stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8177334: Update xmldsig implementation to Apache Santuario 2.1.1

Browse Source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2018-06-19 08:06:35 +08:00
parent a0065b1667
commit 9adabc35b0
261 changed files with 10095 additions and 13654 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/Init.java
View File

@ -30,9 +30,7 @@ import java.security.PrivilegedExceptionAction;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm; import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm;
@ -61,9 +59,8 @@ public class Init {
/** The namespace for CONF file **/ /** The namespace for CONF file **/
public static final String CONF_NS = "http://www.xmlsecurity.org/NS/#configuration"; public static final String CONF_NS = "http://www.xmlsecurity.org/NS/#configuration";
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(Init.class);
java.util.logging.Logger.getLogger(Init.class.getName());
/** Field alreadyInitialized */ /** Field alreadyInitialized */
private static boolean alreadyInitialized = false; private static boolean alreadyInitialized = false;
@ -72,7 +69,7 @@ public class Init {
* Method isInitialized * Method isInitialized
* @return true if the library is already initialized. * @return true if the library is already initialized.
*/ */
public static synchronized final boolean isInitialized() { public static final synchronized boolean isInitialized() {
return Init.alreadyInitialized; return Init.alreadyInitialized;
} }
@ -87,16 +84,16 @@ public class Init {
InputStream is = InputStream is =
AccessController.doPrivileged( AccessController.doPrivileged(
new PrivilegedAction<InputStream>() { (PrivilegedAction<InputStream>)
public InputStream run() { () -> {
String cfile = String cfile =
System.getProperty("com.sun.org.apache.xml.internal.security.resource.config"); System.getProperty("com.sun.org.apache.xml.internal.security.resource.config");
if (cfile == null) { if (cfile == null) {
return null; return null;
} }
return getClass().getResourceAsStream(cfile); return Init.class.getResourceAsStream(cfile);
} }
}); );
if (is == null) { if (is == null) {
dynamicInit(); dynamicInit();
} else { } else {
@ -117,9 +114,8 @@ public class Init {
// //
I18n.init("en", "US"); I18n.init("en", "US");
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Registering default algorithms");
log.log(java.util.logging.Level.FINE, "Registering default algorithms");
}
try { try {
AccessController.doPrivileged(new PrivilegedExceptionAction<Void>(){ AccessController.doPrivileged(new PrivilegedExceptionAction<Void>(){
@Override public Void run() throws XMLSecurityException { @Override public Void run() throws XMLSecurityException {
@ -163,7 +159,7 @@ public class Init {
}); });
} catch (PrivilegedActionException ex) { } catch (PrivilegedActionException ex) {
XMLSecurityException xse = (XMLSecurityException)ex.getException(); XMLSecurityException xse = (XMLSecurityException)ex.getException();
log.log(java.util.logging.Level.SEVERE, xse.getMessage(), xse); LOG.error(xse.getMessage(), xse);
xse.printStackTrace(); xse.printStackTrace();
} }
} }
@ -174,13 +170,7 @@ public class Init {
private static void fileInit(InputStream is) { private static void fileInit(InputStream is) {
try { try {
/* read library configuration file */ /* read library configuration file */
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
dbf.setNamespaceAware(true);
dbf.setValidating(false);
DocumentBuilder db = dbf.newDocumentBuilder();
Document doc = db.parse(is); Document doc = db.parse(is);
Node config = doc.getFirstChild(); Node config = doc.getFirstChild();
for (; config != null; config = config.getNextSibling()) { for (; config != null; config = config.getNextSibling()) {
@ -189,7 +179,7 @@ public class Init {
} }
} }
if (config == null) { if (config == null) {
log.log(java.util.logging.Level.SEVERE, "Error in reading configuration file - Configuration element not found"); LOG.error("Error in reading configuration file - Configuration element not found");
return; return;
} }
for (Node el = config.getFirstChild(); el != null; el = el.getNextSibling()) { for (Node el = config.getFirstChild(); el != null; el = el.getNextSibling()) {
@ -197,11 +187,11 @@ public class Init {
continue; continue;
} }
String tag = el.getLocalName(); String tag = el.getLocalName();
if (tag.equals("ResourceBundles")) { if ("ResourceBundles".equals(tag)) {
Element resource = (Element)el; Element resource = (Element)el;
/* configure internationalization */ /* configure internationalization */
Attr langAttr = resource.getAttributeNode("defaultLanguageCode"); Attr langAttr = resource.getAttributeNodeNS(null, "defaultLanguageCode");
Attr countryAttr = resource.getAttributeNode("defaultCountryCode"); Attr countryAttr = resource.getAttributeNodeNS(null, "defaultCountryCode");
String languageCode = String languageCode =
(langAttr == null) ? null : langAttr.getNodeValue(); (langAttr == null) ? null : langAttr.getNodeValue();
String countryCode = String countryCode =
@ -209,45 +199,41 @@ public class Init {
I18n.init(languageCode, countryCode); I18n.init(languageCode, countryCode);
} }
if (tag.equals("CanonicalizationMethods")) { if ("CanonicalizationMethods".equals(tag)) {
Element[] list = Element[] list =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "CanonicalizationMethod"); XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "CanonicalizationMethod");
for (int i = 0; i < list.length; i++) { for (Element element : list) {
String uri = list[i].getAttributeNS(null, "URI"); String uri = element.getAttributeNS(null, "URI");
String javaClass = String javaClass =
list[i].getAttributeNS(null, "JAVACLASS"); element.getAttributeNS(null, "JAVACLASS");
try { try {
Canonicalizer.register(uri, javaClass); Canonicalizer.register(uri, javaClass);
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Canonicalizer.register({}, {})", uri, javaClass);
log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + uri + ", " + javaClass + ")");
}
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
Object exArgs[] = { uri, javaClass }; Object exArgs[] = { uri, javaClass };
log.log(java.util.logging.Level.SEVERE, I18n.translate("algorithm.classDoesNotExist", exArgs)); LOG.error(I18n.translate("algorithm.classDoesNotExist", exArgs));
} }
} }
} }
if (tag.equals("TransformAlgorithms")) { if ("TransformAlgorithms".equals(tag)) {
Element[] tranElem = Element[] tranElem =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "TransformAlgorithm"); XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "TransformAlgorithm");
for (int i = 0; i < tranElem.length; i++) { for (Element element : tranElem) {
String uri = tranElem[i].getAttributeNS(null, "URI"); String uri = element.getAttributeNS(null, "URI");
String javaClass = String javaClass =
tranElem[i].getAttributeNS(null, "JAVACLASS"); element.getAttributeNS(null, "JAVACLASS");
try { try {
Transform.register(uri, javaClass); Transform.register(uri, javaClass);
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Transform.register({}, {})", uri, javaClass);
log.log(java.util.logging.Level.FINE, "Transform.register(" + uri + ", " + javaClass + ")");
}
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
Object exArgs[] = { uri, javaClass }; Object exArgs[] = { uri, javaClass };
log.log(java.util.logging.Level.SEVERE, I18n.translate("algorithm.classDoesNotExist", exArgs)); LOG.error(I18n.translate("algorithm.classDoesNotExist", exArgs));
} catch (NoClassDefFoundError ex) { } catch (NoClassDefFoundError ex) {
log.log(java.util.logging.Level.WARNING, "Not able to found dependencies for algorithm, I'll keep working."); LOG.warn("Not able to found dependencies for algorithm, I'll keep working.");
} }
} }
} }
@ -257,64 +243,54 @@ public class Init {
if (algorithmsNode != null) { if (algorithmsNode != null) {
Element[] algorithms = Element[] algorithms =
XMLUtils.selectNodes(algorithmsNode.getFirstChild(), CONF_NS, "Algorithm"); XMLUtils.selectNodes(algorithmsNode.getFirstChild(), CONF_NS, "Algorithm");
for (int i = 0; i < algorithms.length; i++) { for (Element element : algorithms) {
Element element = algorithms[i]; String id = element.getAttributeNS(null, "URI");
String id = element.getAttribute("URI");
JCEMapper.register(id, new JCEMapper.Algorithm(element)); JCEMapper.register(id, new JCEMapper.Algorithm(element));
} }
} }
} }
if (tag.equals("SignatureAlgorithms")) { if ("SignatureAlgorithms".equals(tag)) {
Element[] sigElems = Element[] sigElems =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "SignatureAlgorithm"); XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "SignatureAlgorithm");
for (int i = 0; i < sigElems.length; i++) { for (Element sigElem : sigElems) {
String uri = sigElems[i].getAttributeNS(null, "URI"); String uri = sigElem.getAttributeNS(null, "URI");
String javaClass = String javaClass =
sigElems[i].getAttributeNS(null, "JAVACLASS"); sigElem.getAttributeNS(null, "JAVACLASS");
/** $todo$ handle registering */ /** $todo$ handle registering */
try { try {
SignatureAlgorithm.register(uri, javaClass); SignatureAlgorithm.register(uri, javaClass);
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("SignatureAlgorithm.register({}, {})", uri, javaClass);
log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + uri + ", "
+ javaClass + ")");
}
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
Object exArgs[] = { uri, javaClass }; Object exArgs[] = { uri, javaClass };
log.log(java.util.logging.Level.SEVERE, I18n.translate("algorithm.classDoesNotExist", exArgs)); LOG.error(I18n.translate("algorithm.classDoesNotExist", exArgs));
} }
} }
} }
if (tag.equals("ResourceResolvers")) { if ("ResourceResolvers".equals(tag)) {
Element[]resolverElem = Element[] resolverElem =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "Resolver"); XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "Resolver");
for (int i = 0; i < resolverElem.length; i++) { for (Element element : resolverElem) {
String javaClass = String javaClass =
resolverElem[i].getAttributeNS(null, "JAVACLASS"); element.getAttributeNS(null, "JAVACLASS");
String description = String description =
resolverElem[i].getAttributeNS(null, "DESCRIPTION"); element.getAttributeNS(null, "DESCRIPTION");
if ((description != null) && (description.length() > 0)) { if (description != null && description.length() > 0) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Register Resolver: {}: {}", javaClass, description);
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass + ": "
+ description);
}
} else { } else {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Register Resolver: {}: For unknown purposes", javaClass);
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass
+ ": For unknown purposes");
}
} }
try { try {
ResourceResolver.register(javaClass); ResourceResolver.register(javaClass);
} catch (Throwable e) { } catch (Throwable e) {
log.log(java.util.logging.Level.WARNING, LOG.warn(
"Cannot register:" + javaClass "Cannot register:" + javaClass
+ " perhaps some needed jars are not installed", + " perhaps some needed jars are not installed",
e e
@ -323,26 +299,20 @@ public class Init {
} }
} }
if (tag.equals("KeyResolver")){ if ("KeyResolver".equals(tag)){
Element[] resolverElem = Element[] resolverElem =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "Resolver"); XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "Resolver");
List<String> classNames = new ArrayList<String>(resolverElem.length); List<String> classNames = new ArrayList<>(resolverElem.length);
for (int i = 0; i < resolverElem.length; i++) { for (Element element : resolverElem) {
String javaClass = String javaClass =
resolverElem[i].getAttributeNS(null, "JAVACLASS"); element.getAttributeNS(null, "JAVACLASS");
String description = String description =
resolverElem[i].getAttributeNS(null, "DESCRIPTION"); element.getAttributeNS(null, "DESCRIPTION");
if ((description != null) && (description.length() > 0)) { if (description != null && description.length() > 0) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Register Resolver: {}: {}", javaClass, description);
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass + ": "
+ description);
}
} else { } else {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Register Resolver: {}: For unknown purposes", javaClass);
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass
+ ": For unknown purposes");
}
} }
classNames.add(javaClass); classNames.add(javaClass);
} }
@ -350,27 +320,22 @@ public class Init {
} }
if (tag.equals("PrefixMappings")){ if ("PrefixMappings".equals(tag)){
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Now I try to bind prefixes:");
log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:");
}
Element[] nl = Element[] nl =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "PrefixMapping"); XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "PrefixMapping");
for (int i = 0; i < nl.length; i++) { for (Element element : nl) {
String namespace = nl[i].getAttributeNS(null, "namespace"); String namespace = element.getAttributeNS(null, "namespace");
String prefix = nl[i].getAttributeNS(null, "prefix"); String prefix = element.getAttributeNS(null, "prefix");
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Now I try to bind {} to {}", prefix, namespace);
log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace);
}
ElementProxy.setDefaultPrefix(namespace, prefix); ElementProxy.setDefaultPrefix(namespace, prefix);
} }
} }
} }
} catch (Exception e) { } catch (Exception e) {
log.log(java.util.logging.Level.SEVERE, "Bad: ", e); LOG.error("Bad: ", e);
e.printStackTrace();
} }
} }

13
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java
View File

@ -40,7 +40,6 @@ public abstract class Algorithm extends SignatureElementProxy {
*/ */
public Algorithm(Document doc, String algorithmURI) { public Algorithm(Document doc, String algorithmURI) {
super(doc); super(doc);
this.setAlgorithmURI(algorithmURI); this.setAlgorithmURI(algorithmURI);
} }
@ -48,11 +47,11 @@ public abstract class Algorithm extends SignatureElementProxy {
* Constructor Algorithm * Constructor Algorithm
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public Algorithm(Element element, String BaseURI) throws XMLSecurityException { public Algorithm(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -61,7 +60,7 @@ public abstract class Algorithm extends SignatureElementProxy {
* @return The URI of the algorithm * @return The URI of the algorithm
*/ */
public String getAlgorithmURI() { public String getAlgorithmURI() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM); return getLocalAttribute(Constants._ATT_ALGORITHM);
} }
/** /**
@ -71,9 +70,7 @@ public abstract class Algorithm extends SignatureElementProxy {
*/ */
protected void setAlgorithmURI(String algorithmURI) { protected void setAlgorithmURI(String algorithmURI) {
if (algorithmURI != null) { if (algorithmURI != null) {
this.constructionElement.setAttributeNS( setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI);
null, Constants._ATT_ALGORITHM, algorithmURI
);
} }
} }
} }

206
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/ClassLoaderUtils.java
View File

@ -23,211 +23,19 @@
package com.sun.org.apache.xml.internal.security.algorithms; package com.sun.org.apache.xml.internal.security.algorithms;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
/**
* This class is extremely useful for loading resources and classes in a fault
* tolerant manner that works across different applications servers. Do not
* touch this unless you're a grizzled classloading guru veteran who is going to
* verify any change on 6 different application servers.
*/
// NOTE! This is a duplicate of utils.ClassLoaderUtils with public // NOTE! This is a duplicate of utils.ClassLoaderUtils with public
// modifiers changed to package-private. Make sure to integrate any future // modifiers changed to package-private. Make sure to integrate any future
// changes to utils.ClassLoaderUtils to this file. // changes to utils.ClassLoaderUtils to this file.
final class ClassLoaderUtils { final class ClassLoaderUtils {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static final java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(ClassLoaderUtils.class);
java.util.logging.Logger.getLogger(ClassLoaderUtils.class.getName());
private ClassLoaderUtils() { private ClassLoaderUtils() {
} }
/** /**
* Load a given resource. <p/> This method will try to load the resource * Load a class with a given name. <p></p> It will try to load the class in the
* using the following methods (in order):
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>callingClass.getClassLoader()
* </ul>
*
* @param resourceName The name of the resource to load
* @param callingClass The Class object of the calling object
*/
static URL getResource(String resourceName, Class<?> callingClass) {
URL url = Thread.currentThread().getContextClassLoader().getResource(resourceName);
if (url == null && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
url =
Thread.currentThread().getContextClassLoader().getResource(
resourceName.substring(1)
);
}
ClassLoader cluClassloader = ClassLoaderUtils.class.getClassLoader();
if (cluClassloader == null) {
cluClassloader = ClassLoader.getSystemClassLoader();
}
if (url == null) {
url = cluClassloader.getResource(resourceName);
}
if (url == null && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
url = cluClassloader.getResource(resourceName.substring(1));
}
if (url == null) {
ClassLoader cl = callingClass.getClassLoader();
if (cl != null) {
url = cl.getResource(resourceName);
}
}
if (url == null) {
url = callingClass.getResource(resourceName);
}
if ((url == null) && (resourceName != null) && (resourceName.charAt(0) != '/')) {
return getResource('/' + resourceName, callingClass);
}
return url;
}
/**
* Load a given resources. <p/> This method will try to load the resources
* using the following methods (in order):
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>callingClass.getClassLoader()
* </ul>
*
* @param resourceName The name of the resource to load
* @param callingClass The Class object of the calling object
*/
static List<URL> getResources(String resourceName, Class<?> callingClass) {
List<URL> ret = new ArrayList<URL>();
Enumeration<URL> urls = new Enumeration<URL>() {
public boolean hasMoreElements() {
return false;
}
public URL nextElement() {
return null;
}
};
try {
urls = Thread.currentThread().getContextClassLoader().getResources(resourceName);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
//ignore
}
if (!urls.hasMoreElements() && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
try {
urls =
Thread.currentThread().getContextClassLoader().getResources(
resourceName.substring(1)
);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
ClassLoader cluClassloader = ClassLoaderUtils.class.getClassLoader();
if (cluClassloader == null) {
cluClassloader = ClassLoader.getSystemClassLoader();
}
if (!urls.hasMoreElements()) {
try {
urls = cluClassloader.getResources(resourceName);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
if (!urls.hasMoreElements() && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
try {
urls = cluClassloader.getResources(resourceName.substring(1));
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
if (!urls.hasMoreElements()) {
ClassLoader cl = callingClass.getClassLoader();
if (cl != null) {
try {
urls = cl.getResources(resourceName);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
}
if (!urls.hasMoreElements()) {
URL url = callingClass.getResource(resourceName);
if (url != null) {
ret.add(url);
}
}
while (urls.hasMoreElements()) {
ret.add(urls.nextElement());
}
if (ret.isEmpty() && (resourceName != null) && (resourceName.charAt(0) != '/')) {
return getResources('/' + resourceName, callingClass);
}
return ret;
}
/**
* This is a convenience method to load a resource as a stream. <p/> The
* algorithm used to find the resource is given in getResource()
*
* @param resourceName The name of the resource to load
* @param callingClass The Class object of the calling object
*/
static InputStream getResourceAsStream(String resourceName, Class<?> callingClass) {
URL url = getResource(resourceName, callingClass);
try {
return (url != null) ? url.openStream() : null;
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
return null;
}
}
/**
* Load a class with a given name. <p/> It will try to load the class in the
* following order: * following order:
* <ul> * <ul>
* <li>From Thread.currentThread().getContextClassLoader() * <li>From Thread.currentThread().getContextClassLoader()
@ -249,9 +57,7 @@ final class ClassLoaderUtils {
return cl.loadClass(className); return cl.loadClass(className);
} }
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug(e.getMessage(), e);
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
//ignore //ignore
} }
return loadClass2(className, callingClass); return loadClass2(className, callingClass);
@ -271,9 +77,7 @@ final class ClassLoaderUtils {
return callingClass.getClassLoader().loadClass(className); return callingClass.getClassLoader().loadClass(className);
} }
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug(ex.getMessage(), ex);
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
throw ex; throw ex;
} }
} }

275
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.algorithms;
import java.util.Map; import java.util.Map;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature; import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Element; import org.w3c.dom.Element;
@ -36,14 +35,13 @@ import org.w3c.dom.Element;
*/ */
public class JCEMapper { public class JCEMapper {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(JCEMapper.class);
java.util.logging.Logger.getLogger(JCEMapper.class.getName());
private static Map<String, Algorithm> algorithmsMap = private static Map<String, Algorithm> algorithmsMap =
new ConcurrentHashMap<String, Algorithm>(); new ConcurrentHashMap<String, Algorithm>();
private static String providerName = null; private static String providerName;
/** /**
* Method register * Method register
@ -62,6 +60,7 @@ public class JCEMapper {
* This method registers the default algorithms. * This method registers the default algorithms.
*/ */
public static void registerDefaultAlgorithms() { public static void registerDefaultAlgorithms() {
// Digest algorithms
algorithmsMap.put( algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5, MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5,
new Algorithm("", "MD5", "MessageDigest") new Algorithm("", "MD5", "MessageDigest")
@ -74,6 +73,10 @@ public class JCEMapper {
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1,
new Algorithm("", "SHA-1", "MessageDigest") new Algorithm("", "SHA-1", "MessageDigest")
); );
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA224,
new Algorithm("", "SHA-224", "MessageDigest")
);
algorithmsMap.put( algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256,
new Algorithm("", "SHA-256", "MessageDigest") new Algorithm("", "SHA-256", "MessageDigest")
@ -86,137 +89,150 @@ public class JCEMapper {
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512,
new Algorithm("", "SHA-512", "MessageDigest") new Algorithm("", "SHA-512", "MessageDigest")
); );
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_WHIRLPOOL,
new Algorithm("", "WHIRLPOOL", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_224,
new Algorithm("", "SHA3-224", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_256,
new Algorithm("", "SHA3-256", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_384,
new Algorithm("", "SHA3-384", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_512,
new Algorithm("", "SHA3-512", "MessageDigest")
);
// Signature algorithms
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_DSA, XMLSignature.ALGO_ID_SIGNATURE_DSA,
new Algorithm("", "SHA1withDSA", "Signature") new Algorithm("DSA", "SHA1withDSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_DSA_SHA256, XMLSignature.ALGO_ID_SIGNATURE_DSA_SHA256,
new Algorithm("", "SHA256withDSA", "Signature") new Algorithm("DSA", "SHA256withDSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5, XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5,
new Algorithm("", "MD5withRSA", "Signature") new Algorithm("RSA", "MD5withRSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160, XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
new Algorithm("", "RIPEMD160withRSA", "Signature") new Algorithm("RSA", "RIPEMD160withRSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1,
new Algorithm("", "SHA1withRSA", "Signature") new Algorithm("RSA", "SHA1withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224,
new Algorithm("RSA", "SHA224withRSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
new Algorithm("", "SHA256withRSA", "Signature") new Algorithm("RSA", "SHA256withRSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384,
new Algorithm("", "SHA384withRSA", "Signature") new Algorithm("RSA", "SHA384withRSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512,
new Algorithm("", "SHA512withRSA", "Signature") new Algorithm("RSA", "SHA512withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1,
new Algorithm("RSA", "SHA1withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1,
new Algorithm("RSA", "SHA224withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1,
new Algorithm("RSA", "SHA256withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1,
new Algorithm("RSA", "SHA384withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1,
new Algorithm("RSA", "SHA512withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1,
new Algorithm("RSA", "SHA3-224withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1,
new Algorithm("RSA", "SHA3-256withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1,
new Algorithm("RSA", "SHA3-384withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1,
new Algorithm("RSA", "SHA3-512withRSAandMGF1", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1,
new Algorithm("", "SHA1withECDSA", "Signature") new Algorithm("EC", "SHA1withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA224,
new Algorithm("EC", "SHA224withECDSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256, XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256,
new Algorithm("", "SHA256withECDSA", "Signature") new Algorithm("EC", "SHA256withECDSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384, XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384,
new Algorithm("", "SHA384withECDSA", "Signature") new Algorithm("EC", "SHA384withECDSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512, XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512,
new Algorithm("", "SHA512withECDSA", "Signature") new Algorithm("EC", "SHA512withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_RIPEMD160,
new Algorithm("EC", "RIPEMD160withECDSA", "Signature")
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5, XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5,
new Algorithm("", "HmacMD5", "Mac") new Algorithm("", "HmacMD5", "Mac", 0, 0)
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160, XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160,
new Algorithm("", "HMACRIPEMD160", "Mac") new Algorithm("", "HMACRIPEMD160", "Mac", 0, 0)
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA1, XMLSignature.ALGO_ID_MAC_HMAC_SHA1,
new Algorithm("", "HmacSHA1", "Mac") new Algorithm("", "HmacSHA1", "Mac", 0, 0)
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA224,
new Algorithm("", "HmacSHA224", "Mac", 0, 0)
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA256, XMLSignature.ALGO_ID_MAC_HMAC_SHA256,
new Algorithm("", "HmacSHA256", "Mac") new Algorithm("", "HmacSHA256", "Mac", 0, 0)
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA384, XMLSignature.ALGO_ID_MAC_HMAC_SHA384,
new Algorithm("", "HmacSHA384", "Mac") new Algorithm("", "HmacSHA384", "Mac", 0, 0)
); );
algorithmsMap.put( algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA512, XMLSignature.ALGO_ID_MAC_HMAC_SHA512,
new Algorithm("", "HmacSHA512", "Mac") new Algorithm("", "HmacSHA512", "Mac", 0, 0)
);
algorithmsMap.put(
XMLCipher.TRIPLEDES,
new Algorithm("DESede", "DESede/CBC/ISO10126Padding", "BlockEncryption", 192)
);
algorithmsMap.put(
XMLCipher.AES_128,
new Algorithm("AES", "AES/CBC/ISO10126Padding", "BlockEncryption", 128)
);
algorithmsMap.put(
XMLCipher.AES_192,
new Algorithm("AES", "AES/CBC/ISO10126Padding", "BlockEncryption", 192)
);
algorithmsMap.put(
XMLCipher.AES_256,
new Algorithm("AES", "AES/CBC/ISO10126Padding", "BlockEncryption", 256)
);
algorithmsMap.put(
XMLCipher.AES_128_GCM,
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 128)
);
algorithmsMap.put(
XMLCipher.AES_192_GCM,
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 192)
);
algorithmsMap.put(
XMLCipher.AES_256_GCM,
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 256)
);
algorithmsMap.put(
XMLCipher.RSA_v1dot5,
new Algorithm("RSA", "RSA/ECB/PKCS1Padding", "KeyTransport")
);
algorithmsMap.put(
XMLCipher.RSA_OAEP,
new Algorithm("RSA", "RSA/ECB/OAEPPadding", "KeyTransport")
);
algorithmsMap.put(
XMLCipher.RSA_OAEP_11,
new Algorithm("RSA", "RSA/ECB/OAEPPadding", "KeyTransport")
);
algorithmsMap.put(
XMLCipher.DIFFIE_HELLMAN,
new Algorithm("", "", "KeyAgreement")
);
algorithmsMap.put(
XMLCipher.TRIPLEDES_KeyWrap,
new Algorithm("DESede", "DESedeWrap", "SymmetricKeyWrap", 192)
);
algorithmsMap.put(
XMLCipher.AES_128_KeyWrap,
new Algorithm("AES", "AESWrap", "SymmetricKeyWrap", 128)
);
algorithmsMap.put(
XMLCipher.AES_192_KeyWrap,
new Algorithm("AES", "AESWrap", "SymmetricKeyWrap", 192)
);
algorithmsMap.put(
XMLCipher.AES_256_KeyWrap,
new Algorithm("AES", "AESWrap", "SymmetricKeyWrap", 256)
); );
} }
@ -227,11 +243,7 @@ public class JCEMapper {
* @return the JCE standard name corresponding to the given URI * @return the JCE standard name corresponding to the given URI
*/ */
public static String translateURItoJCEID(String algorithmURI) { public static String translateURItoJCEID(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) { Algorithm algorithm = getAlgorithm(algorithmURI);
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
if (algorithm != null) { if (algorithm != null) {
return algorithm.jceName; return algorithm.jceName;
} }
@ -244,11 +256,7 @@ public class JCEMapper {
* @return the class name that implements this algorithm * @return the class name that implements this algorithm
*/ */
public static String getAlgorithmClassFromURI(String algorithmURI) { public static String getAlgorithmClassFromURI(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) { Algorithm algorithm = getAlgorithm(algorithmURI);
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
if (algorithm != null) { if (algorithm != null) {
return algorithm.algorithmClass; return algorithm.algorithmClass;
} }
@ -262,16 +270,21 @@ public class JCEMapper {
* @return The length of the key used in the algorithm * @return The length of the key used in the algorithm
*/ */
public static int getKeyLengthFromURI(String algorithmURI) { public static int getKeyLengthFromURI(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) { Algorithm algorithm = getAlgorithm(algorithmURI);
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
if (algorithm != null) { if (algorithm != null) {
return algorithm.keyLength; return algorithm.keyLength;
} }
return 0; return 0;
} }
public static int getIVLengthFromURI(String algorithmURI) {
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.ivLength;
}
return 0;
}
/** /**
* Method getJCEKeyAlgorithmFromURI * Method getJCEKeyAlgorithmFromURI
* *
@ -279,16 +292,42 @@ public class JCEMapper {
* @return The KeyAlgorithm for the given URI. * @return The KeyAlgorithm for the given URI.
*/ */
public static String getJCEKeyAlgorithmFromURI(String algorithmURI) { public static String getJCEKeyAlgorithmFromURI(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) { Algorithm algorithm = getAlgorithm(algorithmURI);
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
if (algorithm != null) { if (algorithm != null) {
return algorithm.requiredKey; return algorithm.requiredKey;
} }
return null; return null;
} }
/**
* Method getJCEProviderFromURI
*
* @param algorithmURI
* @return The JCEProvider for the given URI.
*/
public static String getJCEProviderFromURI(String algorithmURI) {
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.jceProvider;
}
return null;
}
/**
* Method getAlgorithm
*
* @param algorithmURI
* @return The Algorithm object for the given URI.
*/
private static Algorithm getAlgorithm(String algorithmURI) {
LOG.debug("Request for URI {}", algorithmURI);
if (algorithmURI != null) {
return algorithmsMap.get(algorithmURI);
}
return null;
}
/** /**
* Gets the default Provider for obtaining the security algorithms * Gets the default Provider for obtaining the security algorithms
* @return the default providerId. * @return the default providerId.
@ -301,7 +340,7 @@ public class JCEMapper {
* Sets the default Provider for obtaining the security algorithms * Sets the default Provider for obtaining the security algorithms
* @param provider the default providerId. * @param provider the default providerId.
* @throws SecurityException if a security manager is installed and the * @throws SecurityException if a security manager is installed and the
* caller does not have permission to set the JCE provider * caller does not have permission to register the JCE algorithm
*/ */
public static void setProviderId(String provider) { public static void setProviderId(String provider) {
JavaUtils.checkRegisterPermission(); JavaUtils.checkRegisterPermission();
@ -317,40 +356,54 @@ public class JCEMapper {
final String jceName; final String jceName;
final String algorithmClass; final String algorithmClass;
final int keyLength; final int keyLength;
final int ivLength;
final String jceProvider;
/** /**
* Gets data from element * Gets data from element
* @param el * @param el
*/ */
public Algorithm(Element el) { public Algorithm(Element el) {
requiredKey = el.getAttribute("RequiredKey"); requiredKey = el.getAttributeNS(null, "RequiredKey");
jceName = el.getAttribute("JCEName"); jceName = el.getAttributeNS(null, "JCEName");
algorithmClass = el.getAttribute("AlgorithmClass"); algorithmClass = el.getAttributeNS(null, "AlgorithmClass");
jceProvider = el.getAttributeNS(null, "JCEProvider");
if (el.hasAttribute("KeyLength")) { if (el.hasAttribute("KeyLength")) {
keyLength = Integer.parseInt(el.getAttribute("KeyLength")); keyLength = Integer.parseInt(el.getAttributeNS(null, "KeyLength"));
} else { } else {
keyLength = 0; keyLength = 0;
} }
if (el.hasAttribute("IVLength")) {
ivLength = Integer.parseInt(el.getAttributeNS(null, "IVLength"));
} else {
ivLength = 0;
}
} }
public Algorithm(String requiredKey, String jceName) { public Algorithm(String requiredKey, String jceName) {
this(requiredKey, jceName, null, 0); this(requiredKey, jceName, null, 0, 0);
} }
public Algorithm(String requiredKey, String jceName, String algorithmClass) { public Algorithm(String requiredKey, String jceName, String algorithmClass) {
this(requiredKey, jceName, algorithmClass, 0); this(requiredKey, jceName, algorithmClass, 0, 0);
} }
public Algorithm(String requiredKey, String jceName, int keyLength) { public Algorithm(String requiredKey, String jceName, int keyLength) {
this(requiredKey, jceName, null, keyLength); this(requiredKey, jceName, null, keyLength, 0);
} }
public Algorithm(String requiredKey, String jceName, String algorithmClass, int keyLength) { public Algorithm(String requiredKey, String jceName, String algorithmClass, int keyLength, int ivLength) {
this(requiredKey, jceName, algorithmClass, keyLength, ivLength, null);
}
public Algorithm(String requiredKey, String jceName,
String algorithmClass, int keyLength, int ivLength, String jceProvider) {
this.requiredKey = requiredKey; this.requiredKey = requiredKey;
this.jceName = jceName; this.jceName = jceName;
this.algorithmClass = algorithmClass; this.algorithmClass = algorithmClass;
this.keyLength = keyLength; this.keyLength = keyLength;
this.ivLength = ivLength;
this.jceProvider = jceProvider;
} }
} }
} }

25
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java
View File

@ -31,7 +31,7 @@ import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import org.w3c.dom.Document; import org.w3c.dom.Document;
/** /**
* Digest Message wrapper & selector class. * Digest Message wrapper and selector class.
* *
* <pre> * <pre>
* MessageDigestAlgorithm.getInstance() * MessageDigestAlgorithm.getInstance()
@ -44,6 +44,9 @@ public class MessageDigestAlgorithm extends Algorithm {
Constants.MoreAlgorithmsSpecNS + "md5"; Constants.MoreAlgorithmsSpecNS + "md5";
/** Digest - Required SHA1*/ /** Digest - Required SHA1*/
public static final String ALGO_ID_DIGEST_SHA1 = Constants.SignatureSpecNS + "sha1"; public static final String ALGO_ID_DIGEST_SHA1 = Constants.SignatureSpecNS + "sha1";
/** Message Digest - OPTIONAL SHA224*/
public static final String ALGO_ID_DIGEST_SHA224 =
Constants.MoreAlgorithmsSpecNS + "sha224";
/** Message Digest - RECOMMENDED SHA256*/ /** Message Digest - RECOMMENDED SHA256*/
public static final String ALGO_ID_DIGEST_SHA256 = public static final String ALGO_ID_DIGEST_SHA256 =
EncryptionConstants.EncryptionSpecNS + "sha256"; EncryptionConstants.EncryptionSpecNS + "sha256";
@ -57,6 +60,18 @@ public class MessageDigestAlgorithm extends Algorithm {
public static final String ALGO_ID_DIGEST_RIPEMD160 = public static final String ALGO_ID_DIGEST_RIPEMD160 =
EncryptionConstants.EncryptionSpecNS + "ripemd160"; EncryptionConstants.EncryptionSpecNS + "ripemd160";
// Newer digest algorithms...all optional
public static final String ALGO_ID_DIGEST_WHIRLPOOL =
Constants.XML_DSIG_NS_MORE_07_05 + "whirlpool";
public static final String ALGO_ID_DIGEST_SHA3_224 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-224";
public static final String ALGO_ID_DIGEST_SHA3_256 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-256";
public static final String ALGO_ID_DIGEST_SHA3_384 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-384";
public static final String ALGO_ID_DIGEST_SHA3_512 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-512";
/** Field algorithm stores the actual {@link java.security.MessageDigest} */ /** Field algorithm stores the actual {@link java.security.MessageDigest} */
private final MessageDigest algorithm; private final MessageDigest algorithm;
@ -121,7 +136,7 @@ public class MessageDigestAlgorithm extends Algorithm {
* *
* @return the actual {@link java.security.MessageDigest} algorithm object * @return the actual {@link java.security.MessageDigest} algorithm object
*/ */
public java.security.MessageDigest getAlgorithm() { public MessageDigest getAlgorithm() {
return algorithm; return algorithm;
} }
@ -134,7 +149,7 @@ public class MessageDigestAlgorithm extends Algorithm {
* @return the result of the {@link java.security.MessageDigest#isEqual} method * @return the result of the {@link java.security.MessageDigest#isEqual} method
*/ */
public static boolean isEqual(byte[] digesta, byte[] digestb) { public static boolean isEqual(byte[] digesta, byte[] digestb) {
return java.security.MessageDigest.isEqual(digesta, digestb); return MessageDigest.isEqual(digesta, digestb);
} }
/** /**
@ -243,12 +258,12 @@ public class MessageDigestAlgorithm extends Algorithm {
algorithm.update(buf, offset, len); algorithm.update(buf, offset, len);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseNamespace() { public String getBaseNamespace() {
return Constants.SignatureSpecNS; return Constants.SignatureSpecNS;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_DIGESTMETHOD; return Constants._TAG_DIGESTMETHOD;
} }

98
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
View File

@ -46,13 +46,11 @@ import org.w3c.dom.Element;
* Allows selection of digital signature's algorithm, private keys, other * Allows selection of digital signature's algorithm, private keys, other
* security parameters, and algorithm's ID. * security parameters, and algorithm's ID.
* *
* @author Christian Geuer-Pollmann
*/ */
public class SignatureAlgorithm extends Algorithm { public class SignatureAlgorithm extends Algorithm {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureAlgorithm.class);
java.util.logging.Logger.getLogger(SignatureAlgorithm.class.getName());
/** All available algorithm classes are registered here */ /** All available algorithm classes are registered here */
private static Map<String, Class<? extends SignatureAlgorithmSpi>> algorithmHash = private static Map<String, Class<? extends SignatureAlgorithmSpi>> algorithmHash =
@ -75,7 +73,7 @@ public class SignatureAlgorithm extends Algorithm {
this.algorithmURI = algorithmURI; this.algorithmURI = algorithmURI;
signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI); signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
signatureAlgorithm.engineGetContextFromElement(this.constructionElement); signatureAlgorithm.engineGetContextFromElement(getElement());
} }
/** /**
@ -93,10 +91,10 @@ public class SignatureAlgorithm extends Algorithm {
this.algorithmURI = algorithmURI; this.algorithmURI = algorithmURI;
signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI); signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
signatureAlgorithm.engineGetContextFromElement(this.constructionElement); signatureAlgorithm.engineGetContextFromElement(getElement());
signatureAlgorithm.engineSetHMACOutputLength(hmacOutputLength); signatureAlgorithm.engineSetHMACOutputLength(hmacOutputLength);
((IntegrityHmac)signatureAlgorithm).engineAddContextToElement(constructionElement); ((IntegrityHmac)signatureAlgorithm).engineAddContextToElement(getElement());
} }
/** /**
@ -107,7 +105,7 @@ public class SignatureAlgorithm extends Algorithm {
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public SignatureAlgorithm(Element element, String baseURI) throws XMLSecurityException { public SignatureAlgorithm(Element element, String baseURI) throws XMLSecurityException {
this(element, baseURI, false); this(element, baseURI, true);
} }
/** /**
@ -137,7 +135,7 @@ public class SignatureAlgorithm extends Algorithm {
} }
signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI); signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
signatureAlgorithm.engineGetContextFromElement(this.constructionElement); signatureAlgorithm.engineGetContextFromElement(getElement());
} }
/** /**
@ -148,22 +146,17 @@ public class SignatureAlgorithm extends Algorithm {
try { try {
Class<? extends SignatureAlgorithmSpi> implementingClass = Class<? extends SignatureAlgorithmSpi> implementingClass =
algorithmHash.get(algorithmURI); algorithmHash.get(algorithmURI);
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Create URI \"{}\" class \"{}\"", algorithmURI, implementingClass);
log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \"" if (implementingClass == null) {
+ implementingClass + "\""); Object exArgs[] = { algorithmURI };
throw new XMLSignatureException("algorithms.NoSuchAlgorithmNoEx", exArgs);
} }
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation")
SignatureAlgorithmSpi result = implementingClass.newInstance(); SignatureAlgorithmSpi tmp = implementingClass.newInstance();
return result; return tmp;
} catch (IllegalAccessException ex) { } catch (IllegalAccessException | InstantiationException | NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() }; Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex); throw new XMLSignatureException(ex, "algorithms.NoSuchAlgorithm", exArgs);
} catch (InstantiationException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
} catch (NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
} }
} }
@ -313,14 +306,14 @@ public class SignatureAlgorithm extends Algorithm {
* @return the URI representation of Transformation algorithm * @return the URI representation of Transformation algorithm
*/ */
public final String getURI() { public final String getURI() {
return constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM); return getLocalAttribute(Constants._ATT_ALGORITHM);
} }
/** /**
* Registers implementing class of the SignatureAlgorithm with algorithmURI * Registers implementing class of the SignatureAlgorithm with algorithmURI
* *
* @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>. * @param algorithmURI algorithmURI URI representation of {@code SignatureAlgorithm}.
* @param implementingClass <code>implementingClass</code> the implementing class of * @param implementingClass {@code implementingClass} the implementing class of
* {@link SignatureAlgorithmSpi} * {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException * @throws XMLSignatureException
@ -332,9 +325,7 @@ public class SignatureAlgorithm extends Algorithm {
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException, throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException { XMLSignatureException {
JavaUtils.checkRegisterPermission(); JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Try to register {} {}", algorithmURI, implementingClass);
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
// are we already registered? // are we already registered?
Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI); Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI);
@ -351,15 +342,15 @@ public class SignatureAlgorithm extends Algorithm {
algorithmHash.put(algorithmURI, clazz); algorithmHash.put(algorithmURI, clazz);
} catch (NullPointerException ex) { } catch (NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() }; Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex); throw new XMLSignatureException(ex, "algorithms.NoSuchAlgorithm", exArgs);
} }
} }
/** /**
* Registers implementing class of the Transform algorithm with algorithmURI * Registers implementing class of the SignatureAlgorithm with algorithmURI
* *
* @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>. * @param algorithmURI algorithmURI URI representation of {@code SignatureAlgorithm}.
* @param implementingClass <code>implementingClass</code> the implementing class of * @param implementingClass {@code implementingClass} the implementing class of
* {@link SignatureAlgorithmSpi} * {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException * @throws XMLSignatureException
@ -370,9 +361,7 @@ public class SignatureAlgorithm extends Algorithm {
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException, throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException { XMLSignatureException {
JavaUtils.checkRegisterPermission(); JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Try to register {} {}", algorithmURI, implementingClass);
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
// are we already registered? // are we already registered?
Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI); Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI);
@ -409,6 +398,9 @@ public class SignatureAlgorithm extends Algorithm {
XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160, XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
SignatureBaseRSA.SignatureRSARIPEMD160.class SignatureBaseRSA.SignatureRSARIPEMD160.class
); );
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224, SignatureBaseRSA.SignatureRSASHA224.class
);
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256, SignatureBaseRSA.SignatureRSASHA256.class XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256, SignatureBaseRSA.SignatureRSASHA256.class
); );
@ -418,9 +410,39 @@ public class SignatureAlgorithm extends Algorithm {
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512, SignatureBaseRSA.SignatureRSASHA512.class XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512, SignatureBaseRSA.SignatureRSASHA512.class
); );
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1, SignatureBaseRSA.SignatureRSASHA1MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1, SignatureBaseRSA.SignatureRSASHA224MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1, SignatureBaseRSA.SignatureRSASHA256MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1, SignatureBaseRSA.SignatureRSASHA384MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1, SignatureBaseRSA.SignatureRSASHA512MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1, SignatureBaseRSA.SignatureRSASHA3_224MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1, SignatureBaseRSA.SignatureRSASHA3_256MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1, SignatureBaseRSA.SignatureRSASHA3_384MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1, SignatureBaseRSA.SignatureRSASHA3_512MGF1.class
);
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, SignatureECDSA.SignatureECDSASHA1.class XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, SignatureECDSA.SignatureECDSASHA1.class
); );
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA224, SignatureECDSA.SignatureECDSASHA224.class
);
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256, SignatureECDSA.SignatureECDSASHA256.class XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256, SignatureECDSA.SignatureECDSASHA256.class
); );
@ -430,12 +452,18 @@ public class SignatureAlgorithm extends Algorithm {
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512, SignatureECDSA.SignatureECDSASHA512.class XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512, SignatureECDSA.SignatureECDSASHA512.class
); );
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_RIPEMD160, SignatureECDSA.SignatureECDSARIPEMD160.class
);
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5, IntegrityHmac.IntegrityHmacMD5.class XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5, IntegrityHmac.IntegrityHmacMD5.class
); );
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160, IntegrityHmac.IntegrityHmacRIPEMD160.class XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160, IntegrityHmac.IntegrityHmacRIPEMD160.class
); );
algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA224, IntegrityHmac.IntegrityHmacSHA224.class
);
algorithmHash.put( algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA256, IntegrityHmac.IntegrityHmacSHA256.class XMLSignature.ALGO_ID_MAC_HMAC_SHA256, IntegrityHmac.IntegrityHmacSHA256.class
); );

