1 /* Registry.java -- 2 Copyright (C) 2001, 2002, 2003, 2004, 2006 Free Software Foundation, Inc. 3 4 This file is a part of GNU Classpath. 5 6 GNU Classpath is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 2 of the License, or (at 9 your option) any later version. 10 11 GNU Classpath is distributed in the hope that it will be useful, but 12 WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with GNU Classpath; if not, write to the Free Software 18 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 19 USA 20 21 Linking this library statically or dynamically with other modules is 22 making a combined work based on this library. Thus, the terms and 23 conditions of the GNU General Public License cover the whole 24 combination. 25 26 As a special exception, the copyright holders of this library give you 27 permission to link this library with independent modules to produce an 28 executable, regardless of the license terms of these independent 29 modules, and to copy and distribute the resulting executable under 30 terms of your choice, provided that you also meet, for each linked 31 independent module, the terms and conditions of the license of that 32 module. An independent module is a module which is not derived from 33 or based on this library. If you modify this library, you may extend 34 this exception to your version of the library, but you are not 35 obligated to do so. If you do not wish to do so, delete this 36 exception statement from your version. */ 37 38 39 package gnu.java.security; 40 41 /** 42 * A placeholder for <i>names</i> and <i>literals</i> used throughout this 43 * library. 44 */ 45 public interface Registry 46 { 47 /** The name of our Providers. */ 48 String GNU_SECURITY = "GNU"; 49 String GNU_CRYPTO = "GNU-CRYPTO"; 50 String GNU_SASL = "GNU-SASL"; 51 52 /** Our version number. */ 53 String VERSION_STRING = "2.1.0"; 54 55 // Names of properties to use in Maps when initialising primitives ......... 56 57 // Symmetric block cipher algorithms and synonyms........................... 58 59 String ANUBIS_CIPHER = "anubis"; 60 61 String BLOWFISH_CIPHER = "blowfish"; 62 63 String DES_CIPHER = "des"; 64 65 String KHAZAD_CIPHER = "khazad"; 66 67 String RIJNDAEL_CIPHER = "rijndael"; 68 69 String SERPENT_CIPHER = "serpent"; 70 71 String SQUARE_CIPHER = "square"; 72 73 String TRIPLEDES_CIPHER = "tripledes"; 74 75 String TWOFISH_CIPHER = "twofish"; 76 77 String CAST5_CIPHER = "cast5"; 78 79 String NULL_CIPHER = "null"; 80 81 /** AES is synonymous to Rijndael for 128-bit block size only. */ 82 String AES_CIPHER = "aes"; 83 84 /** TripleDES is also known as DESede. */ 85 String DESEDE_CIPHER = "desede"; 86 87 /** CAST5 is also known as CAST-128. */ 88 String CAST128_CIPHER = "cast128"; 89 90 String CAST_128_CIPHER = "cast-128"; 91 92 // Key Wrapping Algorithm names and synonyms ............................... 93 94 String KWA_PREFIX = "kw-"; 95 String AES_KWA = KWA_PREFIX + AES_CIPHER; 96 String AES128_KWA = AES_KWA + "128"; 97 String AES192_KWA = AES_KWA + "192"; 98 String AES256_KWA = AES_KWA + "256"; 99 String RIJNDAEL_KWA = KWA_PREFIX + RIJNDAEL_CIPHER; 100 101 String TRIPLEDES_KWA = KWA_PREFIX + TRIPLEDES_CIPHER; 102 String DESEDE_KWA = KWA_PREFIX + DESEDE_CIPHER; 103 104 // Message digest algorithms and synonyms................................... 