java - How to extract the digest algorithm from a X509Certificate -
i can extract oid , name of signature algorithm x509certificate instance such "sha256withrsa" how extract name of digest algorithm e.g. "sha256".
is there way beside string splitting "with" or fixed mapping of oid's?
side question: safe split "with"?
a certificate contains signature algorithm oid maps unique couple digest/algorithm. therefore easiest way found digest algorithm use mapping table oid -> digest algo.
unfortunately know no centralized location can find these oid. can collected in these rfc:
- algorithms , identifiers internet x.509 public key infrastructure certificate , certificate revocation list (crl) profile
- additional algorithms , identifiers rsa cryptography use in internet x.509 public key infrastructure certificate , certificate revocation list (crl) profile
- updates rsaes-oaep , rsassa-pss algorithm parameters
- internet x.509 public key infrastructure: additional algorithms , identifiers dsa , ecdsa
parsing algorithm name , splitting on "with" should work these limitations
- it may work oracle cryptography provider (see documentation on signature algorithm naming conventions). provider, own certificate implementation, may use incompatible naming convention.
- if algorithm unknown
getsigalgname()method return string of formoid.a.b.c.d.... instancesha256withdsaalgorithm not supported old java6 , printedoid.2.16.840.1.101.3.4.3.2
Comments
Post a Comment