4
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java
View File

@ -32,9 +32,9 @@ import org.w3c.dom.Element;
public abstract class SignatureAlgorithmSpi { public abstract class SignatureAlgorithmSpi {
/** /**
* Returns the URI representation of <code>Transformation algorithm</code> * Returns the URI representation of {@code Transformation algorithm}
* *
* @return the URI representation of <code>Transformation algorithm</code> * @return the URI representation of {@code Transformation algorithm}
*/ */
protected abstract String engineGetURI(); protected abstract String engineGetURI();

918
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/ECDSAUtils.java Normal file
View File

@ -0,0 +1,918 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.io.IOException;
import java.math.BigInteger;
import java.security.interfaces.ECPublicKey;
import java.security.spec.*;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
public final class ECDSAUtils {
private ECDSAUtils() {
// complete
}
/**
* Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
* <p></p>
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
* @return the decode bytes
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
public static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) throws IOException {
if (asn1Bytes.length < 8 || asn1Bytes[0] != 48) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
int offset;
if (asn1Bytes[1] > 0) {
offset = 2;
} else if (asn1Bytes[1] == (byte) 0x81) {
offset = 3;
} else {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte rLength = asn1Bytes[offset + 1];
int i;
for (i = rLength; i > 0 && asn1Bytes[offset + 2 + rLength - i] == 0; i--); //NOPMD
byte sLength = asn1Bytes[offset + 2 + rLength + 1];
int j;
for (j = sLength; j > 0 && asn1Bytes[offset + 2 + rLength + 2 + sLength - j] == 0; j--); //NOPMD
int rawLen = Math.max(i, j);
if ((asn1Bytes[offset - 1] & 0xff) != asn1Bytes.length - offset
|| (asn1Bytes[offset - 1] & 0xff) != 2 + rLength + 2 + sLength
|| asn1Bytes[offset] != 2
|| asn1Bytes[offset + 2 + rLength] != 2) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte xmldsigBytes[] = new byte[2 * rawLen];
System.arraycopy(asn1Bytes, offset + 2 + rLength - i, xmldsigBytes, rawLen - i, i);
System.arraycopy(asn1Bytes, offset + 2 + rLength + 2 + sLength - j, xmldsigBytes,
2 * rawLen - j, j);
return xmldsigBytes;
}
/**
* Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
* <p></p>
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param xmldsigBytes
* @return the encoded ASN.1 bytes
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
public static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) throws IOException {
int rawLen = xmldsigBytes.length / 2;
int i;
for (i = rawLen; i > 0 && xmldsigBytes[rawLen - i] == 0; i--); //NOPMD
int j = i;
if (xmldsigBytes[rawLen - i] < 0) {
j += 1;
}
int k;
for (k = rawLen; k > 0 && xmldsigBytes[2 * rawLen - k] == 0; k--); //NOPMD
int l = k;
if (xmldsigBytes[2 * rawLen - k] < 0) {
l += 1;
}
int len = 2 + j + 2 + l;
if (len > 255) {
throw new IOException("Invalid XMLDSIG format of ECDSA signature");
}
int offset;
byte asn1Bytes[];
if (len < 128) {
asn1Bytes = new byte[2 + 2 + j + 2 + l];
offset = 1;
} else {
asn1Bytes = new byte[3 + 2 + j + 2 + l];
asn1Bytes[1] = (byte) 0x81;
offset = 2;
}
asn1Bytes[0] = 48;
asn1Bytes[offset++] = (byte) len;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) j;
System.arraycopy(xmldsigBytes, rawLen - i, asn1Bytes, offset + j - i, i);
offset += j;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) l;
System.arraycopy(xmldsigBytes, 2 * rawLen - k, asn1Bytes, offset + l - k, k);
return asn1Bytes;
}
private static final List<ECCurveDefinition> ecCurveDefinitions = new ArrayList<>();
static {
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp112r1",
"1.3.132.0.6",
"db7c2abf62e35e668076bead208b",
"db7c2abf62e35e668076bead2088",
"659ef8ba043916eede8911702b22",
"09487239995a5ee76b55f9c2f098",
"a89ce5af8724c0a23e0e0ff77500",
"db7c2abf62e35e7628dfac6561c5",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp112r2",
"1.3.132.0.7",
"db7c2abf62e35e668076bead208b",
"6127c24c05f38a0aaaf65c0ef02c",
"51def1815db5ed74fcc34c85d709",
"4ba30ab5e892b4e1649dd0928643",
"adcd46f5882e3747def36e956e97",
"36df0aafd8b8d7597ca10520d04b",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp128r1",
"1.3.132.0.28",
"fffffffdffffffffffffffffffffffff",
"fffffffdfffffffffffffffffffffffc",
"e87579c11079f43dd824993c2cee5ed3",
"161ff7528b899b2d0c28607ca52c5b86",
"cf5ac8395bafeb13c02da292dded7a83",
"fffffffe0000000075a30d1b9038a115",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp128r2",
"1.3.132.0.29",
"fffffffdffffffffffffffffffffffff",
"d6031998d1b3bbfebf59cc9bbff9aee1",
"5eeefca380d02919dc2c6558bb6d8a5d",
"7b6aa5d85e572983e6fb32a7cdebc140",
"27b6916a894d3aee7106fe805fc34b44",
"3fffffff7fffffffbe0024720613b5a3",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp160k1",
"1.3.132.0.9",
"fffffffffffffffffffffffffffffffeffffac73",
"0000000000000000000000000000000000000000",
"0000000000000000000000000000000000000007",
"3b4c382ce37aa192a4019e763036f4f5dd4d7ebb",
"938cf935318fdced6bc28286531733c3f03c4fee",
"0100000000000000000001b8fa16dfab9aca16b6b3",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp160r1",
"1.3.132.0.8",
"ffffffffffffffffffffffffffffffff7fffffff",
"ffffffffffffffffffffffffffffffff7ffffffc",
"1c97befc54bd7a8b65acf89f81d4d4adc565fa45",
"4a96b5688ef573284664698968c38bb913cbfc82",
"23a628553168947d59dcc912042351377ac5fb32",
"0100000000000000000001f4c8f927aed3ca752257",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp160r2",
"1.3.132.0.30",
"fffffffffffffffffffffffffffffffeffffac73",
"fffffffffffffffffffffffffffffffeffffac70",
"b4e134d3fb59eb8bab57274904664d5af50388ba",
"52dcb034293a117e1f4ff11b30f7199d3144ce6d",
"feaffef2e331f296e071fa0df9982cfea7d43f2e",
"0100000000000000000000351ee786a818f3a1a16b",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp192k1",
"1.3.132.0.31",
"fffffffffffffffffffffffffffffffffffffffeffffee37",
"000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000003",
"db4ff10ec057e9ae26b07d0280b7f4341da5d1b1eae06c7d",
"9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d",
"fffffffffffffffffffffffe26f2fc170f69466a74defd8d",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp192r1 [NIST P-192, X9.62 prime192v1]",
"1.2.840.10045.3.1.1",
"fffffffffffffffffffffffffffffffeffffffffffffffff",
"fffffffffffffffffffffffffffffffefffffffffffffffc",
"64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1",
"188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012",
"07192b95ffc8da78631011ed6b24cdd573f977a11e794811",
"ffffffffffffffffffffffff99def836146bc9b1b4d22831",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp224k1",
"1.3.132.0.32",
"fffffffffffffffffffffffffffffffffffffffffffffffeffffe56d",
"00000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000005",
"a1455b334df099df30fc28a169a467e9e47075a90f7e650eb6b7a45c",
"7e089fed7fba344282cafbd6f7e319f7c0b0bd59e2ca4bdb556d61a5",
"010000000000000000000000000001dce8d2ec6184caf0a971769fb1f7",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp224r1 [NIST P-224]",
"1.3.132.0.33",
"ffffffffffffffffffffffffffffffff000000000000000000000001",
"fffffffffffffffffffffffffffffffefffffffffffffffffffffffe",
"b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4",
"b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21",
"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34",
"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp256k1",
"1.3.132.0.10",
"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f",
"0000000000000000000000000000000000000000000000000000000000000000",
"0000000000000000000000000000000000000000000000000000000000000007",
"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
"483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8",
"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp256r1 [NIST P-256, X9.62 prime256v1]",
"1.2.840.10045.3.1.7",
"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
"ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp384r1 [NIST P-384]",
"1.3.132.0.34",
"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff",
"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc",
"b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef",
"aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7",
"3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f",
"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp521r1 [NIST P-521]",
"1.3.132.0.35",
"01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
"0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
"00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
"011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime192v2",
"1.2.840.10045.3.1.2",
"fffffffffffffffffffffffffffffffeffffffffffffffff",
"fffffffffffffffffffffffffffffffefffffffffffffffc",
"cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953",
"eea2bae7e1497842f2de7769cfe9c989c072ad696f48034a",
"6574d11d69b6ec7a672bb82a083df2f2b0847de970b2de15",
"fffffffffffffffffffffffe5fb1a724dc80418648d8dd31",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime192v3",
"1.2.840.10045.3.1.3",
"fffffffffffffffffffffffffffffffeffffffffffffffff",
"fffffffffffffffffffffffffffffffefffffffffffffffc",
"22123dc2395a05caa7423daeccc94760a7d462256bd56916",
"7d29778100c65a1da1783716588dce2b8b4aee8e228f1896",
"38a90f22637337334b49dcb66a6dc8f9978aca7648a943b0",
"ffffffffffffffffffffffff7a62d031c83f4294f640ec13",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime239v1",
"1.2.840.10045.3.1.4",
"7fffffffffffffffffffffff7fffffffffff8000000000007fffffffffff",
"7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc",
"6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a",
"0ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf",
"7debe8e4e90a5dae6e4054ca530ba04654b36818ce226b39fccb7b02f1ae",
"7fffffffffffffffffffffff7fffff9e5e9a9f5d9071fbd1522688909d0b",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime239v2",
"1.2.840.10045.3.1.5",
"7fffffffffffffffffffffff7fffffffffff8000000000007fffffffffff",
"7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc",
"617fab6832576cbbfed50d99f0249c3fee58b94ba0038c7ae84c8c832f2c",
"38af09d98727705120c921bb5e9e26296a3cdcf2f35757a0eafd87b830e7",
"5b0125e4dbea0ec7206da0fc01d9b081329fb555de6ef460237dff8be4ba",
"7fffffffffffffffffffffff800000cfa7e8594377d414c03821bc582063",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime239v3",
"1.2.840.10045.3.1.6",
"7fffffffffffffffffffffff7fffffffffff8000000000007fffffffffff",
"7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc",
"255705fa2a306654b1f4cb03d6a750a30c250102d4988717d9ba15ab6d3e",
"6768ae8e18bb92cfcf005c949aa2c6d94853d0e660bbf854b1c9505fe95a",
"1607e6898f390c06bc1d552bad226f3b6fcfe48b6e818499af18e3ed6cf3",
"7fffffffffffffffffffffff7fffff975deb41b3a6057c3c432146526551",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect113r1",
"1.3.132.0.4",
"020000000000000000000000000201",
"003088250ca6e7c7fe649ce85820f7",
"00e8bee4d3e2260744188be0e9c723",
"009d73616f35f4ab1407d73562c10f",
"00a52830277958ee84d1315ed31886",
"0100000000000000d9ccec8a39e56f",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect113r2",
"1.3.132.0.5",
"020000000000000000000000000201",
"00689918dbec7e5a0dd6dfc0aa55c7",
"0095e9a9ec9b297bd4bf36e059184f",
"01a57a6a7b26ca5ef52fcdb8164797",
"00b3adc94ed1fe674c06e695baba1d",
"010000000000000108789b2496af93",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect131r1",
"1.3.132.0.22",
"080000000000000000000000000000010d",
"07a11b09a76b562144418ff3ff8c2570b8",
"0217c05610884b63b9c6c7291678f9d341",
"0081baf91fdf9833c40f9c181343638399",
"078c6e7ea38c001f73c8134b1b4ef9e150",
"0400000000000000023123953a9464b54d",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect131r2",
"1.3.132.0.23",
"080000000000000000000000000000010d",
"03e5a88919d7cafcbf415f07c2176573b2",
"04b8266a46c55657ac734ce38f018f2192",
"0356dcd8f2f95031ad652d23951bb366a8",
"0648f06d867940a5366d9e265de9eb240f",
"0400000000000000016954a233049ba98f",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect163k1 [NIST K-163]",
"1.3.132.0.1",
"0800000000000000000000000000000000000000c9",
"000000000000000000000000000000000000000001",
"000000000000000000000000000000000000000001",
"02fe13c0537bbc11acaa07d793de4e6d5e5c94eee8",
"0289070fb05d38ff58321f2e800536d538ccdaa3d9",
"04000000000000000000020108a2e0cc0d99f8a5ef",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect163r1",
"1.3.132.0.2",
"0800000000000000000000000000000000000000c9",
"07b6882caaefa84f9554ff8428bd88e246d2782ae2",
"0713612dcddcb40aab946bda29ca91f73af958afd9",
"0369979697ab43897789566789567f787a7876a654",
"00435edb42efafb2989d51fefce3c80988f41ff883",
"03ffffffffffffffffffff48aab689c29ca710279b",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect163r2 [NIST B-163]",
"1.3.132.0.15",
"0800000000000000000000000000000000000000c9",
"000000000000000000000000000000000000000001",
"020a601907b8c953ca1481eb10512f78744a3205fd",
"03f0eba16286a2d57ea0991168d4994637e8343e36",
"00d51fbc6c71a0094fa2cdd545b11c5c0c797324f1",
"040000000000000000000292fe77e70c12a4234c33",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect193r1",
"1.3.132.0.24",
"02000000000000000000000000000000000000000000008001",
"0017858feb7a98975169e171f77b4087de098ac8a911df7b01",
"00fdfb49bfe6c3a89facadaa7a1e5bbc7cc1c2e5d831478814",
"01f481bc5f0ff84a74ad6cdf6fdef4bf6179625372d8c0c5e1",
"0025e399f2903712ccf3ea9e3a1ad17fb0b3201b6af7ce1b05",
"01000000000000000000000000c7f34a778f443acc920eba49",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect193r2",
"1.3.132.0.25",
"02000000000000000000000000000000000000000000008001",
"0163f35a5137c2ce3ea6ed8667190b0bc43ecd69977702709b",
"00c9bb9e8927d4d64c377e2ab2856a5b16e3efb7f61d4316ae",
"00d9b67d192e0367c803f39e1a7e82ca14a651350aae617e8f",
"01ce94335607c304ac29e7defbd9ca01f596f927224cdecf6c",
"010000000000000000000000015aab561b005413ccd4ee99d5",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect233k1 [NIST K-233]",
"1.3.132.0.26",
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"017232ba853a7e731af129f22ff4149563a419c26bf50a4c9d6eefad6126",
"01db537dece819b7f70f555a67c427a8cd9bf18aeb9b56e0c11056fae6a3",
"008000000000000000000000000000069d5bb915bcd46efb1ad5f173abdf",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect233r1 [NIST B-233]",
"1.3.132.0.27",
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000001",
"0066647ede6c332c7f8c0923bb58213b333b20e9ce4281fe115f7d8f90ad",
"00fac9dfcbac8313bb2139f1bb755fef65bc391f8b36f8f8eb7371fd558b",
"01006a08a41903350678e58528bebf8a0beff867a7ca36716f7e01f81052",
"01000000000000000000000000000013e974e72f8a6922031d2603cfe0d7",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect239k1",
"1.3.132.0.3",
"800000000000000000004000000000000000000000000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"29a0b6a887a983e9730988a68727a8b2d126c44cc2cc7b2a6555193035dc",
"76310804f12e549bdb011c103089e73510acb275fc312a5dc6b76553f0ca",
"2000000000000000000000000000005a79fec67cb6e91f1c1da800e478a5",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect283k1 [NIST K-283]",
"1.3.132.0.16",
"0800000000000000000000000000000000000000000000000000000000000000000010a1",
"000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"0503213f78ca44883f1a3b8162f188e553cd265f23c1567a16876913b0c2ac2458492836",
"01ccda380f1c9e318d90f95d07e5426fe87e45c0e8184698e45962364e34116177dd2259",
"01ffffffffffffffffffffffffffffffffffe9ae2ed07577265dff7f94451e061e163c61",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect283r1 [NIST B-283]",
"1.3.132.0.17",
"0800000000000000000000000000000000000000000000000000000000000000000010a1",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"027b680ac8b8596da5a4af8a19a0303fca97fd7645309fa2a581485af6263e313b79a2f5",
"05f939258db7dd90e1934f8c70b0dfec2eed25b8557eac9c80e2e198f8cdbecd86b12053",
"03676854fe24141cb98fe6d4b20d02b4516ff702350eddb0826779c813f0df45be8112f4",
"03ffffffffffffffffffffffffffffffffffef90399660fc938a90165b042a7cefadb307",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect409k1 [NIST K-409]",
"1.3.132.0.36",
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0060f05f658f49c1ad3ab1890f7184210efd0987e307c84c27accfb8f9f67cc2c460189eb5aaaa62ee222eb1b35540cfe9023746",
"01e369050b7c4e42acba1dacbf04299c3460782f918ea427e6325165e9ea10e3da5f6c42e9c55215aa9ca27a5863ec48d8e0286b",
"007ffffffffffffffffffffffffffffffffffffffffffffffffffe5f83b2d4ea20400ec4557d5ed3e3e7ca5b4b5c83b8e01e5fcf",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect409r1 [NIST B-409]",
"1.3.132.0.37",
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0021a5c2c8ee9feb5c4b9a753b7b476b7fd6422ef1f3dd674761fa99d6ac27c8a9a197b272822f6cd57a55aa4f50ae317b13545f",
"015d4860d088ddb3496b0c6064756260441cde4af1771d4db01ffe5b34e59703dc255a868a1180515603aeab60794e54bb7996a7",
"0061b1cfab6be5f32bbfa78324ed106a7636b9c5a7bd198d0158aa4f5488d08f38514f1fdf4b4f40d2181b3681c364ba0273c706",
"010000000000000000000000000000000000000000000000000001e2aad6a612f33307be5fa47c3c9e052f838164cd37d9a21173",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect571k1 [NIST K-571]",
"1.3.132.0.38",
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"026eb7a859923fbc82189631f8103fe4ac9ca2970012d5d46024804801841ca44370958493b205e647da304db4ceb08cbbd1ba39494776fb988b47174dca88c7e2945283a01c8972",
"0349dc807f4fbf374f4aeade3bca95314dd58cec9f307a54ffc61efc006d8a2c9d4979c0ac44aea74fbebbb9f772aedcb620b01a7ba7af1b320430c8591984f601cd4c143ef1c7a3",
"020000000000000000000000000000000000000000000000000000000000000000000000131850e1f19a63e4b391a8db917f4138b630d84be5d639381e91deb45cfe778f637c1001",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect571r1 [NIST B-571]",
"1.3.132.0.39",
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a",
"0303001d34b856296c16c0d40d3cd7750a93d1d2955fa80aa5f40fc8db7b2abdbde53950f4c0d293cdd711a35b67fb1499ae60038614f1394abfa3b4c850d927e1e7769c8eec2d19",
"037bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b",
"03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb191v1",
"1.2.840.10045.3.0.5",
"800000000000000000000000000000000000000000000201",
"2866537b676752636a68f56554e12640276b649ef7526267",
"2e45ef571f00786f67b0081b9495a3d95462f5de0aa185ec",
"36b3daf8a23206f9c4f299d7b21a9c369137f2c84ae1aa0d",
"765be73433b3f95e332932e70ea245ca2418ea0ef98018fb",
"40000000000000000000000004a20e90c39067c893bbb9a5",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb191v2",
"1.2.840.10045.3.0.6",
"800000000000000000000000000000000000000000000201",
"401028774d7777c7b7666d1366ea432071274f89ff01e718",
"0620048d28bcbd03b6249c99182b7c8cd19700c362c46a01",
"3809b2b7cc1b28cc5a87926aad83fd28789e81e2c9e3bf10",
"17434386626d14f3dbf01760d9213a3e1cf37aec437d668a",
"20000000000000000000000050508cb89f652824e06b8173",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb191v3",
"1.2.840.10045.3.0.7",
"800000000000000000000000000000000000000000000201",
"6c01074756099122221056911c77d77e77a777e7e7e77fcb",
"71fe1af926cf847989efef8db459f66394d90f32ad3f15e8",
"375d4ce24fde434489de8746e71786015009e66e38a926dd",
"545a39176196575d985999366e6ad34ce0a77cd7127b06be",
"155555555555555555555555610c0b196812bfb6288a3ea3",
6)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb239v1",
"1.2.840.10045.3.0.11",
"800000000000000000000000000000000000000000000000001000000001",
"32010857077c5431123a46b808906756f543423e8d27877578125778ac76",
"790408f2eedaf392b012edefb3392f30f4327c0ca3f31fc383c422aa8c16",
"57927098fa932e7c0a96d3fd5b706ef7e5f5c156e16b7e7c86038552e91d",
"61d8ee5077c33fecf6f1a16b268de469c3c7744ea9a971649fc7a9616305",
"2000000000000000000000000000000f4d42ffe1492a4993f1cad666e447",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb239v2",
"1.2.840.10045.3.0.12",
"800000000000000000000000000000000000000000000000001000000001",
"4230017757a767fae42398569b746325d45313af0766266479b75654e65f",
"5037ea654196cff0cd82b2c14a2fcf2e3ff8775285b545722f03eacdb74b",
"28f9d04e900069c8dc47a08534fe76d2b900b7d7ef31f5709f200c4ca205",
"5667334c45aff3b5a03bad9dd75e2c71a99362567d5453f7fa6e227ec833",
"1555555555555555555555555555553c6f2885259c31e3fcdf154624522d",
6)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb239v3",
"1.2.840.10045.3.0.13",
"800000000000000000000000000000000000000000000000001000000001",
"01238774666a67766d6676f778e676b66999176666e687666d8766c66a9f",
"6a941977ba9f6a435199acfc51067ed587f519c5ecb541b8e44111de1d40",
"70f6e9d04d289c4e89913ce3530bfde903977d42b146d539bf1bde4e9c92",
"2e5a0eaf6e5e1305b9004dce5c0ed7fe59a35608f33837c816d80b79f461",
"0cccccccccccccccccccccccccccccac4912d2d9df903ef9888b8a0e4cff",
0xA)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb359v1",
"1.2.840.10045.3.0.18",
"800000000000000000000000000000000000000000000000000000000000000000000000100000000000000001",
"5667676a654b20754f356ea92017d946567c46675556f19556a04616b567d223a5e05656fb549016a96656a557",
"2472e2d0197c49363f1fe7f5b6db075d52b6947d135d8ca445805d39bc345626089687742b6329e70680231988",
"3c258ef3047767e7ede0f1fdaa79daee3841366a132e163aced4ed2401df9c6bdcde98e8e707c07a2239b1b097",
"53d7e08529547048121e9c95f3791dd804963948f34fae7bf44ea82365dc7868fe57e4ae2de211305a407104bd",
"01af286bca1af286bca1af286bca1af286bca1af286bc9fb8f6b85c556892c20a7eb964fe7719e74f490758d3b",
0x4C)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb431r1",
"1.2.840.10045.3.0.20",
"800000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000001",
"1a827ef00dd6fc0e234caf046c6a5d8a85395b236cc4ad2cf32a0cadbdc9ddf620b0eb9906d0957f6c6feacd615468df104de296cd8f",
"10d9b4a3d9047d8b154359abfb1b7f5485b04ceb868237ddc9deda982a679a5a919b626d4e50a8dd731b107a9962381fb5d807bf2618",
"120fc05d3c67a99de161d2f4092622feca701be4f50f4758714e8a87bbf2a658ef8c21e7c5efe965361f6c2999c0c247b0dbd70ce6b7",
"20d0af8903a96f8d5fa2c255745d3c451b302c9346d9b7e485e7bce41f6b591f3e8f6addcbb0bc4c2f947a7de1a89b625d6a598b3760",
"0340340340340340340340340340340340340340340340340340340323c313fab50589703b5ec68d3587fec60d161cc149c1ad4a91",
0x2760)
);
}
public static String getOIDFromPublicKey(ECPublicKey ecPublicKey) {
ECParameterSpec ecParameterSpec = ecPublicKey.getParams();
BigInteger order = ecParameterSpec.getOrder();
BigInteger affineX = ecParameterSpec.getGenerator().getAffineX();
BigInteger affineY = ecParameterSpec.getGenerator().getAffineY();
BigInteger a = ecParameterSpec.getCurve().getA();
BigInteger b = ecParameterSpec.getCurve().getB();
int h = ecParameterSpec.getCofactor();
ECField ecField = ecParameterSpec.getCurve().getField();
BigInteger field;
if (ecField instanceof ECFieldFp) {
ECFieldFp ecFieldFp = (ECFieldFp) ecField;
field = ecFieldFp.getP();
} else {
ECFieldF2m ecFieldF2m = (ECFieldF2m) ecField;
field = ecFieldF2m.getReductionPolynomial();
}
Iterator<ECCurveDefinition> ecCurveDefinitionIterator = ecCurveDefinitions.iterator();
while (ecCurveDefinitionIterator.hasNext()) {
ECCurveDefinition ecCurveDefinition = ecCurveDefinitionIterator.next();
String oid = ecCurveDefinition.equals(field, a, b, affineX, affineY, order, h);
if (oid != null) {
return oid;
}
}
return null;
}
public static ECCurveDefinition getECCurveDefinition(String oid) {
Iterator<ECCurveDefinition> ecCurveDefinitionIterator = ecCurveDefinitions.iterator();
while (ecCurveDefinitionIterator.hasNext()) {
ECCurveDefinition ecCurveDefinition = ecCurveDefinitionIterator.next();
if (ecCurveDefinition.getOid().equals(oid)) {
return ecCurveDefinition;
}
}
return null;
}
public static class ECCurveDefinition {
private final String name;
private final String oid;
private final String field;
private final String a;
private final String b;
private final String x;
private final String y;
private final String n;
private final int h;
public ECCurveDefinition(String name, String oid, String field, String a, String b, String x, String y, String n, int h) {
this.name = name;
this.oid = oid;
this.field = field;
this.a = a;
this.b = b;
this.x = x;
this.y = y;
this.n = n;
this.h = h;
}
/**
* returns the ec oid if parameter are equal to this definition
*/
public String equals(BigInteger field, BigInteger a, BigInteger b, BigInteger x, BigInteger y, BigInteger n, int h) {
if (this.field.equals(field.toString(16))
&& this.a.equals(a.toString(16))
&& this.b.equals(b.toString(16))
&& this.x.equals(x.toString(16))
&& this.y.equals(y.toString(16))
&& this.n.equals(n.toString(16))
&& this.h == h) {
return this.oid;
}
return null;
}
public String getName() {
return name;
}
public String getOid() {
return oid;
}
public String getField() {
return field;
}
public String getA() {
return a;
}
public String getB() {
return b;
}
public String getX() {
return x;
}
public String getY() {
return y;
}
public String getN() {
return n;
}
public int getH() {
return h;
}
}
public static byte[] encodePoint(ECPoint ecPoint, EllipticCurve ellipticCurve) {
int size = (ellipticCurve.getField().getFieldSize() + 7) / 8;
byte affineXBytes[] = stripLeadingZeros(ecPoint.getAffineX().toByteArray());
byte affineYBytes[] = stripLeadingZeros(ecPoint.getAffineY().toByteArray());
byte encodedBytes[] = new byte[size * 2 + 1];
encodedBytes[0] = 0x04; //uncompressed
System.arraycopy(affineXBytes, 0, encodedBytes, size - affineXBytes.length + 1, affineXBytes.length);
System.arraycopy(affineYBytes, 0, encodedBytes, encodedBytes.length - affineYBytes.length, affineYBytes.length);
return encodedBytes;
}
public static ECPoint decodePoint(byte[] encodedBytes, EllipticCurve elliptiCcurve) {
if (encodedBytes[0] != 0x04) {
throw new IllegalArgumentException("Only uncompressed format is supported");
}
int size = (elliptiCcurve.getField().getFieldSize() + 7) / 8;
byte affineXBytes[] = new byte[size];
byte affineYBytes[] = new byte[size];
System.arraycopy(encodedBytes, 1, affineXBytes, 0, size);
System.arraycopy(encodedBytes, size + 1, affineYBytes, 0, size);
return new ECPoint(new BigInteger(1, affineXBytes), new BigInteger(1, affineYBytes));
}
public static byte[] stripLeadingZeros(byte[] bytes) {
int i;
for (i = 0; i < bytes.length - 1; i++) {
if (bytes[i] != 0) {
break;
}
}
if (i == 0) {
return bytes;
} else {
byte stripped[] = new byte[bytes.length - i];
System.arraycopy(bytes, i, stripped, 0, stripped.length);
return stripped;
}
}
}

119
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
View File

@ -44,21 +44,20 @@ import org.w3c.dom.Text;
public abstract class IntegrityHmac extends SignatureAlgorithmSpi { public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(IntegrityHmac.class);
java.util.logging.Logger.getLogger(IntegrityHmac.class.getName());
/** Field macAlgorithm */ /** Field macAlgorithm */
private Mac macAlgorithm = null; private Mac macAlgorithm;
/** Field HMACOutputLength */ /** Field HMACOutputLength */
private int HMACOutputLength = 0; private int HMACOutputLength;
private boolean HMACOutputLengthSet = false; private boolean HMACOutputLengthSet = false;
/** /**
* Method engineGetURI * Method engineGetURI
* *
*@inheritDoc *{@inheritDoc}
*/ */
public abstract String engineGetURI(); public abstract String engineGetURI();
@ -74,9 +73,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
*/ */
public IntegrityHmac() throws XMLSignatureException { public IntegrityHmac() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Created IntegrityHmacSHA1 using {}", algorithmID);
log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID);
}
try { try {
this.macAlgorithm = Mac.getInstance(algorithmID); this.macAlgorithm = Mac.getInstance(algorithmID);
@ -96,7 +93,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
protected void engineSetParameter(AlgorithmParameterSpec params) throws XMLSignatureException { protected void engineSetParameter(AlgorithmParameterSpec params) throws XMLSignatureException {
throw new XMLSignatureException("empty"); throw new XMLSignatureException("empty", new Object[]{"Incorrect method call"});
} }
public void reset() { public void reset() {
@ -116,9 +113,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
protected boolean engineVerify(byte[] signature) throws XMLSignatureException { protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try { try {
if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) { if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("HMACOutputLength must not be less than {}", getDigestLength());
log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
}
Object[] exArgs = { String.valueOf(getDigestLength()) }; Object[] exArgs = { String.valueOf(getDigestLength()) };
throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs); throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
} else { } else {
@ -126,7 +121,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
return MessageDigestAlgorithm.isEqual(completeResult, signature); return MessageDigestAlgorithm.isEqual(completeResult, signature);
} }
} catch (IllegalStateException ex) { } catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
@ -139,7 +134,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
*/ */
protected void engineInitVerify(Key secretKey) throws XMLSignatureException { protected void engineInitVerify(Key secretKey) throws XMLSignatureException {
if (!(secretKey instanceof SecretKey)) { if (!(secretKey instanceof SecretKey)) {
String supplied = secretKey.getClass().getName(); String supplied = null;
if (secretKey != null) {
supplied = secretKey.getClass().getName();
}
String needed = SecretKey.class.getName(); String needed = SecretKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -156,12 +154,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
this.macAlgorithm = Mac.getInstance(macAlgorithm.getAlgorithm()); this.macAlgorithm = Mac.getInstance(macAlgorithm.getAlgorithm());
} catch (Exception e) { } catch (Exception e) {
// this shouldn't occur, but if it does, restore previous Mac // this shouldn't occur, but if it does, restore previous Mac
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Exception when reinstantiating Mac: {}", e);
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Mac:" + e);
}
this.macAlgorithm = mac; this.macAlgorithm = mac;
} }
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
@ -175,16 +171,14 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
protected byte[] engineSign() throws XMLSignatureException { protected byte[] engineSign() throws XMLSignatureException {
try { try {
if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) { if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("HMACOutputLength must not be less than {}", getDigestLength());
log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
}
Object[] exArgs = { String.valueOf(getDigestLength()) }; Object[] exArgs = { String.valueOf(getDigestLength()) };
throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs); throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
} else { } else {
return this.macAlgorithm.doFinal(); return this.macAlgorithm.doFinal();
} }
} catch (IllegalStateException ex) { } catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
@ -195,19 +189,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
protected void engineInitSign(Key secretKey) throws XMLSignatureException { protected void engineInitSign(Key secretKey) throws XMLSignatureException {
if (!(secretKey instanceof SecretKey)) { engineInitSign(secretKey, (AlgorithmParameterSpec)null);
String supplied = secretKey.getClass().getName();
String needed = SecretKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.macAlgorithm.init(secretKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
} }
/** /**
@ -221,7 +203,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
Key secretKey, AlgorithmParameterSpec algorithmParameterSpec Key secretKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException { ) throws XMLSignatureException {
if (!(secretKey instanceof SecretKey)) { if (!(secretKey instanceof SecretKey)) {
String supplied = secretKey.getClass().getName(); String supplied = null;
if (secretKey != null) {
supplied = secretKey.getClass().getName();
}
String needed = SecretKey.class.getName(); String needed = SecretKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -229,11 +214,15 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
} }
try { try {
if (algorithmParameterSpec == null) {
this.macAlgorithm.init(secretKey);
} else {
this.macAlgorithm.init(secretKey, algorithmParameterSpec); this.macAlgorithm.init(secretKey, algorithmParameterSpec);
}
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} catch (InvalidAlgorithmParameterException ex) { } catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
@ -260,7 +249,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try { try {
this.macAlgorithm.update(input); this.macAlgorithm.update(input);
} catch (IllegalStateException ex) { } catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
@ -275,7 +264,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try { try {
this.macAlgorithm.update(input); this.macAlgorithm.update(input);
} catch (IllegalStateException ex) { } catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
@ -292,13 +281,13 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try { try {
this.macAlgorithm.update(buf, offset, len); this.macAlgorithm.update(buf, offset, len);
} catch (IllegalStateException ex) { } catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** /**
* Method engineGetJCEAlgorithmString * Method engineGetJCEAlgorithmString
* @inheritDoc * {@inheritDoc}
* *
*/ */
protected String engineGetJCEAlgorithmString() { protected String engineGetJCEAlgorithmString() {
@ -308,7 +297,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Method engineGetJCEAlgorithmString * Method engineGetJCEAlgorithmString
* *
* @inheritDoc * {@inheritDoc}
*/ */
protected String engineGetJCEProviderName() { protected String engineGetJCEProviderName() {
return this.macAlgorithm.getProvider().getName(); return this.macAlgorithm.getProvider().getName();
@ -360,7 +349,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
Element HMElem = Element HMElem =
XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_HMACOUTPUTLENGTH); XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_HMACOUTPUTLENGTH);
Text HMText = Text HMText =
doc.createTextNode(Integer.valueOf(this.HMACOutputLength).toString()); doc.createTextNode("" + this.HMACOutputLength);
HMElem.appendChild(HMText); HMElem.appendChild(HMText);
XMLUtils.addReturnToElement(element); XMLUtils.addReturnToElement(element);
@ -385,7 +374,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Method engineGetURI * Method engineGetURI
* @inheritDoc * {@inheritDoc}
* *
*/ */
public String engineGetURI() { public String engineGetURI() {
@ -397,6 +386,34 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
} }
} }
/**
* Class IntegrityHmacSHA224
*/
public static class IntegrityHmacSHA224 extends IntegrityHmac {
/**
* Constructor IntegrityHmacSHA224
*
* @throws XMLSignatureException
*/
public IntegrityHmacSHA224() throws XMLSignatureException {
super();
}
/**
* Method engineGetURI
*
* {@inheritDoc}
*/
public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_SHA224;
}
int getDigestLength() {
return 224;
}
}
/** /**
* Class IntegrityHmacSHA256 * Class IntegrityHmacSHA256
*/ */
@ -414,7 +431,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Method engineGetURI * Method engineGetURI
* *
* @inheritDoc * {@inheritDoc}
*/ */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_SHA256; return XMLSignature.ALGO_ID_MAC_HMAC_SHA256;
@ -441,7 +458,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Method engineGetURI * Method engineGetURI
* @inheritDoc * {@inheritDoc}
* *
*/ */
public String engineGetURI() { public String engineGetURI() {
@ -469,7 +486,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Method engineGetURI * Method engineGetURI
* @inheritDoc * {@inheritDoc}
* *
*/ */
public String engineGetURI() { public String engineGetURI() {
@ -498,7 +515,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Method engineGetURI * Method engineGetURI
* *
* @inheritDoc * {@inheritDoc}
*/ */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160; return XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160;
@ -526,7 +543,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Method engineGetURI * Method engineGetURI
* *
* @inheritDoc * {@inheritDoc}
*/ */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5; return XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5;

307
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
View File

@ -40,15 +40,14 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi { public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureBaseRSA.class);
java.util.logging.Logger.getLogger(SignatureBaseRSA.class.getName());
/** @inheritDoc */ /** {@inheritDoc} */
public abstract String engineGetURI(); public abstract String engineGetURI();
/** Field algorithm */ /** Field algorithm */
private java.security.Signature signatureAlgorithm = null; private Signature signatureAlgorithm;
/** /**
* Constructor SignatureRSA * Constructor SignatureRSA
@ -58,15 +57,13 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
public SignatureBaseRSA() throws XMLSignatureException { public SignatureBaseRSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Created SignatureRSA using {}", algorithmID);
log.log(java.util.logging.Level.FINE, "Created SignatureRSA using " + algorithmID);
}
String provider = JCEMapper.getProviderId(); String provider = JCEMapper.getProviderId();
try { try {
if (provider == null) { if (provider == null) {
this.signatureAlgorithm = Signature.getInstance(algorithmID); this.signatureAlgorithm = Signature.getInstance(algorithmID);
} else { } else {
this.signatureAlgorithm = Signature.getInstance(algorithmID,provider); this.signatureAlgorithm = Signature.getInstance(algorithmID, provider);
} }
} catch (java.security.NoSuchAlgorithmException ex) { } catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
@ -79,29 +76,32 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineSetParameter(AlgorithmParameterSpec params) protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException { throws XMLSignatureException {
try { try {
this.signatureAlgorithm.setParameter(params); this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) { } catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException { protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try { try {
return this.signatureAlgorithm.verify(signature); return this.signatureAlgorithm.verify(signature);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException { protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) { if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName(); String supplied = null;
if (publicKey != null) {
supplied = publicKey.getClass().getName();
}
String needed = PublicKey.class.getName(); String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -119,46 +119,30 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
} catch (Exception e) { } catch (Exception e) {
// this shouldn't occur, but if it does, restore previous // this shouldn't occur, but if it does, restore previous
// Signature // Signature
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Exception when reinstantiating Signature: {}", e);
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this.signatureAlgorithm = sig; this.signatureAlgorithm = sig;
} }
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected byte[] engineSign() throws XMLSignatureException { protected byte[] engineSign() throws XMLSignatureException {
try { try {
return this.signatureAlgorithm.sign(); return this.signatureAlgorithm.sign();
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom) protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException { throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) { if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName(); String supplied = null;
String needed = PrivateKey.class.getName(); if (privateKey != null) {
Object exArgs[] = { supplied, needed }; supplied = privateKey.getClass().getName();
}
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName(); String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -166,56 +150,65 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
} }
try { try {
if (secureRandom == null) {
this.signatureAlgorithm.initSign((PrivateKey) privateKey); this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} else {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
}
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
engineInitSign(privateKey, (SecureRandom)null);
}
/** {@inheritDoc} */
protected void engineUpdate(byte[] input) throws XMLSignatureException { protected void engineUpdate(byte[] input) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(input); this.signatureAlgorithm.update(input);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineUpdate(byte input) throws XMLSignatureException { protected void engineUpdate(byte input) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(input); this.signatureAlgorithm.update(input);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException { protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(buf, offset, len); this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected String engineGetJCEAlgorithmString() { protected String engineGetJCEAlgorithmString() {
return this.signatureAlgorithm.getAlgorithm(); return this.signatureAlgorithm.getAlgorithm();
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected String engineGetJCEProviderName() { protected String engineGetJCEProviderName() {
return this.signatureAlgorithm.getProvider().getName(); return this.signatureAlgorithm.getProvider().getName();
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineSetHMACOutputLength(int HMACOutputLength) protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException { throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitSign( protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException { ) throws XMLSignatureException {
@ -236,12 +229,32 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1; return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1;
} }
} }
/**
* Class SignatureRSASHA224
*/
public static class SignatureRSASHA224 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA224
*
* @throws XMLSignatureException
*/
public SignatureRSASHA224() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224;
}
}
/** /**
* Class SignatureRSASHA256 * Class SignatureRSASHA256
*/ */
@ -256,7 +269,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256; return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
} }
@ -276,7 +289,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384; return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384;
} }
@ -296,7 +309,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512; return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
} }
@ -316,7 +329,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160; return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160;
} }
@ -336,9 +349,189 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5; return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5;
} }
} }
/**
* Class SignatureRSASHA1MGF1
*/
public static class SignatureRSASHA1MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA1MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA1MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1;
}
}
/**
* Class SignatureRSASHA224MGF1
*/
public static class SignatureRSASHA224MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA224MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA224MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1;
}
}
/**
* Class SignatureRSASHA256MGF1
*/
public static class SignatureRSASHA256MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA256MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA256MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1;
}
}
/**
* Class SignatureRSASHA384MGF1
*/
public static class SignatureRSASHA384MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA384MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA384MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1;
}
}
/**
* Class SignatureRSASHA512MGF1
*/
public static class SignatureRSASHA512MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA512MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA512MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1;
}
}
/**
* Class SignatureRSA3_SHA224MGF1
*/
public static class SignatureRSASHA3_224MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_224MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_224MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1;
}
}
/**
* Class SignatureRSA3_SHA256MGF1
*/
public static class SignatureRSASHA3_256MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_256MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_256MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1;
}
}
/**
* Class SignatureRSA3_SHA384MGF1
*/
public static class SignatureRSASHA3_384MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_384MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_384MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1;
}
}
/**
* Class SignatureRSASHA3_512MGF1
*/
public static class SignatureRSASHA3_512MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_512MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_512MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1;
}
}
} }

