stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8177334: Update xmldsig implementation to Apache Santuario 2.1.1

Browse Source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2018-06-19 08:06:35 +08:00
parent a0065b1667
commit 9adabc35b0
261 changed files with 10095 additions and 13654 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/Init.java
View File

@ -30,9 +30,7 @@ import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm;
@ -61,9 +59,8 @@ public class Init {
/** The namespace for CONF file **/
public static final String CONF_NS = "http://www.xmlsecurity.org/NS/#configuration";
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Init.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(Init.class);
/** Field alreadyInitialized */
private static boolean alreadyInitialized = false;
@ -72,7 +69,7 @@ public class Init {
* Method isInitialized
* @return true if the library is already initialized.
*/
public static synchronized final boolean isInitialized() {
public static final synchronized boolean isInitialized() {
return Init.alreadyInitialized;
}
@ -87,16 +84,16 @@ public class Init {
InputStream is =
AccessController.doPrivileged(
new PrivilegedAction<InputStream>() {
public InputStream run() {
(PrivilegedAction<InputStream>)
() -> {
String cfile =
System.getProperty("com.sun.org.apache.xml.internal.security.resource.config");
if (cfile == null) {
return null;
}
return getClass().getResourceAsStream(cfile);
return Init.class.getResourceAsStream(cfile);
}
});
);
if (is == null) {
dynamicInit();
} else {
@ -117,9 +114,8 @@ public class Init {
//
I18n.init("en", "US");
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Registering default algorithms");
}
LOG.debug("Registering default algorithms");
try {
AccessController.doPrivileged(new PrivilegedExceptionAction<Void>(){
@Override public Void run() throws XMLSecurityException {
@ -163,7 +159,7 @@ public class Init {
});
} catch (PrivilegedActionException ex) {
XMLSecurityException xse = (XMLSecurityException)ex.getException();
log.log(java.util.logging.Level.SEVERE, xse.getMessage(), xse);
LOG.error(xse.getMessage(), xse);
xse.printStackTrace();
}
}
@ -174,13 +170,7 @@ public class Init {
private static void fileInit(InputStream is) {
try {
/* read library configuration file */
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
dbf.setNamespaceAware(true);
dbf.setValidating(false);
DocumentBuilder db = dbf.newDocumentBuilder();
DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
Document doc = db.parse(is);
Node config = doc.getFirstChild();
for (; config != null; config = config.getNextSibling()) {
@ -189,7 +179,7 @@ public class Init {
}
}
if (config == null) {
log.log(java.util.logging.Level.SEVERE, "Error in reading configuration file - Configuration element not found");
LOG.error("Error in reading configuration file - Configuration element not found");
return;
}
for (Node el = config.getFirstChild(); el != null; el = el.getNextSibling()) {
@ -197,11 +187,11 @@ public class Init {
continue;
}
String tag = el.getLocalName();
if (tag.equals("ResourceBundles")) {
if ("ResourceBundles".equals(tag)) {
Element resource = (Element)el;
/* configure internationalization */
Attr langAttr = resource.getAttributeNode("defaultLanguageCode");
Attr countryAttr = resource.getAttributeNode("defaultCountryCode");
Attr langAttr = resource.getAttributeNodeNS(null, "defaultLanguageCode");
Attr countryAttr = resource.getAttributeNodeNS(null, "defaultCountryCode");
String languageCode =
(langAttr == null) ? null : langAttr.getNodeValue();
String countryCode =
@ -209,45 +199,41 @@ public class Init {
I18n.init(languageCode, countryCode);
}
if (tag.equals("CanonicalizationMethods")) {
if ("CanonicalizationMethods".equals(tag)) {
Element[] list =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "CanonicalizationMethod");
for (int i = 0; i < list.length; i++) {
String uri = list[i].getAttributeNS(null, "URI");
for (Element element : list) {
String uri = element.getAttributeNS(null, "URI");
String javaClass =
list[i].getAttributeNS(null, "JAVACLASS");
element.getAttributeNS(null, "JAVACLASS");
try {
Canonicalizer.register(uri, javaClass);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + uri + ", " + javaClass + ")");
}
LOG.debug("Canonicalizer.register({}, {})", uri, javaClass);
} catch (ClassNotFoundException e) {
Object exArgs[] = { uri, javaClass };
log.log(java.util.logging.Level.SEVERE, I18n.translate("algorithm.classDoesNotExist", exArgs));
LOG.error(I18n.translate("algorithm.classDoesNotExist", exArgs));
}
}
}
if (tag.equals("TransformAlgorithms")) {
if ("TransformAlgorithms".equals(tag)) {
Element[] tranElem =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "TransformAlgorithm");
for (int i = 0; i < tranElem.length; i++) {
String uri = tranElem[i].getAttributeNS(null, "URI");
for (Element element : tranElem) {
String uri = element.getAttributeNS(null, "URI");
String javaClass =
tranElem[i].getAttributeNS(null, "JAVACLASS");
element.getAttributeNS(null, "JAVACLASS");
try {
Transform.register(uri, javaClass);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Transform.register(" + uri + ", " + javaClass + ")");
