in modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java [96:279]
public void setAlgorithmSuite(String algoSuite) throws WSSPolicyException {
setAlgoSuiteString(algoSuite);
this.algoSuiteString = algoSuite;
// TODO: Optimize this :-)
if (SPConstants.ALGO_SUITE_BASIC256.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.AES256;
this.symmetricKeyWrap = SPConstants.KW_AES256;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 256;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 256;
this.encryptionDerivedKeyLength = 256;
} else if (SPConstants.ALGO_SUITE_BASIC192.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.AES192;
this.symmetricKeyWrap = SPConstants.KW_AES192;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192;
} else if (SPConstants.ALGO_SUITE_BASIC128.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.AES128;
this.symmetricKeyWrap = SPConstants.KW_AES128;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
this.encryptionDerivedKeyLength = 128;
this.signatureDerivedKeyLength = 128;
this.minimumSymmetricKeyLength = 128;
this.maximumSymmetricKeyLength = 128;
} else if (SPConstants.ALGO_SUITE_TRIPLE_DES.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.TRIPLE_DES;
this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192; //due to use of 3des
} else if (SPConstants.ALGO_SUITE_BASIC256_RSA15.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.AES256;
this.symmetricKeyWrap = SPConstants.KW_AES256;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 256;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 256;
} else if (SPConstants.ALGO_SUITE_BASIC192_RSA15.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.AES192;
this.symmetricKeyWrap = SPConstants.KW_AES192;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192;
} else if (SPConstants.ALGO_SUITE_BASIC128_RSA15.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.AES128;
this.symmetricKeyWrap = SPConstants.KW_AES128;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
this.encryptionDerivedKeyLength = 128;
this.signatureDerivedKeyLength = 128;
this.minimumSymmetricKeyLength = 128;
this.maximumSymmetricKeyLength = 128;
} else if (SPConstants.ALGO_SUITE_TRIPLE_DES_RSA15.equals(algoSuite)) {
this.digest = SPConstants.SHA1;
this.encryption = SPConstants.TRIPLE_DES;
this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192; //due to use of 3des
} else if (SPConstants.ALGO_SUITE_BASIC256_SHA256.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.AES256;
this.symmetricKeyWrap = SPConstants.KW_AES256;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 256;
this.signatureDerivedKeyLength = 256;
this.minimumSymmetricKeyLength = 256;
} else if (SPConstants.ALGO_SUITE_BASIC192_SHA256.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.AES192;
this.symmetricKeyWrap = SPConstants.KW_AES192;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192;
} else if (SPConstants.ALGO_SUITE_BASIC128_SHA256.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.AES128;
this.symmetricKeyWrap = SPConstants.KW_AES128;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
this.encryptionDerivedKeyLength = 128;
this.signatureDerivedKeyLength = 128;
this.minimumSymmetricKeyLength = 128;
this.maximumSymmetricKeyLength = 128;
} else if (SPConstants.ALGO_SUITE_TRIPLE_DES_SHA256.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.TRIPLE_DES;
this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192; //due to use of 3des
} else if (SPConstants.ALGO_SUITE_BASIC256_SHA256_RSA15.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.AES256;
this.symmetricKeyWrap = SPConstants.KW_AES256;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 256;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 256;
} else if (SPConstants.ALGO_SUITE_BASIC192_SHA256_RSA15.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.AES192;
this.symmetricKeyWrap = SPConstants.KW_AES192;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192;
} else if (SPConstants.ALGO_SUITE_BASIC128_SHA256_RSA15.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.AES128;
this.symmetricKeyWrap = SPConstants.KW_AES128;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
this.encryptionDerivedKeyLength = 128;
this.signatureDerivedKeyLength = 128;
this.minimumSymmetricKeyLength = 128;
this.maximumSymmetricKeyLength = 192;
} else if (SPConstants.ALGO_SUITE_TRIPLE_DES_SHA256_RSA15
.equals(algoSuite)) {
this.digest = SPConstants.SHA256;
this.encryption = SPConstants.TRIPLE_DES;
this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
this.asymmetricKeyWrap = SPConstants.KW_RSA15;
this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
this.encryptionDerivedKeyLength = 192;
this.signatureDerivedKeyLength = 192;
this.minimumSymmetricKeyLength = 192;
this.maximumSymmetricKeyLength = 192; //due to use of 3des
} else {
throw new WSSPolicyException("Invalid algorithm suite : " +
algoSuite);
}
}