97
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
View File

@ -33,22 +33,24 @@ import java.security.Signature;
import java.security.SignatureException; import java.security.SignatureException;
import java.security.interfaces.DSAKey; import java.security.interfaces.DSAKey;
import java.security.spec.AlgorithmParameterSpec; import java.security.spec.AlgorithmParameterSpec;
import java.util.Base64;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi; import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature; import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
public class SignatureDSA extends SignatureAlgorithmSpi { public class SignatureDSA extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */ public static final String URI = Constants.SignatureSpecNS + "dsa-sha1";
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureDSA.class.getName()); private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureDSA.class);
/** Field algorithm */ /** Field algorithm */
private java.security.Signature signatureAlgorithm = null; private Signature signatureAlgorithm;
/** size of Q */ /** size of Q */
private int size; private int size;
@ -56,7 +58,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
/** /**
* Method engineGetURI * Method engineGetURI
* *
* @inheritDoc * {@inheritDoc}
*/ */
protected String engineGetURI() { protected String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_DSA; return XMLSignature.ALGO_ID_SIGNATURE_DSA;
@ -69,9 +71,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
*/ */
public SignatureDSA() throws XMLSignatureException { public SignatureDSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(engineGetURI()); String algorithmID = JCEMapper.translateURItoJCEID(engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Created SignatureDSA using {}", algorithmID);
log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID);
}
String provider = JCEMapper.getProviderId(); String provider = JCEMapper.getProviderId();
try { try {
@ -91,25 +91,25 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected void engineSetParameter(AlgorithmParameterSpec params) protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException { throws XMLSignatureException {
try { try {
this.signatureAlgorithm.setParameter(params); this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) { } catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected boolean engineVerify(byte[] signature) protected boolean engineVerify(byte[] signature)
throws XMLSignatureException { throws XMLSignatureException {
try { try {
if (log.isLoggable(java.util.logging.Level.FINE)) { if (LOG.isDebugEnabled()) {
log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature)); LOG.debug("Called DSA.verify() on " + Base64.getMimeEncoder().encodeToString(signature));
} }
byte[] jcebytes = JavaUtils.convertDsaXMLDSIGtoASN1(signature, byte[] jcebytes = JavaUtils.convertDsaXMLDSIGtoASN1(signature,
@ -117,18 +117,21 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
return this.signatureAlgorithm.verify(jcebytes); return this.signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} catch (IOException ex) { } catch (IOException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException { protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) { if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName(); String supplied = null;
if (publicKey != null) {
supplied = publicKey.getClass().getName();
}
String needed = PublicKey.class.getName(); String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -146,18 +149,16 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
} catch (Exception e) { } catch (Exception e) {
// this shouldn't occur, but if it does, restore previous // this shouldn't occur, but if it does, restore previous
// Signature // Signature
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Exception when reinstantiating Signature: {}", e);
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this.signatureAlgorithm = sig; this.signatureAlgorithm = sig;
} }
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
size = ((DSAKey)publicKey).getParams().getQ().bitLength(); size = ((DSAKey)publicKey).getParams().getQ().bitLength();
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected byte[] engineSign() throws XMLSignatureException { protected byte[] engineSign() throws XMLSignatureException {
try { try {
@ -165,19 +166,22 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
return JavaUtils.convertDsaASN1toXMLDSIG(jcebytes, size/8); return JavaUtils.convertDsaASN1toXMLDSIG(jcebytes, size/8);
} catch (IOException ex) { } catch (IOException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom) protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException { throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) { if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName(); String supplied = null;
if (privateKey != null) {
supplied = privateKey.getClass().getName();
}
String needed = PrivateKey.class.getName(); String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -185,70 +189,61 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
} }
try { try {
if (secureRandom == null) {
this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} else {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
}
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
size = ((DSAKey)privateKey).getParams().getQ().bitLength(); size = ((DSAKey)privateKey).getParams().getQ().bitLength();
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected void engineInitSign(Key privateKey) throws XMLSignatureException { protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) { engineInitSign(privateKey, (SecureRandom)null);
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
size = ((DSAKey)privateKey).getParams().getQ().bitLength();
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected void engineUpdate(byte[] input) throws XMLSignatureException { protected void engineUpdate(byte[] input) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(input); this.signatureAlgorithm.update(input);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected void engineUpdate(byte input) throws XMLSignatureException { protected void engineUpdate(byte input) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(input); this.signatureAlgorithm.update(input);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** /**
* @inheritDoc * {@inheritDoc}
*/ */
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException { protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(buf, offset, len); this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** /**
* Method engineGetJCEAlgorithmString * Method engineGetJCEAlgorithmString
* *
* @inheritDoc * {@inheritDoc}
*/ */
protected String engineGetJCEAlgorithmString() { protected String engineGetJCEAlgorithmString() {
return this.signatureAlgorithm.getAlgorithm(); return this.signatureAlgorithm.getAlgorithm();
@ -257,7 +252,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
/** /**
* Method engineGetJCEProviderName * Method engineGetJCEProviderName
* *
* @inheritDoc * {@inheritDoc}
*/ */
protected String engineGetJCEProviderName() { protected String engineGetJCEProviderName() {
return this.signatureAlgorithm.getProvider().getName(); return this.signatureAlgorithm.getProvider().getName();

272
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java
View File

@ -33,34 +33,31 @@ import java.security.SecureRandom;
import java.security.Signature; import java.security.Signature;
import java.security.SignatureException; import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec; import java.security.spec.AlgorithmParameterSpec;
import java.util.Base64;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi; import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature; import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
/** /**
* *
* @author $Author: raul $
* @author Alex Dupre
*/ */
public abstract class SignatureECDSA extends SignatureAlgorithmSpi { public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureECDSA.class);
java.util.logging.Logger.getLogger(SignatureECDSA.class.getName());
/** @inheritDoc */ /** {@inheritDoc} */
public abstract String engineGetURI(); public abstract String engineGetURI();
/** Field algorithm */ /** Field algorithm */
private java.security.Signature signatureAlgorithm = null; private Signature signatureAlgorithm;
/** /**
* Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value. * Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
* *
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values. * pairs; the XML Signature requires the core BigInteger values.
* *
* @param asn1Bytes * @param asn1Bytes
@ -71,51 +68,13 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A> * @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/ */
public static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) throws IOException { public static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) throws IOException {
return ECDSAUtils.convertASN1toXMLDSIG(asn1Bytes);
if (asn1Bytes.length < 8 || asn1Bytes[0] != 48) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
int offset;
if (asn1Bytes[1] > 0) {
offset = 2;
} else if (asn1Bytes[1] == (byte) 0x81) {
offset = 3;
} else {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte rLength = asn1Bytes[offset + 1];
int i;
for (i = rLength; (i > 0) && (asn1Bytes[(offset + 2 + rLength) - i] == 0); i--);
byte sLength = asn1Bytes[offset + 2 + rLength + 1];
int j;
for (j = sLength;
(j > 0) && (asn1Bytes[(offset + 2 + rLength + 2 + sLength) - j] == 0); j--);
int rawLen = Math.max(i, j);
if ((asn1Bytes[offset - 1] & 0xff) != asn1Bytes.length - offset
|| (asn1Bytes[offset - 1] & 0xff) != 2 + rLength + 2 + sLength
|| asn1Bytes[offset] != 2
|| asn1Bytes[offset + 2 + rLength] != 2) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte xmldsigBytes[] = new byte[2*rawLen];
System.arraycopy(asn1Bytes, (offset + 2 + rLength) - i, xmldsigBytes, rawLen - i, i);
System.arraycopy(asn1Bytes, (offset + 2 + rLength + 2 + sLength) - j, xmldsigBytes,
2*rawLen - j, j);
return xmldsigBytes;
} }
/** /**
* Converts a XML Signature ECDSA Value to an ASN.1 DSA value. * Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
* *
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values. * pairs; the XML Signature requires the core BigInteger values.
* *
* @param xmldsigBytes * @param xmldsigBytes
@ -126,58 +85,7 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A> * @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/ */
public static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) throws IOException { public static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) throws IOException {
return ECDSAUtils.convertXMLDSIGtoASN1(xmldsigBytes);
int rawLen = xmldsigBytes.length/2;
int i;
for (i = rawLen; (i > 0) && (xmldsigBytes[rawLen - i] == 0); i--);
int j = i;
if (xmldsigBytes[rawLen - i] < 0) {
j += 1;
}
int k;
for (k = rawLen; (k > 0) && (xmldsigBytes[2*rawLen - k] == 0); k--);
int l = k;
if (xmldsigBytes[2*rawLen - k] < 0) {
l += 1;
}
int len = 2 + j + 2 + l;
if (len > 255) {
throw new IOException("Invalid XMLDSIG format of ECDSA signature");
}
int offset;
byte asn1Bytes[];
if (len < 128) {
asn1Bytes = new byte[2 + 2 + j + 2 + l];
offset = 1;
} else {
asn1Bytes = new byte[3 + 2 + j + 2 + l];
asn1Bytes[1] = (byte) 0x81;
offset = 2;
}
asn1Bytes[0] = 48;
asn1Bytes[offset++] = (byte) len;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) j;
System.arraycopy(xmldsigBytes, rawLen - i, asn1Bytes, (offset + j) - i, i);
offset += j;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) l;
System.arraycopy(xmldsigBytes, 2*rawLen - k, asn1Bytes, (offset + l) - k, k);
return asn1Bytes;
} }
/** /**
@ -189,15 +97,13 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Created SignatureECDSA using {}", algorithmID);
log.log(java.util.logging.Level.FINE, "Created SignatureECDSA using " + algorithmID);
}
String provider = JCEMapper.getProviderId(); String provider = JCEMapper.getProviderId();
try { try {
if (provider == null) { if (provider == null) {
this.signatureAlgorithm = Signature.getInstance(algorithmID); this.signatureAlgorithm = Signature.getInstance(algorithmID);
} else { } else {
this.signatureAlgorithm = Signature.getInstance(algorithmID,provider); this.signatureAlgorithm = Signature.getInstance(algorithmID, provider);
} }
} catch (java.security.NoSuchAlgorithmException ex) { } catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
@ -210,38 +116,41 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineSetParameter(AlgorithmParameterSpec params) protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException { throws XMLSignatureException {
try { try {
this.signatureAlgorithm.setParameter(params); this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) { } catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException { protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try { try {
byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature); byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature);
if (log.isLoggable(java.util.logging.Level.FINE)) { if (LOG.isDebugEnabled()) {
log.log(java.util.logging.Level.FINE, "Called ECDSA.verify() on " + Base64.encode(signature)); LOG.debug("Called ECDSA.verify() on " + Base64.getMimeEncoder().encodeToString(signature));
} }
return this.signatureAlgorithm.verify(jcebytes); return this.signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} catch (IOException ex) { } catch (IOException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException { protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) { if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName(); String supplied = null;
if (publicKey != null) {
supplied = publicKey.getClass().getName();
}
String needed = PublicKey.class.getName(); String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -259,50 +168,34 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
} catch (Exception e) { } catch (Exception e) {
// this shouldn't occur, but if it does, restore previous // this shouldn't occur, but if it does, restore previous
// Signature // Signature
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Exception when reinstantiating Signature: {}", e);
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this.signatureAlgorithm = sig; this.signatureAlgorithm = sig;
} }
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected byte[] engineSign() throws XMLSignatureException { protected byte[] engineSign() throws XMLSignatureException {
try { try {
byte jcebytes[] = this.signatureAlgorithm.sign(); byte jcebytes[] = this.signatureAlgorithm.sign();
return SignatureECDSA.convertASN1toXMLDSIG(jcebytes); return SignatureECDSA.convertASN1toXMLDSIG(jcebytes);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} catch (IOException ex) { } catch (IOException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom) protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException { throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) { if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName(); String supplied = null;
String needed = PrivateKey.class.getName(); if (privateKey != null) {
Object exArgs[] = { supplied, needed }; supplied = privateKey.getClass().getName();
}
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName(); String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
@ -310,56 +203,65 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
} }
try { try {
if (secureRandom == null) {
this.signatureAlgorithm.initSign((PrivateKey) privateKey); this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} else {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
}
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
engineInitSign(privateKey, (SecureRandom)null);
}
/** {@inheritDoc} */
protected void engineUpdate(byte[] input) throws XMLSignatureException { protected void engineUpdate(byte[] input) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(input); this.signatureAlgorithm.update(input);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineUpdate(byte input) throws XMLSignatureException { protected void engineUpdate(byte input) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(input); this.signatureAlgorithm.update(input);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException { protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try { try {
this.signatureAlgorithm.update(buf, offset, len); this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected String engineGetJCEAlgorithmString() { protected String engineGetJCEAlgorithmString() {
return this.signatureAlgorithm.getAlgorithm(); return this.signatureAlgorithm.getAlgorithm();
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected String engineGetJCEProviderName() { protected String engineGetJCEProviderName() {
return this.signatureAlgorithm.getProvider().getName(); return this.signatureAlgorithm.getProvider().getName();
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineSetHMACOutputLength(int HMACOutputLength) protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException { throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
} }
/** @inheritDoc */ /** {@inheritDoc} */
protected void engineInitSign( protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException { ) throws XMLSignatureException {
@ -367,13 +269,12 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
} }
/** /**
* Class SignatureRSASHA1 * Class SignatureECDSASHA1
* *
* @author $Author: marcx $
*/ */
public static class SignatureECDSASHA1 extends SignatureECDSA { public static class SignatureECDSASHA1 extends SignatureECDSA {
/** /**
* Constructor SignatureRSASHA1 * Constructor SignatureECDSASHA1
* *
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
@ -381,21 +282,40 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1; return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1;
} }
} }
/** /**
* Class SignatureRSASHA256 * Class SignatureECDSASHA224
*/
public static class SignatureECDSASHA224 extends SignatureECDSA {
/**
* Constructor SignatureECDSASHA224
*
* @throws XMLSignatureException
*/
public SignatureECDSASHA224() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA224;
}
}
/**
* Class SignatureECDSASHA256
* *
* @author Alex Dupre
*/ */
public static class SignatureECDSASHA256 extends SignatureECDSA { public static class SignatureECDSASHA256 extends SignatureECDSA {
/** /**
* Constructor SignatureRSASHA256 * Constructor SignatureECDSASHA256
* *
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
@ -403,21 +323,20 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256; return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256;
} }
} }
/** /**
* Class SignatureRSASHA384 * Class SignatureECDSASHA384
* *
* @author Alex Dupre
*/ */
public static class SignatureECDSASHA384 extends SignatureECDSA { public static class SignatureECDSASHA384 extends SignatureECDSA {
/** /**
* Constructor SignatureRSASHA384 * Constructor SignatureECDSASHA384
* *
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
@ -425,21 +344,20 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384; return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384;
} }
} }
/** /**
* Class SignatureRSASHA512 * Class SignatureECDSASHA512
* *
* @author Alex Dupre
*/ */
public static class SignatureECDSASHA512 extends SignatureECDSA { public static class SignatureECDSASHA512 extends SignatureECDSA {
/** /**
* Constructor SignatureRSASHA512 * Constructor SignatureECDSASHA512
* *
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
@ -447,10 +365,30 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super(); super();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String engineGetURI() { public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512; return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512;
} }
} }
/**
* Class SignatureECDSARIPEMD160
*/
public static class SignatureECDSARIPEMD160 extends SignatureECDSA {
/**
* Constructor SignatureECDSARIPEMD160
*
* @throws XMLSignatureException
*/
public SignatureECDSARIPEMD160() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_RIPEMD160;
}
}
} }

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/package.html
View File

@ -1,3 +0,0 @@
<HTML> <HEAD> </HEAD> <BODY> <P>
implementations of {@link com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi}.
</P></BODY> </HTML>

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
algorithm factories.
</P></BODY></HTML>

25
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
View File

@ -27,7 +27,6 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/** /**
* Class CanonicalizationException * Class CanonicalizationException
* *
* @author Christian Geuer-Pollmann
*/ */
public class CanonicalizationException extends XMLSecurityException { public class CanonicalizationException extends XMLSecurityException {
@ -44,6 +43,10 @@ public class CanonicalizationException extends XMLSecurityException {
super(); super();
} }
public CanonicalizationException(Exception ex) {
super(ex);
}
/** /**
* Constructor CanonicalizationException * Constructor CanonicalizationException
* *
@ -66,23 +69,33 @@ public class CanonicalizationException extends XMLSecurityException {
/** /**
* Constructor CanonicalizationException * Constructor CanonicalizationException
* *
* @param msgID
* @param originalException * @param originalException
* @param msgID
*/ */
public CanonicalizationException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public CanonicalizationException(String msgID, Exception originalException) { public CanonicalizationException(String msgID, Exception originalException) {
super(msgID, originalException); this(originalException, msgID);
} }
/** /**
* Constructor CanonicalizationException * Constructor CanonicalizationException
* *
* @param originalException
* @param msgID * @param msgID
* @param exArgs * @param exArgs
* @param originalException
*/ */
public CanonicalizationException( public CanonicalizationException(
String msgID, Object exArgs[], Exception originalException Exception originalException, String msgID, Object exArgs[]
) { ) {
super(msgID, exArgs, originalException); super(originalException, msgID, exArgs);
}
@Deprecated
public CanonicalizationException(String msgID, Object exArgs[], Exception originalException) {
this(originalException, msgID, exArgs);
} }
} }

65
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
View File

@ -25,13 +25,12 @@ package com.sun.org.apache.xml.internal.security.c14n;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.InputStream; import java.io.InputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments; import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments; import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments;
@ -42,6 +41,7 @@ import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicaliz
import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical; import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException; import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.w3c.dom.NodeList; import org.w3c.dom.NodeList;
@ -49,12 +49,11 @@ import org.xml.sax.InputSource;
/** /**
* *
* @author Christian Geuer-Pollmann
*/ */
public class Canonicalizer { public class Canonicalizer {
/** The output encoding of canonicalized data */ /** The output encoding of canonicalized data */
public static final String ENCODING = "UTF8"; public static final String ENCODING = StandardCharsets.UTF_8.name();
/** /**
* XPath Expression for selecting every node and continuous comments joined * XPath Expression for selecting every node and continuous comments joined
@ -103,6 +102,7 @@ public class Canonicalizer {
new ConcurrentHashMap<String, Class<? extends CanonicalizerSpi>>(); new ConcurrentHashMap<String, Class<? extends CanonicalizerSpi>>();
private final CanonicalizerSpi canonicalizerSpi; private final CanonicalizerSpi canonicalizerSpi;
private boolean secureValidation;
/** /**
* Constructor Canonicalizer * Constructor Canonicalizer
@ -122,7 +122,7 @@ public class Canonicalizer {
} catch (Exception e) { } catch (Exception e) {
Object exArgs[] = { algorithmURI }; Object exArgs[] = { algorithmURI };
throw new InvalidCanonicalizerException( throw new InvalidCanonicalizerException(
"signature.Canonicalizer.UnknownCanonicalizer", exArgs, e e, "signature.Canonicalizer.UnknownCanonicalizer", exArgs
); );
} }
} }
@ -162,7 +162,8 @@ public class Canonicalizer {
} }
canonicalizerHash.put( canonicalizerHash.put(
algorithmURI, (Class<? extends CanonicalizerSpi>)Class.forName(implementingClass) algorithmURI, (Class<? extends CanonicalizerSpi>)
ClassLoaderUtils.loadClass(implementingClass, Canonicalizer.class)
); );
} }
@ -244,7 +245,7 @@ public class Canonicalizer {
/** /**
* This method tries to canonicalize the given bytes. It's possible to even * This method tries to canonicalize the given bytes. It's possible to even
* canonicalize non-wellformed sequences if they are well-formed after being * canonicalize non-wellformed sequences if they are well-formed after being
* wrapped with a <CODE>&gt;a&lt;...&gt;/a&lt;</CODE>. * wrapped with a {@code &gt;a&lt;...&gt;/a&lt;}.
* *
* @param inputBytes * @param inputBytes
* @return the result of the canonicalization. * @return the result of the canonicalization.
@ -256,17 +257,12 @@ public class Canonicalizer {
public byte[] canonicalize(byte[] inputBytes) public byte[] canonicalize(byte[] inputBytes)
throws javax.xml.parsers.ParserConfigurationException, throws javax.xml.parsers.ParserConfigurationException,
java.io.IOException, org.xml.sax.SAXException, CanonicalizationException { java.io.IOException, org.xml.sax.SAXException, CanonicalizationException {
InputStream bais = new ByteArrayInputStream(inputBytes); Document document = null;
try (InputStream bais = new ByteArrayInputStream(inputBytes)) {
InputSource in = new InputSource(bais); InputSource in = new InputSource(bais);
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
dfactory.setNamespaceAware(true);
// needs to validate for ID attribute normalization // needs to validate for ID attribute normalization
dfactory.setValidating(true); DocumentBuilder db = XMLUtils.createDocumentBuilder(true, secureValidation);
DocumentBuilder db = dfactory.newDocumentBuilder();
/* /*
* for some of the test vectors from the specification, * for some of the test vectors from the specification,
@ -291,12 +287,13 @@ public class Canonicalizer {
*/ */
db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils.IgnoreAllErrorHandler()); db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils.IgnoreAllErrorHandler());
Document document = db.parse(in); document = db.parse(in);
}
return this.canonicalizeSubtree(document); return this.canonicalizeSubtree(document);
} }
/** /**
* Canonicalizes the subtree rooted by <CODE>node</CODE>. * Canonicalizes the subtree rooted by {@code node}.
* *
* @param node The node to canonicalize * @param node The node to canonicalize
* @return the result of the c14n. * @return the result of the c14n.
@ -304,11 +301,12 @@ public class Canonicalizer {
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
public byte[] canonicalizeSubtree(Node node) throws CanonicalizationException { public byte[] canonicalizeSubtree(Node node) throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeSubTree(node); return canonicalizerSpi.engineCanonicalizeSubTree(node);
} }
/** /**
* Canonicalizes the subtree rooted by <CODE>node</CODE>. * Canonicalizes the subtree rooted by {@code node}.
* *
* @param node * @param node
* @param inclusiveNamespaces * @param inclusiveNamespaces
@ -317,11 +315,26 @@ public class Canonicalizer {
*/ */
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces) public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces)
throws CanonicalizationException { throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces); return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces);
} }
/** /**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated * Canonicalizes the subtree rooted by {@code node}.
*
* @param node
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces, propagateDefaultNamespace);
}
/**
* Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated
* as a list of XPath nodes, not as a list of subtrees. * as a list of XPath nodes, not as a list of subtrees.
* *
* @param xpathNodeSet * @param xpathNodeSet
@ -330,11 +343,12 @@ public class Canonicalizer {
*/ */
public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet) public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet)
throws CanonicalizationException { throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
} }
/** /**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated * Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated
* as a list of XPath nodes, not as a list of subtrees. * as a list of XPath nodes, not as a list of subtrees.
* *
* @param xpathNodeSet * @param xpathNodeSet
@ -345,6 +359,7 @@ public class Canonicalizer {
public byte[] canonicalizeXPathNodeSet( public byte[] canonicalizeXPathNodeSet(
NodeList xpathNodeSet, String inclusiveNamespaces NodeList xpathNodeSet, String inclusiveNamespaces
) throws CanonicalizationException { ) throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return return
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces); canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces);
} }
@ -358,6 +373,7 @@ public class Canonicalizer {
*/ */
public byte[] canonicalizeXPathNodeSet(Set<Node> xpathNodeSet) public byte[] canonicalizeXPathNodeSet(Set<Node> xpathNodeSet)
throws CanonicalizationException { throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
} }
@ -372,6 +388,7 @@ public class Canonicalizer {
public byte[] canonicalizeXPathNodeSet( public byte[] canonicalizeXPathNodeSet(
Set<Node> xpathNodeSet, String inclusiveNamespaces Set<Node> xpathNodeSet, String inclusiveNamespaces
) throws CanonicalizationException { ) throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return return
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces); canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces);
} }
@ -401,4 +418,12 @@ public class Canonicalizer {
canonicalizerSpi.reset = false; canonicalizerSpi.reset = false;
} }
public boolean isSecureValidation() {
return secureValidation;
}
public void setSecureValidation(boolean secureValidation) {
this.secureValidation = secureValidation;
}
} }

38
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java
View File

@ -26,9 +26,7 @@ import java.io.ByteArrayInputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.util.Set; import java.util.Set;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
@ -39,12 +37,12 @@ import org.xml.sax.InputSource;
/** /**
* Base class which all Canonicalization algorithms extend. * Base class which all Canonicalization algorithms extend.
* *
* @author Christian Geuer-Pollmann
*/ */
public abstract class CanonicalizerSpi { public abstract class CanonicalizerSpi {
/** Reset the writer after a c14n */ /** Reset the writer after a c14n */
protected boolean reset = false; protected boolean reset = false;
protected boolean secureValidation;
/** /**
* Method canonicalize * Method canonicalize
@ -61,17 +59,14 @@ public abstract class CanonicalizerSpi {
throws javax.xml.parsers.ParserConfigurationException, java.io.IOException, throws javax.xml.parsers.ParserConfigurationException, java.io.IOException,
org.xml.sax.SAXException, CanonicalizationException { org.xml.sax.SAXException, CanonicalizationException {
java.io.InputStream bais = new ByteArrayInputStream(inputBytes); Document document = null;
try (java.io.InputStream bais = new ByteArrayInputStream(inputBytes)) {
InputSource in = new InputSource(bais); InputSource in = new InputSource(bais);
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
// needs to validate for ID attribute normalization DocumentBuilder db = XMLUtils.createDocumentBuilder(false, secureValidation);
dfactory.setNamespaceAware(true);
DocumentBuilder db = dfactory.newDocumentBuilder(); document = db.parse(in);
}
Document document = db.parse(in);
return this.engineCanonicalizeSubTree(document); return this.engineCanonicalizeSubTree(document);
} }
@ -159,6 +154,19 @@ public abstract class CanonicalizerSpi {
public abstract byte[] engineCanonicalizeSubTree(Node rootNode, String inclusiveNamespaces) public abstract byte[] engineCanonicalizeSubTree(Node rootNode, String inclusiveNamespaces)
throws CanonicalizationException; throws CanonicalizationException;
/**
* C14n a node tree.
*
* @param rootNode
* @param inclusiveNamespaces
* @param propagateDefaultNamespace If true the default namespace will be propagated to the c14n-ized root element
* @return the c14n bytes
* @throws CanonicalizationException
*/
public abstract byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException;
/** /**
* Sets the writer where the canonicalization ends. ByteArrayOutputStream if * Sets the writer where the canonicalization ends. ByteArrayOutputStream if
* none is set. * none is set.
@ -166,4 +174,12 @@ public abstract class CanonicalizerSpi {
*/ */
public abstract void setWriter(OutputStream os); public abstract void setWriter(OutputStream os);
public boolean isSecureValidation() {
return secureValidation;
}
public void setSecureValidation(boolean secureValidation) {
this.secureValidation = secureValidation;
}
} }

84
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/ClassLoaderUtils.java Normal file
View File

@ -0,0 +1,84 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.c14n;
// NOTE! This is a duplicate of utils.ClassLoaderUtils with public
// modifiers changed to package-private. Make sure to integrate any future
// changes to utils.ClassLoaderUtils to this file.
final class ClassLoaderUtils {
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(ClassLoaderUtils.class);
private ClassLoaderUtils() {
}
/**
* Load a class with a given name. <p></p> It will try to load the class in the
* following order:
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>Using the basic Class.forName()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>From the callingClass.getClassLoader()
* </ul>
*
* @param className The name of the class to load
* @param callingClass The Class object of the calling object
* @throws ClassNotFoundException If the class cannot be found anywhere.
*/
static Class<?> loadClass(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
if (cl != null) {
return cl.loadClass(className);
}
} catch (ClassNotFoundException e) {
LOG.debug(e.getMessage(), e);
//ignore
}
return loadClass2(className, callingClass);
}
private static Class<?> loadClass2(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
return Class.forName(className);
} catch (ClassNotFoundException ex) {
try {
if (ClassLoaderUtils.class.getClassLoader() != null) {
return ClassLoaderUtils.class.getClassLoader().loadClass(className);
}
} catch (ClassNotFoundException exc) {
if (callingClass != null && callingClass.getClassLoader() != null) {
return callingClass.getClassLoader().loadClass(className);
}
}
LOG.debug(ex.getMessage(), ex);
throw ex;
}
}
}

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java
View File

@ -61,23 +61,33 @@ public class InvalidCanonicalizerException extends XMLSecurityException {
/** /**
* Constructor InvalidCanonicalizerException * Constructor InvalidCanonicalizerException
* *
* @param msgID
* @param originalException * @param originalException
* @param msgID
*/ */
public InvalidCanonicalizerException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public InvalidCanonicalizerException(String msgID, Exception originalException) { public InvalidCanonicalizerException(String msgID, Exception originalException) {
super(msgID, originalException); this(originalException, msgID);
} }
/** /**
* Constructor InvalidCanonicalizerException * Constructor InvalidCanonicalizerException
* *
* @param originalException
* @param msgID * @param msgID
* @param exArgs * @param exArgs
* @param originalException
*/ */
public InvalidCanonicalizerException( public InvalidCanonicalizerException(
String msgID, Object exArgs[], Exception originalException Exception originalException, String msgID, Object exArgs[]
) { ) {
super(msgID, exArgs, originalException); super(originalException, msgID, exArgs);
}
@Deprecated
public InvalidCanonicalizerException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
} }
} }

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java
View File

@ -41,7 +41,6 @@ import java.util.Comparator;
* key (an empty namespace URI is lexicographically least). * key (an empty namespace URI is lexicographically least).
* </UL> * </UL>
* *
* @author Christian Geuer-Pollmann
*/ */
public class AttrCompare implements Comparator<Attr>, Serializable { public class AttrCompare implements Comparator<Attr>, Serializable {
@ -117,6 +116,6 @@ public class AttrCompare implements Comparator<Attr>, Serializable {
return a; return a;
} }
return (attr0.getLocalName()).compareTo(attr1.getLocalName()); return attr0.getLocalName().compareTo(attr1.getLocalName());
} }
} }

8
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/C14nHelper.java
View File

@ -31,9 +31,8 @@ import org.w3c.dom.NamedNodeMap;
/** /**
* Temporary swapped static functions from the normalizer Section * Temporary swapped static functions from the normalizer Section
* *
* @author Christian Geuer-Pollmann
*/ */
public class C14nHelper { public final class C14nHelper {
/** /**
* Constructor C14nHelper * Constructor C14nHelper
@ -100,7 +99,7 @@ public class C14nHelper {
} }
String nodeAttrName = attr.getNodeName(); String nodeAttrName = attr.getNodeName();
boolean definesDefaultNS = nodeAttrName.equals("xmlns"); boolean definesDefaultNS = "xmlns".equals(nodeAttrName);
boolean definesNonDefaultNS = nodeAttrName.startsWith("xmlns:"); boolean definesNonDefaultNS = nodeAttrName.startsWith("xmlns:");
if ((definesDefaultNS || definesNonDefaultNS) && namespaceIsRelative(attr)) { if ((definesDefaultNS || definesNonDefaultNS) && namespaceIsRelative(attr)) {
@ -145,7 +144,8 @@ public class C14nHelper {
if (ctxNode != null) { if (ctxNode != null) {
NamedNodeMap attributes = ctxNode.getAttributes(); NamedNodeMap attributes = ctxNode.getAttributes();
for (int i = 0; i < attributes.getLength(); i++) { int length = attributes.getLength();
for (int i = 0; i < length; i++) {
C14nHelper.assertNotRelativeNS((Attr) attributes.item(i)); C14nHelper.assertNotRelativeNS((Attr) attributes.item(i));
} }
} else { } else {

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/package.html
View File

@ -1,3 +0,0 @@
<HTML> <HEAD> </HEAD> <BODY> <P>
helper classes for canonicalization.
</P></BODY> </HTML>

687
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java
View File

@ -1,687 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
/**
* Implements <A HREF="http://www.w3.org/TR/2008/PR-xml-c14n11-20080129/">
* Canonical XML Version 1.1</A>, a W3C Proposed Recommendation from 29
* January 2008.
*
* @author Sean Mullan
* @author Raul Benito
*/
public abstract class Canonicalizer11 extends CanonicalizerBase {
private static final String XMLNS_URI = Constants.NamespaceSpecNS;
private static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Canonicalizer11.class.getName());
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
private boolean firstCall = true;
private static class XmlAttrStack {
static class XmlsStackElement {
int level;
boolean rendered = false;
List<Attr> nodes = new ArrayList<Attr>();
};
int currentLevel = 0;
int lastlevel = 0;
XmlsStackElement cur;
List<XmlsStackElement> levels = new ArrayList<XmlsStackElement>();
void push(int level) {
currentLevel = level;
if (currentLevel == -1) {
return;
}
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
int newSize = levels.size();
if (newSize == 0) {
lastlevel = 0;
return;
}
lastlevel = (levels.get(newSize - 1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection<Attr> col) {
int size = levels.size() - 1;
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = levels.get(size);
if (e.rendered && e.level + 1 == currentLevel) {
parentRendered = true;
}
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map<String, Attr> loa = new HashMap<String, Attr>();
List<Attr> baseAttrs = new ArrayList<Attr>();
boolean successiveOmitted = true;
for (; size >= 0; size--) {
e = levels.get(size);
if (e.rendered) {
successiveOmitted = false;
}
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext() && successiveOmitted) {
Attr n = it.next();
if (n.getLocalName().equals("base") && !e.rendered) {
baseAttrs.add(n);
} else if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
if (!baseAttrs.isEmpty()) {
Iterator<Attr> it = col.iterator();
String base = null;
Attr baseAttr = null;
while (it.hasNext()) {
Attr n = it.next();
if (n.getLocalName().equals("base")) {
base = n.getValue();
baseAttr = n;
break;
}
}
it = baseAttrs.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (base == null) {
base = n.getValue();
baseAttr = n;
} else {
try {
base = joinURI(n.getValue(), base);
} catch (URISyntaxException ue) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, ue.getMessage(), ue);
}
}
}
}
if (base != null && base.length() != 0) {
baseAttr.setValue(base);
col.add(baseAttr);
}
}
cur.rendered = true;
col.addAll(loa.values());
}
};
private XmlAttrStack xmlattrStack = new XmlAttrStack();
/**
* Constructor Canonicalizer11
*
* @param includeComments
*/
public Canonicalizer11(boolean includeComments) {
super(includeComments);
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException always
*/
public byte[] engineCanonicalizeXPathNodeSet(
Set<Node> xpathNodeSet, String inclusiveNamespaces
) throws CanonicalizationException {
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces
) throws CanonicalizationException {
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Returns the Attr[]s to be output for the given element.
* <br>
* The code of this method is a copy of {@link #handleAttributes(Element,
* NameSpaceSymbTable)},
* whereas it takes into account that subtree-c14n is -- well --
* subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
*/
@Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
if (!element.hasAttributes() && !firstCall) {
return null;
}
// result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result;
result.clear();
if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr attribute = (Attr) attrs.item(i);
String NUri = attribute.getNamespaceURI();
String NName = attribute.getLocalName();
String NValue = attribute.getValue();
if (!XMLNS_URI.equals(NUri)) {
// It's not a namespace attr node. Add to the result and continue.
result.add(attribute);
} else if (!(XML.equals(NName) && XML_LANG_URI.equals(NValue))) {
// The default mapping for xml must not be output.
Node n = ns.addMappingAndRender(NName, NValue, attribute);
if (n != null) {
// Render the ns definition
result.add((Attr)n);
if (C14nHelper.namespaceIsRelative(attribute)) {
Object exArgs[] = {element.getTagName(), NName, attribute.getNodeValue()};
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs
);
}
}
}
}
}
if (firstCall) {
// It is the first node of the subtree
// Obtain all the namespaces defined in the parents, and added to the output.
ns.getUnrenderedNodes(result);
// output the attributes in the xml namespace.
xmlattrStack.getXmlnsAttr(result);
firstCall = false;
}
return result.iterator();
}
/**
* Returns the Attr[]s to be output for the given element.
* <br>
* IMPORTANT: This method expects to work on a modified DOM tree, i.e. a
* DOM which has been prepared using
* {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650(
* org.w3c.dom.Document)}.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
*/
@Override
protected Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
// result will contain the attrs which have to be output
xmlattrStack.push(ns.getLevel());
boolean isRealVisible = isVisibleDO(element, ns.getLevel()) == 1;
final SortedSet<Attr> result = this.result;
result.clear();
if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr attribute = (Attr) attrs.item(i);
String NUri = attribute.getNamespaceURI();
String NName = attribute.getLocalName();
String NValue = attribute.getValue();
if (!XMLNS_URI.equals(NUri)) {
//A non namespace definition node.
if (XML_LANG_URI.equals(NUri)) {
if (NName.equals("id")) {
if (isRealVisible) {
// treat xml:id like any other attribute
// (emit it, but don't inherit it)
result.add(attribute);
}
} else {
xmlattrStack.addXmlnsAttr(attribute);
}
} else if (isRealVisible) {
//The node is visible add the attribute to the list of output attributes.
result.add(attribute);
}
} else if (!XML.equals(NName) || !XML_LANG_URI.equals(NValue)) {
/* except omit namespace node with local name xml, which defines
* the xml prefix, if its string value is
* http://www.w3.org/XML/1998/namespace.
*/
// add the prefix binding to the ns symb table.
if (isVisible(attribute)) {
if (isRealVisible || !ns.removeMappingIfRender(NName)) {
// The xpath select this node output it if needed.
Node n = ns.addMappingAndRender(NName, NValue, attribute);
if (n != null) {
result.add((Attr)n);
if (C14nHelper.namespaceIsRelative(attribute)) {
Object exArgs[] = { element.getTagName(), NName, attribute.getNodeValue() };
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs
);
}
}
}
} else {
if (isRealVisible && !XMLNS.equals(NName)) {
ns.removeMapping(NName);
} else {
ns.addMapping(NName, NValue, attribute);
}
}
}
}
}
if (isRealVisible) {
//The element is visible, handle the xmlns definition
Attr xmlns = element.getAttributeNodeNS(XMLNS_URI, XMLNS);
Node n = null;
if (xmlns == null) {
//No xmlns def just get the already defined.
n = ns.getMapping(XMLNS);
} else if (!isVisible(xmlns)) {
//There is a definition but the xmlns is not selected by the xpath.
//then xmlns=""
n = ns.addMappingAndRender(
XMLNS, "", getNullNode(xmlns.getOwnerDocument()));
}
//output the xmlns def if needed.
if (n != null) {
result.add((Attr)n);
}
//Float all xml:* attributes of the unselected parent elements to this one.
xmlattrStack.getXmlnsAttr(result);
ns.getUnrenderedNodes(result);
}
return result.iterator();
}
protected void circumventBugIfNeeded(XMLSignatureInput input)
throws CanonicalizationException, ParserConfigurationException,
IOException, SAXException {
if (!input.isNeedsToBeExpanded()) {
return;
}
Document doc = null;
if (input.getSubNode() != null) {
doc = XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc = XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
protected void handleParent(Element e, NameSpaceSymbTable ns) {
if (!e.hasAttributes() && e.getNamespaceURI() == null) {
return;
}
xmlattrStack.push(-1);
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr attribute = (Attr) attrs.item(i);
String NName = attribute.getLocalName();
String NValue = attribute.getNodeValue();
if (Constants.NamespaceSpecNS.equals(attribute.getNamespaceURI())) {
if (!XML.equals(NName) || !Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
ns.addMapping(NName, NValue, attribute);
}
} else if (!"id".equals(NName) && XML_LANG_URI.equals(attribute.getNamespaceURI())) {
xmlattrStack.addXmlnsAttr(attribute);
}
}
if (e.getNamespaceURI() != null) {
String NName = e.getPrefix();
String NValue = e.getNamespaceURI();
String Name;
if (NName == null || NName.equals("")) {
NName = "xmlns";
Name = "xmlns";
} else {
Name = "xmlns:" + NName;
}
Attr n = e.getOwnerDocument().createAttributeNS("http://www.w3.org/2000/xmlns/", Name);
n.setValue(NValue);
ns.addMapping(NName, NValue, n);
}
}
private static String joinURI(String baseURI, String relativeURI) throws URISyntaxException {
String bscheme = null;
String bauthority = null;
String bpath = "";
String bquery = null;
// pre-parse the baseURI
if (baseURI != null) {
if (baseURI.endsWith("..")) {
baseURI = baseURI + "/";
}
URI base = new URI(baseURI);
bscheme = base.getScheme();
bauthority = base.getAuthority();
bpath = base.getPath();
bquery = base.getQuery();
}
URI r = new URI(relativeURI);
String rscheme = r.getScheme();
String rauthority = r.getAuthority();
String rpath = r.getPath();
String rquery = r.getQuery();
String tscheme, tauthority, tpath, tquery;
if (rscheme != null && rscheme.equals(bscheme)) {
rscheme = null;
}
if (rscheme != null) {
tscheme = rscheme;
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rauthority != null) {
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rpath.length() == 0) {
tpath = bpath;
if (rquery != null) {
tquery = rquery;
} else {
tquery = bquery;
}
} else {
if (rpath.startsWith("/")) {
tpath = removeDotSegments(rpath);
} else {
if (bauthority != null && bpath.length() == 0) {
tpath = "/" + rpath;
} else {
int last = bpath.lastIndexOf('/');
if (last == -1) {
tpath = rpath;
} else {
tpath = bpath.substring(0, last+1) + rpath;
}
}
tpath = removeDotSegments(tpath);
}
tquery = rquery;
}
tauthority = bauthority;
}
tscheme = bscheme;
}
return new URI(tscheme, tauthority, tpath, tquery, null).toString();
}
private static String removeDotSegments(String path) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "STEP OUTPUT BUFFER\t\tINPUT BUFFER");
}
// 1. The input buffer is initialized with the now-appended path
// components then replace occurrences of "//" in the input buffer
// with "/" until no more occurrences of "//" are in the input buffer.
String input = path;
while (input.indexOf("//") > -1) {
input = input.replaceAll("//", "/");
}
// Initialize the output buffer with the empty string.
StringBuilder output = new StringBuilder();
// If the input buffer starts with a root slash "/" then move this
// character to the output buffer.
if (input.charAt(0) == '/') {
output.append("/");
input = input.substring(1);
}
printStep("1 ", output.toString(), input);
// While the input buffer is not empty, loop as follows
while (input.length() != 0) {
// 2A. If the input buffer begins with a prefix of "./",
// then remove that prefix from the input buffer
// else if the input buffer begins with a prefix of "../", then
// if also the output does not contain the root slash "/" only,
// then move this prefix to the end of the output buffer else
// remove that prefix
if (input.startsWith("./")) {
input = input.substring(2);
printStep("2A", output.toString(), input);
} else if (input.startsWith("../")) {
input = input.substring(3);
if (!output.toString().equals("/")) {
output.append("../");
}
printStep("2A", output.toString(), input);
// 2B. if the input buffer begins with a prefix of "/./" or "/.",
// where "." is a complete path segment, then replace that prefix
// with "/" in the input buffer; otherwise,
} else if (input.startsWith("/./")) {
input = input.substring(2);
printStep("2B", output.toString(), input);
} else if (input.equals("/.")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/.", "/");
printStep("2B", output.toString(), input);
// 2C. if the input buffer begins with a prefix of "/../" or "/..",
// where ".." is a complete path segment, then replace that prefix
// with "/" in the input buffer and if also the output buffer is
// empty, last segment in the output buffer equals "../" or "..",
// where ".." is a complete path segment, then append ".." or "/.."
// for the latter case respectively to the output buffer else
// remove the last segment and its preceding "/" (if any) from the
// output buffer and if hereby the first character in the output
// buffer was removed and it was not the root slash then delete a
// leading slash from the input buffer; otherwise,
} else if (input.startsWith("/../")) {
input = input.substring(3);
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
} else if (input.equals("/..")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/..", "/");
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
// 2D. if the input buffer consists only of ".", then remove
// that from the input buffer else if the input buffer consists
// only of ".." and if the output buffer does not contain only
// the root slash "/", then move the ".." to the output buffer
// else delte it.; otherwise,
} else if (input.equals(".")) {
input = "";
printStep("2D", output.toString(), input);
} else if (input.equals("..")) {
if (!output.toString().equals("/")) {
output.append("..");
}
input = "";
printStep("2D", output.toString(), input);
// 2E. move the first path segment (if any) in the input buffer
// to the end of the output buffer, including the initial "/"
// character (if any) and any subsequent characters up to, but not
// including, the next "/" character or the end of the input buffer.
} else {
int end = -1;
int begin = input.indexOf('/');
if (begin == 0) {
end = input.indexOf('/', 1);
} else {
end = begin;
begin = 0;
}
String segment;
if (end == -1) {
segment = input.substring(begin);
input = "";
} else {
segment = input.substring(begin, end);
input = input.substring(end);
}
output.append(segment);
printStep("2E", output.toString(), input);
}
}
// 3. Finally, if the only or last segment of the output buffer is
// "..", where ".." is a complete path segment not followed by a slash
// then append a slash "/". The output buffer is returned as the result
// of remove_dot_segments
if (output.toString().endsWith("..")) {
output.append("/");
printStep("3 ", output.toString(), input);
}
return output.toString();
}
private static void printStep(String step, String output, String input) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, " " + step + ": " + output);
if (output.length() == 0) {
log.log(java.util.logging.Level.FINE, "\t\t\t\t" + input);
} else {
log.log(java.util.logging.Level.FINE, "\t\t\t" + input);
}
}
}
}

