added id-alg-unsigned and use for it with empty signatures for X.509.

Author: dghgit

core/src/main/java/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java

@@ -100,6 +100,11 @@ public interface X509ObjectIdentifiers
      */
     ASN1ObjectIdentifier id_alg_noSignature = pkix_algorithms.branch("2");
 
+    /**
+     * id-alg-unsigned OBJECT IDENTIFIER ::= {id-pkix id-alg(6) 36}
+     */
+    ASN1ObjectIdentifier id_alg_unsigned = pkix_algorithms.branch("36");
+    
     /** 1.3.6.1.5.5.7.9 */
     static final ASN1ObjectIdentifier id_pda = id_pkix.branch("9");
 

pkix/src/main/java/org/bouncycastle/operator/NoSignatureContentSigner.java

@@ -3,7 +3,6 @@
 import java.io.IOException;
 import java.io.OutputStream;
 
-import org.bouncycastle.asn1.DERNull;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
 
@@ -16,7 +15,7 @@ public class NoSignatureContentSigner
     @Override
     public AlgorithmIdentifier getAlgorithmIdentifier()
     {
-        return new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_noSignature, DERNull.INSTANCE);
+        return new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_unsigned);
     }
 
     @Override

pkix/src/test/java/org/bouncycastle/cert/test/CertTest.java

@@ -4024,8 +4024,8 @@ public void checkCreationNoSignature()
 
         org.bouncycastle.asn1.x509.Certificate crt = org.bouncycastle.asn1.x509.Certificate.getInstance(cert.getEncoded());
 
-        isTrue(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_noSignature, DERNull.INSTANCE).equals(crt.getTBSCertificate().getSignature()));
-        isTrue(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_noSignature, DERNull.INSTANCE).equals(crt.getSignatureAlgorithm()));
+        isTrue(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_unsigned).equals(crt.getTBSCertificate().getSignature()));
+        isTrue(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_unsigned).equals(crt.getSignatureAlgorithm()));
         isTrue(0 == cert.getSignature().length);
     }
 

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/NoSig.java

@@ -85,6 +85,7 @@ public Mappings()
         public void configure(ConfigurableProvider provider)
         {
             provider.addAlgorithm("Signature." + X509ObjectIdentifiers.id_alg_noSignature, PREFIX + "SigSpi");
+            provider.addAlgorithm("Signature." + X509ObjectIdentifiers.id_alg_unsigned, PREFIX + "SigSpi");
         }
     }
 }

prov/src/test/java/org/bouncycastle/jce/provider/test/TestUtils.java

@@ -130,15 +130,15 @@ public static X509Certificate createNoSigCert(X500Name dn, KeyPair keyPair)
         certGen.setSubject(dn);
         certGen.setStartDate(new Time(new Date(time - 5000)));
         certGen.setEndDate(new Time(new Date(time + 30 * 60 * 1000)));
-        certGen.setSignature(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_noSignature, DERNull.INSTANCE));
+        certGen.setSignature(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_unsigned));
         certGen.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
 
         TBSCertificate tbsCert = certGen.generateTBSCertificate();
 
         ASN1EncodableVector v = new ASN1EncodableVector();
 
         v.add(tbsCert);
-        v.add(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_noSignature, DERNull.INSTANCE));
+        v.add(new AlgorithmIdentifier(X509ObjectIdentifiers.id_alg_unsigned));
         v.add(new DERBitString(new byte[0]));
 
         return (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));