}
LOG.debug("Transform.register({}, {})", uri, javaClass);
} catch (ClassNotFoundException e) {
Object exArgs[] = { uri, javaClass };
log.log(java.util.logging.Level.SEVERE, I18n.translate("algorithm.classDoesNotExist", exArgs));
LOG.error(I18n.translate("algorithm.classDoesNotExist", exArgs));
} catch (NoClassDefFoundError ex) {
log.log(java.util.logging.Level.WARNING, "Not able to found dependencies for algorithm, I'll keep working.");
LOG.warn("Not able to found dependencies for algorithm, I'll keep working.");
}
}
}
@ -257,64 +243,54 @@ public class Init {
if (algorithmsNode != null) {
Element[] algorithms =
XMLUtils.selectNodes(algorithmsNode.getFirstChild(), CONF_NS, "Algorithm");
for (int i = 0; i < algorithms.length; i++) {
Element element = algorithms[i];
String id = element.getAttribute("URI");
for (Element element : algorithms) {
String id = element.getAttributeNS(null, "URI");
JCEMapper.register(id, new JCEMapper.Algorithm(element));
}
}
}
if (tag.equals("SignatureAlgorithms")) {
if ("SignatureAlgorithms".equals(tag)) {
Element[] sigElems =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "SignatureAlgorithm");
for (int i = 0; i < sigElems.length; i++) {
String uri = sigElems[i].getAttributeNS(null, "URI");
for (Element sigElem : sigElems) {
String uri = sigElem.getAttributeNS(null, "URI");
String javaClass =
sigElems[i].getAttributeNS(null, "JAVACLASS");
sigElem.getAttributeNS(null, "JAVACLASS");
/** $todo$ handle registering */
try {
SignatureAlgorithm.register(uri, javaClass);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + uri + ", "
+ javaClass + ")");
}
LOG.debug("SignatureAlgorithm.register({}, {})", uri, javaClass);
} catch (ClassNotFoundException e) {
Object exArgs[] = { uri, javaClass };
log.log(java.util.logging.Level.SEVERE, I18n.translate("algorithm.classDoesNotExist", exArgs));
LOG.error(I18n.translate("algorithm.classDoesNotExist", exArgs));
}
}
}
if (tag.equals("ResourceResolvers")) {
Element[]resolverElem =
if ("ResourceResolvers".equals(tag)) {
Element[] resolverElem =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "Resolver");
for (int i = 0; i < resolverElem.length; i++) {
for (Element element : resolverElem) {
String javaClass =
resolverElem[i].getAttributeNS(null, "JAVACLASS");
element.getAttributeNS(null, "JAVACLASS");
String description =
resolverElem[i].getAttributeNS(null, "DESCRIPTION");
element.getAttributeNS(null, "DESCRIPTION");
if ((description != null) && (description.length() > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass + ": "
+ description);
}
if (description != null && description.length() > 0) {
LOG.debug("Register Resolver: {}: {}", javaClass, description);
} else {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass
+ ": For unknown purposes");
}
LOG.debug("Register Resolver: {}: For unknown purposes", javaClass);
}
try {
ResourceResolver.register(javaClass);
} catch (Throwable e) {
log.log(java.util.logging.Level.WARNING,
LOG.warn(
"Cannot register:" + javaClass
+ " perhaps some needed jars are not installed",
e
@ -323,26 +299,20 @@ public class Init {
}
}
if (tag.equals("KeyResolver")){
if ("KeyResolver".equals(tag)){
Element[] resolverElem =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "Resolver");
List<String> classNames = new ArrayList<String>(resolverElem.length);
for (int i = 0; i < resolverElem.length; i++) {
List<String> classNames = new ArrayList<>(resolverElem.length);
for (Element element : resolverElem) {
String javaClass =
resolverElem[i].getAttributeNS(null, "JAVACLASS");
element.getAttributeNS(null, "JAVACLASS");
String description =
resolverElem[i].getAttributeNS(null, "DESCRIPTION");
element.getAttributeNS(null, "DESCRIPTION");
if ((description != null) && (description.length() > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass + ": "
+ description);
}
if (description != null && description.length() > 0) {
LOG.debug("Register Resolver: {}: {}", javaClass, description);
} else {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Register Resolver: " + javaClass
+ ": For unknown purposes");
}
LOG.debug("Register Resolver: {}: For unknown purposes", javaClass);
}
classNames.add(javaClass);
}
@ -350,27 +320,22 @@ public class Init {
}
if (tag.equals("PrefixMappings")){
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:");
}
if ("PrefixMappings".equals(tag)){
LOG.debug("Now I try to bind prefixes:");
Element[] nl =
XMLUtils.selectNodes(el.getFirstChild(), CONF_NS, "PrefixMapping");
for (int i = 0; i < nl.length; i++) {
String namespace = nl[i].getAttributeNS(null, "namespace");
String prefix = nl[i].getAttributeNS(null, "prefix");
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace);
}
for (Element element : nl) {
String namespace = element.getAttributeNS(null, "namespace");
String prefix = element.getAttributeNS(null, "prefix");
LOG.debug("Now I try to bind {} to {}", prefix, namespace);
ElementProxy.setDefaultPrefix(namespace, prefix);
}
}
}
} catch (Exception e) {
log.log(java.util.logging.Level.SEVERE, "Bad: ", e);
e.printStackTrace();
LOG.error("Bad: ", e);
}
}