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java
View File

@ -25,12 +25,11 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/** /**
* @author Sean Mullan
*/ */
public class Canonicalizer11_OmitComments extends Canonicalizer11 { public class Canonicalizer11_OmitComments extends Canonicalizer20010315 {
public Canonicalizer11_OmitComments() { public Canonicalizer11_OmitComments() {
super(false); super(false, true);
} }
public final String engineGetURI() { public final String engineGetURI() {

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java
View File

@ -25,12 +25,11 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/** /**
* @author Sean Mullan
*/ */
public class Canonicalizer11_WithComments extends Canonicalizer11 { public class Canonicalizer11_WithComments extends Canonicalizer20010315 {
public Canonicalizer11_WithComments() { public Canonicalizer11_WithComments() {
super(true); super(true, true);
} }
public final String engineGetURI() { public final String engineGetURI() {

188
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java
View File

@ -23,11 +23,7 @@
package com.sun.org.apache.xml.internal.security.c14n.implementations; package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.io.OutputStream;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.SortedSet; import java.util.SortedSet;
@ -38,9 +34,9 @@ import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper; import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap; import org.w3c.dom.NamedNodeMap;
@ -51,97 +47,13 @@ import org.xml.sax.SAXException;
* Implements <A HREF="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">Canonical * Implements <A HREF="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">Canonical
* XML Version 1.0</A>, a W3C Recommendation from 15 March 2001. * XML Version 1.0</A>, a W3C Recommendation from 15 March 2001.
* *
* @author Christian Geuer-Pollmann <geuerp@apache.org>
*/ */
public abstract class Canonicalizer20010315 extends CanonicalizerBase { public abstract class Canonicalizer20010315 extends CanonicalizerBase {
private static final String XMLNS_URI = Constants.NamespaceSpecNS;
private static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
private boolean firstCall = true; private boolean firstCall = true;
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
private static class XmlAttrStack { private final XmlAttrStack xmlattrStack;
static class XmlsStackElement { private final boolean c14n11;
int level;
boolean rendered = false;
List<Attr> nodes = new ArrayList<Attr>();
};
int currentLevel = 0;
int lastlevel = 0;
XmlsStackElement cur;
List<XmlsStackElement> levels = new ArrayList<XmlsStackElement>();
void push(int level) {
currentLevel = level;
if (currentLevel == -1) {
return;
}
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
int newSize = levels.size();
if (newSize == 0) {
lastlevel = 0;
return;
}
lastlevel = (levels.get(newSize - 1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection<Attr> col) {
int size = levels.size() - 1;
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = levels.get(size);
if (e.rendered && e.level + 1 == currentLevel) {
parentRendered = true;
}
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map<String, Attr> loa = new HashMap<String, Attr>();
for (; size >= 0; size--) {
e = levels.get(size);
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
cur.rendered = true;
col.addAll(loa.values());
}
}
private XmlAttrStack xmlattrStack = new XmlAttrStack();
/** /**
* Constructor Canonicalizer20010315 * Constructor Canonicalizer20010315
@ -149,9 +61,22 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
* @param includeComments * @param includeComments
*/ */
public Canonicalizer20010315(boolean includeComments) { public Canonicalizer20010315(boolean includeComments) {
super(includeComments); this(includeComments, false);
} }
/**
* Constructor Canonicalizer20010315
*
* @param includeComments
* @param c14n11 Whether this is a Canonical XML 1.1 implementation or not
*/
public Canonicalizer20010315(boolean includeComments, boolean c14n11) {
super(includeComments);
xmlattrStack = new XmlAttrStack(c14n11);
this.c14n11 = c14n11;
}
/** /**
* Always throws a CanonicalizationException because this is inclusive c14n. * Always throws a CanonicalizationException because this is inclusive c14n.
* *
@ -183,28 +108,44 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
} }
/** /**
* Returns the Attr[]s to be output for the given element. * Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException {
/** $todo$ well, should we throw UnsupportedOperationException ? */
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Output the Attr[]s for the given element.
* <br> * <br>
* The code of this method is a copy of {@link #handleAttributes(Element, * The code of this method is a copy of {@link #outputAttributes(Element,
* NameSpaceSymbTable)}, * NameSpaceSymbTable, Map<String, byte[]>)},
* whereas it takes into account that subtree-c14n is -- well -- subtree-based. * whereas it takes into account that subtree-c14n is -- well -- subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the * So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors. * node set, as well as all other ancestors.
* *
* @param element * @param element
* @param ns * @param ns
* @return the Attr[]s to be output * @param cache
* @throws CanonicalizationException * @throws CanonicalizationException, DOMException, IOException
*/ */
@Override @Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns) protected void outputAttributesSubtree(Element element, NameSpaceSymbTable ns,
throws CanonicalizationException { Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
if (!element.hasAttributes() && !firstCall) { if (!element.hasAttributes() && !firstCall) {
return null; return;
} }
// result will contain the attrs which have to be output // result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result; SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
result.clear();
if (element.hasAttributes()) { if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes(); NamedNodeMap attrs = element.getAttributes();
@ -246,11 +187,15 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
firstCall = false; firstCall = false;
} }
return result.iterator(); OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
} }
/** /**
* Returns the Attr[]s to be output for the given element. * Output the Attr[]s for the given element.
* <br> * <br>
* IMPORTANT: This method expects to work on a modified DOM tree, i.e. a DOM which has * IMPORTANT: This method expects to work on a modified DOM tree, i.e. a DOM which has
* been prepared using {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650( * been prepared using {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650(
@ -258,17 +203,17 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
* *
* @param element * @param element
* @param ns * @param ns
* @return the Attr[]s to be output * @param cache
* @throws CanonicalizationException * @throws CanonicalizationException, DOMException, IOException
*/ */
@Override @Override
protected Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns) protected void outputAttributes(Element element, NameSpaceSymbTable ns,
throws CanonicalizationException { Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
// result will contain the attrs which have to be output // result will contain the attrs which have to be output
xmlattrStack.push(ns.getLevel()); xmlattrStack.push(ns.getLevel());
boolean isRealVisible = isVisibleDO(element, ns.getLevel()) == 1; boolean isRealVisible = isVisibleDO(element, ns.getLevel()) == 1;
final SortedSet<Attr> result = this.result; SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
result.clear();
if (element.hasAttributes()) { if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes(); NamedNodeMap attrs = element.getAttributes();
@ -283,7 +228,15 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
if (!XMLNS_URI.equals(NUri)) { if (!XMLNS_URI.equals(NUri)) {
//A non namespace definition node. //A non namespace definition node.
if (XML_LANG_URI.equals(NUri)) { if (XML_LANG_URI.equals(NUri)) {
if (c14n11 && "id".equals(NName)) {
if (isRealVisible) {
// treat xml:id like any other attribute
// (emit it, but don't inherit it)
result.add(attribute);
}
} else {
xmlattrStack.addXmlnsAttr(attribute); xmlattrStack.addXmlnsAttr(attribute);
}
} else if (isRealVisible) { } else if (isRealVisible) {
//The node is visible add the attribute to the list of output attributes. //The node is visible add the attribute to the list of output attributes.
result.add(attribute); result.add(attribute);
@ -339,7 +292,11 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
ns.getUnrenderedNodes(result); ns.getUnrenderedNodes(result);
} }
return result.iterator(); OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
} }
protected void circumventBugIfNeeded(XMLSignatureInput input) protected void circumventBugIfNeeded(XMLSignatureInput input)
@ -369,11 +326,12 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
String NName = attribute.getLocalName(); String NName = attribute.getLocalName();
String NValue = attribute.getNodeValue(); String NValue = attribute.getNodeValue();
if (Constants.NamespaceSpecNS.equals(attribute.getNamespaceURI())) { if (XMLNS_URI.equals(attribute.getNamespaceURI())) {
if (!XML.equals(NName) || !Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) { if (!XML.equals(NName) || !XML_LANG_URI.equals(NValue)) {
ns.addMapping(NName, NValue, attribute); ns.addMapping(NName, NValue, attribute);
} }
} else if (XML_LANG_URI.equals(attribute.getNamespaceURI())) { } else if (XML_LANG_URI.equals(attribute.getNamespaceURI())
&& (!c14n11 || c14n11 && !"id".equals(NName))) {
xmlattrStack.addXmlnsAttr(attribute); xmlattrStack.addXmlnsAttr(attribute);
} }
} }

82
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java
View File

@ -23,7 +23,8 @@
package com.sun.org.apache.xml.internal.security.c14n.implementations; package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException; import java.io.IOException;
import java.util.Iterator; import java.io.OutputStream;
import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.SortedSet; import java.util.SortedSet;
import java.util.TreeSet; import java.util.TreeSet;
@ -33,9 +34,9 @@ import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper; import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces; import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap; import org.w3c.dom.NamedNodeMap;
@ -45,31 +46,25 @@ import org.xml.sax.SAXException;
/** /**
* Implements &quot; <A * Implements &quot; <A
* HREF="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">Exclusive XML * HREF="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">Exclusive XML
* Canonicalization, Version 1.0 </A>&quot; <BR /> * Canonicalization, Version 1.0 </A>&quot; <p></p>
* Credits: During restructuring of the Canonicalizer framework, Ren?? * Credits: During restructuring of the Canonicalizer framework, Ren??
* Kollmorgen from Software AG submitted an implementation of ExclC14n which * Kollmorgen from Software AG submitted an implementation of ExclC14n which
* fitted into the old architecture and which based heavily on my old (and slow) * fitted into the old architecture and which based heavily on my old (and slow)
* implementation of "Canonical XML". A big "thank you" to Ren?? for this. * implementation of "Canonical XML". A big "thank you" to Ren?? for this.
* <BR /> * <p></p>
* <i>THIS </i> implementation is a complete rewrite of the algorithm. * <i>THIS </i> implementation is a complete rewrite of the algorithm.
* *
* @author Christian Geuer-Pollmann <geuerp@apache.org> * @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">
* @version $Revision: 1147448 $ * Exclusive XML Canonicalization, Version 1.0</a>
* @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ Exclusive#">
* XML Canonicalization, Version 1.0</a>
*/ */
public abstract class Canonicalizer20010315Excl extends CanonicalizerBase { public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
private static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
private static final String XMLNS_URI = Constants.NamespaceSpecNS;
/** /**
* This Set contains the names (Strings like "xmlns" or "xmlns:foo") of * This Set contains the names (Strings like "xmlns" or "xmlns:foo") of
* the inclusive namespaces. * the inclusive namespaces.
*/ */
private SortedSet<String> inclusiveNSSet; private SortedSet<String> inclusiveNSSet;
private boolean propagateDefaultNamespace = false;
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
/** /**
* Constructor Canonicalizer20010315Excl * Constructor Canonicalizer20010315Excl
@ -82,7 +77,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
/** /**
* Method engineCanonicalizeSubTree * Method engineCanonicalizeSubTree
* @inheritDoc * {@inheritDoc}
* @param rootNode * @param rootNode
* *
* @throws CanonicalizationException * @throws CanonicalizationException
@ -94,7 +89,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
/** /**
* Method engineCanonicalizeSubTree * Method engineCanonicalizeSubTree
* @inheritDoc * {@inheritDoc}
* @param rootNode * @param rootNode
* @param inclusiveNamespaces * @param inclusiveNamespaces
* *
@ -106,6 +101,22 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
return engineCanonicalizeSubTree(rootNode, inclusiveNamespaces, null); return engineCanonicalizeSubTree(rootNode, inclusiveNamespaces, null);
} }
/**
* Method engineCanonicalizeSubTree
* {@inheritDoc}
* @param rootNode
* @param inclusiveNamespaces
* @param propagateDefaultNamespace If true the default namespace will be propagated to the c14n-ized root element
*
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace
) throws CanonicalizationException {
this.propagateDefaultNamespace = propagateDefaultNamespace;
return engineCanonicalizeSubTree(rootNode, inclusiveNamespaces, null);
}
/** /**
* Method engineCanonicalizeSubTree * Method engineCanonicalizeSubTree
* @param rootNode * @param rootNode
@ -137,7 +148,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
/** /**
* Method engineCanonicalizeXPathNodeSet * Method engineCanonicalizeXPathNodeSet
* @inheritDoc * {@inheritDoc}
* @param xpathNodeSet * @param xpathNodeSet
* @param inclusiveNamespaces * @param inclusiveNamespaces
* @throws CanonicalizationException * @throws CanonicalizationException
@ -150,11 +161,11 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
@Override @Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns) protected void outputAttributesSubtree(Element element, NameSpaceSymbTable ns,
throws CanonicalizationException { Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
// result will contain the attrs which have to be output // result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result; SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
result.clear();
// The prefix visibly utilized (in the attribute or in the name) in // The prefix visibly utilized (in the attribute or in the name) in
// the element // the element
@ -193,6 +204,13 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
} }
} }
if (propagateDefaultNamespace && ns.getLevel() == 1 &&
inclusiveNSSet.contains(XMLNS) &&
ns.getMappingWithoutRendered(XMLNS) == null) {
ns.removeMapping(XMLNS);
ns.addMapping(
XMLNS, "", getNullNode(element.getOwnerDocument()));
}
String prefix = null; String prefix = null;
if (element.getNamespaceURI() != null if (element.getNamespaceURI() != null
&& !(element.getPrefix() == null || element.getPrefix().length() == 0)) { && !(element.getPrefix() == null || element.getPrefix().length() == 0)) {
@ -209,20 +227,22 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
} }
return result.iterator(); OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
} }
/** /**
* @inheritDoc * {@inheritDoc}
* @param element
* @throws CanonicalizationException
*/ */
@Override @Override
protected final Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns) protected void outputAttributes(Element element, NameSpaceSymbTable ns,
throws CanonicalizationException { Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
// result will contain the attrs which have to be output // result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result; SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
result.clear();
// The prefix visibly utilized (in the attribute or in the name) in // The prefix visibly utilized (in the attribute or in the name) in
// the element // the element
@ -312,7 +332,11 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
} }
return result.iterator(); OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
} }
protected void circumventBugIfNeeded(XMLSignatureInput input) protected void circumventBugIfNeeded(XMLSignatureInput input)

4
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclOmitComments.java
View File

@ -33,12 +33,12 @@ public class Canonicalizer20010315ExclOmitComments extends Canonicalizer20010315
super(false); super(false);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final String engineGetURI() { public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS; return Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final boolean engineGetIncludeComments() { public final boolean engineGetIncludeComments() {
return false; return false;
} }

4
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java
View File

@ -37,12 +37,12 @@ public class Canonicalizer20010315ExclWithComments extends Canonicalizer20010315
super(true); super(true);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final String engineGetURI() { public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS; return Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final boolean engineGetIncludeComments() { public final boolean engineGetIncludeComments() {
return true; return true;
} }

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315OmitComments.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/** /**
* @author Christian Geuer-Pollmann
*/ */
public class Canonicalizer20010315OmitComments extends Canonicalizer20010315 { public class Canonicalizer20010315OmitComments extends Canonicalizer20010315 {
@ -37,12 +36,12 @@ public class Canonicalizer20010315OmitComments extends Canonicalizer20010315 {
super(false); super(false);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final String engineGetURI() { public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS; return Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final boolean engineGetIncludeComments() { public final boolean engineGetIncludeComments() {
return false; return false;
} }

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/** /**
* @author Christian Geuer-Pollmann
*/ */
public class Canonicalizer20010315WithComments extends Canonicalizer20010315 { public class Canonicalizer20010315WithComments extends Canonicalizer20010315 {
@ -36,12 +35,12 @@ public class Canonicalizer20010315WithComments extends Canonicalizer20010315 {
super(true); super(true);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final String engineGetURI() { public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS; return Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final boolean engineGetIncludeComments() { public final boolean engineGetIncludeComments() {
return true; return true;
} }

156
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java
View File

@ -46,8 +46,9 @@ import com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStrea
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.Comment; import org.w3c.dom.Comment;
import org.w3c.dom.Element; import org.w3c.dom.DOMException;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap; import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.w3c.dom.ProcessingInstruction; import org.w3c.dom.ProcessingInstruction;
@ -55,12 +56,14 @@ import org.xml.sax.SAXException;
/** /**
* Abstract base class for canonicalization algorithms. * Abstract base class for canonicalization algorithms.
* * Please note that these implementations are NOT thread safe - please see the following JIRA for more information:
* @author Christian Geuer-Pollmann <geuerp@apache.org> * https://issues.apache.org/jira/browse/SANTUARIO-463
*/ */
public abstract class CanonicalizerBase extends CanonicalizerSpi { public abstract class CanonicalizerBase extends CanonicalizerSpi {
public static final String XML = "xml"; public static final String XML = "xml";
public static final String XMLNS = "xmlns"; public static final String XMLNS = "xmlns";
public static final String XMLNS_URI = Constants.NamespaceSpecNS;
public static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
protected static final AttrCompare COMPARE = new AttrCompare(); protected static final AttrCompare COMPARE = new AttrCompare();
@ -112,7 +115,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
/** /**
* Method engineCanonicalizeSubTree * Method engineCanonicalizeSubTree
* @inheritDoc * {@inheritDoc}
* @param rootNode * @param rootNode
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
@ -123,7 +126,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
/** /**
* Method engineCanonicalizeXPathNodeSet * Method engineCanonicalizeXPathNodeSet
* @inheritDoc * {@inheritDoc}
* @param xpathNodeSet * @param xpathNodeSet
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
@ -161,14 +164,12 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} }
} }
return null; return null;
} catch (CanonicalizationException ex) {
throw new CanonicalizationException("empty", ex);
} catch (ParserConfigurationException ex) { } catch (ParserConfigurationException ex) {
throw new CanonicalizationException("empty", ex); throw new CanonicalizationException(ex);
} catch (IOException ex) { } catch (IOException ex) {
throw new CanonicalizationException("empty", ex); throw new CanonicalizationException(ex);
} catch (SAXException ex) { } catch (SAXException ex) {
throw new CanonicalizationException("empty", ex); throw new CanonicalizationException(ex);
} }
} }
@ -179,6 +180,10 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
this.writer = writer; this.writer = writer;
} }
protected OutputStream getWriter() {
return writer;
}
/** /**
* Canonicalizes a Subtree node. * Canonicalizes a Subtree node.
* *
@ -224,9 +229,9 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return null; return null;
} catch (UnsupportedEncodingException ex) { } catch (UnsupportedEncodingException ex) {
throw new CanonicalizationException("empty", ex); throw new CanonicalizationException(ex);
} catch (IOException ex) { } catch (IOException ex) {
throw new CanonicalizationException("empty", ex); throw new CanonicalizationException(ex);
} }
} }
@ -243,7 +248,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
protected final void canonicalizeSubTree( protected final void canonicalizeSubTree(
Node currentNode, NameSpaceSymbTable ns, Node endnode, int documentLevel Node currentNode, NameSpaceSymbTable ns, Node endnode, int documentLevel
) throws CanonicalizationException, IOException { ) throws CanonicalizationException, IOException {
if (isVisibleInt(currentNode) == -1) { if (currentNode == null || isVisibleInt(currentNode) == -1) {
return; return;
} }
Node sibling = null; Node sibling = null;
@ -251,7 +256,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final OutputStream writer = this.writer; final OutputStream writer = this.writer;
final Node excludeNode = this.excludeNode; final Node excludeNode = this.excludeNode;
final boolean includeComments = this.includeComments; final boolean includeComments = this.includeComments;
Map<String, byte[]> cache = new HashMap<String, byte[]>(); Map<String, byte[]> cache = new HashMap<>();
do { do {
switch (currentNode.getNodeType()) { switch (currentNode.getNodeType()) {
@ -259,7 +264,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
case Node.NOTATION_NODE : case Node.NOTATION_NODE :
case Node.ATTRIBUTE_NODE : case Node.ATTRIBUTE_NODE :
// illegal node type during traversal // illegal node type during traversal
throw new CanonicalizationException("empty"); throw new CanonicalizationException("empty",
new Object[]{"illegal node type during traversal"});
case Node.DOCUMENT_FRAGMENT_NODE : case Node.DOCUMENT_FRAGMENT_NODE :
case Node.DOCUMENT_NODE : case Node.DOCUMENT_NODE :
@ -294,14 +300,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
String name = currentElement.getTagName(); String name = currentElement.getTagName();
UtfHelpper.writeByte(name, writer, cache); UtfHelpper.writeByte(name, writer, cache);
Iterator<Attr> attrs = this.handleAttributesSubtree(currentElement, ns); outputAttributesSubtree(currentElement, ns, cache);
if (attrs != null) {
//we output all Attrs which are available
while (attrs.hasNext()) {
Attr attr = attrs.next();
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
writer.write('>'); writer.write('>');
sibling = currentNode.getFirstChild(); sibling = currentNode.getFirstChild();
if (sibling == null) { if (sibling == null) {
@ -373,9 +373,9 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} }
return null; return null;
} catch (UnsupportedEncodingException ex) { } catch (UnsupportedEncodingException ex) {
throw new CanonicalizationException("empty", ex); throw new CanonicalizationException(ex);
} catch (IOException ex) { } catch (IOException ex) {
throw new CanonicalizationException("empty", ex); throw new CanonicalizationException(ex);
} }
} }
@ -403,9 +403,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} }
Node sibling = null; Node sibling = null;
Node parentNode = null; Node parentNode = null;
OutputStream writer = this.writer;
int documentLevel = NODE_BEFORE_DOCUMENT_ELEMENT; int documentLevel = NODE_BEFORE_DOCUMENT_ELEMENT;
Map<String, byte[]> cache = new HashMap<String, byte[]>(); Map<String, byte[]> cache = new HashMap<>();
do { do {
switch (currentNode.getNodeType()) { switch (currentNode.getNodeType()) {
@ -413,7 +412,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
case Node.NOTATION_NODE : case Node.NOTATION_NODE :
case Node.ATTRIBUTE_NODE : case Node.ATTRIBUTE_NODE :
// illegal node type during traversal // illegal node type during traversal
throw new CanonicalizationException("empty"); throw new CanonicalizationException("empty",
new Object[]{"illegal node type during traversal"});
case Node.DOCUMENT_FRAGMENT_NODE : case Node.DOCUMENT_FRAGMENT_NODE :
case Node.DOCUMENT_NODE : case Node.DOCUMENT_NODE :
@ -422,7 +422,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break; break;
case Node.COMMENT_NODE : case Node.COMMENT_NODE :
if (this.includeComments && (isVisibleDO(currentNode, ns.getLevel()) == 1)) { if (this.includeComments && isVisibleDO(currentNode, ns.getLevel()) == 1) {
outputCommentToWriter((Comment) currentNode, writer, documentLevel); outputCommentToWriter((Comment) currentNode, writer, documentLevel);
} }
break; break;
@ -438,8 +438,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (isVisible(currentNode)) { if (isVisible(currentNode)) {
outputTextToWriter(currentNode.getNodeValue(), writer); outputTextToWriter(currentNode.getNodeValue(), writer);
for (Node nextSibling = currentNode.getNextSibling(); for (Node nextSibling = currentNode.getNextSibling();
(nextSibling != null) && ((nextSibling.getNodeType() == Node.TEXT_NODE) nextSibling != null && (nextSibling.getNodeType() == Node.TEXT_NODE
|| (nextSibling.getNodeType() == Node.CDATA_SECTION_NODE)); || nextSibling.getNodeType() == Node.CDATA_SECTION_NODE);
nextSibling = nextSibling.getNextSibling()) { nextSibling = nextSibling.getNextSibling()) {
outputTextToWriter(nextSibling.getNodeValue(), writer); outputTextToWriter(nextSibling.getNodeValue(), writer);
currentNode = nextSibling; currentNode = nextSibling;
@ -458,7 +458,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
sibling = currentNode.getNextSibling(); sibling = currentNode.getNextSibling();
break; break;
} }
currentNodeIsVisible = (i == 1); currentNodeIsVisible = i == 1;
if (currentNodeIsVisible) { if (currentNodeIsVisible) {
ns.outputNodePush(); ns.outputNodePush();
writer.write('<'); writer.write('<');
@ -468,14 +468,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
ns.push(); ns.push();
} }
Iterator<Attr> attrs = handleAttributes(currentElement,ns); outputAttributes(currentElement, ns, cache);
if (attrs != null) {
//we output all Attrs which are available
while (attrs.hasNext()) {
Attr attr = attrs.next();
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
if (currentNodeIsVisible) { if (currentNodeIsVisible) {
writer.write('>'); writer.write('>');
} }
@ -535,13 +529,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (nodeFilter != null) { if (nodeFilter != null) {
Iterator<NodeFilter> it = nodeFilter.iterator(); Iterator<NodeFilter> it = nodeFilter.iterator();
while (it.hasNext()) { while (it.hasNext()) {
int i = (it.next()).isNodeIncludeDO(currentNode, level); int i = it.next().isNodeIncludeDO(currentNode, level);
if (i != 1) { if (i != 1) {
return i; return i;
} }
} }
} }
if ((this.xpathNodeSet != null) && !this.xpathNodeSet.contains(currentNode)) { if (this.xpathNodeSet != null && !this.xpathNodeSet.contains(currentNode)) {
return 0; return 0;
} }
return 1; return 1;
@ -551,13 +545,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (nodeFilter != null) { if (nodeFilter != null) {
Iterator<NodeFilter> it = nodeFilter.iterator(); Iterator<NodeFilter> it = nodeFilter.iterator();
while (it.hasNext()) { while (it.hasNext()) {
int i = (it.next()).isNodeInclude(currentNode); int i = it.next().isNodeInclude(currentNode);
if (i != 1) { if (i != 1) {
return i; return i;
} }
} }
} }
if ((this.xpathNodeSet != null) && !this.xpathNodeSet.contains(currentNode)) { if (this.xpathNodeSet != null && !this.xpathNodeSet.contains(currentNode)) {
return 0; return 0;
} }
return 1; return 1;
@ -572,7 +566,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} }
} }
} }
if ((this.xpathNodeSet != null) && !this.xpathNodeSet.contains(currentNode)) { if (this.xpathNodeSet != null && !this.xpathNodeSet.contains(currentNode)) {
return false; return false;
} }
return true; return true;
@ -621,7 +615,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return; return;
} }
//Obtain all the parents of the element //Obtain all the parents of the element
List<Element> parents = new ArrayList<Element>(); List<Element> parents = new ArrayList<>();
Node parent = n1; Node parent = n1;
while (parent != null && Node.ELEMENT_NODE == parent.getNodeType()) { while (parent != null && Node.ELEMENT_NODE == parent.getNodeType()) {
parents.add((Element)parent); parents.add((Element)parent);
@ -634,35 +628,34 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
handleParent(ele, ns); handleParent(ele, ns);
} }
parents.clear(); parents.clear();
Attr nsprefix; Attr nsprefix = ns.getMappingWithoutRendered(XMLNS);
if (((nsprefix = ns.getMappingWithoutRendered(XMLNS)) != null) if (nsprefix != null && "".equals(nsprefix.getValue())) {
&& "".equals(nsprefix.getValue())) {
ns.addMappingAndRender( ns.addMappingAndRender(
XMLNS, "", getNullNode(nsprefix.getOwnerDocument())); XMLNS, "", getNullNode(nsprefix.getOwnerDocument()));
} }
} }
/** /**
* Obtain the attributes to output for this node in XPathNodeSet c14n. * Output the attributes for this node in XPathNodeSet c14n.
* *
* @param element * @param element
* @param ns * @param ns
* @return the attributes nodes to output. * @param cache
* @throws CanonicalizationException * @throws CanonicalizationException, DOMException, IOException
*/ */
abstract Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns) abstract void outputAttributes(Element element, NameSpaceSymbTable ns, Map<String, byte[]> cache)
throws CanonicalizationException; throws CanonicalizationException, DOMException, IOException;
/** /**
* Obtain the attributes to output for this node in a Subtree c14n. * Output the attributes for this node in a Subtree c14n.
* *
* @param element * @param element
* @param ns * @param ns
* @return the attributes nodes to output. * @param cache
* @throws CanonicalizationException * @throws CanonicalizationException, DOMException, IOException
*/ */
abstract Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns) abstract void outputAttributesSubtree(Element element, NameSpaceSymbTable ns, Map<String, byte[]> cache)
throws CanonicalizationException; throws CanonicalizationException, DOMException, IOException;
abstract void circumventBugIfNeeded(XMLSignatureInput input) abstract void circumventBugIfNeeded(XMLSignatureInput input)
throws CanonicalizationException, ParserConfigurationException, IOException, SAXException; throws CanonicalizationException, ParserConfigurationException, IOException, SAXException;
@ -672,13 +665,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
* *
* The string value of the node is modified by replacing * The string value of the node is modified by replacing
* <UL> * <UL>
* <LI>all ampersands (&) with <CODE>&amp;amp;</CODE></LI> * <LI>all ampersands with {@code &amp;amp;}</LI>
* <LI>all open angle brackets (<) with <CODE>&amp;lt;</CODE></LI> * <LI>all open angle brackets with {@code &amp;lt;}</LI>
* <LI>all quotation mark characters with <CODE>&amp;quot;</CODE></LI> * <LI>all quotation mark characters with {@code &amp;quot;}</LI>
* <LI>and the whitespace characters <CODE>#x9</CODE>, #xA, and #xD, with character * <LI>and the whitespace characters {@code #x9}, #xA, and #xD, with character
* references. The character references are written in uppercase * references. The character references are written in uppercase
* hexadecimal with no leading zeroes (for example, <CODE>#xD</CODE> is represented * hexadecimal with no leading zeroes (for example, {@code #xD} is represented
* by the character reference <CODE>&amp;#xD;</CODE>)</LI> * by the character reference {@code &amp;#xD;})</LI>
* </UL> * </UL>
* *
* @param name * @param name
@ -697,7 +690,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final int length = value.length(); final int length = value.length();
int i = 0; int i = 0;
while (i < length) { while (i < length) {
char c = value.charAt(i++); int c = value.codePointAt(i);
i += Character.charCount(c);
switch (c) { switch (c) {
@ -729,7 +723,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (c < 0x80) { if (c < 0x80) {
writer.write(c); writer.write(c);
} else { } else {
UtfHelpper.writeCharToUtf8(c, writer); UtfHelpper.writeCodePointToUtf8(c, writer);
} }
continue; continue;
} }
@ -757,15 +751,16 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final String target = currentPI.getTarget(); final String target = currentPI.getTarget();
int length = target.length(); int length = target.length();
for (int i = 0; i < length; i++) { for (int i = 0; i < length; ) {
char c = target.charAt(i); int c = target.codePointAt(i);
i += Character.charCount(c);
if (c == 0x0D) { if (c == 0x0D) {
writer.write(XD.clone()); writer.write(XD.clone());
} else { } else {
if (c < 0x80) { if (c < 0x80) {
writer.write(c); writer.write(c);
} else { } else {
UtfHelpper.writeCharToUtf8(c, writer); UtfHelpper.writeCodePointToUtf8(c, writer);
} }
} }
} }
@ -777,12 +772,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (length > 0) { if (length > 0) {
writer.write(' '); writer.write(' ');
for (int i = 0; i < length; i++) { for (int i = 0; i < length; ) {
char c = data.charAt(i); int c = data.codePointAt(i);
i += Character.charCount(c);
if (c == 0x0D) { if (c == 0x0D) {
writer.write(XD.clone()); writer.write(XD.clone());
} else { } else {
UtfHelpper.writeCharToUtf8(c, writer); UtfHelpper.writeCodePointToUtf8(c, writer);
} }
} }
} }
@ -811,15 +807,16 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final String data = currentComment.getData(); final String data = currentComment.getData();
final int length = data.length(); final int length = data.length();
for (int i = 0; i < length; i++) { for (int i = 0; i < length; ) {
char c = data.charAt(i); int c = data.codePointAt(i);
i += Character.charCount(c);
if (c == 0x0D) { if (c == 0x0D) {
writer.write(XD.clone()); writer.write(XD.clone());
} else { } else {
if (c < 0x80) { if (c < 0x80) {
writer.write(c); writer.write(c);
} else { } else {
UtfHelpper.writeCharToUtf8(c, writer); UtfHelpper.writeCodePointToUtf8(c, writer);
} }
} }
} }
@ -842,8 +839,9 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
) throws IOException { ) throws IOException {
final int length = text.length(); final int length = text.length();
byte[] toWrite; byte[] toWrite;
for (int i = 0; i < length; i++) { for (int i = 0; i < length; ) {
char c = text.charAt(i); int c = text.codePointAt(i);
i += Character.charCount(c);
switch (c) { switch (c) {
@ -867,7 +865,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (c < 0x80) { if (c < 0x80) {
writer.write(c); writer.write(c);
} else { } else {
UtfHelpper.writeCharToUtf8(c, writer); UtfHelpper.writeCodePointToUtf8(c, writer);
} }
continue; continue;
} }

74
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerPhysical.java
View File

@ -24,7 +24,7 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import java.util.Iterator; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.SortedSet; import java.util.SortedSet;
import java.util.TreeSet; import java.util.TreeSet;
@ -36,6 +36,7 @@ import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.Comment; import org.w3c.dom.Comment;
import org.w3c.dom.DOMException;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap; import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node; import org.w3c.dom.Node;
@ -54,8 +55,6 @@ import org.xml.sax.SAXException;
*/ */
public class CanonicalizerPhysical extends CanonicalizerBase { public class CanonicalizerPhysical extends CanonicalizerBase {
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
/** /**
* Constructor Canonicalizer20010315 * Constructor Canonicalizer20010315
*/ */
@ -94,31 +93,43 @@ public class CanonicalizerPhysical extends CanonicalizerBase {
} }
/** /**
* Returns the Attr[]s to be output for the given element. * Always throws a CanonicalizationException.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException {
/** $todo$ well, should we throw UnsupportedOperationException ? */
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Output the Attr[]s for the given element.
* <br> * <br>
* The code of this method is a copy of {@link #handleAttributes(Element, * The code of this method is a copy of {@link #outputAttributes(Element,
* NameSpaceSymbTable)}, * NameSpaceSymbTable, Map<String, byte[]>)},
* whereas it takes into account that subtree-c14n is -- well -- subtree-based. * whereas it takes into account that subtree-c14n is -- well -- subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the * So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors. * node set, as well as all other ancestors.
* *
* @param element * @param element
* @param ns * @param ns
* @return the Attr[]s to be output * @param cache
* @throws CanonicalizationException * @throws CanonicalizationException, DOMException, IOException
*/ */
@Override @Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns) protected void outputAttributesSubtree(Element element, NameSpaceSymbTable ns,
throws CanonicalizationException { Map<String, byte[]> cache)
if (!element.hasAttributes()) { throws CanonicalizationException, DOMException, IOException {
return null;
}
// result will contain all the attrs declared directly on that element
final SortedSet<Attr> result = this.result;
result.clear();
if (element.hasAttributes()) { if (element.hasAttributes()) {
// result will contain all the attrs declared directly on that element
SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
NamedNodeMap attrs = element.getAttributes(); NamedNodeMap attrs = element.getAttributes();
int attrsLength = attrs.getLength(); int attrsLength = attrs.getLength();
@ -126,22 +137,19 @@ public class CanonicalizerPhysical extends CanonicalizerBase {
Attr attribute = (Attr) attrs.item(i); Attr attribute = (Attr) attrs.item(i);
result.add(attribute); result.add(attribute);
} }
OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
} }
return result.iterator();
}
/**
* Returns the Attr[]s to be output for the given element.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
*/
@Override @Override
protected Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns) protected void outputAttributes(Element element, NameSpaceSymbTable ns,
throws CanonicalizationException { Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
/** $todo$ well, should we throw UnsupportedOperationException ? */ /** $todo$ well, should we throw UnsupportedOperationException ? */
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation"); throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
@ -157,12 +165,12 @@ public class CanonicalizerPhysical extends CanonicalizerBase {
// nothing to do // nothing to do
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final String engineGetURI() { public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_PHYSICAL; return Canonicalizer.ALGO_ID_C14N_PHYSICAL;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public final boolean engineGetIncludeComments() { public final boolean engineGetIncludeComments() {
return true; return true;
} }

33
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java
View File

@ -35,7 +35,6 @@ import org.w3c.dom.Node;
* A stack based Symbol Table. * A stack based Symbol Table.
*<br>For speed reasons all the symbols are introduced in the same map, *<br>For speed reasons all the symbols are introduced in the same map,
* and at the same time in a list so it can be removed when the frame is pop back. * and at the same time in a list so it can be removed when the frame is pop back.
* @author Raul Benito
*/ */
public class NameSpaceSymbTable { public class NameSpaceSymbTable {
@ -59,7 +58,7 @@ public class NameSpaceSymbTable {
* Default constractor * Default constractor
**/ **/
public NameSpaceSymbTable() { public NameSpaceSymbTable() {
level = new ArrayList<SymbMap>(); level = new ArrayList<>();
//Insert the default binding for xmlns. //Insert the default binding for xmlns.
symb = (SymbMap) initialMap.clone(); symb = (SymbMap) initialMap.clone();
} }
@ -74,7 +73,7 @@ public class NameSpaceSymbTable {
while (it.hasNext()) { while (it.hasNext()) {
NameSpaceSymbEntry n = it.next(); NameSpaceSymbEntry n = it.next();
//put them rendered? //put them rendered?
if ((!n.rendered) && (n.n != null)) { if (!n.rendered && n.n != null) {
n = (NameSpaceSymbEntry) n.clone(); n = (NameSpaceSymbEntry) n.clone();
needsClone(); needsClone();
symb.put(n.prefix, n); symb.put(n.prefix, n);
@ -123,7 +122,7 @@ public class NameSpaceSymbTable {
if (size == 0) { if (size == 0) {
cloned = false; cloned = false;
} else { } else {
cloned = (level.get(size - 1) != symb); cloned = level.get(size - 1) != symb;
} }
} else { } else {
cloned = false; cloned = false;
@ -191,7 +190,7 @@ public class NameSpaceSymbTable {
**/ **/
public boolean addMapping(String prefix, String uri, Attr n) { public boolean addMapping(String prefix, String uri, Attr n) {
NameSpaceSymbEntry ob = symb.get(prefix); NameSpaceSymbEntry ob = symb.get(prefix);
if ((ob != null) && uri.equals(ob.uri)) { if (ob != null && uri.equals(ob.uri)) {
//If we have it previously defined. Don't keep working. //If we have it previously defined. Don't keep working.
return false; return false;
} }
@ -203,7 +202,7 @@ public class NameSpaceSymbTable {
//We have a previous definition store it for the pop. //We have a previous definition store it for the pop.
//Check if a previous definition(not the inmidiatly one) has been rendered. //Check if a previous definition(not the inmidiatly one) has been rendered.
ne.lastrendered = ob.lastrendered; ne.lastrendered = ob.lastrendered;
if ((ob.lastrendered != null) && (ob.lastrendered.equals(uri))) { if (ob.lastrendered != null && ob.lastrendered.equals(uri)) {
//Yes it is. Mark as rendered. //Yes it is. Mark as rendered.
ne.rendered = true; ne.rendered = true;
} }
@ -222,7 +221,7 @@ public class NameSpaceSymbTable {
public Node addMappingAndRender(String prefix, String uri, Attr n) { public Node addMappingAndRender(String prefix, String uri, Attr n) {
NameSpaceSymbEntry ob = symb.get(prefix); NameSpaceSymbEntry ob = symb.get(prefix);
if ((ob != null) && uri.equals(ob.uri)) { if (ob != null && uri.equals(ob.uri)) {
if (!ob.rendered) { if (!ob.rendered) {
ob = (NameSpaceSymbEntry) ob.clone(); ob = (NameSpaceSymbEntry) ob.clone();
needsClone(); needsClone();
@ -234,11 +233,11 @@ public class NameSpaceSymbTable {
return null; return null;
} }
NameSpaceSymbEntry ne = new NameSpaceSymbEntry(uri,n,true,prefix); NameSpaceSymbEntry ne = new NameSpaceSymbEntry(uri, n, true, prefix);
ne.lastrendered = uri; ne.lastrendered = uri;
needsClone(); needsClone();
symb.put(prefix, ne); symb.put(prefix, ne);
if ((ob != null) && (ob.lastrendered != null) && (ob.lastrendered.equals(uri))) { if (ob != null && ob.lastrendered != null && ob.lastrendered.equals(uri)) {
ne.rendered = true; ne.rendered = true;
return null; return null;
} }
@ -304,7 +303,7 @@ class NameSpaceSymbEntry implements Cloneable {
this.prefix = prefix; this.prefix = prefix;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public Object clone() { public Object clone() {
try { try {
return super.clone(); return super.clone();
@ -312,7 +311,7 @@ class NameSpaceSymbEntry implements Cloneable {
return null; return null;
} }
} }
}; }
class SymbMap implements Cloneable { class SymbMap implements Cloneable {
int free = 23; int free = 23;
@ -329,7 +328,7 @@ class SymbMap implements Cloneable {
Object oldKey = keys[index]; Object oldKey = keys[index];
keys[index] = key; keys[index] = key;
entries[index] = value; entries[index] = value;
if ((oldKey == null || !oldKey.equals(key)) && (--free == 0)) { if ((oldKey == null || !oldKey.equals(key)) && --free == 0) {
free = entries.length; free = entries.length;
int newCapacity = free << 2; int newCapacity = free << 2;
rehash(newCapacity); rehash(newCapacity);
@ -337,9 +336,9 @@ class SymbMap implements Cloneable {
} }
List<NameSpaceSymbEntry> entrySet() { List<NameSpaceSymbEntry> entrySet() {
List<NameSpaceSymbEntry> a = new ArrayList<NameSpaceSymbEntry>(); List<NameSpaceSymbEntry> a = new ArrayList<>();
for (int i = 0;i < entries.length;i++) { for (int i = 0;i < entries.length;i++) {
if ((entries[i] != null) && !("".equals(entries[i].uri))) { if (entries[i] != null && !"".equals(entries[i].uri)) {
a.add(entries[i]); a.add(entries[i]);
} }
} }
@ -353,21 +352,21 @@ class SymbMap implements Cloneable {
int index = (obj.hashCode() & 0x7fffffff) % length; int index = (obj.hashCode() & 0x7fffffff) % length;
Object cur = set[index]; Object cur = set[index];
if (cur == null || (cur.equals(obj))) { if (cur == null || cur.equals(obj)) {
return index; return index;
} }
length--; length--;
do { do {
index = index == length ? 0 : ++index; index = index == length ? 0 : ++index;
cur = set[index]; cur = set[index];
} while (cur != null && (!cur.equals(obj))); } while (cur != null && !cur.equals(obj));
return index; return index;
} }
/** /**
* rehashes the map to the new capacity. * rehashes the map to the new capacity.
* *
* @param newCapacity an <code>int</code> value * @param newCapacity an {@code int} value
*/ */
protected void rehash(int newCapacity) { protected void rehash(int newCapacity) {
int oldCapacity = keys.length; int oldCapacity = keys.length;