105 106 String WHIRLPOOL_HASH = "whirlpool"; 107 108 String RIPEMD128_HASH = "ripemd128"; 109 110 String RIPEMD160_HASH = "ripemd160"; 111 112 String SHA160_HASH = "sha-160"; 113 114 String SHA256_HASH = "sha-256"; 115 116 String SHA384_HASH = "sha-384"; 117 118 String SHA512_HASH = "sha-512"; 119 120 String TIGER_HASH = "tiger"; 121 122 String HAVAL_HASH = "haval"; 123 124 String MD5_HASH = "md5"; 125 126 String MD4_HASH = "md4"; 127 128 String MD2_HASH = "md2"; 129 130 /** RIPEMD-128 is synonymous to RIPEMD128. */ 131 String RIPEMD_128_HASH = "ripemd-128"; 132 133 /** RIPEMD-160 is synonymous to RIPEMD160. */ 134 String RIPEMD_160_HASH = "ripemd-160"; 135 136 /** SHA-1 is synonymous to SHA-160. */ 137 String SHA_1_HASH = "sha-1"; 138 139 /** SHA1 is synonymous to SHA-160. */ 140 String SHA1_HASH = "sha1"; 141 142 /** SHA is synonymous to SHA-160. */ 143 String SHA_HASH = "sha"; 144 145 // Symmetric block cipher modes of operations............................... 146 147 /** Electronic CodeBook mode. */ 148 String ECB_MODE = "ecb"; 149 150 /** Counter (NIST) mode. */ 151 String CTR_MODE = "ctr"; 152 153 /** Integer Counter Mode (David McGrew). */ 154 String ICM_MODE = "icm"; 155 156 /** Output Feedback Mode (NIST). */ 157 String OFB_MODE = "ofb"; 158 159 /** Cipher block chaining mode (NIST). */ 160 String CBC_MODE = "cbc"; 161 162 /** Cipher feedback mode (NIST). */ 163 String CFB_MODE = "cfb"; 164 165 /** Authenticated-Encrypted mode. */ 166 String EAX_MODE = "eax"; 167 168 // Padding scheme names and synonyms........................................ 169 170 /** PKCS#5 padding scheme. */ 171 String PKCS5_PAD = "pkcs5"; 172 173 /** PKCS#7 padding scheme. */ 174 String PKCS7_PAD = "pkcs7"; 175 176 /** Trailing Bit Complement padding scheme. */ 177 String TBC_PAD = "tbc"; 178 179 /** EME-PKCS1-v1_5 padding as described in section 7.2 in RFC-3447. */ 180 String EME_PKCS1_V1_5_PAD = "eme-pkcs1-v1.5"; 181 182 /** SSLv3 padding scheme. */ 183 String SSL3_PAD = "ssl3"; 184 185 /** TLSv1 padding scheme. */ 186 String TLS1_PAD = "tls1"; 187 188 /** ISO 10126-2 padding scheme. */ 189 String ISO10126_PAD = "iso10126"; 190 191 // Pseudo-random number generators.......................................... 192 193 /** (Apparently) RC4 keystream PRNG. */ 194 String ARCFOUR_PRNG = "arcfour"; 195 196 /** We use "rc4" as an alias for "arcfour". */ 197 String RC4_PRNG = "rc4"; 198 199 /** PRNG based on David McGrew's Integer Counter Mode. */ 200 String ICM_PRNG = "icm"; 201 202 /** PRNG based on a designated hash function. */ 203 String MD_PRNG = "md"; 204 205 /** PRNG based on UMAC's Key Derivation Function. */ 206 String UMAC_PRNG = "umac-kdf"; 207 208 /** 209 * PRNG based on PBKDF2 from PKCS #5 v.2. This is suffixed with the name 210 * of a MAC to be used as a PRF. 211 */ 212 String PBKDF2_PRNG_PREFIX = "pbkdf2-"; 213 214 /** The continuously-seeded pseudo-random number generator. */ 215 String CSPRNG_PRNG = "csprng"; 216 217 /** The Fortuna PRNG. */ 218 String FORTUNA_PRNG = "fortuna"; 219 220 /** The Fortuna generator PRNG. */ 221 String FORTUNA_GENERATOR_PRNG = "fortuna-generator"; 222 223 // Asymmetric keypair generators............................................ 224 225 String DSS_KPG = "dss"; 226 227 String RSA_KPG = "rsa"; 228 229 String DH_KPG = "dh"; 230 231 String SRP_KPG = "srp"; 232 233 /** DSA is synonymous to DSS. */ 234 String DSA_KPG = "dsa"; 235 236 // Signature-with-appendix schemes.......................................... 237 238 String DSS_SIG = "dss"; 239 240 String RSA_SIG_PREFIX = "rsa-"; 241 242 String RSA_PSS_ENCODING = "pss"; 243 244 String RSA_PSS_SIG = RSA_SIG_PREFIX + RSA_PSS_ENCODING; 245 246 String RSA_PKCS1_V1_5_ENCODING = "pkcs1-v1.5"; 247 248 String RSA_PKCS1_V1_5_SIG = RSA_SIG_PREFIX + RSA_PKCS1_V1_5_ENCODING; 249 250 /** DSA is synonymous to DSS. */ 251 String DSA_SIG = "dsa"; 252 253 // Key agreement protocols ................................................. 