv2.getHashAlgorithm().getAlgorithm()))
        {
            return "SHA-256";
        }
        return certIDv2.getHashAlgorithm().getAlgorithm().getId();
    }
}

public void performTest()
    throws Exception
{
    // check getInstance on default algorithm.
    byte[] digest = new byte [256];
    ESSCertIDv2 essCertIdv2 = new ESSCertIDv2(new AlgorithmIdentifier(
        NISTObjectIdentifiers.id_sha256), digest);
    ASN1Primitive asn1Object = essCertIdv2.toASN1Primitive();

    ESSCertIDv2.getInstance(asn1Object);
}

private void testKeyTransLight128RC4()
        throws Exception
{
    byte[]          data     = "WallaWallaBouncyCastle".getBytes();

    CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();

    edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(_reciCert));

    CMSEnvelopedData ed = edGen.generate(
        new CMSProcessableByteArray(data),
        new BcCMSContentEncryptorBuilder(NISTObjectIdentifiers.id_aes128_CBC).build());

    RecipientInformationStore recipients = ed.getRecipientInfos();

    if (!ed.getEncryptionAlgOID().equals(NISTObjectIdentifiers.id_aes128_CBC.getId()))
    {
        fail("enc oid mismatch");
    }

    Collection  c = recipients.getRecipients();
    Iterator    it = c.iterator();

    if (it.hasNext())
    {
        RecipientInformation recipient = (RecipientInformation)it.next();

        byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient((AsymmetricKeyParameter)_reciKP.getPrivate()));

        if (!Arrays.areEqual(data, recData))
        {
            fail("decryption failed");
        }
    }
    else
    {
        fail("no recipient found");
    }
}

@Override
  public Attribute getValue() throws SignerException {

    try {
        int chainSize = certificates.length -1;
        OtherCertID[] arrayOtherCertID = new OtherCertID[chainSize];    
          for (int i = 1; i <= chainSize; i++ ){
                X509Certificate issuerCert = null;
                X509Certificate cert = (X509Certificate) certificates[i];
                if (i < chainSize){  
                    issuerCert = (X509Certificate) certificates[i+1];
                }else{ // raiz
                    issuerCert = (X509Certificate) certificates[i];
                }
                Digest digest = DigestFactory.getInstance().factoryDefault();
                digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
                byte[] certHash = digest.digest(cert.getEncoded());
                X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
                GeneralName name = new GeneralName(dirName);
                GeneralNames issuer = new GeneralNames(name);
                ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
                IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
                AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
                OtherCertID otherCertID = new OtherCertID(algId, certHash, issuerSerial);
                arrayOtherCertID[i -1] = otherCertID; 
         }   

    return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new ASN1Encodable[] { new DERSequence(arrayOtherCertID) }));
    } catch (CertificateEncodingException e) {
        throw new SignerException(e.getMessage());
}        
  }

public JceKTSKeyWrapper(PublicKey publicKey, String symmetricWrappingAlg, int keySizeInBits, byte[] partyUInfo, byte[] partyVInfo)
{
    super(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_rsa_KEM, new GenericHybridParameters(new AlgorithmIdentifier(ISOIECObjectIdentifiers.id_kem_rsa, new RsaKemParameters(new AlgorithmIdentifier(X9ObjectIdentifiers.id_kdf_kdf3, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256)), (keySizeInBits + 7) / 8)), JceSymmetricKeyWrapper.determineKeyEncAlg(symmetricWrappingAlg, keySizeInBits))));

    this.publicKey = publicKey;
    this.symmetricWrappingAlg = symmetricWrappingAlg;
    this.keySizeInBits = keySizeInBits;
    this.partyUInfo = Arrays.clone(partyUInfo);
    this.partyVInfo = Arrays.clone(partyVInfo);
}

/**
 * Basic builder.
 *
 * @param algorithmName the algorithm name for the secret key we use for wrapping.
 * @param keySizeInBits the size of the wrapping key we want to produce in bits.
 * @param otherInfo     the otherInfo/IV encoding to be applied to the KDF.
 */
public Builder(String algorithmName, int keySizeInBits, byte[] otherInfo)
{
    this.algorithmName = algorithmName;
    this.keySizeInBits = keySizeInBits;
    this.kdfAlgorithm = new AlgorithmIdentifier(X9ObjectIdentifiers.id_kdf_kdf3, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256));
    this.otherInfo = (otherInfo == null) ? new byte[0] : Arrays.clone(otherInfo);
}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA3-224", PREFIX + "$Digest224");
    provider.addAlgorithm("MessageDigest.SHA3-256", PREFIX + "$Digest256");
    provider.addAlgorithm("MessageDigest.SHA3-384", PREFIX + "$Digest384");
    provider.addAlgorithm("MessageDigest.SHA3-512", PREFIX + "$Digest512");
    provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_224, PREFIX + "$Digest224");
    provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_256, PREFIX + "$Digest256");
    provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_384, PREFIX + "$Digest384");
    provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_512, PREFIX + "$Digest512");
}

public void configure(ConfigurableProvider provider)
{
    provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest");
    provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384");
    provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384");
    provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");

    addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
    addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384);
}