247
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java
View File

@ -24,11 +24,27 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Map; import java.util.Map;
public class UtfHelpper { public final class UtfHelpper {
static final void writeByte( /**
* Revert to the old behavior (version 2 or before), i.e. surrogate pairs characters becomes
* '??' in output. Set system property com.sun.org.apache.xml.internal.security.c14n.oldUtf8=true if you want
* to verify signatures generated by version 2 or before that contains 32 bit chars in the
* XML document.
*/
private static final boolean OLD_UTF8 =
AccessController.doPrivileged((PrivilegedAction<Boolean>)
() -> Boolean.getBoolean("com.sun.org.apache.xml.internal.security.c14n.oldUtf8"));
private UtfHelpper() {
// complete
}
public static void writeByte(
final String str, final String str,
final OutputStream out, final OutputStream out,
Map<String, byte[]> cache Map<String, byte[]> cache
@ -42,12 +58,73 @@ public class UtfHelpper {
out.write(result); out.write(result);
} }
static final void writeCharToUtf8(final char c, final OutputStream out) throws IOException { public static void writeCodePointToUtf8(final int c, final OutputStream out) throws IOException {
if (!Character.isValidCodePoint(c) || c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
// valid code point: c >= 0x0000 && c <= 0x10FFFF
out.write(0x3f);
return;
}
if (OLD_UTF8 && c >= Character.MIN_SUPPLEMENTARY_CODE_POINT) {
// version 2 or before output 2 question mark characters for 32 bit chars
out.write(0x3f);
out.write(0x3f);
return;
}
if (c < 0x80) {
// 0x00000000 - 0x0000007F
// 0xxxxxxx
out.write(c);
return;
}
byte extraByte = 0;
if (c < 0x800) {
// 0x00000080 - 0x000007FF
// 110xxxxx 10xxxxxx
extraByte = 1;
} else if (c < 0x10000) {
// 0x00000800 - 0x0000FFFF
// 1110xxxx 10xxxxxx 10xxxxxx
extraByte = 2;
} else if (c < 0x200000) {
// 0x00010000 - 0x001FFFFF
// 11110xxx 10xxxxx 10xxxxxx 10xxxxxx
extraByte = 3;
} else if (c < 0x4000000) {
// 0x00200000 - 0x03FFFFFF
// 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 4;
} else if (c <= 0x7FFFFFFF) {
// 0x04000000 - 0x7FFFFFFF
// 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 5;
} else {
// 0x80000000 - 0xFFFFFFFF
// case not possible as java has no unsigned int
out.write(0x3f);
return;
}
byte write;
int shift = 6 * extraByte;
write = (byte)((0xFE << (6 - extraByte)) | (c >>> shift));
out.write(write);
for (int i = extraByte - 1; i >= 0; i--) {
shift -= 6;
write = (byte)(0x80 | ((c >>> shift) & 0x3F));
out.write(write);
}
}
@Deprecated
public static void writeCharToUtf8(final char c, final OutputStream out) throws IOException {
if (c < 0x80) { if (c < 0x80) {
out.write(c); out.write(c);
return; return;
} }
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF)) { if (c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
//No Surrogates in sun java //No Surrogates in sun java
out.write(0x3f); out.write(0x3f);
return; return;
@ -59,7 +136,7 @@ public class UtfHelpper {
ch = (char)(c>>>12); ch = (char)(c>>>12);
write = 0xE0; write = 0xE0;
if (ch > 0) { if (ch > 0) {
write |= (ch & 0x0F); write |= ch & 0x0F;
} }
out.write(write); out.write(write);
write = 0x80; write = 0x80;
@ -70,104 +147,149 @@ public class UtfHelpper {
} }
ch = (char)(c>>>6); ch = (char)(c>>>6);
if (ch > 0) { if (ch > 0) {
write |= (ch & bias); write |= ch & bias;
} }
out.write(write); out.write(write);
out.write(0x80 | ((c) & 0x3F)); out.write(0x80 | ((c) & 0x3F));
} }
static final void writeStringToUtf8( public static void writeStringToUtf8(
final String str, final String str, final OutputStream out
final OutputStream out ) throws IOException {
) throws IOException{
final int length = str.length(); final int length = str.length();
int i = 0; int i = 0;
char c; int c;
while (i < length) { while (i < length) {
c = str.charAt(i++); c = str.codePointAt(i);
i += Character.charCount(c);
if (!Character.isValidCodePoint(c) || c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
// valid code point: c >= 0x0000 && c <= 0x10FFFF
out.write(0x3f);
continue;
}
if (OLD_UTF8 && c >= Character.MIN_SUPPLEMENTARY_CODE_POINT) {
// version 2 or before output 2 question mark characters for 32 bit chars
out.write(0x3f);
out.write(0x3f);
continue;
}
if (c < 0x80) { if (c < 0x80) {
out.write(c); out.write(c);
continue; continue;
} }
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF)) { byte extraByte = 0;
//No Surrogates in sun java if (c < 0x800) {
// 0x00000080 - 0x000007FF
// 110xxxxx 10xxxxxx
extraByte = 1;
} else if (c < 0x10000) {
// 0x00000800 - 0x0000FFFF
// 1110xxxx 10xxxxxx 10xxxxxx
extraByte = 2;
} else if (c < 0x200000) {
// 0x00010000 - 0x001FFFFF
// 11110xxx 10xxxxx 10xxxxxx 10xxxxxx
extraByte = 3;
} else if (c < 0x4000000) {
// 0x00200000 - 0x03FFFFFF
// 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 4;
} else if (c <= 0x7FFFFFFF) {
// 0x04000000 - 0x7FFFFFFF
// 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 5;
} else {
// 0x80000000 - 0xFFFFFFFF
// case not possible as java has no unsigned int
out.write(0x3f); out.write(0x3f);
continue; continue;
} }
char ch; byte write;
int bias; int shift = 6 * extraByte;
int write; write = (byte)((0xFE << (6 - extraByte)) | (c >>> shift));
if (c > 0x07FF) {
ch = (char)(c>>>12);
write = 0xE0;
if (ch > 0) {
write |= (ch & 0x0F);
}
out.write(write); out.write(write);
write = 0x80; for (int j = extraByte - 1; j >= 0; j--) {
bias = 0x3F; shift -= 6;
} else { write = (byte)(0x80 | ((c >>> shift) & 0x3F));
write = 0xC0;
bias = 0x1F;
}
ch = (char)(c>>>6);
if (ch > 0) {
write |= (ch & bias);
}
out.write(write); out.write(write);
out.write(0x80 | ((c) & 0x3F)); }
} }
} }
public static final byte[] getStringInUtf8(final String str) { public static byte[] getStringInUtf8(final String str) {
final int length = str.length(); final int length = str.length();
boolean expanded = false; boolean expanded = false;
byte[] result = new byte[length]; byte[] result = new byte[length];
int i = 0; int i = 0;
int out = 0; int out = 0;
char c; int c;
while (i < length) { while (i < length) {
c = str.charAt(i++); c = str.codePointAt(i);
i += Character.charCount(c);
if (!Character.isValidCodePoint(c) || c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
// valid code point: c >= 0x0000 && c <= 0x10FFFF
result[out++] = (byte)0x3f;
continue;
}
if (OLD_UTF8 && c >= Character.MIN_SUPPLEMENTARY_CODE_POINT) {
// version 2 or before output 2 question mark characters for 32 bit chars
result[out++] = (byte)0x3f;
result[out++] = (byte)0x3f;
continue;
}
if (c < 0x80) { if (c < 0x80) {
result[out++] = (byte)c; result[out++] = (byte)c;
continue; continue;
} }
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF)) {
//No Surrogates in sun java
result[out++] = 0x3f;
continue;
}
if (!expanded) { if (!expanded) {
byte newResult[] = new byte[3*length]; byte newResult[] = new byte[6*length];
System.arraycopy(result, 0, newResult, 0, out); System.arraycopy(result, 0, newResult, 0, out);
result = newResult; result = newResult;
expanded = true; expanded = true;
} }
char ch; byte extraByte = 0;
int bias; if (c < 0x800) {
byte write; // 0x00000080 - 0x000007FF
if (c > 0x07FF) { // 110xxxxx 10xxxxxx
ch = (char)(c>>>12); extraByte = 1;
write = (byte)0xE0; } else if (c < 0x10000) {
if (ch > 0) { // 0x00000800 - 0x0000FFFF
write |= (ch & 0x0F); // 1110xxxx 10xxxxxx 10xxxxxx
} extraByte = 2;
result[out++] = write; } else if (c < 0x200000) {
write = (byte)0x80; // 0x00010000 - 0x001FFFFF
bias = 0x3F; // 11110xxx 10xxxxx 10xxxxxx 10xxxxxx
extraByte = 3;
} else if (c < 0x4000000) {
// 0x00200000 - 0x03FFFFFF
// 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 4;
} else if (c <= 0x7FFFFFFF) {
// 0x04000000 - 0x7FFFFFFF
// 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 5;
} else { } else {
write = (byte)0xC0; // 0x80000000 - 0xFFFFFFFF
bias = 0x1F; // case not possible as java has no unsigned int
} result[out++] = 0x3f;
ch = (char)(c>>>6); continue;
if (ch > 0) {
write |= (ch & bias);
} }
byte write;
int shift = 6 * extraByte;
write = (byte)((0xFE << (6 - extraByte)) | (c >>> shift));
result[out++] = write; result[out++] = write;
result[out++] = (byte)(0x80 | ((c) & 0x3F)); for (int j = extraByte - 1; j >= 0; j--) {
shift -= 6;
write = (byte)(0x80 | ((c >>> shift) & 0x3F));
result[out++] = write;
}
} }
if (expanded) { if (expanded) {
byte newResult[] = new byte[out]; byte newResult[] = new byte[out];
@ -176,5 +298,4 @@ public class UtfHelpper {
} }
return result; return result;
} }
} }

412
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/XmlAttrStack.java Normal file
View File

@ -0,0 +1,412 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.w3c.dom.Attr;
/**
* An XmlAttrStack that is shared between the Canonical XML 1.0 and 1.1 implementations.
*/
class XmlAttrStack {
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(XmlAttrStack.class);
static class XmlsStackElement {
int level;
boolean rendered = false;
List<Attr> nodes = new ArrayList<>();
}
private int currentLevel = 0;
private int lastlevel = 0;
private XmlsStackElement cur;
private List<XmlsStackElement> levels = new ArrayList<>();
private boolean c14n11;
public XmlAttrStack(boolean c14n11) {
this.c14n11 = c14n11;
}
void push(int level) {
currentLevel = level;
if (currentLevel == -1) {
return;
}
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
int newSize = levels.size();
if (newSize == 0) {
lastlevel = 0;
return;
}
lastlevel = levels.get(newSize - 1).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection<Attr> col) {
int size = levels.size() - 1;
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = levels.get(size);
if (e.rendered && e.level + 1 == currentLevel) {
parentRendered = true;
}
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map<String, Attr> loa = new HashMap<>();
if (c14n11) {
List<Attr> baseAttrs = new ArrayList<>();
boolean successiveOmitted = true;
for (; size >= 0; size--) {
e = levels.get(size);
if (e.rendered) {
successiveOmitted = false;
}
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext() && successiveOmitted) {
Attr n = it.next();
if (n.getLocalName().equals("base") && !e.rendered) {
baseAttrs.add(n);
} else if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
if (!baseAttrs.isEmpty()) {
Iterator<Attr> it = col.iterator();
String base = null;
Attr baseAttr = null;
while (it.hasNext()) {
Attr n = it.next();
if (n.getLocalName().equals("base")) {
base = n.getValue();
baseAttr = n;
break;
}
}
it = baseAttrs.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (base == null) {
base = n.getValue();
baseAttr = n;
} else {
try {
base = joinURI(n.getValue(), base);
} catch (URISyntaxException ue) {
LOG.debug(ue.getMessage(), ue);
}
}
}
if (base != null && base.length() != 0) {
baseAttr.setValue(base);
col.add(baseAttr);
}
}
} else {
for (; size >= 0; size--) {
e = levels.get(size);
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
}
cur.rendered = true;
col.addAll(loa.values());
}
private static String joinURI(String baseURI, String relativeURI) throws URISyntaxException {
String bscheme = null;
String bauthority = null;
String bpath = "";
String bquery = null;
// pre-parse the baseURI
if (baseURI != null) {
if (baseURI.endsWith("..")) {
baseURI = baseURI + "/";
}
URI base = new URI(baseURI);
bscheme = base.getScheme();
bauthority = base.getAuthority();
bpath = base.getPath();
bquery = base.getQuery();
}
URI r = new URI(relativeURI);
String rscheme = r.getScheme();
String rauthority = r.getAuthority();
String rpath = r.getPath();
String rquery = r.getQuery();
String tscheme, tauthority, tpath, tquery;
if (rscheme != null && rscheme.equals(bscheme)) {
rscheme = null;
}
if (rscheme != null) {
tscheme = rscheme;
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rauthority != null) {
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rpath.length() == 0) {
tpath = bpath;
if (rquery != null) {
tquery = rquery;
} else {
tquery = bquery;
}
} else {
if (rpath.startsWith("/")) {
tpath = removeDotSegments(rpath);
} else {
if (bauthority != null && bpath.length() == 0) {
tpath = "/" + rpath;
} else {
int last = bpath.lastIndexOf('/');
if (last == -1) {
tpath = rpath;
} else {
tpath = bpath.substring(0, last+1) + rpath;
}
}
tpath = removeDotSegments(tpath);
}
tquery = rquery;
}
tauthority = bauthority;
}
tscheme = bscheme;
}
return new URI(tscheme, tauthority, tpath, tquery, null).toString();
}
private static String removeDotSegments(String path) {
LOG.debug("STEP OUTPUT BUFFER\t\tINPUT BUFFER");
// 1. The input buffer is initialized with the now-appended path
// components then replace occurrences of "//" in the input buffer
// with "/" until no more occurrences of "//" are in the input buffer.
String input = path;
while (input.indexOf("//") > -1) {
input = input.replaceAll("//", "/");
}
// Initialize the output buffer with the empty string.
StringBuilder output = new StringBuilder();
// If the input buffer starts with a root slash "/" then move this
// character to the output buffer.
if (input.charAt(0) == '/') {
output.append("/");
input = input.substring(1);
}
printStep("1 ", output.toString(), input);
// While the input buffer is not empty, loop as follows
while (input.length() != 0) {
// 2A. If the input buffer begins with a prefix of "./",
// then remove that prefix from the input buffer
// else if the input buffer begins with a prefix of "../", then
// if also the output does not contain the root slash "/" only,
// then move this prefix to the end of the output buffer else
// remove that prefix
if (input.startsWith("./")) {
input = input.substring(2);
printStep("2A", output.toString(), input);
} else if (input.startsWith("../")) {
input = input.substring(3);
if (!output.toString().equals("/")) {
output.append("../");
}
printStep("2A", output.toString(), input);
// 2B. if the input buffer begins with a prefix of "/./" or "/.",
// where "." is a complete path segment, then replace that prefix
// with "/" in the input buffer; otherwise,
} else if (input.startsWith("/./")) {
input = input.substring(2);
printStep("2B", output.toString(), input);
} else if (input.equals("/.")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/.", "/");
printStep("2B", output.toString(), input);
// 2C. if the input buffer begins with a prefix of "/../" or "/..",
// where ".." is a complete path segment, then replace that prefix
// with "/" in the input buffer and if also the output buffer is
// empty, last segment in the output buffer equals "../" or "..",
// where ".." is a complete path segment, then append ".." or "/.."
// for the latter case respectively to the output buffer else
// remove the last segment and its preceding "/" (if any) from the
// output buffer and if hereby the first character in the output
// buffer was removed and it was not the root slash then delete a
// leading slash from the input buffer; otherwise,
} else if (input.startsWith("/../")) {
input = input.substring(3);
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
} else if (input.equals("/..")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/..", "/");
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
// 2D. if the input buffer consists only of ".", then remove
// that from the input buffer else if the input buffer consists
// only of ".." and if the output buffer does not contain only
// the root slash "/", then move the ".." to the output buffer
// else delte it.; otherwise,
} else if (input.equals(".")) {
input = "";
printStep("2D", output.toString(), input);
} else if (input.equals("..")) {
if (!output.toString().equals("/")) {
output.append("..");
}
input = "";
printStep("2D", output.toString(), input);
// 2E. move the first path segment (if any) in the input buffer
// to the end of the output buffer, including the initial "/"
// character (if any) and any subsequent characters up to, but not
// including, the next "/" character or the end of the input buffer.
} else {
int end = -1;
int begin = input.indexOf('/');
if (begin == 0) {
end = input.indexOf('/', 1);
} else {
end = begin;
begin = 0;
}
String segment;
if (end == -1) {
segment = input.substring(begin);
input = "";
} else {
segment = input.substring(begin, end);
input = input.substring(end);
}
output.append(segment);
printStep("2E", output.toString(), input);
}
}
// 3. Finally, if the only or last segment of the output buffer is
// "..", where ".." is a complete path segment not followed by a slash
// then append a slash "/". The output buffer is returned as the result
// of remove_dot_segments
if (output.toString().endsWith("..")) {
output.append("/");
printStep("3 ", output.toString(), input);
}
return output.toString();
}
private static void printStep(String step, String output, String input) {
if (LOG.isDebugEnabled()) {
LOG.debug(" " + step + ": " + output);
if (output.length() == 0) {
LOG.debug("\t\t\t\t" + input);
} else {
LOG.debug("\t\t\t" + input);
}
}
}
}

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/package.html
View File

@ -1,3 +0,0 @@
<HTML> <HEAD> </HEAD> <BODY> <P>
canonicalization implementations.
</P></BODY> </HTML>

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
Canonicalization related material and algorithms.
</P></BODY></HTML>

250
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/AbstractSerializer.java
View File

@ -1,250 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* Converts <code>String</code>s into <code>Node</code>s and visa versa.
*
* An abstract class for common Serializer functionality
*/
public abstract class AbstractSerializer implements Serializer {
protected Canonicalizer canon;
public void setCanonicalizer(Canonicalizer canon) {
this.canon = canon;
}
/**
* Returns a <code>String</code> representation of the specified
* <code>Element</code>.
* <p/>
* Refer also to comments about setup of format.
*
* @param element the <code>Element</code> to serialize.
* @return the <code>String</code> representation of the serilaized
* <code>Element</code>.
* @throws Exception
*/
public String serialize(Element element) throws Exception {
return canonSerialize(element);
}
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>Element</code>.
*
* @param element the <code>Element</code> to serialize.
* @return the <code>byte[]</code> representation of the serilaized
* <code>Element</code>.
* @throws Exception
*/
public byte[] serializeToByteArray(Element element) throws Exception {
return canonSerializeToByteArray(element);
}
/**
* Returns a <code>String</code> representation of the specified
* <code>NodeList</code>.
* <p/>
* This is a special case because the NodeList may represent a
* <code>DocumentFragment</code>. A document fragment may be a
* non-valid XML document (refer to appropriate description of
* W3C) because it my start with a non-element node, e.g. a text
* node.
* <p/>
* The methods first converts the node list into a document fragment.
* Special care is taken to not destroy the current document, thus
* the method clones the nodes (deep cloning) before it appends
* them to the document fragment.
* <p/>
* Refer also to comments about setup of format.
*
* @param content the <code>NodeList</code> to serialize.
* @return the <code>String</code> representation of the serialized
* <code>NodeList</code>.
* @throws Exception
*/
public String serialize(NodeList content) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
for (int i = 0; i < content.getLength(); i++) {
canon.canonicalizeSubtree(content.item(i));
}
String ret = baos.toString("UTF-8");
baos.reset();
return ret;
}
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>NodeList</code>.
*
* @param content the <code>NodeList</code> to serialize.
* @return the <code>byte[]</code> representation of the serialized
* <code>NodeList</code>.
* @throws Exception
*/
public byte[] serializeToByteArray(NodeList content) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
for (int i = 0; i < content.getLength(); i++) {
canon.canonicalizeSubtree(content.item(i));
}
return baos.toByteArray();
}
/**
* Use the Canonicalizer to serialize the node
* @param node
* @return the canonicalization of the node
* @throws Exception
*/
public String canonSerialize(Node node) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
canon.canonicalizeSubtree(node);
String ret = baos.toString("UTF-8");
baos.reset();
return ret;
}
/**
* Use the Canonicalizer to serialize the node
* @param node
* @return the (byte[]) canonicalization of the node
* @throws Exception
*/
public byte[] canonSerializeToByteArray(Node node) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
canon.canonicalizeSubtree(node);
return baos.toByteArray();
}
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public abstract Node deserialize(String source, Node ctx) throws XMLEncryptionException;
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public abstract Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
protected static byte[] createContext(byte[] source, Node ctx) throws XMLEncryptionException {
// Create the context to parse the document against
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
try {
OutputStreamWriter outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, "UTF-8");
outputStreamWriter.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?><dummy");
// Run through each node up to the document node and find any xmlns: nodes
Map<String, String> storedNamespaces = new HashMap<String, String>();
Node wk = ctx;
while (wk != null) {
NamedNodeMap atts = wk.getAttributes();
if (atts != null) {
for (int i = 0; i < atts.getLength(); ++i) {
Node att = atts.item(i);
String nodeName = att.getNodeName();
if ((nodeName.equals("xmlns") || nodeName.startsWith("xmlns:"))
&& !storedNamespaces.containsKey(att.getNodeName())) {
outputStreamWriter.write(" ");
outputStreamWriter.write(nodeName);
outputStreamWriter.write("=\"");
outputStreamWriter.write(att.getNodeValue());
outputStreamWriter.write("\"");
storedNamespaces.put(nodeName, att.getNodeValue());
}
}
}
wk = wk.getParentNode();
}
outputStreamWriter.write(">");
outputStreamWriter.flush();
byteArrayOutputStream.write(source);
outputStreamWriter.write("</dummy>");
outputStreamWriter.close();
return byteArrayOutputStream.toByteArray();
} catch (UnsupportedEncodingException e) {
throw new XMLEncryptionException("empty", e);
} catch (IOException e) {
throw new XMLEncryptionException("empty", e);
}
}
protected static String createContext(String source, Node ctx) {
// Create the context to parse the document against
StringBuilder sb = new StringBuilder();
sb.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?><dummy");
// Run through each node up to the document node and find any xmlns: nodes
Map<String, String> storedNamespaces = new HashMap<String, String>();
Node wk = ctx;
while (wk != null) {
NamedNodeMap atts = wk.getAttributes();
if (atts != null) {
for (int i = 0; i < atts.getLength(); ++i) {
Node att = atts.item(i);
String nodeName = att.getNodeName();
if ((nodeName.equals("xmlns") || nodeName.startsWith("xmlns:"))
&& !storedNamespaces.containsKey(att.getNodeName())) {
sb.append(' ').append(nodeName).append("=\"")
.append(att.getNodeValue()).append('"');
storedNamespaces.put(nodeName, att.getNodeValue());
}
}
}
wk = wk.getParentNode();
}
sb.append('>').append(source).append("</dummy>");
return sb.toString();
}
}

157
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/AgreementMethod.java
View File

@ -1,157 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import com.sun.org.apache.xml.internal.security.keys.KeyInfo;
import org.w3c.dom.Element;
/**
* A Key Agreement algorithm provides for the derivation of a shared secret key
* based on a shared secret computed from certain types of compatible public
* keys from both the sender and the recipient. Information from the originator
* to determine the secret is indicated by an optional OriginatorKeyInfo
* parameter child of an {@code AgreementMethod} element while that
* associated with the recipient is indicated by an optional RecipientKeyInfo. A
* shared key is derived from this shared secret by a method determined by the
* Key Agreement algorithm.
* <p>
* <b>Note:</b> XML Encryption does not provide an on-line key agreement
* negotiation protocol. The {@code AgreementMethod} element can be used by
* the originator to identify the keys and computational procedure that were
* used to obtain a shared encryption key. The method used to obtain or select
* the keys or algorithm used for the agreement computation is beyond the scope
* of this specification.
* <p>
* The {@code AgreementMethod} element appears as the content of a
* {@code ds:KeyInfo} since, like other {@code ds:KeyInfo} children,
* it yields a key. This {@code ds:KeyInfo} is in turn a child of an
* {@code EncryptedData} or {@code EncryptedKey} element. The
* Algorithm attribute and KeySize child of the {@code EncryptionMethod}
* element under this {@code EncryptedData} or {@code EncryptedKey}
* element are implicit parameters to the key agreement computation. In cases
* where this {@code EncryptionMethod} algorithm {@code URI} is
* insufficient to determine the key length, a KeySize MUST have been included.
* In addition, the sender may place a KA-Nonce element under
* {@code AgreementMethod} to assure that different keying material is
* generated even for repeated agreements using the same sender and recipient
* public keys.
* <p>
* If the agreed key is being used to wrap a key, then
* {@code AgreementMethod} would appear inside a {@code ds:KeyInfo}
* inside an {@code EncryptedKey} element.
* <p>
* The Schema for AgreementMethod is as follows:
* <pre>{@code
* <element name="AgreementMethod" type="xenc:AgreementMethodType"/>
* <complexType name="AgreementMethodType" mixed="true">
* <sequence>
* <element name="KA-Nonce" minOccurs="0" type="base64Binary"/>
* <!-- <element ref="ds:DigestMethod" minOccurs="0"/> -->
* <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
* <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
* <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
* </sequence>
* <attribute name="Algorithm" type="anyURI" use="required"/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface AgreementMethod {
/**
* Returns a {@code byte} array.
* @return a {@code byte} array.
*/
byte[] getKANonce();
/**
* Sets the KANonce.jj
* @param kanonce
*/
void setKANonce(byte[] kanonce);
/**
* Returns additional information regarding the {@code AgreementMethod}.
* @return additional information regarding the {@code AgreementMethod}.
*/
Iterator<Element> getAgreementMethodInformation();
/**
* Adds additional {@code AgreementMethod} information.
*
* @param info an {@code Element} that represents additional information
* specified by
* <pre>{@code
* <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
* }</pre>
*/
void addAgreementMethodInformation(Element info);
/**
* Removes additional {@code AgreementMethod} information.
*
* @param info an {@code Element} that represents additional information
* specified by
* <pre>{@code
* <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
* }</pre>
*/
void revoveAgreementMethodInformation(Element info);
/**
* Returns information relating to the originator's shared secret.
*
* @return information relating to the originator's shared secret.
*/
KeyInfo getOriginatorKeyInfo();
/**
* Sets the information relating to the originator's shared secret.
*
* @param keyInfo information relating to the originator's shared secret.
*/
void setOriginatorKeyInfo(KeyInfo keyInfo);
/**
* Returns information relating to the recipient's shared secret.
*
* @return information relating to the recipient's shared secret.
*/
KeyInfo getRecipientKeyInfo();
/**
* Sets the information relating to the recipient's shared secret.
*
* @param keyInfo information relating to the recipient's shared secret.
*/
void setRecipientKeyInfo(KeyInfo keyInfo);
/**
* Returns the algorithm URI of this {@code CryptographicMethod}.
*
* @return the algorithm URI of this {@code CryptographicMethod}
*/
String getAlgorithm();
}

95
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherData.java
View File

@ -1,95 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* {@code CipherData} provides encrypted data. It must either contain the
* encrypted octet sequence as base64 encoded text of the
* {@code CipherValue} element, or provide a reference to an external
* location containing the encrypted octet sequence via the
* {@code CipherReference} element.
* <p>
* The schema definition is as follows:
* <pre>{@code
* <element name='CipherData' type='xenc:CipherDataType'/>
* <complexType name='CipherDataType'>
* <choice>
* <element name='CipherValue' type='base64Binary'/>
* <element ref='xenc:CipherReference'/>
* </choice>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface CipherData {
/** VALUE_TYPE ASN */
int VALUE_TYPE = 0x00000001;
/** REFERENCE_TYPE ASN */
int REFERENCE_TYPE = 0x00000002;
/**
* Returns the type of encrypted data contained in the
* {@code CipherData}.
*
* @return {@code VALUE_TYPE} if the encrypted data is contained as
* {@code CipherValue} or {@code REFERENCE_TYPE} if the
* encrypted data is contained as {@code CipherReference}.
*/
int getDataType();
/**
* Returns the cipher value as a base64 encoded {@code byte} array.
*
* @return the {@code CipherData}'s value.
*/
CipherValue getCipherValue();
/**
* Sets the {@code CipherData}'s value.
*
* @param value the value of the {@code CipherData}.
* @throws XMLEncryptionException
*/
void setCipherValue(CipherValue value) throws XMLEncryptionException;
/**
* Returns a reference to an external location containing the encrypted
* octet sequence ({@code byte} array).
*
* @return the reference to an external location containing the encrypted
* octet sequence.
*/
CipherReference getCipherReference();
/**
* Sets the {@code CipherData}'s reference.
*
* @param reference an external location containing the encrypted octet sequence.
* @throws XMLEncryptionException
*/
void setCipherReference(CipherReference reference) throws XMLEncryptionException;
}

95
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java
View File

@ -1,95 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import org.w3c.dom.Attr;
/**
* {@code CipherReference} identifies a source which, when processed,
* yields the encrypted octet sequence.
* <p>
* The actual value is obtained as follows. The {@code CipherReference URI}
* contains an identifier that is dereferenced. Should the
* Transforms, the data resulting from dereferencing the {@code URI} is
* transformed as specified so as to yield the intended cipher value. For
* example, if the value is base64 encoded within an XML document; the
* transforms could specify an XPath expression followed by a base64 decoding so
* as to extract the octets.
* <p>
* The syntax of the {@code URI} and Transforms is similar to that of
* [XML-DSIG]. However, there is a difference between signature and encryption
* processing. In [XML-DSIG] both generation and validation processing start
* with the same source data and perform that transform in the same order. In
* encryption, the decryptor has only the cipher data and the specified
* transforms are enumerated for the decryptor, in the order necessary to obtain
* the octets. Consequently, because it has different semantics Transforms is in
* the &xenc; namespace.
* <p>
* The schema definition is as follows:
* <pre>{@code
* <element name='CipherReference' type='xenc:CipherReferenceType'/>
* <complexType name='CipherReferenceType'>
* <sequence>
* <element name='Transforms' type='xenc:TransformsType' minOccurs='0'/>
* </sequence>
* <attribute name='URI' type='anyURI' use='required'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface CipherReference {
/**
* Returns an {@code URI} that contains an identifier that should be
* dereferenced.
* @return an {@code URI} that contains an identifier that should be
* dereferenced.
*/
String getURI();
/**
* Gets the URI as an Attribute node. Used to meld the CipherReference
* with the XMLSignature ResourceResolvers
* @return the URI as an Attribute node
*/
Attr getURIAsAttr();
/**
* Returns the {@code Transforms} that specifies how to transform the
* {@code URI} to yield the appropriate cipher value.
*
* @return the transform that specifies how to transform the reference to
* yield the intended cipher value.
*/
Transforms getTransforms();
/**
* Sets the {@code Transforms} that specifies how to transform the
* {@code URI} to yield the appropriate cipher value.
*
* @param transforms the set of {@code Transforms} that specifies how
* to transform the reference to yield the intended cipher value.
*/
void setTransforms(Transforms transforms);
}

46
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java
View File

@ -1,46 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* <code>CipherValue</code> is the wrapper for cipher text.
*
* @author Axl Mattheus
*/
public interface CipherValue {
/**
* Returns the Base 64 encoded, encrypted octets that is the
* <code>CipherValue</code>.
*
* @return cipher value.
*/
String getValue();
/**
* Sets the Base 64 encoded, encrypted octets that is the
* <code>CipherValue</code>.
*
* @param value the cipher value.
*/
void setValue(String value);
}

114
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/DocumentSerializer.java
View File

@ -1,114 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.DocumentFragment;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
/**
* Converts <code>String</code>s into <code>Node</code>s and visa versa.
*/
public class DocumentSerializer extends AbstractSerializer {
protected DocumentBuilderFactory dbf;
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException {
byte[] fragment = createContext(source, ctx);
return deserialize(ctx, new InputSource(new ByteArrayInputStream(fragment)));
}
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public Node deserialize(String source, Node ctx) throws XMLEncryptionException {
String fragment = createContext(source, ctx);
return deserialize(ctx, new InputSource(new StringReader(fragment)));
}
/**
* @param ctx
* @param inputSource
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
private Node deserialize(Node ctx, InputSource inputSource) throws XMLEncryptionException {
try {
if (dbf == null) {
dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
dbf.setValidating(false);
}
DocumentBuilder db = dbf.newDocumentBuilder();
Document d = db.parse(inputSource);
Document contextDocument = null;
if (Node.DOCUMENT_NODE == ctx.getNodeType()) {
contextDocument = (Document)ctx;
} else {
contextDocument = ctx.getOwnerDocument();
}
Element fragElt =
(Element) contextDocument.importNode(d.getDocumentElement(), true);
DocumentFragment result = contextDocument.createDocumentFragment();
Node child = fragElt.getFirstChild();
while (child != null) {
fragElt.removeChild(child);
result.appendChild(child);
child = fragElt.getFirstChild();
}
return result;
} catch (SAXException se) {
throw new XMLEncryptionException("empty", se);
} catch (ParserConfigurationException pce) {
throw new XMLEncryptionException("empty", pce);
} catch (IOException ioe) {
throw new XMLEncryptionException("empty", ioe);
}
}
}

46
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java
View File

@ -1,46 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* The {@code EncryptedData} element is the core element in the syntax. Not
* only does its {@code CipherData} child contain the encrypted data, but
* it's also the element that replaces the encrypted element, or serves as the
* new document root.
* <p>
* It's schema definition is as follows:
* <p>
* <pre>{@code
* <element name='EncryptedData' type='xenc:EncryptedDataType'/>
* <complexType name='EncryptedDataType'>
* <complexContent>
* <extension base='xenc:EncryptedType'/>
* </complexContent>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptedData extends EncryptedType {
}

113
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java
View File

@ -1,113 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* The {@code EncryptedKey} element is used to transport encryption keys
* from the originator to a known recipient(s). It may be used as a stand-alone
* XML document, be placed within an application document, or appear inside an
* {@code EncryptedData} element as a child of a {@code ds:KeyInfo}
* element. The key value is always encrypted to the recipient(s). When
* {@code EncryptedKey} is decrypted the resulting octets are made
* available to the {@code EncryptionMethod} algorithm without any
* additional processing.
* <p>
* Its schema definition is as follows:
* <pre>{@code
* <element name='EncryptedKey' type='xenc:EncryptedKeyType'/>
* <complexType name='EncryptedKeyType'>
* <complexContent>
* <extension base='xenc:EncryptedType'>
* <sequence>
* <element ref='xenc:ReferenceList' minOccurs='0'/>
* <element name='CarriedKeyName' type='string' minOccurs='0'/>
* </sequence>
* <attribute name='Recipient' type='string' use='optional'/>
* </extension>
* </complexContent>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptedKey extends EncryptedType {
/**
* Returns a hint as to which recipient this encrypted key value is intended for.
*
* @return the recipient of the {@code EncryptedKey}.
*/
String getRecipient();
/**
* Sets the recipient for this {@code EncryptedKey}.
*
* @param recipient the recipient for this {@code EncryptedKey}.
*/
void setRecipient(String recipient);
/**
* Returns pointers to data and keys encrypted using this key. The reference
* list may contain multiple references to {@code EncryptedKey} and
* {@code EncryptedData} elements. This is done using
* {@code KeyReference} and {@code DataReference} elements
* respectively.
*
* @return an {@code Iterator} over all the {@code ReferenceList}s
* contained in this {@code EncryptedKey}.
*/
ReferenceList getReferenceList();
/**
* Sets the {@code ReferenceList} to the {@code EncryptedKey}.
*
* @param list a list of pointers to data elements encrypted using this key.
*/
void setReferenceList(ReferenceList list);
/**
* Returns a user readable name with the key value. This may then be used to
* reference the key using the {@code ds:KeyName} element within
* {@code ds:KeyInfo}. The same {@code CarriedKeyName} label,
* unlike an ID type, may occur multiple times within a single document. The
* value of the key is to be the same in all {@code EncryptedKey}
* elements identified with the same {@code CarriedKeyName} label
* within a single XML document.
* <br>
* <b>Note</b> that because whitespace is significant in the value of
* the {@code ds:KeyName} element, whitespace is also significant in
* the value of the {@code CarriedKeyName} element.
*
* @return over all the carried names contained in
* this {@code EncryptedKey}.
*/
String getCarriedName();
/**
* Sets the carried name.
*
* @param name the carried name.
*/
void setCarriedName(String name);
}

197
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java
View File

@ -1,197 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import com.sun.org.apache.xml.internal.security.keys.KeyInfo;
/**
* EncryptedType is the abstract type from which {@code EncryptedData} and
* {@code EncryptedKey} are derived. While these two latter element types
* are very similar with respect to their content models, a syntactical
* distinction is useful to processing.
* <p>
* Its schema definition is as follows:
* <pre>{@code
* <complexType name='EncryptedType' abstract='true'>
* <sequence>
* <element name='EncryptionMethod' type='xenc:EncryptionMethodType'
* minOccurs='0'/>
* <element ref='ds:KeyInfo' minOccurs='0'/>
* <element ref='xenc:CipherData'/>
* <element ref='xenc:EncryptionProperties' minOccurs='0'/>
* </sequence>
* <attribute name='Id' type='ID' use='optional'/>
* <attribute name='Type' type='anyURI' use='optional'/>
* <attribute name='MimeType' type='string' use='optional'/>
* <attribute name='Encoding' type='anyURI' use='optional'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptedType {
/**
* Returns a {@code String} providing for the standard method of
* assigning an id to the element within the document context.
*
* @return the id for the {@code EncryptedType}.
*/
String getId();
/**
* Sets the id.
*
* @param id
*/
void setId(String id);
/**
* Returns an {@code URI} identifying type information about the
* plaintext form of the encrypted content. While optional, this
* specification takes advantage of it for mandatory processing described in
* Processing Rules: Decryption (section 4.2). If the
* {@code EncryptedData} element contains data of Type 'element' or
* element 'content', and replaces that data in an XML document context, it
* is strongly recommended the Type attribute be provided. Without this
* information, the decryptor will be unable to automatically restore the
* XML document to its original cleartext form.
*
* @return the identifier for the type of information in plaintext form of
* encrypted content.
*/
String getType();
/**
* Sets the type.
*
* @param type an {@code URI} identifying type information about the
* plaintext form of the encrypted content.
*/
void setType(String type);
/**
* Returns a {@code String} which describes the media type of the data
* which has been encrypted. The value of this attribute has values defined
* by [MIME]. For example, if the data that is encrypted is a base64 encoded
* PNG, the transfer Encoding may be specified as
* 'http://www.w3.org/2000/09/xmldsig#base64' and the MimeType as
* 'image/png'.
* <br>
* This attribute is purely advisory; no validation of the MimeType
* information is required and it does not indicate the encryption
* application must do any additional processing. Note, this information may
* not be necessary if it is already bound to the identifier in the Type
* attribute. For example, the Element and Content types defined in this
* specification are always UTF-8 encoded text.
*
* @return the media type of the data which was encrypted.
*/
String getMimeType();
/**
* Sets the mime type.
*
* @param type a {@code String} which describes the media type of the
* data which has been encrypted.
*/
void setMimeType(String type);
/**
* Return an {@code URI} representing the encoding of the
* {@code EncryptedType}.
*
* @return the encoding of this {@code EncryptedType}.
*/
String getEncoding();
/**
* Sets the {@code URI} representing the encoding of the
* {@code EncryptedType}.
*
* @param encoding
*/
void setEncoding(String encoding);
/**
* Returns an {@code EncryptionMethod} that describes the encryption
* algorithm applied to the cipher data. If the element is absent, the
* encryption algorithm must be known by the recipient or the decryption
* will fail.
*
* @return the method used to encrypt the cipher data.
*/
EncryptionMethod getEncryptionMethod();
/**
* Sets the {@code EncryptionMethod} used to encrypt the cipher data.
*
* @param method the {@code EncryptionMethod}.
*/
void setEncryptionMethod(EncryptionMethod method);
/**
* Returns the {@code ds:KeyInfo}, that carries information about the
* key used to encrypt the data. Subsequent sections of this specification
* define new elements that may appear as children of
* {@code ds:KeyInfo}.
*
* @return information about the key that encrypted the cipher data.
*/
KeyInfo getKeyInfo();
/**
* Sets the encryption key information.
*
* @param info the {@code ds:KeyInfo}, that carries information about
* the key used to encrypt the data.
*/
void setKeyInfo(KeyInfo info);
/**
* Returns the {@code CipherReference} that contains the
* {@code CipherValue} or {@code CipherReference} with the
* encrypted data.
*
* @return the cipher data for the encrypted type.
*/
CipherData getCipherData();
/**
* Returns additional information concerning the generation of the
* {@code EncryptedType}.
*
* @return information relating to the generation of the
* {@code EncryptedType}.
*/
EncryptionProperties getEncryptionProperties();
/**
* Sets the {@code EncryptionProperties} that supplies additional
* information about the generation of the {@code EncryptedType}.
*
* @param properties
*/
void setEncryptionProperties(EncryptionProperties properties);
}