254 255 String DH_KA = "dh"; 256 257 String ELGAMAL_KA = "elgamal"; 258 259 String SRP6_KA = "srp6"; 260 261 String SRP_SASL_KA = "srp-sasl"; 262 263 String SRP_TLS_KA = "srp-tls"; 264 265 // Keyed-Hash Message Authentication Code .................................. 266 267 /** Name prefix of every HMAC implementation. */ 268 String HMAC_NAME_PREFIX = "hmac-"; 269 270 // Other MAC algorithms .................................................... 271 272 /** The One-key CBC MAC. */ 273 String OMAC_PREFIX = "omac-"; 274 275 /** Message Authentication Code using Universal Hashing (Ted Krovetz). */ 276 String UHASH32 = "uhash32"; 277 278 String UMAC32 = "umac32"; 279 280 /** The Truncated Multi-Modular Hash Function -v1 (David McGrew). */ 281 String TMMH16 = "tmmh16"; 282 283 // String TMMH32 = "tmmh32"; 284 285 // Format IDs used to identify how we externalise asymmetric keys .......... 286 // fully-qualified names of the supported codecs 287 String RAW_ENCODING = "gnu.crypto.raw.format"; 288 String X509_ENCODING = "gnu.crypto.x509.format"; 289 String PKCS8_ENCODING = "gnu.crypto.pkcs8.format"; 290 String ASN1_ENCODING = "gnu.crypto.asn1.format"; 291 292 // short names of the same. used by JCE adapters 293 String RAW_ENCODING_SHORT_NAME = "RAW"; 294 String X509_ENCODING_SORT_NAME = "X.509"; 295 String PKCS8_ENCODING_SHORT_NAME = "PKCS#8"; 296 String ASN1_ENCODING_SHORT_NAME = "ASN.1"; 297 298 // unique identifiers of the same 299 int RAW_ENCODING_ID = 1; 300 int X509_ENCODING_ID = 2; 301 int PKCS8_ENCODING_ID = 3; 302 int ASN1_ENCODING_ID = 4; 303 304 // OID strings used in encoding/decoding keys 305 String DSA_OID_STRING = "1.2.840.10040.4.1"; 306 String RSA_OID_STRING = "1.2.840.113549.1.1.1"; 307 String DH_OID_STRING = "1.2.840.10046.2.1"; 308 309 // Magic bytes we generate/expect in externalised asymmetric keys .......... 310 // the four bytes represent G (0x47) for GNU, 1 (0x01) for Raw format, 311 // D (0x44) for DSS, R (0x52) for RSA, H (0x48) for Diffie-Hellman, or S 312 // (0x53) for SRP-6, and finally P (0x50) for Public, p (0x70) for private, 313 // or S (0x53) for signature. 314 byte[] MAGIC_RAW_DSS_PUBLIC_KEY = new byte[] { 315 0x47, RAW_ENCODING_ID, 0x44, 0x50 }; 316 317 byte[] MAGIC_RAW_DSS_PRIVATE_KEY = new byte[] { 318 0x47, RAW_ENCODING_ID, 0x44, 0x70 }; 319 320 byte[] MAGIC_RAW_DSS_SIGNATURE = new byte[] { 321 0x47, RAW_ENCODING_ID, 0x44, 0x53 }; 322 323 byte[] MAGIC_RAW_RSA_PUBLIC_KEY = new byte[] { 324 0x47, RAW_ENCODING_ID, 0x52, 0x50 }; 325 326 byte[] MAGIC_RAW_RSA_PRIVATE_KEY = new byte[] { 327 0x47, RAW_ENCODING_ID, 0x52, 0x70 }; 328 329 byte[] MAGIC_RAW_RSA_PSS_SIGNATURE = new byte[] { 330 0x47, RAW_ENCODING_ID, 0x52, 0x53 }; 331 332 byte[] MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE = new byte[] { 333 0x47, RAW_ENCODING_ID, 0x52, 0x54 }; 334 335 byte[] MAGIC_RAW_DH_PUBLIC_KEY = new byte[] { 336 0x47, RAW_ENCODING_ID, 0x48, 0x50 }; 337 338 byte[] MAGIC_RAW_DH_PRIVATE_KEY = new byte[] { 339 0x47, RAW_ENCODING_ID, 0x48, 0x70 }; 340 341 byte[] MAGIC_RAW_SRP_PUBLIC_KEY = new byte[] { 342 0x47, RAW_ENCODING_ID, 0x53, 0x50 }; 343 344 byte[] MAGIC_RAW_SRP_PRIVATE_KEY = new byte[] { 345 0x47, RAW_ENCODING_ID, 0x53, 0x70 }; 346 347 // SASL Property names ..................................................... 