132
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java
View File

@ -1,132 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import org.w3c.dom.Element;
/**
* {@code EncryptionMethod} describes the encryption algorithm applied to
* the cipher data. If the element is absent, the encryption algorithm must be
* known by the recipient or the decryption will fail.
* <p>
* It is defined as follows:
* <pre>{@code
* <complexType name='EncryptionMethodType' mixed='true'>
* <sequence>
* <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/>
* <element name='OAEPparams' minOccurs='0' type='base64Binary'/>
* <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
* </sequence>
* <attribute name='Algorithm' type='anyURI' use='required'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptionMethod {
/**
* Returns the algorithm applied to the cipher data.
*
* @return the encryption algorithm.
*/
String getAlgorithm();
/**
* Returns the key size of the key of the algorithm applied to the cipher
* data.
*
* @return the key size.
*/
int getKeySize();
/**
* Sets the size of the key of the algorithm applied to the cipher data.
*
* @param size the key size.
*/
void setKeySize(int size);
/**
* Returns the OAEP parameters of the algorithm applied to the
* cipher data.
*
* @return the OAEP parameters.
*/
byte[] getOAEPparams();
/**
* Sets the OAEP parameters.
*
* @param parameters the OAEP parameters.
*/
void setOAEPparams(byte[] parameters);
/**
* Set the Digest Algorithm to use
* @param digestAlgorithm the Digest Algorithm to use
*/
void setDigestAlgorithm(String digestAlgorithm);
/**
* Get the Digest Algorithm to use
* @return the Digest Algorithm to use
*/
String getDigestAlgorithm();
/**
* Set the MGF Algorithm to use
* @param mgfAlgorithm the MGF Algorithm to use
*/
void setMGFAlgorithm(String mgfAlgorithm);
/**
* Get the MGF Algorithm to use
* @return the MGF Algorithm to use
*/
String getMGFAlgorithm();
/**
* Returns an iterator over all the additional elements contained in the
* {@code EncryptionMethod}.
*
* @return an {@code Iterator} over all the additional information
* about the {@code EncryptionMethod}.
*/
Iterator<Element> getEncryptionMethodInformation();
/**
* Adds encryption method information.
*
* @param information additional encryption method information.
*/
void addEncryptionMethodInformation(Element information);
/**
* Removes encryption method information.
*
* @param information the information to remove from the
* {@code EncryptionMethod}.
*/
void removeEncryptionMethodInformation(Element information);
}

87
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java
View File

@ -1,87 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
/**
* {@code EncryptionProperties} can hold additional information concerning
* the generation of the {@code EncryptedData} or
* {@code EncryptedKey}. This information is wraped int an
* {@code EncryptionProperty} element. Examples of additional information
* is e.g., a date/time stamp or the serial number of cryptographic hardware
* used during encryption).
* <p>
* It is defined as follows:
* <pre>{@code
* <element name='EncryptionProperties' type='xenc:EncryptionPropertiesType'/>
* <complexType name='EncryptionPropertiesType'>
* <sequence>
* <element ref='xenc:EncryptionProperty' maxOccurs='unbounded'/>
* </sequence>
* <attribute name='Id' type='ID' use='optional'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptionProperties {
/**
* Returns the {@code EncryptionProperties}' id.
*
* @return the id.
*/
String getId();
/**
* Sets the id.
*
* @param id the id.
*/
void setId(String id);
/**
* Returns an {@code Iterator} over all the
* {@code EncryptionPropterty} elements contained in this
* {@code EncryptionProperties}.
*
* @return an {@code Iterator} over all the encryption properties.
*/
Iterator<EncryptionProperty> getEncryptionProperties();
/**
* Adds an {@code EncryptionProperty}.
*
* @param property
*/
void addEncryptionProperty(EncryptionProperty property);
/**
* Removes the specified {@code EncryptionProperty}.
*
* @param property
*/
void removeEncryptionProperty(EncryptionProperty property);
}

121
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java
View File

@ -1,121 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import org.w3c.dom.Element;
/**
* Additional information items concerning the generation of the
* {@code EncryptedData} or {@code EncryptedKey} can be placed in an
* {@code EncryptionProperty} element (e.g., date/time stamp or the serial
* number of cryptographic hardware used during encryption). The Target
* attribute identifies the {@code EncryptedType} structure being
* described. anyAttribute permits the inclusion of attributes from the XML
* namespace to be included (i.e., {@code xml:space},
* {@code xml:lang}, and {@code xml:base}).
* <p>
* It is defined as follows:
* <pre>{@code
* <element name='EncryptionProperty' type='xenc:EncryptionPropertyType'/>
* <complexType name='EncryptionPropertyType' mixed='true'>
* <choice maxOccurs='unbounded'>
* <any namespace='##other' processContents='lax'/>
* </choice>
* <attribute name='Target' type='anyURI' use='optional'/>
* <attribute name='Id' type='ID' use='optional'/>
* <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptionProperty {
/**
* Returns the {@code EncryptedType} being described.
*
* @return the {@code EncryptedType} being described by this
* {@code EncryptionProperty}.
*/
String getTarget();
/**
* Sets the target.
*
* @param target
*/
void setTarget(String target);
/**
* Returns the id of the {@code EncryptionProperty}.
*
* @return the id.
*/
String getId();
/**
* Sets the id.
*
* @param id
*/
void setId(String id);
/**
* Returns the attribute's value in the {@code xml} namespace.
*
* @param attribute
* @return the attribute's value.
*/
String getAttribute(String attribute);
/**
* Set the attribute value.
*
* @param attribute the attribute's name.
* @param value the attribute's value.
*/
void setAttribute(String attribute, String value);
/**
* Returns the properties of the {@code EncryptionProperty}.
*
* @return an {@code Iterator} over all the additional encryption
* information contained in this class.
*/
Iterator<Element> getEncryptionInformation();
/**
* Adds encryption information.
*
* @param information the additional encryption information.
*/
void addEncryptionInformation(Element information);
/**
* Removes encryption information.
*
* @param information the information to remove.
*/
void removeEncryptionInformation(Element information);
}

99
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/Reference.java
View File

@ -1,99 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import org.w3c.dom.Element;
/**
* A wrapper for a pointer from a key value of an {@code EncryptedKey} to
* items encrypted by that key value ({@code EncryptedData} or
* {@code EncryptedKey} elements).
* <p>
* It is defined as follows:
* <pre>{@code
* <complexType name='ReferenceType'>
* <sequence>
* <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
* </sequence>
* <attribute name='URI' type='anyURI' use='required'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
* @see ReferenceList
*/
public interface Reference {
/**
* Returns the {@code Element} tag name for this {@code Reference}.
*
* @return the tag name of this {@code Reference}.
*/
String getType();
/**
* Returns a {@code URI} that points to an {@code Element} that
* were encrypted using the key defined in the enclosing
* {@code EncryptedKey} element.
*
* @return an Uniform Resource Identifier that qualifies an
* {@code EncryptedType}.
*/
String getURI();
/**
* Sets a {@code URI} that points to an {@code Element} that
* were encrypted using the key defined in the enclosing
* {@code EncryptedKey} element.
*
* @param uri the Uniform Resource Identifier that qualifies an
* {@code EncryptedType}.
*/
void setURI(String uri);
/**
* Returns an {@code Iterator} over all the child elements contained in
* this {@code Reference} that will aid the recipient in retrieving the
* {@code EncryptedKey} and/or {@code EncryptedData} elements.
* These could include information such as XPath transforms, decompression
* transforms, or information on how to retrieve the elements from a
* document storage facility.
*
* @return child elements.
*/
Iterator<Element> getElementRetrievalInformation();
/**
* Adds retrieval information.
*
* @param info
*/
void addElementRetrievalInformation(Element info);
/**
* Removes the specified retrieval information.
*
* @param info
*/
void removeElementRetrievalInformation(Element info);
}

109
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java
View File

@ -1,109 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
/**
* {@code ReferenceList} is an element that contains pointers from a key
* value of an {@code EncryptedKey} to items encrypted by that key value
* ({@code EncryptedData} or {@code EncryptedKey} elements).
* <p>
* It is defined as follows:
* <pre>{@code
* <element name='ReferenceList'>
* <complexType>
* <choice minOccurs='1' maxOccurs='unbounded'>
* <element name='DataReference' type='xenc:ReferenceType'/>
* <element name='KeyReference' type='xenc:ReferenceType'/>
* </choice>
* </complexType>
* </element>
* }</pre>
*
* @author Axl Mattheus
* @see Reference
*/
public interface ReferenceList {
/** DATA TAG */
int DATA_REFERENCE = 0x00000001;
/** KEY TAG */
int KEY_REFERENCE = 0x00000002;
/**
* Adds a reference to this reference list.
*
* @param reference the reference to add.
* @throws IllegalAccessException if the {@code Reference} is not an
* instance of {@code DataReference} or {@code KeyReference}.
*/
void add(Reference reference);
/**
* Removes a reference from the {@code ReferenceList}.
*
* @param reference the reference to remove.
*/
void remove(Reference reference);
/**
* Returns the size of the {@code ReferenceList}.
*
* @return the size of the {@code ReferenceList}.
*/
int size();
/**
* Indicates if the {@code ReferenceList} is empty.
*
* @return <b>{@code true}</b> if the {@code ReferenceList} is
* empty, else <b>{@code false}</b>.
*/
boolean isEmpty();
/**
* Returns an {@code Iterator} over all the {@code Reference}s
* contained in this {@code ReferenceList}.
*
* @return Iterator.
*/
Iterator<Reference> getReferences();
/**
* {@code DataReference} factory method. Returns a
* {@code DataReference}.
* @param uri
* @return a {@code DataReference}.
*/
Reference newDataReference(String uri);
/**
* {@code KeyReference} factory method. Returns a
* {@code KeyReference}.
* @param uri
* @return a {@code KeyReference}.
*/
Reference newKeyReference(String uri);
}

77
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/Serializer.java
View File

@ -1,77 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* Converts <code>String</code>s into <code>Node</code>s and visa versa.
*/
public interface Serializer {
/**
* Set the Canonicalizer object to use.
*/
void setCanonicalizer(Canonicalizer canon);
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>Element</code>.
*
* @param element the <code>Element</code> to serialize.
* @return the <code>byte[]</code> representation of the serilaized
* <code>Element</code>.
* @throws Exception
*/
byte[] serializeToByteArray(Element element) throws Exception;
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>NodeList</code>.
*
* @param content the <code>NodeList</code> to serialize.
* @return the <code>byte[]</code> representation of the serialized
* <code>NodeList</code>.
* @throws Exception
*/
byte[] serializeToByteArray(NodeList content) throws Exception;
/**
* Use the Canonicalizer to serialize the node
* @param node
* @return the (byte[]) canonicalization of the node
* @throws Exception
*/
byte[] canonSerializeToByteArray(Node node) throws Exception;
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
}

50
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java
View File

@ -1,50 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* A container for {@code ds:Transform}s.
* <p>
* It is defined as follows:
* <pre>{@code
* <complexType name='TransformsType'>
* <sequence>
* <element ref='ds:Transform' maxOccurs='unbounded'/>
* </sequence>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
* @see com.sun.org.apache.xml.internal.security.encryption.CipherReference
*/
public interface Transforms {
/**
* Temporary method to turn the XMLEncryption Transforms class
* into a DS class. The main logic is currently implemented in the
* DS class, so we need to get to get the base class.
* <p>
* <b>Note</b> This will be removed in future versions
*/
com.sun.org.apache.xml.internal.security.transforms.Transforms getDSTransforms();
}

3539
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
View File

File diff suppressed because it is too large Load Diff

192
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java
View File

@ -1,192 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.io.IOException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException;
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import org.w3c.dom.Attr;
import com.sun.org.apache.xml.internal.security.utils.Base64;
/**
* <code>XMLCipherInput</code> is used to wrap input passed into the
* XMLCipher encryption operations.
*
* In decryption mode, it takes a <code>CipherData</code> object and allows
* callers to dereference the CipherData into the encrypted bytes that it
* actually represents. This takes care of all base64 encoding etc.
*
* While primarily an internal class, this can be used by applications to
* quickly and easily retrieve the encrypted bytes from an EncryptedType
* object
*
* @author Berin Lautenbach
*/
public class XMLCipherInput {
private static java.util.logging.Logger logger =
java.util.logging.Logger.getLogger(XMLCipherInput.class.getName());
/** The data we are working with */
private CipherData cipherData;
/** MODES */
private int mode;
private boolean secureValidation;
/**
* Constructor for processing encrypted octets
*
* @param data The <code>CipherData</code> object to read the bytes from
* @throws XMLEncryptionException {@link XMLEncryptionException}
*/
public XMLCipherInput(CipherData data) throws XMLEncryptionException {
cipherData = data;
mode = XMLCipher.DECRYPT_MODE;
if (cipherData == null) {
throw new XMLEncryptionException("CipherData is null");
}
}
/**
* Constructor for processing encrypted octets
*
* @param input The <code>EncryptedType</code> object to read
* the bytes from.
* @throws XMLEncryptionException {@link XMLEncryptionException}
*/
public XMLCipherInput(EncryptedType input) throws XMLEncryptionException {
cipherData = ((input == null) ? null : input.getCipherData());
mode = XMLCipher.DECRYPT_MODE;
if (cipherData == null) {
throw new XMLEncryptionException("CipherData is null");
}
}
/**
* Set whether secure validation is enabled or not. The default is false.
*/
public void setSecureValidation(boolean secureValidation) {
this.secureValidation = secureValidation;
}
/**
* Dereferences the input and returns it as a single byte array.
*
* @throws XMLEncryptionException
* @return The decripted bytes.
*/
public byte[] getBytes() throws XMLEncryptionException {
if (mode == XMLCipher.DECRYPT_MODE) {
return getDecryptBytes();
}
return null;
}
/**
* Internal method to get bytes in decryption mode
* @return the decrypted bytes
* @throws XMLEncryptionException
*/
private byte[] getDecryptBytes() throws XMLEncryptionException {
String base64EncodedEncryptedOctets = null;
if (cipherData.getDataType() == CipherData.REFERENCE_TYPE) {
// Fun time!
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData");
}
CipherReference cr = cipherData.getCipherReference();
// Need to wrap the uri in an Attribute node so that we can
// Pass to the resource resolvers
Attr uriAttr = cr.getURIAsAttr();
XMLSignatureInput input = null;
try {
ResourceResolver resolver =
ResourceResolver.getInstance(uriAttr, null, secureValidation);
input = resolver.resolve(uriAttr, null, secureValidation);
} catch (ResourceResolverException ex) {
throw new XMLEncryptionException("empty", ex);
}
if (input != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\"");
}
} else {
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\"");
}
}
// Lets see if there are any transforms
Transforms transforms = cr.getTransforms();
if (transforms != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference");
}
try {
com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms =
transforms.getDSTransforms();
dsTransforms.setSecureValidation(secureValidation);
input = dsTransforms.performTransforms(input);
} catch (TransformationException ex) {
throw new XMLEncryptionException("empty", ex);
}
}
try {
return input.getBytes();
} catch (IOException ex) {
throw new XMLEncryptionException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLEncryptionException("empty", ex);
}
// retrieve the cipher text
} else if (cipherData.getDataType() == CipherData.VALUE_TYPE) {
base64EncodedEncryptedOctets = cipherData.getCipherValue().getValue();
} else {
throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
}
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
}
try {
return Base64.decode(base64EncodedEncryptedOctets);
} catch (Base64DecodingException bde) {
throw new XMLEncryptionException("empty", bde);
}
}
}

86
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java
View File

@ -1,86 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* Constants
*/
public interface XMLCipherParameters {
String AES_128 =
"http://www.w3.org/2001/04/xmlenc#aes128-cbc";
String AES_256 =
"http://www.w3.org/2001/04/xmlenc#aes256-cbc";
String AES_192 =
"http://www.w3.org/2001/04/xmlenc#aes192-cbc";
String RSA_1_5 =
"http://www.w3.org/2001/04/xmlenc#rsa-1_5";
String RSA_OAEP =
"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
String DIFFIE_HELLMAN =
"http://www.w3.org/2001/04/xmlenc#dh";
String TRIPLEDES_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-tripledes";
String AES_128_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes128";
String AES_256_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes256";
String AES_192_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes192";
String SHA1 =
"http://www.w3.org/2000/09/xmldsig#sha1";
String SHA256 =
"http://www.w3.org/2001/04/xmlenc#sha256";
String SHA512 =
"http://www.w3.org/2001/04/xmlenc#sha512";
String RIPEMD_160 =
"http://www.w3.org/2001/04/xmlenc#ripemd160";
String XML_DSIG =
"http://www.w3.org/2000/09/xmldsig#";
String N14C_XML =
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
String N14C_XML_CMMNTS =
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
String EXCL_XML_N14C =
"http://www.w3.org/2001/10/xml-exc-c14n#";
String EXCL_XML_N14C_CMMNTS =
"http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
}

80
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionException.java
View File

@ -1,80 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/**
*
*/
public class XMLEncryptionException extends XMLSecurityException {
/**
*
*/
private static final long serialVersionUID = 1L;
/**
*
*
*/
public XMLEncryptionException() {
super();
}
/**
*
* @param msgID
*/
public XMLEncryptionException(String msgID) {
super(msgID);
}
/**
*
* @param msgID
* @param exArgs
*/
public XMLEncryptionException(String msgID, Object exArgs[]) {
super(msgID, exArgs);
}
/**
*
* @param msgID
* @param originalException
*/
public XMLEncryptionException(String msgID, Exception originalException) {
super(msgID, originalException);
}
/**
*
* @param msgID
* @param exArgs
* @param originalException
*/
public XMLEncryptionException(String msgID, Object exArgs[], Exception originalException) {
super(msgID, exArgs, originalException);
}
}

25
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/package.html
View File

@ -1,25 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
</head>
<body>
Provides classes for implementing XML Encryption applications. There are two
main families of classes in this package. The first group of classes is an
XML Schema to Java mapping of &nbsp;the complex types and elements of the
XML Encryption Schema as outllined at <a
href="http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/">XML Encrtypyion
Specification</a>. The second group of classes are used to perform encryption
operations, and to manipulate the first group of classes. The most important
classes in this second group is <code><a
href="file://./com/sun/org/apache/xml/internal/security/encryption/XMLCipher.html">XMLCipher</a></code>,
<code><a
href="file://./com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionFactory.html">XMLEncryptionFactory</a></code>
and <code>XMLSerializer</code>. <code>XMLCipher</code> was designed to resemble
<code>javax.crypto.Cipher</code>. The aforementioned classes were desinged
with ease-of-use and configurability in mind. Becuase of this, the programmer
may at times be exposed to lower level programming tasks. This library strives
to be as simple as possible to use, but no simpler.<br>
<br>
</body>
</html>

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/AlgorithmAlreadyRegisteredException.java
View File

@ -58,24 +58,34 @@ public class AlgorithmAlreadyRegisteredException extends XMLSecurityException {
/** /**
* Constructor AlgorithmAlreadyRegisteredException * Constructor AlgorithmAlreadyRegisteredException
* *
* @param msgID
* @param originalException * @param originalException
* @param msgID
*/ */
public AlgorithmAlreadyRegisteredException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public AlgorithmAlreadyRegisteredException(String msgID, Exception originalException) { public AlgorithmAlreadyRegisteredException(String msgID, Exception originalException) {
super(msgID, originalException); this(originalException, msgID);
} }
/** /**
* Constructor AlgorithmAlreadyRegisteredException * Constructor AlgorithmAlreadyRegisteredException
* *
* @param originalException
* @param msgID * @param msgID
* @param exArgs * @param exArgs
* @param originalException
*/ */
public AlgorithmAlreadyRegisteredException( public AlgorithmAlreadyRegisteredException(
String msgID, Object exArgs[], Exception originalException Exception originalException, String msgID, Object exArgs[]
) { ) {
super(msgID, exArgs, originalException); super(originalException, msgID, exArgs);
}
@Deprecated
public AlgorithmAlreadyRegisteredException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
} }
} }

21
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/Base64DecodingException.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.exceptions;
/** /**
* This Exception is thrown if decoding of Base64 data fails. * This Exception is thrown if decoding of Base64 data fails.
* *
* @author Christian Geuer-Pollmann
*/ */
public class Base64DecodingException extends XMLSecurityException { public class Base64DecodingException extends XMLSecurityException {
@ -61,22 +60,32 @@ public class Base64DecodingException extends XMLSecurityException {
/** /**
* Constructor Base64DecodingException * Constructor Base64DecodingException
* *
* @param msgID
* @param originalException * @param originalException
* @param msgID
*/ */
public Base64DecodingException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public Base64DecodingException(String msgID, Exception originalException) { public Base64DecodingException(String msgID, Exception originalException) {
super(msgID, originalException); this(originalException, msgID);
} }
/** /**
* Constructor Base64DecodingException * Constructor Base64DecodingException
* *
* @param originalException
* @param msgID * @param msgID
* @param exArgs * @param exArgs
* @param originalException
*/ */
public Base64DecodingException(String msgID, Object exArgs[], Exception originalException) { public Base64DecodingException(Exception originalException, String msgID, Object exArgs[]) {
super(msgID, exArgs, originalException); super(originalException, msgID, exArgs);
}
@Deprecated
public Base64DecodingException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
} }
} }

51
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityException.java
View File

@ -22,18 +22,15 @@
*/ */
package com.sun.org.apache.xml.internal.security.exceptions; package com.sun.org.apache.xml.internal.security.exceptions;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.text.MessageFormat; import java.text.MessageFormat;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.I18n; import com.sun.org.apache.xml.internal.security.utils.I18n;
/** /**
* The mother of all Exceptions in this bundle. It allows exceptions to have * The mother of all Exceptions in this bundle. It allows exceptions to have
* their messages translated to the different locales. * their messages translated to the different locales.
* *
* The <code>xmlsecurity_en.properties</code> file contains this line: * The {@code xmlsecurity_en.properties} file contains this line:
* <pre> * <pre>
* xml.WrongElement = Can't create a {0} from a {1} element * xml.WrongElement = Can't create a {0} from a {1} element
* </pre> * </pre>
@ -47,7 +44,7 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* } * }
* </pre> * </pre>
* *
* Additionally, if another Exception has been caught, we can supply it, too> * Additionally, if another Exception has been caught, we can supply it, too
* <pre> * <pre>
* try { * try {
* ... * ...
@ -59,7 +56,6 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* </pre> * </pre>
* *
* *
* @author Christian Geuer-Pollmann
*/ */
public class XMLSecurityException extends Exception { public class XMLSecurityException extends Exception {
@ -98,7 +94,7 @@ public class XMLSecurityException extends Exception {
* @param msgID * @param msgID
* @param exArgs * @param exArgs
*/ */
public XMLSecurityException(String msgID, Object exArgs[]) { public XMLSecurityException(String msgID, Object[] exArgs) {
super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs)); super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs));
@ -112,11 +108,7 @@ public class XMLSecurityException extends Exception {
*/ */
public XMLSecurityException(Exception originalException) { public XMLSecurityException(Exception originalException) {
super("Missing message ID to locate message string in resource bundle \"" super(originalException.getMessage(), originalException);
+ Constants.exceptionMessagesResourceBundleBase
+ "\". Original Exception was a "
+ originalException.getClass().getName() + " and message "
+ originalException.getMessage(), originalException);
} }
/** /**
@ -125,12 +117,17 @@ public class XMLSecurityException extends Exception {
* @param msgID * @param msgID
* @param originalException * @param originalException
*/ */
public XMLSecurityException(String msgID, Exception originalException) { public XMLSecurityException(Exception originalException, String msgID) {
super(I18n.getExceptionMessage(msgID, originalException), originalException); super(I18n.getExceptionMessage(msgID, originalException), originalException);
this.msgID = msgID; this.msgID = msgID;
} }
@Deprecated
public XMLSecurityException(String msgID, Exception originalException) {
this(originalException, msgID);
}
/** /**
* Constructor XMLSecurityException * Constructor XMLSecurityException
* *
@ -138,12 +135,18 @@ public class XMLSecurityException extends Exception {
* @param exArgs * @param exArgs
* @param originalException * @param originalException
*/ */
public XMLSecurityException(String msgID, Object exArgs[], Exception originalException) { public XMLSecurityException(Exception originalException, String msgID, Object[] exArgs) {
super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs), originalException); super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs), originalException);
this.msgID = msgID; this.msgID = msgID;
} }
@Deprecated
public XMLSecurityException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
/** /**
* Method getMsgID * Method getMsgID
* *
@ -156,7 +159,7 @@ public class XMLSecurityException extends Exception {
return msgID; return msgID;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String toString() { public String toString() {
String s = this.getClass().getName(); String s = this.getClass().getName();
String message = super.getLocalizedMessage(); String message = super.getLocalizedMessage();
@ -184,24 +187,6 @@ public class XMLSecurityException extends Exception {
} }
} }
/**
* Method printStackTrace
*
* @param printwriter
*/
public void printStackTrace(PrintWriter printwriter) {
super.printStackTrace(printwriter);
}
/**
* Method printStackTrace
*
* @param printstream
*/
public void printStackTrace(PrintStream printstream) {
super.printStackTrace(printstream);
}
/** /**
* Method getOriginalException * Method getOriginalException
* *

39
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityRuntimeException.java
View File

@ -22,8 +22,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.exceptions; package com.sun.org.apache.xml.internal.security.exceptions;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.text.MessageFormat; import java.text.MessageFormat;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
@ -33,7 +31,7 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* The mother of all runtime Exceptions in this bundle. It allows exceptions to have * The mother of all runtime Exceptions in this bundle. It allows exceptions to have
* their messages translated to the different locales. * their messages translated to the different locales.
* *
* The <code>xmlsecurity_en.properties</code> file contains this line: * The {@code xmlsecurity_en.properties} file contains this line:
* <pre> * <pre>
* xml.WrongElement = Can't create a {0} from a {1} element * xml.WrongElement = Can't create a {0} from a {1} element
* </pre> * </pre>
@ -47,7 +45,7 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* } * }
* </pre> * </pre>
* *
* Additionally, if another Exception has been caught, we can supply it, too> * Additionally, if another Exception has been caught, we can supply it, too
* <pre> * <pre>
* try { * try {
* ... * ...
@ -59,7 +57,6 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* </pre> * </pre>
* *
* *
* @author Christian Geuer-Pollmann
*/ */
public class XMLSecurityRuntimeException extends RuntimeException { public class XMLSecurityRuntimeException extends RuntimeException {
@ -134,7 +131,7 @@ public class XMLSecurityRuntimeException extends RuntimeException {
* @param originalException * @param originalException
*/ */
public XMLSecurityRuntimeException(String msgID, Object exArgs[], Exception originalException) { public XMLSecurityRuntimeException(String msgID, Object exArgs[], Exception originalException) {
super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs)); super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs), originalException);
this.msgID = msgID; this.msgID = msgID;
} }
@ -151,7 +148,7 @@ public class XMLSecurityRuntimeException extends RuntimeException {
return msgID; return msgID;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String toString() { public String toString() {
String s = this.getClass().getName(); String s = this.getClass().getName();
String message = super.getLocalizedMessage(); String message = super.getLocalizedMessage();
@ -169,34 +166,6 @@ public class XMLSecurityRuntimeException extends RuntimeException {
return message; return message;
} }
/**
* Method printStackTrace
*
*/
public void printStackTrace() {
synchronized (System.err) {
super.printStackTrace(System.err);
}
}
/**
* Method printStackTrace
*
* @param printwriter
*/
public void printStackTrace(PrintWriter printwriter) {
super.printStackTrace(printwriter);
}
/**
* Method printStackTrace
*
* @param printstream
*/
public void printStackTrace(PrintStream printstream) {
super.printStackTrace(printstream);
}
/** /**
* Method getOriginalException * Method getOriginalException
* *

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
general exceptions used by this library.
</P></BODY></HTML>

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java
View File

@ -61,24 +61,34 @@ public class ContentHandlerAlreadyRegisteredException extends XMLSecurityExcepti
/** /**
* Constructor ContentHandlerAlreadyRegisteredException * Constructor ContentHandlerAlreadyRegisteredException
* *
* @param msgID
* @param originalException * @param originalException
* @param msgID
*/ */
public ContentHandlerAlreadyRegisteredException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public ContentHandlerAlreadyRegisteredException(String msgID, Exception originalException) { public ContentHandlerAlreadyRegisteredException(String msgID, Exception originalException) {
super(msgID, originalException); this(originalException, msgID);
} }
/** /**
* Constructor ContentHandlerAlreadyRegisteredException * Constructor ContentHandlerAlreadyRegisteredException
* *
* @param originalException
* @param msgID * @param msgID
* @param exArgs * @param exArgs
* @param originalException
*/ */
public ContentHandlerAlreadyRegisteredException( public ContentHandlerAlreadyRegisteredException(
String msgID, Object exArgs[], Exception originalException Exception originalException, String msgID, Object exArgs[]
) { ) {
super(msgID, exArgs, originalException); super(originalException, msgID, exArgs);
}
@Deprecated
public ContentHandlerAlreadyRegisteredException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
} }
} }

330
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
View File

@ -31,9 +31,6 @@ import java.util.List;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.encryption.XMLEncryptionException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.DEREncodedKeyValue; import com.sun.org.apache.xml.internal.security.keys.content.DEREncodedKeyValue;
import com.sun.org.apache.xml.internal.security.keys.content.KeyInfoReference; import com.sun.org.apache.xml.internal.security.keys.content.KeyInfoReference;
@ -52,6 +49,7 @@ import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy;
import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants; import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
@ -59,55 +57,52 @@ import org.w3c.dom.Attr;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/** /**
* This class stand for KeyInfo Element that may contain keys, names, * This class stand for KeyInfo Element that may contain keys, names,
* certificates and other public key management information, * certificates and other public key management information,
* such as in-band key distribution or key agreement data. * such as in-band key distribution or key agreement data.
* <BR /> * <p></p>
* KeyInfo Element has two basic functions: * KeyInfo Element has two basic functions:
* One is KeyResolve for getting the public key in signature validation processing. * One is KeyResolve for getting the public key in signature validation processing.
* the other one is toElement for getting the element in signature generation processing. * the other one is toElement for getting the element in signature generation processing.
* <BR /> * <p></p>
* The <CODE>lengthXXX()</CODE> methods provide access to the internal Key * The {@code lengthXXX()} methods provide access to the internal Key
* objects: * objects:
* <UL> * <UL>
* <LI>If the <CODE>KeyInfo</CODE> was constructed from an Element * <LI>If the {@code KeyInfo} was constructed from an Element
* (Signature verification), the <CODE>lengthXXX()</CODE> methods searches * (Signature verification), the {@code lengthXXX()} methods searches
* for child elements of <CODE>ds:KeyInfo</CODE> for known types. </LI> * for child elements of {@code ds:KeyInfo} for known types. </LI>
* <LI>If the <CODE>KeyInfo</CODE> was constructed from scratch (during * <LI>If the {@code KeyInfo} was constructed from scratch (during
* Signature generation), the <CODE>lengthXXX()</CODE> methods return the number * Signature generation), the {@code lengthXXX()} methods return the number
* of <CODE>XXXs</CODE> objects already passed to the KeyInfo</LI> * of {@code XXXs} objects already passed to the KeyInfo</LI>
* </UL> * </UL>
* <BR /> * <p></p>
* The <CODE>addXXX()</CODE> methods are used for adding Objects of the * The {@code addXXX()} methods are used for adding Objects of the
* appropriate type to the <CODE>KeyInfo</CODE>. This is used during signature * appropriate type to the {@code KeyInfo}. This is used during signature
* generation. * generation.
* <BR /> * <p></p>
* The <CODE>itemXXX(int i)</CODE> methods return the i'th object of the * The {@code itemXXX(int i)} methods return the i'th object of the
* corresponding type. * corresponding type.
* <BR /> * <p></p>
* The <CODE>containsXXX()</CODE> methods return <I>whether</I> the KeyInfo * The {@code containsXXX()} methods return <I>whether</I> the KeyInfo
* contains the corresponding type. * contains the corresponding type.
* *
*/ */
public class KeyInfo extends SignatureElementProxy { public class KeyInfo extends SignatureElementProxy {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(KeyInfo.class);
java.util.logging.Logger.getLogger(KeyInfo.class.getName());
// We need at least one StorageResolver otherwise // We need at least one StorageResolver otherwise
// the KeyResolvers would not be called. // the KeyResolvers would not be called.
// The default StorageResolver is null. // The default StorageResolver is null.
private List<X509Data> x509Datas = null; private List<X509Data> x509Datas;
private List<EncryptedKey> encryptedKeys = null;
private static final List<StorageResolver> nullList; private static final List<StorageResolver> nullList;
static { static {
List<StorageResolver> list = new ArrayList<StorageResolver>(1); List<StorageResolver> list = new ArrayList<>(1);
list.add(null); list.add(null);
nullList = java.util.Collections.unmodifiableList(list); nullList = java.util.Collections.unmodifiableList(list);
} }
@ -118,7 +113,7 @@ public class KeyInfo extends SignatureElementProxy {
/** /**
* Stores the individual (per-KeyInfo) {@link KeyResolverSpi}s * Stores the individual (per-KeyInfo) {@link KeyResolverSpi}s
*/ */
private List<KeyResolverSpi> internalKeyResolvers = new ArrayList<KeyResolverSpi>(); private List<KeyResolverSpi> internalKeyResolvers = new ArrayList<>();
private boolean secureValidation; private boolean secureValidation;
@ -128,8 +123,14 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
public KeyInfo(Document doc) { public KeyInfo(Document doc) {
super(doc); super(doc);
addReturnToSelf();
String prefix = ElementProxy.getDefaultPrefix(this.getBaseNamespace());
if (prefix != null && prefix.length() > 0) {
getElement().setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + prefix,
this.getBaseNamespace());
}
XMLUtils.addReturnToElement(this.constructionElement);
} }
/** /**
@ -156,24 +157,23 @@ public class KeyInfo extends SignatureElementProxy {
} }
/** /**
* Sets the <code>Id</code> attribute * Sets the {@code Id} attribute
* *
* @param Id ID * @param id ID
*/ */
public void setId(String id) { public void setId(String id) {
if (id != null) { if (id != null) {
this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id); setLocalIdAttribute(Constants._ATT_ID, id);
this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
} }
} }
/** /**
* Returns the <code>Id</code> attribute * Returns the {@code Id} attribute
* *
* @return the <code>Id</code> attribute * @return the {@code Id} attribute
*/ */
public String getId() { public String getId() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ID); return getLocalAttribute(Constants._ATT_ID);
} }
/** /**
@ -182,7 +182,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param keynameString * @param keynameString
*/ */
public void addKeyName(String keynameString) { public void addKeyName(String keynameString) {
this.add(new KeyName(this.doc, keynameString)); this.add(new KeyName(getDocument(), keynameString));
} }
/** /**
@ -191,8 +191,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyname * @param keyname
*/ */
public void add(KeyName keyname) { public void add(KeyName keyname) {
this.constructionElement.appendChild(keyname.getElement()); appendSelf(keyname);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -201,7 +201,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param pk * @param pk
*/ */
public void addKeyValue(PublicKey pk) { public void addKeyValue(PublicKey pk) {
this.add(new KeyValue(this.doc, pk)); this.add(new KeyValue(getDocument(), pk));
} }
/** /**
@ -210,7 +210,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param unknownKeyValueElement * @param unknownKeyValueElement
*/ */
public void addKeyValue(Element unknownKeyValueElement) { public void addKeyValue(Element unknownKeyValueElement) {
this.add(new KeyValue(this.doc, unknownKeyValueElement)); this.add(new KeyValue(getDocument(), unknownKeyValueElement));
} }
/** /**
@ -219,7 +219,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param dsakeyvalue * @param dsakeyvalue
*/ */
public void add(DSAKeyValue dsakeyvalue) { public void add(DSAKeyValue dsakeyvalue) {
this.add(new KeyValue(this.doc, dsakeyvalue)); this.add(new KeyValue(getDocument(), dsakeyvalue));
} }
/** /**
@ -228,7 +228,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param rsakeyvalue * @param rsakeyvalue
*/ */
public void add(RSAKeyValue rsakeyvalue) { public void add(RSAKeyValue rsakeyvalue) {
this.add(new KeyValue(this.doc, rsakeyvalue)); this.add(new KeyValue(getDocument(), rsakeyvalue));
} }
/** /**
@ -237,7 +237,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param pk * @param pk
*/ */
public void add(PublicKey pk) { public void add(PublicKey pk) {
this.add(new KeyValue(this.doc, pk)); this.add(new KeyValue(getDocument(), pk));
} }
/** /**
@ -246,8 +246,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyvalue * @param keyvalue
*/ */
public void add(KeyValue keyvalue) { public void add(KeyValue keyvalue) {
this.constructionElement.appendChild(keyvalue.getElement()); appendSelf(keyvalue);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -256,7 +256,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param mgmtdata * @param mgmtdata
*/ */
public void addMgmtData(String mgmtdata) { public void addMgmtData(String mgmtdata) {
this.add(new MgmtData(this.doc, mgmtdata)); this.add(new MgmtData(getDocument(), mgmtdata));
} }
/** /**
@ -265,8 +265,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param mgmtdata * @param mgmtdata
*/ */
public void add(MgmtData mgmtdata) { public void add(MgmtData mgmtdata) {
this.constructionElement.appendChild(mgmtdata.getElement()); appendSelf(mgmtdata);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -275,8 +275,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param pgpdata * @param pgpdata
*/ */
public void add(PGPData pgpdata) { public void add(PGPData pgpdata) {
this.constructionElement.appendChild(pgpdata.getElement()); appendSelf(pgpdata);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -287,7 +287,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param Type * @param Type
*/ */
public void addRetrievalMethod(String uri, Transforms transforms, String Type) { public void addRetrievalMethod(String uri, Transforms transforms, String Type) {
this.add(new RetrievalMethod(this.doc, uri, transforms, Type)); this.add(new RetrievalMethod(getDocument(), uri, transforms, Type));
} }
/** /**
@ -296,8 +296,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param retrievalmethod * @param retrievalmethod
*/ */
public void add(RetrievalMethod retrievalmethod) { public void add(RetrievalMethod retrievalmethod) {
this.constructionElement.appendChild(retrievalmethod.getElement()); appendSelf(retrievalmethod);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -306,8 +306,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param spkidata * @param spkidata
*/ */
public void add(SPKIData spkidata) { public void add(SPKIData spkidata) {
this.constructionElement.appendChild(spkidata.getElement()); appendSelf(spkidata);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -317,27 +317,11 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
public void add(X509Data x509data) { public void add(X509Data x509data) {
if (x509Datas == null) { if (x509Datas == null) {
x509Datas = new ArrayList<X509Data>(); x509Datas = new ArrayList<>();
} }
x509Datas.add(x509data); x509Datas.add(x509data);
this.constructionElement.appendChild(x509data.getElement()); appendSelf(x509data);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
}
/**
* Method addEncryptedKey
*
* @param encryptedKey
* @throws XMLEncryptionException
*/
public void add(EncryptedKey encryptedKey) throws XMLEncryptionException {
if (encryptedKeys == null) {
encryptedKeys = new ArrayList<EncryptedKey>();
}
encryptedKeys.add(encryptedKey);
XMLCipher cipher = XMLCipher.getInstance();
this.constructionElement.appendChild(cipher.martial(encryptedKey));
} }
/** /**
@ -347,7 +331,7 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public void addDEREncodedKeyValue(PublicKey pk) throws XMLSecurityException { public void addDEREncodedKeyValue(PublicKey pk) throws XMLSecurityException {
this.add(new DEREncodedKeyValue(this.doc, pk)); this.add(new DEREncodedKeyValue(getDocument(), pk));
} }
/** /**
@ -356,8 +340,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param derEncodedKeyValue * @param derEncodedKeyValue
*/ */
public void add(DEREncodedKeyValue derEncodedKeyValue) { public void add(DEREncodedKeyValue derEncodedKeyValue) {
this.constructionElement.appendChild(derEncodedKeyValue.getElement()); appendSelf(derEncodedKeyValue);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -367,7 +351,7 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public void addKeyInfoReference(String URI) throws XMLSecurityException { public void addKeyInfoReference(String URI) throws XMLSecurityException {
this.add(new KeyInfoReference(this.doc, URI)); this.add(new KeyInfoReference(getDocument(), URI));
} }
/** /**
@ -376,8 +360,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyInfoReference * @param keyInfoReference
*/ */
public void add(KeyInfoReference keyInfoReference) { public void add(KeyInfoReference keyInfoReference) {
this.constructionElement.appendChild(keyInfoReference.getElement()); appendSelf(keyInfoReference);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -386,8 +370,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param element * @param element
*/ */
public void addUnknownElement(Element element) { public void addUnknownElement(Element element) {
this.constructionElement.appendChild(element); appendSelf(element);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -481,19 +465,17 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
public int lengthUnknownElement() { public int lengthUnknownElement() {
int res = 0; int res = 0;
NodeList nl = this.constructionElement.getChildNodes(); Node childNode = getElement().getFirstChild();
while (childNode != null) {
for (int i = 0; i < nl.getLength(); i++) {
Node current = nl.item(i);
/** /**
* $todo$ using this method, we don't see unknown Elements * $todo$ using this method, we don't see unknown Elements
* from Signature NS; revisit * from Signature NS; revisit
*/ */
if ((current.getNodeType() == Node.ELEMENT_NODE) if (childNode.getNodeType() == Node.ELEMENT_NODE
&& current.getNamespaceURI().equals(Constants.SignatureSpecNS)) { && childNode.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
res++; res++;
} }
childNode = childNode.getNextSibling();
} }
return res; return res;
@ -509,7 +491,7 @@ public class KeyInfo extends SignatureElementProxy {
public KeyName itemKeyName(int i) throws XMLSecurityException { public KeyName itemKeyName(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_KEYNAME, i); getFirstChild(), Constants._TAG_KEYNAME, i);
if (e != null) { if (e != null) {
return new KeyName(e, this.baseURI); return new KeyName(e, this.baseURI);
@ -527,7 +509,7 @@ public class KeyInfo extends SignatureElementProxy {
public KeyValue itemKeyValue(int i) throws XMLSecurityException { public KeyValue itemKeyValue(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_KEYVALUE, i); getFirstChild(), Constants._TAG_KEYVALUE, i);
if (e != null) { if (e != null) {
return new KeyValue(e, this.baseURI); return new KeyValue(e, this.baseURI);
@ -545,7 +527,7 @@ public class KeyInfo extends SignatureElementProxy {
public MgmtData itemMgmtData(int i) throws XMLSecurityException { public MgmtData itemMgmtData(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_MGMTDATA, i); getFirstChild(), Constants._TAG_MGMTDATA, i);
if (e != null) { if (e != null) {
return new MgmtData(e, this.baseURI); return new MgmtData(e, this.baseURI);
@ -563,7 +545,7 @@ public class KeyInfo extends SignatureElementProxy {
public PGPData itemPGPData(int i) throws XMLSecurityException { public PGPData itemPGPData(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_PGPDATA, i); getFirstChild(), Constants._TAG_PGPDATA, i);
if (e != null) { if (e != null) {
return new PGPData(e, this.baseURI); return new PGPData(e, this.baseURI);
@ -581,7 +563,7 @@ public class KeyInfo extends SignatureElementProxy {
public RetrievalMethod itemRetrievalMethod(int i) throws XMLSecurityException { public RetrievalMethod itemRetrievalMethod(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_RETRIEVALMETHOD, i); getFirstChild(), Constants._TAG_RETRIEVALMETHOD, i);
if (e != null) { if (e != null) {
return new RetrievalMethod(e, this.baseURI); return new RetrievalMethod(e, this.baseURI);
@ -599,7 +581,7 @@ public class KeyInfo extends SignatureElementProxy {
public SPKIData itemSPKIData(int i) throws XMLSecurityException { public SPKIData itemSPKIData(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_SPKIDATA, i); getFirstChild(), Constants._TAG_SPKIDATA, i);
if (e != null) { if (e != null) {
return new SPKIData(e, this.baseURI); return new SPKIData(e, this.baseURI);
@ -620,7 +602,7 @@ public class KeyInfo extends SignatureElementProxy {
} }
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509DATA, i); getFirstChild(), Constants._TAG_X509DATA, i);
if (e != null) { if (e != null) {
return new X509Data(e, this.baseURI); return new X509Data(e, this.baseURI);
@ -628,29 +610,6 @@ public class KeyInfo extends SignatureElementProxy {
return null; return null;
} }
/**
* Method itemEncryptedKey
*
* @param i
* @return the asked EncryptedKey element, null if the index is too big
* @throws XMLSecurityException
*/
public EncryptedKey itemEncryptedKey(int i) throws XMLSecurityException {
if (encryptedKeys != null) {
return encryptedKeys.get(i);
}
Element e =
XMLUtils.selectXencNode(
this.constructionElement.getFirstChild(), EncryptionConstants._TAG_ENCRYPTEDKEY, i);
if (e != null) {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, null);
return cipher.loadEncryptedKey(e);
}
return null;
}
/** /**
* Method itemDEREncodedKeyValue * Method itemDEREncodedKeyValue
* *
@ -661,7 +620,7 @@ public class KeyInfo extends SignatureElementProxy {
public DEREncodedKeyValue itemDEREncodedKeyValue(int i) throws XMLSecurityException { public DEREncodedKeyValue itemDEREncodedKeyValue(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDs11Node( XMLUtils.selectDs11Node(
this.constructionElement.getFirstChild(), Constants._TAG_DERENCODEDKEYVALUE, i); getFirstChild(), Constants._TAG_DERENCODEDKEYVALUE, i);
if (e != null) { if (e != null) {
return new DEREncodedKeyValue(e, this.baseURI); return new DEREncodedKeyValue(e, this.baseURI);
@ -679,7 +638,7 @@ public class KeyInfo extends SignatureElementProxy {
public KeyInfoReference itemKeyInfoReference(int i) throws XMLSecurityException { public KeyInfoReference itemKeyInfoReference(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDs11Node( XMLUtils.selectDs11Node(
this.constructionElement.getFirstChild(), Constants._TAG_KEYINFOREFERENCE, i); getFirstChild(), Constants._TAG_KEYINFOREFERENCE, i);
if (e != null) { if (e != null) {
return new KeyInfoReference(e, this.baseURI); return new KeyInfoReference(e, this.baseURI);
@ -694,24 +653,22 @@ public class KeyInfo extends SignatureElementProxy {
* @return the element number of the unknown elements * @return the element number of the unknown elements
*/ */
public Element itemUnknownElement(int i) { public Element itemUnknownElement(int i) {
NodeList nl = this.constructionElement.getChildNodes();
int res = 0; int res = 0;
Node childNode = getElement().getFirstChild();
for (int j = 0; j < nl.getLength(); j++) { while (childNode != null) {
Node current = nl.item(j);
/** /**
* $todo$ using this method, we don't see unknown Elements * $todo$ using this method, we don't see unknown Elements
* from Signature NS; revisit * from Signature NS; revisit
*/ */
if ((current.getNodeType() == Node.ELEMENT_NODE) if (childNode.getNodeType() == Node.ELEMENT_NODE
&& current.getNamespaceURI().equals(Constants.SignatureSpecNS)) { && childNode.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
res++; res++;
if (res == i) { if (res == i) {
return (Element) current; return (Element) childNode;
} }
} }
childNode = childNode.getNextSibling();
} }
return null; return null;
@ -723,7 +680,7 @@ public class KeyInfo extends SignatureElementProxy {
* @return true if the element has no descendants. * @return true if the element has no descendants.
*/ */
public boolean isEmpty() { public boolean isEmpty() {
return this.constructionElement.getFirstChild() == null; return getFirstChild() == null;
} }
/** /**
@ -826,28 +783,20 @@ public class KeyInfo extends SignatureElementProxy {
PublicKey pk = this.getPublicKeyFromInternalResolvers(); PublicKey pk = this.getPublicKeyFromInternalResolvers();
if (pk != null) { if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers");
}
return pk; return pk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers");
}
pk = this.getPublicKeyFromStaticResolvers(); pk = this.getPublicKeyFromStaticResolvers();
if (pk != null) { if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers");
}
return pk; return pk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers");
}
return null; return null;
} }
@ -863,7 +812,7 @@ public class KeyInfo extends SignatureElementProxy {
while (it.hasNext()) { while (it.hasNext()) {
KeyResolverSpi keyResolver = it.next(); KeyResolverSpi keyResolver = it.next();
keyResolver.setSecureValidation(secureValidation); keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild(); Node currentChild = getFirstChild();
String uri = this.getBaseURI(); String uri = this.getBaseURI();
while (currentChild != null) { while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -892,11 +841,9 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
PublicKey getPublicKeyFromInternalResolvers() throws KeyResolverException { PublicKey getPublicKeyFromInternalResolvers() throws KeyResolverException {
for (KeyResolverSpi keyResolver : internalKeyResolvers) { for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Try {}", keyResolver.getClass().getName());
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
keyResolver.setSecureValidation(secureValidation); keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild(); Node currentChild = getFirstChild();
String uri = this.getBaseURI(); String uri = this.getBaseURI();
while (currentChild != null) { while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -929,29 +876,21 @@ public class KeyInfo extends SignatureElementProxy {
X509Certificate cert = this.getX509CertificateFromInternalResolvers(); X509Certificate cert = this.getX509CertificateFromInternalResolvers();
if (cert != null) { if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a X509Certificate using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a X509Certificate using the per-KeyInfo key resolvers");
}
return cert; return cert;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a X509Certificate using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a X509Certificate using the per-KeyInfo key resolvers");
}
// Then use the system-wide Resolvers // Then use the system-wide Resolvers
cert = this.getX509CertificateFromStaticResolvers(); cert = this.getX509CertificateFromStaticResolvers();
if (cert != null) { if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a X509Certificate using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a X509Certificate using the system-wide key resolvers");
}
return cert; return cert;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a X509Certificate using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a X509Certificate using the system-wide key resolvers");
}
return null; return null;
} }
@ -966,12 +905,9 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
X509Certificate getX509CertificateFromStaticResolvers() X509Certificate getX509CertificateFromStaticResolvers()
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug(
log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromStaticResolvers() with {} resolvers", KeyResolver.length()
"Start getX509CertificateFromStaticResolvers() with " + KeyResolver.length()
+ " resolvers"
); );
}
String uri = this.getBaseURI(); String uri = this.getBaseURI();
Iterator<KeyResolverSpi> it = KeyResolver.iterator(); Iterator<KeyResolverSpi> it = KeyResolver.iterator();
while (it.hasNext()) { while (it.hasNext()) {
@ -988,7 +924,7 @@ public class KeyInfo extends SignatureElementProxy {
private X509Certificate applyCurrentResolver( private X509Certificate applyCurrentResolver(
String uri, KeyResolverSpi keyResolver String uri, KeyResolverSpi keyResolver
) throws KeyResolverException { ) throws KeyResolverException {
Node currentChild = this.constructionElement.getFirstChild(); Node currentChild = getFirstChild();
while (currentChild != null) { while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
for (StorageResolver storage : storageResolvers) { for (StorageResolver storage : storageResolvers) {
@ -1015,17 +951,13 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
X509Certificate getX509CertificateFromInternalResolvers() X509Certificate getX509CertificateFromInternalResolvers()
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug(
log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromInternalResolvers() with {} resolvers",
"Start getX509CertificateFromInternalResolvers() with " + this.lengthInternalKeyResolver()
+ this.lengthInternalKeyResolver() + " resolvers"
); );
}
String uri = this.getBaseURI(); String uri = this.getBaseURI();
for (KeyResolverSpi keyResolver : internalKeyResolvers) { for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Try {}", keyResolver.getClass().getName());
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
keyResolver.setSecureValidation(secureValidation); keyResolver.setSecureValidation(secureValidation);
X509Certificate cert = applyCurrentResolver(uri, keyResolver); X509Certificate cert = applyCurrentResolver(uri, keyResolver);
if (cert != null) { if (cert != null) {
@ -1045,28 +977,20 @@ public class KeyInfo extends SignatureElementProxy {
SecretKey sk = this.getSecretKeyFromInternalResolvers(); SecretKey sk = this.getSecretKeyFromInternalResolvers();
if (sk != null) { if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a secret key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a secret key using the per-KeyInfo key resolvers");
}
return sk; return sk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a secret key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers");
}
sk = this.getSecretKeyFromStaticResolvers(); sk = this.getSecretKeyFromStaticResolvers();
if (sk != null) { if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a secret key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a secret key using the system-wide key resolvers");
}
return sk; return sk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a secret key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the system-wide key resolvers");
}
return null; return null;
} }
@ -1083,7 +1007,7 @@ public class KeyInfo extends SignatureElementProxy {
KeyResolverSpi keyResolver = it.next(); KeyResolverSpi keyResolver = it.next();
keyResolver.setSecureValidation(secureValidation); keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild(); Node currentChild = getFirstChild();
String uri = this.getBaseURI(); String uri = this.getBaseURI();
while (currentChild != null) { while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1113,11 +1037,9 @@ public class KeyInfo extends SignatureElementProxy {
SecretKey getSecretKeyFromInternalResolvers() throws KeyResolverException { SecretKey getSecretKeyFromInternalResolvers() throws KeyResolverException {
for (KeyResolverSpi keyResolver : internalKeyResolvers) { for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Try {}", keyResolver.getClass().getName());
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
keyResolver.setSecureValidation(secureValidation); keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild(); Node currentChild = getFirstChild();
String uri = this.getBaseURI(); String uri = this.getBaseURI();
while (currentChild != null) { while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1148,25 +1070,17 @@ public class KeyInfo extends SignatureElementProxy {
PrivateKey pk = this.getPrivateKeyFromInternalResolvers(); PrivateKey pk = this.getPrivateKeyFromInternalResolvers();
if (pk != null) { if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a private key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a private key using the per-KeyInfo key resolvers");
}
return pk; return pk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a secret key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers");
}
pk = this.getPrivateKeyFromStaticResolvers(); pk = this.getPrivateKeyFromStaticResolvers();
if (pk != null) { if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I could find a private key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a private key using the system-wide key resolvers");
}
return pk; return pk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("I couldn't find a private key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a private key using the system-wide key resolvers");
}
return null; return null;
} }
@ -1183,7 +1097,7 @@ public class KeyInfo extends SignatureElementProxy {
KeyResolverSpi keyResolver = it.next(); KeyResolverSpi keyResolver = it.next();
keyResolver.setSecureValidation(secureValidation); keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild(); Node currentChild = getFirstChild();
String uri = this.getBaseURI(); String uri = this.getBaseURI();
while (currentChild != null) { while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1212,11 +1126,9 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
PrivateKey getPrivateKeyFromInternalResolvers() throws KeyResolverException { PrivateKey getPrivateKeyFromInternalResolvers() throws KeyResolverException {
for (KeyResolverSpi keyResolver : internalKeyResolvers) { for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Try {}", keyResolver.getClass().getName());
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
keyResolver.setSecureValidation(secureValidation); keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild(); Node currentChild = getFirstChild();
String uri = this.getBaseURI(); String uri = this.getBaseURI();
while (currentChild != null) { while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1274,13 +1186,13 @@ public class KeyInfo extends SignatureElementProxy {
public void addStorageResolver(StorageResolver storageResolver) { public void addStorageResolver(StorageResolver storageResolver) {
if (storageResolvers == nullList) { if (storageResolvers == nullList) {
// Replace the default null StorageResolver // Replace the default null StorageResolver
storageResolvers = new ArrayList<StorageResolver>(); storageResolvers = new ArrayList<>();
} }
this.storageResolvers.add(storageResolver); this.storageResolvers.add(storageResolver);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_KEYINFO; return Constants._TAG_KEYINFO;
} }

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyUtils.java
View File

@ -32,11 +32,10 @@ import com.sun.org.apache.xml.internal.security.keys.content.MgmtData;
import com.sun.org.apache.xml.internal.security.keys.content.X509Data; import com.sun.org.apache.xml.internal.security.keys.content.X509Data;
/** /**
* Utility class for the <CODE>com.sun.org.apache.xml.internal.security.keys</CODE> package. * Utility class for {@code com.sun.org.apache.xml.internal.security.keys} package.
* *
* @author $Author: coheigea $
*/ */
public class KeyUtils { public final class KeyUtils {
private KeyUtils() { private KeyUtils() {
// no instantiation // no instantiation

38
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/DEREncodedKeyValue.java
View File

@ -35,9 +35,8 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* Provides content model support for the <code>dsig11:DEREncodedKeyvalue</code> element. * Provides content model support for the {@code dsig11:DEREncodedKeyvalue} element.
* *
* @author Brent Putman (putmanb@georgetown.edu)
*/ */
public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyInfoContent { public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyInfoContent {
@ -48,11 +47,11 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
* Constructor DEREncodedKeyValue * Constructor DEREncodedKeyValue
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public DEREncodedKeyValue(Element element, String BaseURI) throws XMLSecurityException { public DEREncodedKeyValue(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -72,7 +71,7 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
* Constructor DEREncodedKeyValue * Constructor DEREncodedKeyValue
* *
* @param doc * @param doc
* @param base64EncodedKey * @param encodedKey
*/ */
public DEREncodedKeyValue(Document doc, byte[] encodedKey) { public DEREncodedKeyValue(Document doc, byte[] encodedKey) {
super(doc); super(doc);
@ -81,29 +80,24 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
} }
/** /**
* Sets the <code>Id</code> attribute * Sets the {@code Id} attribute
* *
* @param Id ID * @param id ID
*/ */
public void setId(String id) { public void setId(String id) {
if (id != null) { setLocalIdAttribute(Constants._ATT_ID, id);
this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
} else {
this.constructionElement.removeAttributeNS(null, Constants._ATT_ID);
}
} }
/** /**
* Returns the <code>Id</code> attribute * Returns the {@code Id} attribute
* *
* @return the <code>Id</code> attribute * @return the {@code Id} attribute
*/ */
public String getId() { public String getId() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ID); return getLocalAttribute(Constants._ATT_ID);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_DERENCODEDKEYVALUE; return Constants._TAG_DERENCODEDKEYVALUE;
} }
@ -126,9 +120,9 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
if (publicKey != null) { if (publicKey != null) {
return publicKey; return publicKey;
} }
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) { //NOPMD
// Do nothing, try the next type // Do nothing, try the next type
} catch (InvalidKeySpecException e) { } catch (InvalidKeySpecException e) { //NOPMD
// Do nothing, try the next type // Do nothing, try the next type
} }
} }
@ -148,10 +142,10 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
return keySpec.getEncoded(); return keySpec.getEncoded();
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() }; Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e); throw new XMLSecurityException(e, "DEREncodedKeyValue.UnsupportedPublicKey", exArgs);
} catch (InvalidKeySpecException e) { } catch (InvalidKeySpecException e) {
Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() }; Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e); throw new XMLSecurityException(e, "DEREncodedKeyValue.UnsupportedPublicKey", exArgs);
} }
} }

1
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.keys.content;
/** /**
* Empty interface just to identify Elements that can be children of ds:KeyInfo. * Empty interface just to identify Elements that can be children of ds:KeyInfo.
* *
* @author $Author: coheigea $
*/ */
public interface KeyInfoContent { public interface KeyInfoContent {
} }

32
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoReference.java
View File

@ -30,9 +30,8 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* Provides content model support for the <code>dsig11:KeyInfoReference</code> element. * Provides content model support for the {@code dsig11:KeyInfoReference} element.
* *
* @author Brent Putman (putmanb@georgetown.edu)
*/ */
public class KeyInfoReference extends Signature11ElementProxy implements KeyInfoContent { public class KeyInfoReference extends Signature11ElementProxy implements KeyInfoContent {
@ -40,7 +39,7 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
* Constructor RetrievalMethod * Constructor RetrievalMethod
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public KeyInfoReference(Element element, String baseURI) throws XMLSecurityException { public KeyInfoReference(Element element, String baseURI) throws XMLSecurityException {
@ -51,12 +50,12 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
* Constructor RetrievalMethod * Constructor RetrievalMethod
* *
* @param doc * @param doc
* @param URI * @param uri
*/ */
public KeyInfoReference(Document doc, String URI) { public KeyInfoReference(Document doc, String uri) {
super(doc); super(doc);
this.constructionElement.setAttributeNS(null, Constants._ATT_URI, URI); setLocalAttribute(Constants._ATT_URI, uri);
} }
/** /**
@ -65,7 +64,7 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
* @return the URI attribute * @return the URI attribute
*/ */
public Attr getURIAttr() { public Attr getURIAttr() {
return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_URI); return getElement().getAttributeNodeNS(null, Constants._ATT_URI);
} }
/** /**
@ -78,29 +77,24 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
} }
/** /**
* Sets the <code>Id</code> attribute * Sets the {@code Id} attribute
* *
* @param Id ID * @param id ID
*/ */
public void setId(String id) { public void setId(String id) {
if (id != null) { setLocalIdAttribute(Constants._ATT_ID, id);
this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
} else {
this.constructionElement.removeAttributeNS(null, Constants._ATT_ID);
}
} }
/** /**
* Returns the <code>Id</code> attribute * Returns the {@code Id} attribute
* *
* @return the <code>Id</code> attribute * @return the {@code Id} attribute
*/ */
public String getId() { public String getId() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ID); return getLocalAttribute(Constants._ATT_ID);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_KEYINFOREFERENCE; return Constants._TAG_KEYINFOREFERENCE;
} }

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java
View File

@ -29,7 +29,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* @author $Author: coheigea $
*/ */
public class KeyName extends SignatureElementProxy implements KeyInfoContent { public class KeyName extends SignatureElementProxy implements KeyInfoContent {
@ -37,11 +36,11 @@ public class KeyName extends SignatureElementProxy implements KeyInfoContent {
* Constructor KeyName * Constructor KeyName
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public KeyName(Element element, String BaseURI) throws XMLSecurityException { public KeyName(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -65,7 +64,7 @@ public class KeyName extends SignatureElementProxy implements KeyInfoContent {
return this.getTextFromTextChild(); return this.getTextFromTextChild();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_KEYNAME; return Constants._TAG_KEYNAME;
} }

49
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java
View File

@ -41,7 +41,6 @@ import org.w3c.dom.Element;
* keys values represented as PCDATA or element types from an external * keys values represented as PCDATA or element types from an external
* namespace. * namespace.
* *
* @author $Author: coheigea $
*/ */
public class KeyValue extends SignatureElementProxy implements KeyInfoContent { public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
@ -54,9 +53,9 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, DSAKeyValue dsaKeyValue) { public KeyValue(Document doc, DSAKeyValue dsaKeyValue) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
this.constructionElement.appendChild(dsaKeyValue.getElement()); appendSelf(dsaKeyValue);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -68,9 +67,9 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, RSAKeyValue rsaKeyValue) { public KeyValue(Document doc, RSAKeyValue rsaKeyValue) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
this.constructionElement.appendChild(rsaKeyValue.getElement()); appendSelf(rsaKeyValue);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -82,9 +81,9 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, Element unknownKeyValue) { public KeyValue(Document doc, Element unknownKeyValue) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
this.constructionElement.appendChild(unknownKeyValue); appendSelf(unknownKeyValue);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -96,18 +95,22 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, PublicKey pk) { public KeyValue(Document doc, PublicKey pk) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
if (pk instanceof java.security.interfaces.DSAPublicKey) { if (pk instanceof java.security.interfaces.DSAPublicKey) {
DSAKeyValue dsa = new DSAKeyValue(this.doc, pk); DSAKeyValue dsa = new DSAKeyValue(getDocument(), pk);
this.constructionElement.appendChild(dsa.getElement()); appendSelf(dsa);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} else if (pk instanceof java.security.interfaces.RSAPublicKey) { } else if (pk instanceof java.security.interfaces.RSAPublicKey) {
RSAKeyValue rsa = new RSAKeyValue(this.doc, pk); RSAKeyValue rsa = new RSAKeyValue(getDocument(), pk);
this.constructionElement.appendChild(rsa.getElement()); appendSelf(rsa);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} else {
String error = "The given PublicKey type " + pk + " is not supported. Only DSAPublicKey and "
+ "RSAPublicKey types are currently supported";
throw new IllegalArgumentException(error);
} }
} }
@ -115,11 +118,11 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* Constructor KeyValue * Constructor KeyValue
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public KeyValue(Element element, String BaseURI) throws XMLSecurityException { public KeyValue(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -131,7 +134,7 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public PublicKey getPublicKey() throws XMLSecurityException { public PublicKey getPublicKey() throws XMLSecurityException {
Element rsa = Element rsa =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_RSAKEYVALUE, 0); getFirstChild(), Constants._TAG_RSAKEYVALUE, 0);
if (rsa != null) { if (rsa != null) {
RSAKeyValue kv = new RSAKeyValue(rsa, this.baseURI); RSAKeyValue kv = new RSAKeyValue(rsa, this.baseURI);
@ -140,7 +143,7 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
Element dsa = Element dsa =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_DSAKEYVALUE, 0); getFirstChild(), Constants._TAG_DSAKEYVALUE, 0);
if (dsa != null) { if (dsa != null) {
DSAKeyValue kv = new DSAKeyValue(dsa, this.baseURI); DSAKeyValue kv = new DSAKeyValue(dsa, this.baseURI);
@ -150,7 +153,7 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
return null; return null;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_KEYVALUE; return Constants._TAG_KEYVALUE;
} }

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java
View File

@ -29,7 +29,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* @author $Author: coheigea $
*/ */
public class MgmtData extends SignatureElementProxy implements KeyInfoContent { public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
@ -37,12 +36,12 @@ public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
* Constructor MgmtData * Constructor MgmtData
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public MgmtData(Element element, String BaseURI) public MgmtData(Element element, String baseURI)
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -66,7 +65,7 @@ public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
return this.getTextFromTextChild(); return this.getTextFromTextChild();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_MGMTDATA; return Constants._TAG_MGMTDATA;
} }

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java
View File

@ -28,7 +28,6 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* @author $Author: coheigea $
* $todo$ Implement * $todo$ Implement
*/ */
public class PGPData extends SignatureElementProxy implements KeyInfoContent { public class PGPData extends SignatureElementProxy implements KeyInfoContent {
@ -37,14 +36,14 @@ public class PGPData extends SignatureElementProxy implements KeyInfoContent {
* Constructor PGPData * Constructor PGPData
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public PGPData(Element element, String BaseURI) throws XMLSecurityException { public PGPData(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_PGPDATA; return Constants._TAG_PGPDATA;
} }

26
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java
View File

@ -53,11 +53,11 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
* Constructor RetrievalMethod * Constructor RetrievalMethod
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public RetrievalMethod(Element element, String BaseURI) throws XMLSecurityException { public RetrievalMethod(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -71,15 +71,15 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
public RetrievalMethod(Document doc, String URI, Transforms transforms, String Type) { public RetrievalMethod(Document doc, String URI, Transforms transforms, String Type) {
super(doc); super(doc);
this.constructionElement.setAttributeNS(null, Constants._ATT_URI, URI); setLocalAttribute(Constants._ATT_URI, URI);
if (Type != null) { if (Type != null) {
this.constructionElement.setAttributeNS(null, Constants._ATT_TYPE, Type); setLocalAttribute(Constants._ATT_TYPE, Type);
} }
if (transforms != null) { if (transforms != null) {
this.constructionElement.appendChild(transforms.getElement()); appendSelf(transforms);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
} }
@ -89,7 +89,7 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
* @return the URI attribute * @return the URI attribute
*/ */
public Attr getURIAttr() { public Attr getURIAttr() {
return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_URI); return getElement().getAttributeNodeNS(null, Constants._ATT_URI);
} }
/** /**
@ -98,12 +98,12 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
* @return URI string * @return URI string
*/ */
public String getURI() { public String getURI() {
return this.getURIAttr().getNodeValue(); return getLocalAttribute(Constants._ATT_URI);
} }
/** @return the type*/ /** @return the type*/
public String getType() { public String getType() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_TYPE); return getLocalAttribute(Constants._ATT_TYPE);
} }
/** /**
@ -116,7 +116,7 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
try { try {
Element transformsElem = Element transformsElem =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_TRANSFORMS, 0); getFirstChild(), Constants._TAG_TRANSFORMS, 0);
if (transformsElem != null) { if (transformsElem != null) {
return new Transforms(transformsElem, this.baseURI); return new Transforms(transformsElem, this.baseURI);
@ -124,11 +124,11 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
return null; return null;
} catch (XMLSignatureException ex) { } catch (XMLSignatureException ex) {
throw new XMLSecurityException("empty", ex); throw new XMLSecurityException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_RETRIEVALMETHOD; return Constants._TAG_RETRIEVALMETHOD;
} }

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java
View File

@ -28,7 +28,6 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* @author $Author: coheigea $
* $todo$ implement * $todo$ implement
*/ */
public class SPKIData extends SignatureElementProxy implements KeyInfoContent { public class SPKIData extends SignatureElementProxy implements KeyInfoContent {
@ -37,15 +36,15 @@ public class SPKIData extends SignatureElementProxy implements KeyInfoContent {
* Constructor SPKIData * Constructor SPKIData
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public SPKIData(Element element, String BaseURI) public SPKIData(Element element, String baseURI)
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_SPKIDATA; return Constants._TAG_SPKIDATA;
} }

101
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java
View File

@ -41,9 +41,8 @@ import org.w3c.dom.Node;
public class X509Data extends SignatureElementProxy implements KeyInfoContent { public class X509Data extends SignatureElementProxy implements KeyInfoContent {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(X509Data.class);
java.util.logging.Logger.getLogger(X509Data.class.getName());
/** /**
* Constructor X509Data * Constructor X509Data
@ -53,7 +52,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
public X509Data(Document doc) { public X509Data(Document doc) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -66,18 +65,16 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
public X509Data(Element element, String baseURI) throws XMLSecurityException { public X509Data(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI); super(element, baseURI);
Node sibling = this.constructionElement.getFirstChild(); Node sibling = getFirstChild();
while (sibling != null) { while (sibling != null && sibling.getNodeType() != Node.ELEMENT_NODE) {
if (sibling.getNodeType() != Node.ELEMENT_NODE) {
sibling = sibling.getNextSibling(); sibling = sibling.getNextSibling();
continue;
}
return;
} }
if (sibling == null || sibling.getNodeType() != Node.ELEMENT_NODE) {
/* No Elements found */ /* No Elements found */
Object exArgs[] = { "Elements", Constants._TAG_X509DATA }; Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
throw new XMLSecurityException("xml.WrongContent", exArgs); throw new XMLSecurityException("xml.WrongContent", exArgs);
} }
}
/** /**
* Method addIssuerSerial * Method addIssuerSerial
@ -86,7 +83,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param X509SerialNumber * @param X509SerialNumber
*/ */
public void addIssuerSerial(String X509IssuerName, BigInteger X509SerialNumber) { public void addIssuerSerial(String X509IssuerName, BigInteger X509SerialNumber) {
this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber)); this.add(new XMLX509IssuerSerial(getDocument(), X509IssuerName, X509SerialNumber));
} }
/** /**
@ -96,7 +93,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param X509SerialNumber * @param X509SerialNumber
*/ */
public void addIssuerSerial(String X509IssuerName, String X509SerialNumber) { public void addIssuerSerial(String X509IssuerName, String X509SerialNumber) {
this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber)); this.add(new XMLX509IssuerSerial(getDocument(), X509IssuerName, X509SerialNumber));
} }
/** /**
@ -106,7 +103,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param X509SerialNumber * @param X509SerialNumber
*/ */
public void addIssuerSerial(String X509IssuerName, int X509SerialNumber) { public void addIssuerSerial(String X509IssuerName, int X509SerialNumber) {
this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber)); this.add(new XMLX509IssuerSerial(getDocument(), X509IssuerName, X509SerialNumber));
} }
/** /**
@ -116,8 +113,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/ */
public void add(XMLX509IssuerSerial xmlX509IssuerSerial) { public void add(XMLX509IssuerSerial xmlX509IssuerSerial) {
this.constructionElement.appendChild(xmlX509IssuerSerial.getElement()); appendSelf(xmlX509IssuerSerial);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -126,7 +123,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param skiBytes * @param skiBytes
*/ */
public void addSKI(byte[] skiBytes) { public void addSKI(byte[] skiBytes) {
this.add(new XMLX509SKI(this.doc, skiBytes)); this.add(new XMLX509SKI(getDocument(), skiBytes));
} }
/** /**
@ -137,7 +134,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/ */
public void addSKI(X509Certificate x509certificate) public void addSKI(X509Certificate x509certificate)
throws XMLSecurityException { throws XMLSecurityException {
this.add(new XMLX509SKI(this.doc, x509certificate)); this.add(new XMLX509SKI(getDocument(), x509certificate));
} }
/** /**
@ -146,8 +143,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SKI * @param xmlX509SKI
*/ */
public void add(XMLX509SKI xmlX509SKI) { public void add(XMLX509SKI xmlX509SKI) {
this.constructionElement.appendChild(xmlX509SKI.getElement()); appendSelf(xmlX509SKI);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -156,7 +153,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param subjectName * @param subjectName
*/ */
public void addSubjectName(String subjectName) { public void addSubjectName(String subjectName) {
this.add(new XMLX509SubjectName(this.doc, subjectName)); this.add(new XMLX509SubjectName(getDocument(), subjectName));
} }
/** /**
@ -165,7 +162,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param x509certificate * @param x509certificate
*/ */
public void addSubjectName(X509Certificate x509certificate) { public void addSubjectName(X509Certificate x509certificate) {
this.add(new XMLX509SubjectName(this.doc, x509certificate)); this.add(new XMLX509SubjectName(getDocument(), x509certificate));
} }
/** /**
@ -174,8 +171,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SubjectName * @param xmlX509SubjectName
*/ */
public void add(XMLX509SubjectName xmlX509SubjectName) { public void add(XMLX509SubjectName xmlX509SubjectName) {
this.constructionElement.appendChild(xmlX509SubjectName.getElement()); appendSelf(xmlX509SubjectName);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -186,7 +183,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/ */
public void addCertificate(X509Certificate x509certificate) public void addCertificate(X509Certificate x509certificate)
throws XMLSecurityException { throws XMLSecurityException {
this.add(new XMLX509Certificate(this.doc, x509certificate)); this.add(new XMLX509Certificate(getDocument(), x509certificate));
} }
/** /**
@ -195,7 +192,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param x509certificateBytes * @param x509certificateBytes
*/ */
public void addCertificate(byte[] x509certificateBytes) { public void addCertificate(byte[] x509certificateBytes) {
this.add(new XMLX509Certificate(this.doc, x509certificateBytes)); this.add(new XMLX509Certificate(getDocument(), x509certificateBytes));
} }
/** /**
@ -204,8 +201,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509Certificate * @param xmlX509Certificate
*/ */
public void add(XMLX509Certificate xmlX509Certificate) { public void add(XMLX509Certificate xmlX509Certificate) {
this.constructionElement.appendChild(xmlX509Certificate.getElement()); appendSelf(xmlX509Certificate);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -214,7 +211,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param crlBytes * @param crlBytes
*/ */
public void addCRL(byte[] crlBytes) { public void addCRL(byte[] crlBytes) {
this.add(new XMLX509CRL(this.doc, crlBytes)); this.add(new XMLX509CRL(getDocument(), crlBytes));
} }
/** /**
@ -223,8 +220,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509CRL * @param xmlX509CRL
*/ */
public void add(XMLX509CRL xmlX509CRL) { public void add(XMLX509CRL xmlX509CRL) {
this.constructionElement.appendChild(xmlX509CRL.getElement()); appendSelf(xmlX509CRL);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -236,27 +233,27 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/ */
public void addDigest(X509Certificate x509certificate, String algorithmURI) public void addDigest(X509Certificate x509certificate, String algorithmURI)
throws XMLSecurityException { throws XMLSecurityException {
this.add(new XMLX509Digest(this.doc, x509certificate, algorithmURI)); this.add(new XMLX509Digest(getDocument(), x509certificate, algorithmURI));
} }
/** /**
* Method addDigest * Method addDigest
* *
* @param x509CertificateDigestByes * @param x509CertificateDigestBytes
* @param algorithmURI * @param algorithmURI
*/ */
public void addDigest(byte[] x509certificateDigestBytes, String algorithmURI) { public void addDigest(byte[] x509CertificateDigestBytes, String algorithmURI) {
this.add(new XMLX509Digest(this.doc, x509certificateDigestBytes, algorithmURI)); this.add(new XMLX509Digest(getDocument(), x509CertificateDigestBytes, algorithmURI));
} }
/** /**
* Method add * Method add
* *
* @param XMLX509Digest * @param xmlX509Digest
*/ */
public void add(XMLX509Digest xmlX509Digest) { public void add(XMLX509Digest xmlX509Digest) {
this.constructionElement.appendChild(xmlX509Digest.getElement()); appendSelf(xmlX509Digest);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -265,8 +262,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param element * @param element
*/ */
public void addUnknownElement(Element element) { public void addUnknownElement(Element element) {
this.constructionElement.appendChild(element); appendSelf(element);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
} }
/** /**
@ -330,9 +327,9 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/ */
public int lengthUnknownElement() { public int lengthUnknownElement() {
int result = 0; int result = 0;
Node n = this.constructionElement.getFirstChild(); Node n = getFirstChild();
while (n != null){ while (n != null) {
if ((n.getNodeType() == Node.ELEMENT_NODE) if (n.getNodeType() == Node.ELEMENT_NODE
&& !n.getNamespaceURI().equals(Constants.SignatureSpecNS)) { && !n.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
result++; result++;
} }
@ -352,7 +349,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
public XMLX509IssuerSerial itemIssuerSerial(int i) throws XMLSecurityException { public XMLX509IssuerSerial itemIssuerSerial(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509ISSUERSERIAL, i); getFirstChild(), Constants._TAG_X509ISSUERSERIAL, i);
if (e != null) { if (e != null) {
return new XMLX509IssuerSerial(e, this.baseURI); return new XMLX509IssuerSerial(e, this.baseURI);
@ -371,7 +368,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509SKI, i); getFirstChild(), Constants._TAG_X509SKI, i);
if (e != null) { if (e != null) {
return new XMLX509SKI(e, this.baseURI); return new XMLX509SKI(e, this.baseURI);
@ -390,7 +387,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509SUBJECTNAME, i); getFirstChild(), Constants._TAG_X509SUBJECTNAME, i);
if (e != null) { if (e != null) {
return new XMLX509SubjectName(e, this.baseURI); return new XMLX509SubjectName(e, this.baseURI);
@ -402,14 +399,14 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* Method itemCertificate * Method itemCertificate
* *
* @param i * @param i
* @return the X509Certifacte, null if not present * @return the X509Certificate, null if not present
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public XMLX509Certificate itemCertificate(int i) throws XMLSecurityException { public XMLX509Certificate itemCertificate(int i) throws XMLSecurityException {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509CERTIFICATE, i); getFirstChild(), Constants._TAG_X509CERTIFICATE, i);
if (e != null) { if (e != null) {
return new XMLX509Certificate(e, this.baseURI); return new XMLX509Certificate(e, this.baseURI);
@ -428,7 +425,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e = Element e =
XMLUtils.selectDsNode( XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509CRL, i); getFirstChild(), Constants._TAG_X509CRL, i);
if (e != null) { if (e != null) {
return new XMLX509CRL(e, this.baseURI); return new XMLX509CRL(e, this.baseURI);
@ -447,7 +444,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e = Element e =
XMLUtils.selectDs11Node( XMLUtils.selectDs11Node(
this.constructionElement.getFirstChild(), Constants._TAG_X509DIGEST, i); getFirstChild(), Constants._TAG_X509DIGEST, i);
if (e != null) { if (e != null) {
return new XMLX509Digest(e, this.baseURI); return new XMLX509Digest(e, this.baseURI);
@ -463,9 +460,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* TODO implement * TODO implement
**/ **/
public Element itemUnknownElement(int i) { public Element itemUnknownElement(int i) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("itemUnknownElement not implemented: {}", i);
log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:" + i);
}
return null; return null;
} }
@ -532,7 +527,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
return this.lengthUnknownElement() > 0; return this.lengthUnknownElement() > 0;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509DATA; return Constants._TAG_X509DATA;
} }

23
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java
View File

@ -27,6 +27,7 @@ import java.security.Key;
import java.security.KeyFactory; import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey; import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec; import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException; import java.security.spec.InvalidKeySpecException;
@ -35,7 +36,6 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.I18n; import com.sun.org.apache.xml.internal.security.utils.I18n;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
@ -64,7 +64,7 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
public DSAKeyValue(Document doc, BigInteger P, BigInteger Q, BigInteger G, BigInteger Y) { public DSAKeyValue(Document doc, BigInteger P, BigInteger Q, BigInteger G, BigInteger Y) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
this.addBigIntegerElement(P, Constants._TAG_P); this.addBigIntegerElement(P, Constants._TAG_P);
this.addBigIntegerElement(Q, Constants._TAG_Q); this.addBigIntegerElement(Q, Constants._TAG_Q);
this.addBigIntegerElement(G, Constants._TAG_G); this.addBigIntegerElement(G, Constants._TAG_G);
@ -81,12 +81,13 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
public DSAKeyValue(Document doc, Key key) throws IllegalArgumentException { public DSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
if (key instanceof java.security.interfaces.DSAPublicKey) { if (key instanceof DSAPublicKey) {
this.addBigIntegerElement(((DSAPublicKey) key).getParams().getP(), Constants._TAG_P); DSAParams params = ((DSAPublicKey) key).getParams();
this.addBigIntegerElement(((DSAPublicKey) key).getParams().getQ(), Constants._TAG_Q); this.addBigIntegerElement(params.getP(), Constants._TAG_P);
this.addBigIntegerElement(((DSAPublicKey) key).getParams().getG(), Constants._TAG_G); this.addBigIntegerElement(params.getQ(), Constants._TAG_Q);
this.addBigIntegerElement(params.getG(), Constants._TAG_G);
this.addBigIntegerElement(((DSAPublicKey) key).getY(), Constants._TAG_Y); this.addBigIntegerElement(((DSAPublicKey) key).getY(), Constants._TAG_Y);
} else { } else {
Object exArgs[] = { Constants._TAG_DSAKEYVALUE, key.getClass().getName() }; Object exArgs[] = { Constants._TAG_DSAKEYVALUE, key.getClass().getName() };
@ -95,7 +96,7 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
public PublicKey getPublicKey() throws XMLSecurityException { public PublicKey getPublicKey() throws XMLSecurityException {
try { try {
DSAPublicKeySpec pkspec = DSAPublicKeySpec pkspec =
@ -118,13 +119,13 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
return pk; return pk;
} catch (NoSuchAlgorithmException ex) { } catch (NoSuchAlgorithmException ex) {
throw new XMLSecurityException("empty", ex); throw new XMLSecurityException(ex);
} catch (InvalidKeySpecException ex) { } catch (InvalidKeySpecException ex) {
throw new XMLSecurityException("empty", ex); throw new XMLSecurityException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_DSAKEYVALUE; return Constants._TAG_DSAKEYVALUE;
} }

21
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java
View File

@ -35,7 +35,6 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.I18n; import com.sun.org.apache.xml.internal.security.utils.I18n;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
@ -45,11 +44,11 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
* Constructor RSAKeyValue * Constructor RSAKeyValue
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public RSAKeyValue(Element element, String BaseURI) throws XMLSecurityException { public RSAKeyValue(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -62,7 +61,7 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
public RSAKeyValue(Document doc, BigInteger modulus, BigInteger exponent) { public RSAKeyValue(Document doc, BigInteger modulus, BigInteger exponent) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
this.addBigIntegerElement(modulus, Constants._TAG_MODULUS); this.addBigIntegerElement(modulus, Constants._TAG_MODULUS);
this.addBigIntegerElement(exponent, Constants._TAG_EXPONENT); this.addBigIntegerElement(exponent, Constants._TAG_EXPONENT);
} }
@ -77,9 +76,9 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
public RSAKeyValue(Document doc, Key key) throws IllegalArgumentException { public RSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
if (key instanceof java.security.interfaces.RSAPublicKey ) { if (key instanceof RSAPublicKey ) {
this.addBigIntegerElement( this.addBigIntegerElement(
((RSAPublicKey) key).getModulus(), Constants._TAG_MODULUS ((RSAPublicKey) key).getModulus(), Constants._TAG_MODULUS
); );
@ -93,7 +92,7 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
public PublicKey getPublicKey() throws XMLSecurityException { public PublicKey getPublicKey() throws XMLSecurityException {
try { try {
KeyFactory rsaFactory = KeyFactory.getInstance("RSA"); KeyFactory rsaFactory = KeyFactory.getInstance("RSA");
@ -111,13 +110,13 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
return pk; return pk;
} catch (NoSuchAlgorithmException ex) { } catch (NoSuchAlgorithmException ex) {
throw new XMLSecurityException("empty", ex); throw new XMLSecurityException(ex);
} catch (InvalidKeySpecException ex) { } catch (InvalidKeySpecException ex) {
throw new XMLSecurityException("empty", ex); throw new XMLSecurityException(ex);
} }
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_RSAKEYVALUE; return Constants._TAG_RSAKEYVALUE;
} }

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
basic handlers for elements that can occur inside <CODE>ds:KeyValue</CODE>.
</P></BODY></HTML>

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
basic handlers for elements that can occur inside <CODE>ds:KeyInfo</CODE>.
</P></BODY></HTML>

8
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java
View File

@ -34,11 +34,11 @@ public class XMLX509CRL extends SignatureElementProxy implements XMLX509DataCont
* Constructor XMLX509CRL * Constructor XMLX509CRL
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public XMLX509CRL(Element element, String BaseURI) throws XMLSecurityException { public XMLX509CRL(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -63,7 +63,7 @@ public class XMLX509CRL extends SignatureElementProxy implements XMLX509DataCont
return this.getBytesFromTextChild(); return this.getBytesFromTextChild();
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509CRL; return Constants._TAG_X509CRL;
} }

30
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java
View File

@ -23,6 +23,8 @@
package com.sun.org.apache.xml.internal.security.keys.content.x509; package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
@ -44,11 +46,11 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
* Constructor X509Certificate * Constructor X509Certificate
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public XMLX509Certificate(Element element, String BaseURI) throws XMLSecurityException { public XMLX509Certificate(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -77,7 +79,7 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
try { try {
this.addBase64Text(x509certificate.getEncoded()); this.addBase64Text(x509certificate.getEncoded());
} catch (java.security.cert.CertificateEncodingException ex) { } catch (java.security.cert.CertificateEncodingException ex) {
throw new XMLSecurityException("empty", ex); throw new XMLSecurityException(ex);
} }
} }
@ -98,22 +100,20 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public X509Certificate getX509Certificate() throws XMLSecurityException { public X509Certificate getX509Certificate() throws XMLSecurityException {
try {
byte certbytes[] = this.getCertificateBytes(); byte certbytes[] = this.getCertificateBytes();
try (InputStream is = new ByteArrayInputStream(certbytes)) {
CertificateFactory certFact = CertificateFactory certFact =
CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID); CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert = X509Certificate cert =
(X509Certificate) certFact.generateCertificate( (X509Certificate) certFact.generateCertificate(is);
new ByteArrayInputStream(certbytes)
);
if (cert != null) { if (cert != null) {
return cert; return cert;
} }
return null; return null;
} catch (CertificateException ex) { } catch (CertificateException | IOException ex) {
throw new XMLSecurityException("empty", ex); throw new XMLSecurityException(ex);
} }
} }
@ -123,7 +123,7 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
* @return the publickey * @return the publickey
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public PublicKey getPublicKey() throws XMLSecurityException { public PublicKey getPublicKey() throws XMLSecurityException, IOException {
X509Certificate cert = this.getX509Certificate(); X509Certificate cert = this.getX509Certificate();
if (cert != null) { if (cert != null) {
@ -133,7 +133,7 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
return null; return null;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public boolean equals(Object obj) { public boolean equals(Object obj) {
if (!(obj instanceof XMLX509Certificate)) { if (!(obj instanceof XMLX509Certificate)) {
return false; return false;
@ -154,14 +154,12 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
result = 31 * result + bytes[i]; result = 31 * result + bytes[i];
} }
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug(e.getMessage(), e);
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
} }
return result; return result;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509CERTIFICATE; return Constants._TAG_X509CERTIFICATE;
} }