348 349 String SASL_PREFIX = "gnu.crypto.sasl"; 350 351 /** Name of username property. */ 352 String SASL_USERNAME = SASL_PREFIX + ".username"; 353 354 /** Name of password property. */ 355 String SASL_PASSWORD = SASL_PREFIX + ".password"; 356 357 /** Name of authentication information provider packages. */ 358 String SASL_AUTH_INFO_PROVIDER_PKGS = SASL_PREFIX + ".auth.info.provider.pkgs"; 359 360 /** SASL authorization ID. */ 361 String SASL_AUTHORISATION_ID = SASL_PREFIX + ".authorisation.ID"; 362 363 /** SASL protocol. */ 364 String SASL_PROTOCOL = SASL_PREFIX + ".protocol"; 365 366 /** SASL Server name. */ 367 String SASL_SERVER_NAME = SASL_PREFIX + ".server.name"; 368 369 /** SASL Callback handler. */ 370 String SASL_CALLBACK_HANDLER = SASL_PREFIX + ".callback.handler"; 371 372 /** SASL channel binding. */ 373 String SASL_CHANNEL_BINDING = SASL_PREFIX + ".channel.binding"; 374 375 // SASL data element size limits ........................................... 376 377 /** The size limit, in bytes, of a SASL OS (Octet Sequence) element. */ 378 int SASL_ONE_BYTE_MAX_LIMIT = 255; 379 380 /** 381 * The size limit, in bytes, of both a SASL MPI (Multi-Precision Integer) 382 * element and a SASL Text element. 383 */ 384 int SASL_TWO_BYTE_MAX_LIMIT = 65535; 385 386 /** The size limit, in bytes, of a SASL EOS (Extended Octet Sequence) element. */ 387 int SASL_FOUR_BYTE_MAX_LIMIT = 2147483383; 388 389 /** The size limit, in bytes, of a SASL Buffer. */ 390 int SASL_BUFFER_MAX_LIMIT = 2147483643; 391 392 // Canonical names of SASL mechanisms ...................................... 393 394 String SASL_ANONYMOUS_MECHANISM = "ANONYMOUS"; 395 396 String SASL_CRAM_MD5_MECHANISM = "CRAM-MD5"; 397 398 String SASL_PLAIN_MECHANISM = "PLAIN"; 399 400 String SASL_SRP_MECHANISM = "SRP"; 401 402 // Canonical names of Integrity Protection algorithms ...................... 403 404 String SASL_HMAC_MD5_IALG = "HMACwithMD5"; 405 406 String SASL_HMAC_SHA_IALG = "HMACwithSHA"; 407 408 // Quality Of Protection string representations ............................ 409 410 /** authentication only. */ 411 String QOP_AUTH = "auth"; 412 413 /** authentication plus integrity protection. */ 414 String QOP_AUTH_INT = "auth-int"; 415 416 /** authentication plus integrity and confidentiality protection. */ 417 String QOP_AUTH_CONF = "auth-conf"; 418 419 // SASL mechanism strength string representation ........................... 420 421 String STRENGTH_HIGH = "high"; 422 423 String STRENGTH_MEDIUM = "medium"; 424 425 String STRENGTH_LOW = "low"; 426 427 // SASL Server Authentication requirement .................................. 428 429 /** Server must authenticate to the client. */ 430 String SERVER_AUTH_TRUE = "true"; 431 432 /** Server does not need to, or cannot, authenticate to the client. */ 433 String SERVER_AUTH_FALSE = "false"; 434 435 // SASL mechanism reuse capability ......................................... 436 437 String REUSE_TRUE = "true"; 438 439 String REUSE_FALSE = "false"; 440 441 // Keyrings ............................................................... 442 443 byte[] GKR_MAGIC = new byte[] { 0x47, 0x4b, 0x52, 0x01 }; 444 445 // Ring usage fields. 446 int GKR_PRIVATE_KEYS = 1 << 0; 447 448 int GKR_PUBLIC_CREDENTIALS = 1 << 1; 449 450 int GKR_CERTIFICATES = 1 << 2; 451 452 // HMac types. 453 int GKR_HMAC_MD5_128 = 0; 454 455 int GKR_HMAC_SHA_160 = 1; 456 457 int GKR_HMAC_MD5_96 = 2; 458 459 int GKR_HMAC_SHA_96 = 3; 460 461 // Cipher types. 462 int GKR_CIPHER_AES_128_OFB = 0; 463 464 int GKR_CIPHER_AES_128_CBC = 1; 465 } 466