1
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.keys.content.x509;
/** /**
* Just used for tagging contents that are allowed inside a ds:X509Data Element. * Just used for tagging contents that are allowed inside a ds:X509Data Element.
* *
* @author $Author: coheigea $
*/ */
public interface XMLX509DataContent { public interface XMLX509DataContent {
} }

17
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Digest.java
View File

@ -34,9 +34,8 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* Provides content model support for the <code>dsig11:X509Digest</code> element. * Provides content model support for the {@code dsig11:X509Digest} element.
* *
* @author Brent Putman (putmanb@georgetown.edu)
*/ */
public class XMLX509Digest extends Signature11ElementProxy implements XMLX509DataContent { public class XMLX509Digest extends Signature11ElementProxy implements XMLX509DataContent {
@ -44,11 +43,11 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
* Constructor XMLX509Digest * Constructor XMLX509Digest
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public XMLX509Digest(Element element, String BaseURI) throws XMLSecurityException { public XMLX509Digest(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -61,7 +60,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
public XMLX509Digest(Document doc, byte[] digestBytes, String algorithmURI) { public XMLX509Digest(Document doc, byte[] digestBytes, String algorithmURI) {
super(doc); super(doc);
this.addBase64Text(digestBytes); this.addBase64Text(digestBytes);
this.constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, algorithmURI); setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI);
} }
/** /**
@ -75,7 +74,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
public XMLX509Digest(Document doc, X509Certificate x509certificate, String algorithmURI) throws XMLSecurityException { public XMLX509Digest(Document doc, X509Certificate x509certificate, String algorithmURI) throws XMLSecurityException {
super(doc); super(doc);
this.addBase64Text(getDigestBytesFromCert(x509certificate, algorithmURI)); this.addBase64Text(getDigestBytesFromCert(x509certificate, algorithmURI));
this.constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, algorithmURI); setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI);
} }
/** /**
@ -84,7 +83,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
* @return the Algorithm attribute * @return the Algorithm attribute
*/ */
public Attr getAlgorithmAttr() { public Attr getAlgorithmAttr() {
return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_ALGORITHM); return getElement().getAttributeNodeNS(null, Constants._ATT_ALGORITHM);
} }
/** /**
@ -132,7 +131,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509DIGEST; return Constants._TAG_X509DIGEST;
} }

16
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java
View File

@ -29,15 +29,13 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.RFC2253Parser; import com.sun.org.apache.xml.internal.security.utils.RFC2253Parser;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX509DataContent { public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX509DataContent {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(XMLX509IssuerSerial.class);
java.util.logging.Logger.getLogger(XMLX509IssuerSerial.class.getName());
/** /**
* Constructor XMLX509IssuerSerial * Constructor XMLX509IssuerSerial
@ -59,7 +57,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
*/ */
public XMLX509IssuerSerial(Document doc, String x509IssuerName, BigInteger x509SerialNumber) { public XMLX509IssuerSerial(Document doc, String x509IssuerName, BigInteger x509SerialNumber) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this.constructionElement); addReturnToSelf();
addTextElement(x509IssuerName, Constants._TAG_X509ISSUERNAME); addTextElement(x509IssuerName, Constants._TAG_X509ISSUERNAME);
addTextElement(x509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER); addTextElement(x509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER);
} }
@ -108,9 +106,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
public BigInteger getSerialNumber() { public BigInteger getSerialNumber() {
String text = String text =
this.getTextFromChildElement(Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS); this.getTextFromChildElement(Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS);
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("X509SerialNumber text: {}", text);
log.log(java.util.logging.Level.FINE, "X509SerialNumber text: " + text);
}
return new BigInteger(text); return new BigInteger(text);
} }
@ -135,7 +131,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
); );
} }
/** @inheritDoc */ /** {@inheritDoc} */
public boolean equals(Object obj) { public boolean equals(Object obj) {
if (!(obj instanceof XMLX509IssuerSerial)) { if (!(obj instanceof XMLX509IssuerSerial)) {
return false; return false;
@ -154,7 +150,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
return result; return result;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509ISSUERSERIAL; return Constants._TAG_X509ISSUERSERIAL;
} }

33
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java
View File

@ -24,9 +24,9 @@ package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.Arrays; import java.util.Arrays;
import java.util.Base64;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
@ -40,20 +40,19 @@ import org.w3c.dom.Element;
*/ */
public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataContent { public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataContent {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(XMLX509SKI.class);
java.util.logging.Logger.getLogger(XMLX509SKI.class.getName());
/** /**
* <CODE>SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)</CODE>: * {@code SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)}:
* This extension identifies the public key being certified. It enables * This extension identifies the public key being certified. It enables
* distinct keys used by the same subject to be differentiated * distinct keys used by the same subject to be differentiated
* (e.g., as key updating occurs). * (e.g., as key updating occurs).
* <BR /> * <p></p>
* A key identifier shall be unique with respect to all key identifiers * A key identifier shall be unique with respect to all key identifiers
* for the subject with which it is used. This extension is always non-critical. * for the subject with which it is used. This extension is always non-critical.
*/ */
public static final String SKI_OID = "2.5.29.14"; public static final String SKI_OID = "2.5.29.14"; //NOPMD
/** /**
* Constructor X509SKI * Constructor X509SKI
@ -83,11 +82,11 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
* Constructor XMLX509SKI * Constructor XMLX509SKI
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public XMLX509SKI(Element element, String BaseURI) throws XMLSecurityException { public XMLX509SKI(Element element, String baseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -113,7 +112,7 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
throws XMLSecurityException { throws XMLSecurityException {
if (cert.getVersion() < 3) { if (cert.getVersion() < 3) {
Object exArgs[] = { Integer.valueOf(cert.getVersion()) }; Object exArgs[] = { cert.getVersion() };
throw new XMLSecurityException("certificate.noSki.lowVersion", exArgs); throw new XMLSecurityException("certificate.noSki.lowVersion", exArgs);
} }
@ -138,14 +137,14 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length); System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);
if (log.isLoggable(java.util.logging.Level.FINE)) { if (LOG.isDebugEnabled()) {
log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue)); LOG.debug("Base64 of SKI is " + Base64.getMimeEncoder().encodeToString(skidValue));
} }
return skidValue; return skidValue;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public boolean equals(Object obj) { public boolean equals(Object obj) {
if (!(obj instanceof XMLX509SKI)) { if (!(obj instanceof XMLX509SKI)) {
return false; return false;
@ -168,15 +167,13 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
result = 31 * result + bytes[i]; result = 31 * result + bytes[i];
} }
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug(e.getMessage(), e);
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
} }
return result; return result;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509SKI; return Constants._TAG_X509SKI;
} }

11
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java
View File

@ -32,7 +32,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* @author $Author: coheigea $
*/ */
public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509DataContent { public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509DataContent {
@ -40,12 +39,12 @@ public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509
* Constructor X509SubjectName * Constructor X509SubjectName
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public XMLX509SubjectName(Element element, String BaseURI) public XMLX509SubjectName(Element element, String baseURI)
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
@ -80,7 +79,7 @@ public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509
return RFC2253Parser.normalize(this.getTextFromTextChild()); return RFC2253Parser.normalize(this.getTextFromTextChild());
} }
/** @inheritDoc */ /** {@inheritDoc} */
public boolean equals(Object obj) { public boolean equals(Object obj) {
if (!(obj instanceof XMLX509SubjectName)) { if (!(obj instanceof XMLX509SubjectName)) {
return false; return false;
@ -99,7 +98,7 @@ public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509
return result; return result;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509SUBJECTNAME; return Constants._TAG_X509SUBJECTNAME;
} }

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
basic handlers for elements that can occur inside <CODE>ds:X509Data</CODE>.
</P></BODY></HTML>

84
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/ClassLoaderUtils.java Normal file
View File

@ -0,0 +1,84 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver;
// NOTE! This is a duplicate of utils.ClassLoaderUtils with public
// modifiers changed to package-private. Make sure to integrate any future
// changes to utils.ClassLoaderUtils to this file.
final class ClassLoaderUtils {
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(ClassLoaderUtils.class);
private ClassLoaderUtils() {
}
/**
* Load a class with a given name. <p></p> It will try to load the class in the
* following order:
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>Using the basic Class.forName()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>From the callingClass.getClassLoader()
* </ul>
*
* @param className The name of the class to load
* @param callingClass The Class object of the calling object
* @throws ClassNotFoundException If the class cannot be found anywhere.
*/
static Class<?> loadClass(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
if (cl != null) {
return cl.loadClass(className);
}
} catch (ClassNotFoundException e) {
LOG.debug(e.getMessage(), e);
//ignore
}
return loadClass2(className, callingClass);
}
private static Class<?> loadClass2(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
return Class.forName(className);
} catch (ClassNotFoundException ex) {
try {
if (ClassLoaderUtils.class.getClassLoader() != null) {
return ClassLoaderUtils.class.getClassLoader().loadClass(className);
}
} catch (ClassNotFoundException exc) {
if (callingClass != null && callingClass.getClassLoader() != null) {
return callingClass.getClassLoader().loadClass(className);
}
}
LOG.debug(ex.getMessage(), ex);
throw ex;
}
}
}

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java
View File

@ -61,21 +61,31 @@ public class InvalidKeyResolverException extends XMLSecurityException {
/** /**
* Constructor InvalidKeyResolverException * Constructor InvalidKeyResolverException
* *
* @param msgID
* @param originalException * @param originalException
* @param msgID
*/ */
public InvalidKeyResolverException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public InvalidKeyResolverException(String msgID, Exception originalException) { public InvalidKeyResolverException(String msgID, Exception originalException) {
super(msgID, originalException); this(originalException, msgID);
} }
/** /**
* Constructor InvalidKeyResolverException * Constructor InvalidKeyResolverException
* *
* @param originalException
* @param msgID * @param msgID
* @param exArgs * @param exArgs
* @param originalException
*/ */
public InvalidKeyResolverException(String msgID, Object exArgs[], Exception originalException) { public InvalidKeyResolverException(Exception originalException, String msgID, Object exArgs[]) {
super(msgID, exArgs, originalException); super(originalException, msgID, exArgs);
}
@Deprecated
public InvalidKeyResolverException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
} }
} }

51
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
View File

@ -52,9 +52,8 @@ import org.w3c.dom.Node;
*/ */
public class KeyResolver { public class KeyResolver {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(KeyResolver.class);
java.util.logging.Logger.getLogger(KeyResolver.class.getName());
/** Field resolverVector */ /** Field resolverVector */
private static List<KeyResolver> resolverVector = new CopyOnWriteArrayList<KeyResolver>(); private static List<KeyResolver> resolverVector = new CopyOnWriteArrayList<KeyResolver>();
@ -96,16 +95,14 @@ public class KeyResolver {
for (KeyResolver resolver : resolverVector) { for (KeyResolver resolver : resolverVector) {
if (resolver == null) { if (resolver == null) {
Object exArgs[] = { Object exArgs[] = {
(((element != null) element != null
&& (element.getNodeType() == Node.ELEMENT_NODE)) && element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null") ? element.getTagName() : "null"
}; };
throw new KeyResolverException("utils.resolver.noClass", exArgs); throw new KeyResolverException("utils.resolver.noClass", exArgs);
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("check resolvability by class {}", resolver.getClass());
log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
}
X509Certificate cert = resolver.resolveX509Certificate(element, baseURI, storage); X509Certificate cert = resolver.resolveX509Certificate(element, baseURI, storage);
if (cert != null) { if (cert != null) {
@ -114,8 +111,8 @@ public class KeyResolver {
} }
Object exArgs[] = { Object exArgs[] = {
(((element != null) && (element.getNodeType() == Node.ELEMENT_NODE)) element != null && element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null") ? element.getTagName() : "null"
}; };
throw new KeyResolverException("utils.resolver.noClass", exArgs); throw new KeyResolverException("utils.resolver.noClass", exArgs);
@ -137,16 +134,14 @@ public class KeyResolver {
for (KeyResolver resolver : resolverVector) { for (KeyResolver resolver : resolverVector) {
if (resolver == null) { if (resolver == null) {
Object exArgs[] = { Object exArgs[] = {
(((element != null) element != null
&& (element.getNodeType() == Node.ELEMENT_NODE)) && element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null") ? element.getTagName() : "null"
}; };
throw new KeyResolverException("utils.resolver.noClass", exArgs); throw new KeyResolverException("utils.resolver.noClass", exArgs);
} }
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("check resolvability by class {}", resolver.getClass());
log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
}
PublicKey cert = resolver.resolvePublicKey(element, baseURI, storage); PublicKey cert = resolver.resolvePublicKey(element, baseURI, storage);
if (cert != null) { if (cert != null) {
@ -155,8 +150,8 @@ public class KeyResolver {
} }
Object exArgs[] = { Object exArgs[] = {
(((element != null) && (element.getNodeType() == Node.ELEMENT_NODE)) element != null && element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null") ? element.getTagName() : "null"
}; };
throw new KeyResolverException("utils.resolver.noClass", exArgs); throw new KeyResolverException("utils.resolver.noClass", exArgs);
@ -184,7 +179,7 @@ public class KeyResolver {
JavaUtils.checkRegisterPermission(); JavaUtils.checkRegisterPermission();
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation")
KeyResolverSpi keyResolverSpi = KeyResolverSpi keyResolverSpi =
(KeyResolverSpi) Class.forName(className).newInstance(); (KeyResolverSpi) ClassLoaderUtils.loadClass(className, KeyResolver.class).newInstance();
keyResolverSpi.setGlobalResolver(globalResolver); keyResolverSpi.setGlobalResolver(globalResolver);
register(keyResolverSpi, false); register(keyResolverSpi, false);
} }
@ -209,8 +204,10 @@ public class KeyResolver {
Exception ex = null; Exception ex = null;
try { try {
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation")
Object tmp = Class.forName(className).newInstance(); KeyResolverSpi tmp = (KeyResolverSpi) ClassLoaderUtils.loadClass(className, KeyResolver.class).newInstance();
keyResolverSpi = (KeyResolverSpi) tmp; keyResolverSpi = tmp;
keyResolverSpi.setGlobalResolver(globalResolver);
register(keyResolverSpi, true);
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
ex = e; ex = e;
} catch (IllegalAccessException e) { } catch (IllegalAccessException e) {
@ -223,8 +220,6 @@ public class KeyResolver {
throw (IllegalArgumentException) new throw (IllegalArgumentException) new
IllegalArgumentException("Invalid KeyResolver class name").initCause(ex); IllegalArgumentException("Invalid KeyResolver class name").initCause(ex);
} }
keyResolverSpi.setGlobalResolver(globalResolver);
register(keyResolverSpi, true);
} }
/** /**
@ -273,11 +268,11 @@ public class KeyResolver {
public static void registerClassNames(List<String> classNames) public static void registerClassNames(List<String> classNames)
throws ClassNotFoundException, IllegalAccessException, InstantiationException { throws ClassNotFoundException, IllegalAccessException, InstantiationException {
JavaUtils.checkRegisterPermission(); JavaUtils.checkRegisterPermission();
List<KeyResolver> keyResolverList = new ArrayList<KeyResolver>(classNames.size()); List<KeyResolver> keyResolverList = new ArrayList<>(classNames.size());
for (String className : classNames) { for (String className : classNames) {
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation")
KeyResolverSpi keyResolverSpi = KeyResolverSpi keyResolverSpi =
(KeyResolverSpi) Class.forName(className).newInstance(); (KeyResolverSpi)ClassLoaderUtils.loadClass(className, KeyResolver.class).newInstance();
keyResolverSpi.setGlobalResolver(false); keyResolverSpi.setGlobalResolver(false);
keyResolverList.add(new KeyResolver(keyResolverSpi)); keyResolverList.add(new KeyResolver(keyResolverSpi));
} }
@ -289,7 +284,7 @@ public class KeyResolver {
*/ */
public static void registerDefaultResolvers() { public static void registerDefaultResolvers() {
List<KeyResolver> keyResolverList = new ArrayList<KeyResolver>(); List<KeyResolver> keyResolverList = new ArrayList<>();
keyResolverList.add(new KeyResolver(new RSAKeyValueResolver())); keyResolverList.add(new KeyResolver(new RSAKeyValueResolver()));
keyResolverList.add(new KeyResolver(new DSAKeyValueResolver())); keyResolverList.add(new KeyResolver(new DSAKeyValueResolver()));
keyResolverList.add(new KeyResolver(new X509CertificateResolver())); keyResolverList.add(new KeyResolver(new X509CertificateResolver()));
@ -418,7 +413,7 @@ public class KeyResolver {
public void remove() { public void remove() {
throw new UnsupportedOperationException("Can't remove resolvers using the iterator"); throw new UnsupportedOperationException("Can't remove resolvers using the iterator");
} }
}; }
public static Iterator<KeyResolverSpi> iterator() { public static Iterator<KeyResolverSpi> iterator() {
return new ResolverIterator(resolverVector); return new ResolverIterator(resolverVector);

24
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java
View File

@ -39,6 +39,10 @@ public class KeyResolverException extends XMLSecurityException {
super(); super();
} }
public KeyResolverException(Exception ex) {
super(ex);
}
/** /**
* Constructor KeyResolverException * Constructor KeyResolverException
* *
@ -61,21 +65,31 @@ public class KeyResolverException extends XMLSecurityException {
/** /**
* Constructor KeyResolverException * Constructor KeyResolverException
* *
* @param msgID
* @param originalException * @param originalException
* @param msgID
*/ */
public KeyResolverException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public KeyResolverException(String msgID, Exception originalException) { public KeyResolverException(String msgID, Exception originalException) {
super(msgID, originalException); this(originalException, msgID);
} }
/** /**
* Constructor KeyResolverException * Constructor KeyResolverException
* *
* @param originalException
* @param msgID * @param msgID
* @param exArgs * @param exArgs
* @param originalException
*/ */
public KeyResolverException(String msgID, Object exArgs[], Exception originalException) { public KeyResolverException(Exception originalException, String msgID, Object exArgs[]) {
super(msgID, exArgs, originalException); super(originalException, msgID, exArgs);
}
@Deprecated
public KeyResolverException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
} }
} }

58
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
View File

@ -22,15 +22,23 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.keyresolver; package com.sun.org.apache.xml.internal.security.keys.keyresolver;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.HashMap; import java.util.HashMap;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.xml.sax.SAXException;
/** /**
* This class is an abstract class for a child KeyInfo Element. * This class is an abstract class for a child KeyInfo Element.
@ -45,7 +53,7 @@ import org.w3c.dom.Element;
public abstract class KeyResolverSpi { public abstract class KeyResolverSpi {
/** Field properties */ /** Field properties */
protected java.util.Map<String, String> properties = null; protected java.util.Map<String, String> properties;
protected boolean globalResolver = false; protected boolean globalResolver = false;
@ -84,7 +92,7 @@ public abstract class KeyResolverSpi {
Element element, String baseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) throws KeyResolverException { ) throws KeyResolverException {
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
}; }
/** /**
* Method engineLookupAndResolvePublicKey * Method engineLookupAndResolvePublicKey
@ -107,19 +115,18 @@ public abstract class KeyResolverSpi {
} }
private KeyResolverSpi cloneIfNeeded() throws KeyResolverException { private KeyResolverSpi cloneIfNeeded() throws KeyResolverException {
KeyResolverSpi tmp = this;
if (globalResolver) { if (globalResolver) {
try { try {
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation")
KeyResolverSpi krs = getClass().newInstance(); KeyResolverSpi tmp = getClass().newInstance();
tmp = krs;
} catch (InstantiationException e) {
throw new KeyResolverException("", e);
} catch (IllegalAccessException e) {
throw new KeyResolverException("", e);
}
}
return tmp; return tmp;
} catch (InstantiationException e) {
throw new KeyResolverException(e, "");
} catch (IllegalAccessException e) {
throw new KeyResolverException(e, "");
}
}
return this;
} }
/** /**
@ -136,7 +143,7 @@ public abstract class KeyResolverSpi {
Element element, String baseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) throws KeyResolverException{ ) throws KeyResolverException{
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
}; }
/** /**
* Method engineLookupResolveX509Certificate * Method engineLookupResolveX509Certificate
@ -172,7 +179,7 @@ public abstract class KeyResolverSpi {
Element element, String baseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) throws KeyResolverException{ ) throws KeyResolverException{
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
}; }
/** /**
* Method engineLookupAndResolveSecretKey * Method engineLookupAndResolveSecretKey
@ -223,7 +230,7 @@ public abstract class KeyResolverSpi {
*/ */
public void engineSetProperty(String key, String value) { public void engineSetProperty(String key, String value) {
if (properties == null) { if (properties == null) {
properties = new HashMap<String, String>(); properties = new HashMap<>();
} }
properties.put(key, value); properties.put(key, value);
} }
@ -260,4 +267,27 @@ public abstract class KeyResolverSpi {
this.globalResolver = globalResolver; this.globalResolver = globalResolver;
} }
/**
* Parses a byte array and returns the parsed Element.
*
* @param bytes
* @return the Document Element after parsing bytes
* @throws KeyResolverException if something goes wrong
*/
protected static Element getDocFromBytes(byte[] bytes, boolean secureValidation) throws KeyResolverException {
DocumentBuilder db = null;
try (InputStream is = new ByteArrayInputStream(bytes)) {
db = XMLUtils.createDocumentBuilder(false, secureValidation);
Document doc = db.parse(is);
return doc.getDocumentElement();
} catch (SAXException ex) {
throw new KeyResolverException(ex);
} catch (IOException ex) {
throw new KeyResolverException(ex);
} catch (ParserConfigurationException ex) {
throw new KeyResolverException(ex);
}
}
} }

44
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DEREncodedKeyValueResolver.java
View File

@ -2,6 +2,24 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations; package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.security.PrivateKey; import java.security.PrivateKey;
@ -21,28 +39,24 @@ import org.w3c.dom.Element;
/** /**
* KeyResolverSpi implementation which resolves public keys from a * KeyResolverSpi implementation which resolves public keys from a
* <code>dsig11:DEREncodedKeyValue</code> element. * {@code dsig11:DEREncodedKeyValue} element.
* *
* @author Brent Putman (putmanb@georgetown.edu)
*/ */
public class DEREncodedKeyValueResolver extends KeyResolverSpi { public class DEREncodedKeyValueResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(DEREncodedKeyValueResolver.class);
java.util.logging.Logger.getLogger(DEREncodedKeyValueResolver.class.getName());
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) { public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_DERENCODEDKEYVALUE); return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_DERENCODEDKEYVALUE);
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage) public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Can I resolve {}", element.getTagName());
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
if (!engineCanResolve(element, baseURI, storage)) { if (!engineCanResolve(element, baseURI, storage)) {
return null; return null;
@ -52,27 +66,25 @@ public class DEREncodedKeyValueResolver extends KeyResolverSpi {
DEREncodedKeyValue derKeyValue = new DEREncodedKeyValue(element, baseURI); DEREncodedKeyValue derKeyValue = new DEREncodedKeyValue(element, baseURI);
return derKeyValue.getPublicKey(); return derKeyValue.getPublicKey();
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("XMLSecurityException", e);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
} }
return null; return null;
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
return null; return null;
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage) public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
return null; return null;
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage) public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
return null; return null;

23
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java
View File

@ -35,21 +35,20 @@ import org.w3c.dom.Element;
public class DSAKeyValueResolver extends KeyResolverSpi { public class DSAKeyValueResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(DSAKeyValueResolver.class);
java.util.logging.Logger.getLogger(DSAKeyValueResolver.class.getName());
/** /**
* Method engineResolvePublicKey * Method engineResolvePublicKey
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @param storage * @param storage
* @return null if no {@link PublicKey} could be obtained * @return null if no {@link PublicKey} could be obtained
*/ */
public PublicKey engineLookupAndResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) { ) {
if (element == null) { if (element == null) {
return null; return null;
@ -71,14 +70,12 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
} }
try { try {
DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement, BaseURI); DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement, baseURI);
PublicKey pk = dsaKeyValue.getPublicKey(); PublicKey pk = dsaKeyValue.getPublicKey();
return pk; return pk;
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug(ex.getMessage(), ex);
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
//do nothing //do nothing
} }
@ -86,16 +83,16 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
} }
/** @inheritDoc */ /** {@inheritDoc} */
public X509Certificate engineLookupResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) { ) {
return null; return null;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public javax.crypto.SecretKey engineLookupAndResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) { ) {
return null; return null;
} }

150
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java
View File

@ -1,150 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.SecretKey;
import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.encryption.XMLEncryptionException;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element;
/**
* The <code>EncryptedKeyResolver</code> is not a generic resolver. It can
* only be for specific instantiations, as the key being unwrapped will
* always be of a particular type and will always have been wrapped by
* another key which needs to be recursively resolved.
*
* The <code>EncryptedKeyResolver</code> can therefore only be instantiated
* with an algorithm. It can also be instantiated with a key (the KEK) or
* will search the static KeyResolvers to find the appropriate key.
*
* @author Berin Lautenbach
*/
public class EncryptedKeyResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(EncryptedKeyResolver.class.getName());
private Key kek;
private String algorithm;
private List<KeyResolverSpi> internalKeyResolvers;
/**
* Constructor for use when a KEK needs to be derived from a KeyInfo
* list
* @param algorithm
*/
public EncryptedKeyResolver(String algorithm) {
kek = null;
this.algorithm = algorithm;
}
/**
* Constructor used for when a KEK has been set
* @param algorithm
* @param kek
*/
public EncryptedKeyResolver(String algorithm, Key kek) {
this.algorithm = algorithm;
this.kek = kek;
}
/**
* This method is used to add a custom {@link KeyResolverSpi} to help
* resolve the KEK.
*
* @param realKeyResolver
*/
public void registerInternalKeyResolver(KeyResolverSpi realKeyResolver) {
if (internalKeyResolvers == null) {
internalKeyResolvers = new ArrayList<KeyResolverSpi>();
}
internalKeyResolvers.add(realKeyResolver);
}
/** @inheritDoc */
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage
) {
return null;
}
/** @inheritDoc */
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage
) {
return null;
}
/** @inheritDoc */
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage
) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName());
}
if (element == null) {
return null;
}
SecretKey key = null;
boolean isEncryptedKey =
XMLUtils.elementIsInEncryptionSpace(element, EncryptionConstants._TAG_ENCRYPTEDKEY);
if (isEncryptedKey) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
}
try {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, kek);
if (internalKeyResolvers != null) {
int size = internalKeyResolvers.size();
for (int i = 0; i < size; i++) {
cipher.registerInternalKeyResolver(internalKeyResolvers.get(i));
}
}
EncryptedKey ek = cipher.loadEncryptedKey(element);
key = (SecretKey) cipher.decryptKey(ek, algorithm);
} catch (XMLEncryptionException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
}
}
return key;
}
}

115
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/KeyInfoReferenceResolver.java
View File

@ -2,19 +2,33 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations; package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
import javax.xml.XMLConstants;
import javax.xml.namespace.QName; import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
@ -29,34 +43,29 @@ import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver; import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
/** /**
* KeyResolverSpi implementation which resolves public keys, private keys, secret keys, and X.509 certificates from a * KeyResolverSpi implementation which resolves public keys, private keys, secret keys, and X.509 certificates from a
* <code>dsig11:KeyInfoReference</code> element. * {@code dsig11:KeyInfoReference} element.
* *
* @author Brent Putman (putmanb@georgetown.edu)
*/ */
public class KeyInfoReferenceResolver extends KeyResolverSpi { public class KeyInfoReferenceResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(KeyInfoReferenceResolver.class);
java.util.logging.Logger.getLogger(KeyInfoReferenceResolver.class.getName());
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) { public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_KEYINFOREFERENCE); return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_KEYINFOREFERENCE);
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage) public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Can I resolve {}", element.getTagName());
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
if (!engineCanResolve(element, baseURI, storage)) { if (!engineCanResolve(element, baseURI, storage)) {
return null; return null;
@ -68,21 +77,17 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getPublicKey(); return referent.getPublicKey();
} }
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("XMLSecurityException", e);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
} }
return null; return null;
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Can I resolve {}", element.getTagName());
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
if (!engineCanResolve(element, baseURI, storage)) { if (!engineCanResolve(element, baseURI, storage)) {
return null; return null;
@ -94,21 +99,17 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getX509Certificate(); return referent.getX509Certificate();
} }
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("XMLSecurityException", e);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
} }
return null; return null;
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage) public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Can I resolve {}", element.getTagName());
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
if (!engineCanResolve(element, baseURI, storage)) { if (!engineCanResolve(element, baseURI, storage)) {
return null; return null;
@ -120,21 +121,17 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getSecretKey(); return referent.getSecretKey();
} }
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("XMLSecurityException", e);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
} }
return null; return null;
} }
/** {@inheritDoc}. */ /** {{@inheritDoc}}. */
public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage) public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Can I resolve " + element.getTagName());
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
if (!engineCanResolve(element, baseURI, storage)) { if (!engineCanResolve(element, baseURI, storage)) {
return null; return null;
@ -146,9 +143,7 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getPrivateKey(); return referent.getPrivateKey();
} }
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("XMLSecurityException", e);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
} }
return null; return null;
@ -173,14 +168,12 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
try { try {
referentElement = obtainReferenceElement(resource); referentElement = obtainReferenceElement(resource);
} catch (Exception e) { } catch (Exception e) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("XMLSecurityException", e);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
return null; return null;
} }
if (referentElement == null) { if (referentElement == null) {
log.log(java.util.logging.Level.FINE, "De-reference of KeyInfoReference URI returned null: " + uriAttr.getValue()); LOG.debug("De-reference of KeyInfoReference URI returned null: {}", uriAttr.getValue());
return null; return null;
} }
@ -224,21 +217,20 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
* @param uri * @param uri
* @param baseURI * @param baseURI
* @param secureValidation * @param secureValidation
* @return * @return the XML signature input represented by the specified URI.
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
private XMLSignatureInput resolveInput(Attr uri, String baseURI, boolean secureValidation) private XMLSignatureInput resolveInput(Attr uri, String baseURI, boolean secureValidation)
throws XMLSecurityException { throws XMLSecurityException {
ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation); ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation);
XMLSignatureInput resource = resRes.resolve(uri, baseURI, secureValidation); return resRes.resolve(uri, baseURI, secureValidation);
return resource;
} }
/** /**
* Resolve the Element effectively represented by the XML signature input source. * Resolve the Element effectively represented by the XML signature input source.
* *
* @param resource * @param resource
* @return * @return the Element effectively represented by the XML signature input source.
* @throws CanonicalizationException * @throws CanonicalizationException
* @throws ParserConfigurationException * @throws ParserConfigurationException
* @throws IOException * @throws IOException
@ -253,38 +245,13 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
if (resource.isElement()){ if (resource.isElement()){
e = (Element) resource.getSubNode(); e = (Element) resource.getSubNode();
} else if (resource.isNodeSet()) { } else if (resource.isNodeSet()) {
log.log(java.util.logging.Level.FINE, "De-reference of KeyInfoReference returned an unsupported NodeSet"); LOG.debug("De-reference of KeyInfoReference returned an unsupported NodeSet");
return null; return null;
} else { } else {
// Retrieved resource is a byte stream // Retrieved resource is a byte stream
byte inputBytes[] = resource.getBytes(); byte inputBytes[] = resource.getBytes();
e = getDocFromBytes(inputBytes); e = getDocFromBytes(inputBytes, this.secureValidation);
} }
return e; return e;
} }
/**
* Parses a byte array and returns the parsed Element.
*
* @param bytes
* @return the Document Element after parsing bytes
* @throws KeyResolverException if something goes wrong
*/
private Element getDocFromBytes(byte[] bytes) throws KeyResolverException {
try {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
DocumentBuilder db = dbf.newDocumentBuilder();
Document doc = db.parse(new ByteArrayInputStream(bytes));
return doc.getDocumentElement();
} catch (SAXException ex) {
throw new KeyResolverException("empty", ex);
} catch (IOException ex) {
throw new KeyResolverException("empty", ex);
} catch (ParserConfigurationException ex) {
throw new KeyResolverException("empty", ex);
}
}
} }

85
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/PrivateKeyResolver.java
View File

@ -2,6 +2,24 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations; package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.security.Key; import java.security.Key;
@ -34,9 +52,9 @@ import org.w3c.dom.Element;
* For a KeyName hint, the KeyName must match the alias of a PrivateKey entry within the KeyStore. * For a KeyName hint, the KeyName must match the alias of a PrivateKey entry within the KeyStore.
*/ */
public class PrivateKeyResolver extends KeyResolverSpi { public class PrivateKeyResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log = private static final com.sun.org.slf4j.internal.Logger LOG =
java.util.logging.Logger.getLogger(PrivateKeyResolver.class.getName()); com.sun.org.slf4j.internal.LoggerFactory.getLogger(PrivateKeyResolver.class);
private KeyStore keyStore; private KeyStore keyStore;
private char[] password; private char[] password;
@ -53,11 +71,11 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* This method returns whether the KeyResolverSpi is able to perform the requested action. * This method returns whether the KeyResolverSpi is able to perform the requested action.
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @param storage * @param storage
* @return whether the KeyResolverSpi is able to perform the requested action. * @return whether the KeyResolverSpi is able to perform the requested action.
*/ */
public boolean engineCanResolve(Element element, String BaseURI, StorageResolver storage) { public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA) if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)
|| XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) { || XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) {
return true; return true;
@ -70,27 +88,27 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Method engineLookupAndResolvePublicKey * Method engineLookupAndResolvePublicKey
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @param storage * @param storage
* @return null if no {@link PublicKey} could be obtained * @return null if no {@link PublicKey} could be obtained
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public PublicKey engineLookupAndResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) throws KeyResolverException { ) throws KeyResolverException {
return null; return null;
} }
/** /**
* Method engineResolveX509Certificate * Method engineResolveX509Certificate
* @inheritDoc * {@inheritDoc}
* @param element * @param element
* @param BaseURI * @param baseURI
* @param storage * @param storage
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public X509Certificate engineLookupResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) throws KeyResolverException { ) throws KeyResolverException {
return null; return null;
} }
@ -99,21 +117,21 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Method engineResolveSecretKey * Method engineResolveSecretKey
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @param storage * @param storage
* @return resolved SecretKey key or null if no {@link SecretKey} could be obtained * @return resolved SecretKey key or null if no {@link SecretKey} could be obtained
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public SecretKey engineResolveSecretKey( public SecretKey engineResolveSecretKey(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) throws KeyResolverException { ) throws KeyResolverException {
return null; return null;
} }
/** /**
* Method engineResolvePrivateKey * Method engineResolvePrivateKey
* @inheritDoc * {@inheritDoc}
* @param element * @param element
* @param baseURI * @param baseURI
* @param storage * @param storage
@ -123,9 +141,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
public PrivateKey engineLookupAndResolvePrivateKey( public PrivateKey engineLookupAndResolvePrivateKey(
Element element, String baseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) throws KeyResolverException { ) throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Can I resolve {}?", element.getTagName());
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
}
if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) { if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
PrivateKey privKey = resolveX509Data(element, baseURI); PrivateKey privKey = resolveX509Data(element, baseURI);
@ -133,7 +149,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return privKey; return privKey;
} }
} else if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) { } else if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) {
log.log(java.util.logging.Level.FINE, "Can I resolve KeyName?"); LOG.debug("Can I resolve KeyName?");
String keyName = element.getFirstChild().getNodeValue(); String keyName = element.getFirstChild().getNodeValue();
try { try {
@ -142,16 +158,16 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key; return (PrivateKey) key;
} }
} catch (Exception e) { } catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e); LOG.debug("Cannot recover the key", e);
} }
} }
log.log(java.util.logging.Level.FINE, "I can't"); LOG.debug("I can't");
return null; return null;
} }
private PrivateKey resolveX509Data(Element element, String baseURI) { private PrivateKey resolveX509Data(Element element, String baseURI) {
log.log(java.util.logging.Level.FINE, "Can I resolve X509Data?"); LOG.debug("Can I resolve X509Data?");
try { try {
X509Data x509Data = new X509Data(element, baseURI); X509Data x509Data = new X509Data(element, baseURI);
@ -192,9 +208,9 @@ public class PrivateKeyResolver extends KeyResolverSpi {
} }
} }
} catch (XMLSecurityException e) { } catch (XMLSecurityException e) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e); LOG.debug("XMLSecurityException", e);
} catch (KeyStoreException e) { } catch (KeyStoreException e) {
log.log(java.util.logging.Level.FINE, "KeyStoreException", e); LOG.debug("KeyStoreException", e);
} }
return null; return null;
@ -204,7 +220,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Search for a private key entry in the KeyStore with the same Subject Key Identifier * Search for a private key entry in the KeyStore with the same Subject Key Identifier
*/ */
private PrivateKey resolveX509SKI(XMLX509SKI x509SKI) throws XMLSecurityException, KeyStoreException { private PrivateKey resolveX509SKI(XMLX509SKI x509SKI) throws XMLSecurityException, KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509SKI?"); LOG.debug("Can I resolve X509SKI?");
Enumeration<String> aliases = keyStore.aliases(); Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) { while (aliases.hasMoreElements()) {
@ -216,7 +232,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
XMLX509SKI certSKI = new XMLX509SKI(x509SKI.getDocument(), (X509Certificate) cert); XMLX509SKI certSKI = new XMLX509SKI(x509SKI.getDocument(), (X509Certificate) cert);
if (certSKI.equals(x509SKI)) { if (certSKI.equals(x509SKI)) {
log.log(java.util.logging.Level.FINE, "match !!! "); LOG.debug("match !!! ");
try { try {
Key key = keyStore.getKey(alias, password); Key key = keyStore.getKey(alias, password);
@ -224,7 +240,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key; return (PrivateKey) key;
} }
} catch (Exception e) { } catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e); LOG.debug("Cannot recover the key", e);
// Keep searching // Keep searching
} }
} }
@ -239,7 +255,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Search for a private key entry in the KeyStore with the same Issuer/Serial Number pair. * Search for a private key entry in the KeyStore with the same Issuer/Serial Number pair.
*/ */
private PrivateKey resolveX509IssuerSerial(XMLX509IssuerSerial x509Serial) throws KeyStoreException { private PrivateKey resolveX509IssuerSerial(XMLX509IssuerSerial x509Serial) throws KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509IssuerSerial?"); LOG.debug("Can I resolve X509IssuerSerial?");
Enumeration<String> aliases = keyStore.aliases(); Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) { while (aliases.hasMoreElements()) {
@ -252,7 +268,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
new XMLX509IssuerSerial(x509Serial.getDocument(), (X509Certificate) cert); new XMLX509IssuerSerial(x509Serial.getDocument(), (X509Certificate) cert);
if (certSerial.equals(x509Serial)) { if (certSerial.equals(x509Serial)) {
log.log(java.util.logging.Level.FINE, "match !!! "); LOG.debug("match !!! ");
try { try {
Key key = keyStore.getKey(alias, password); Key key = keyStore.getKey(alias, password);
@ -260,7 +276,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key; return (PrivateKey) key;
} }
} catch (Exception e) { } catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e); LOG.debug("Cannot recover the key", e);
// Keep searching // Keep searching
} }
} }
@ -275,7 +291,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Search for a private key entry in the KeyStore with the same Subject Name. * Search for a private key entry in the KeyStore with the same Subject Name.
*/ */
private PrivateKey resolveX509SubjectName(XMLX509SubjectName x509SubjectName) throws KeyStoreException { private PrivateKey resolveX509SubjectName(XMLX509SubjectName x509SubjectName) throws KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509SubjectName?"); LOG.debug("Can I resolve X509SubjectName?");
Enumeration<String> aliases = keyStore.aliases(); Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) { while (aliases.hasMoreElements()) {
@ -288,7 +304,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
new XMLX509SubjectName(x509SubjectName.getDocument(), (X509Certificate) cert); new XMLX509SubjectName(x509SubjectName.getDocument(), (X509Certificate) cert);
if (certSN.equals(x509SubjectName)) { if (certSN.equals(x509SubjectName)) {
log.log(java.util.logging.Level.FINE, "match !!! "); LOG.debug("match !!! ");
try { try {
Key key = keyStore.getKey(alias, password); Key key = keyStore.getKey(alias, password);
@ -296,7 +312,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key; return (PrivateKey) key;
} }
} catch (Exception e) { } catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e); LOG.debug("Cannot recover the key", e);
// Keep searching // Keep searching
} }
} }
@ -313,7 +329,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
private PrivateKey resolveX509Certificate( private PrivateKey resolveX509Certificate(
XMLX509Certificate x509Cert XMLX509Certificate x509Cert
) throws XMLSecurityException, KeyStoreException { ) throws XMLSecurityException, KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509Certificate?"); LOG.debug("Can I resolve X509Certificate?");
byte[] x509CertBytes = x509Cert.getCertificateBytes(); byte[] x509CertBytes = x509Cert.getCertificateBytes();
Enumeration<String> aliases = keyStore.aliases(); Enumeration<String> aliases = keyStore.aliases();
@ -328,10 +344,11 @@ public class PrivateKeyResolver extends KeyResolverSpi {
try { try {
certBytes = cert.getEncoded(); certBytes = cert.getEncoded();
} catch (CertificateEncodingException e1) { } catch (CertificateEncodingException e1) {
LOG.debug("Cannot recover the key", e1);
} }
if (certBytes != null && Arrays.equals(certBytes, x509CertBytes)) { if (certBytes != null && Arrays.equals(certBytes, x509CertBytes)) {
log.log(java.util.logging.Level.FINE, "match !!! "); LOG.debug("match !!! ");
try { try {
Key key = keyStore.getKey(alias, password); Key key = keyStore.getKey(alias, password);
@ -340,7 +357,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
} }
} }
catch (Exception e) { catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e); LOG.debug("Cannot recover the key", e);
// Keep searching // Keep searching
} }
} }

27
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java
View File

@ -36,18 +36,15 @@ import org.w3c.dom.Element;
public class RSAKeyValueResolver extends KeyResolverSpi { public class RSAKeyValueResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */ private static final com.sun.org.slf4j.internal.Logger LOG =
private static java.util.logging.Logger log = com.sun.org.slf4j.internal.LoggerFactory.getLogger(RSAKeyValueResolver.class);
java.util.logging.Logger.getLogger(RSAKeyValueResolver.class.getName());
/** @inheritDoc */ /** {@inheritDoc} */
public PublicKey engineLookupAndResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) { ) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("Can I resolve {}", element.getTagName());
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
if (element == null) { if (element == null) {
return null; return null;
} }
@ -68,28 +65,26 @@ public class RSAKeyValueResolver extends KeyResolverSpi {
} }
try { try {
RSAKeyValue rsaKeyValue = new RSAKeyValue(rsaKeyElement, BaseURI); RSAKeyValue rsaKeyValue = new RSAKeyValue(rsaKeyElement, baseURI);
return rsaKeyValue.getPublicKey(); return rsaKeyValue.getPublicKey();
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) { LOG.debug("XMLSecurityException", ex);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
}
} }
return null; return null;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public X509Certificate engineLookupResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) { ) {
return null; return null;
} }
/** @inheritDoc */ /** {@inheritDoc} */
public javax.crypto.SecretKey engineLookupAndResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage Element element, String baseURI, StorageResolver storage
) { ) {
return null; return null;
} }

Some files were not shown because too many files have changed in this diff Show More