13
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java
View File

@ -40,7 +40,6 @@ public abstract class Algorithm extends SignatureElementProxy {
*/
public Algorithm(Document doc, String algorithmURI) {
super(doc);
this.setAlgorithmURI(algorithmURI);
}
@ -48,11 +47,11 @@ public abstract class Algorithm extends SignatureElementProxy {
* Constructor Algorithm
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public Algorithm(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public Algorithm(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -61,7 +60,7 @@ public abstract class Algorithm extends SignatureElementProxy {
* @return The URI of the algorithm
*/
public String getAlgorithmURI() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM);
return getLocalAttribute(Constants._ATT_ALGORITHM);
}
/**
@ -71,9 +70,7 @@ public abstract class Algorithm extends SignatureElementProxy {
*/
protected void setAlgorithmURI(String algorithmURI) {
if (algorithmURI != null) {
this.constructionElement.setAttributeNS(
null, Constants._ATT_ALGORITHM, algorithmURI
);
setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI);
}
}
}

206
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/ClassLoaderUtils.java
View File

@ -23,211 +23,19 @@
package com.sun.org.apache.xml.internal.security.algorithms;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
/**
* This class is extremely useful for loading resources and classes in a fault
* tolerant manner that works across different applications servers. Do not
* touch this unless you're a grizzled classloading guru veteran who is going to
* verify any change on 6 different application servers.
*/
// NOTE! This is a duplicate of utils.ClassLoaderUtils with public
// modifiers changed to package-private. Make sure to integrate any future
// changes to utils.ClassLoaderUtils to this file.
final class ClassLoaderUtils {
/** {@link org.apache.commons.logging} logging facility */
private static final java.util.logging.Logger log =
java.util.logging.Logger.getLogger(ClassLoaderUtils.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(ClassLoaderUtils.class);
private ClassLoaderUtils() {
}
/**
* Load a given resource. <p/> This method will try to load the resource
* using the following methods (in order):
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>callingClass.getClassLoader()
* </ul>
*
* @param resourceName The name of the resource to load
* @param callingClass The Class object of the calling object
*/
static URL getResource(String resourceName, Class<?> callingClass) {
URL url = Thread.currentThread().getContextClassLoader().getResource(resourceName);
if (url == null && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
url =
Thread.currentThread().getContextClassLoader().getResource(
resourceName.substring(1)
);
}
ClassLoader cluClassloader = ClassLoaderUtils.class.getClassLoader();
if (cluClassloader == null) {
cluClassloader = ClassLoader.getSystemClassLoader();
}
if (url == null) {
url = cluClassloader.getResource(resourceName);
}
if (url == null && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
url = cluClassloader.getResource(resourceName.substring(1));
}
if (url == null) {
ClassLoader cl = callingClass.getClassLoader();
if (cl != null) {
url = cl.getResource(resourceName);
}
}
if (url == null) {
url = callingClass.getResource(resourceName);
}
if ((url == null) && (resourceName != null) && (resourceName.charAt(0) != '/')) {
return getResource('/' + resourceName, callingClass);
}
return url;
}
/**
* Load a given resources. <p/> This method will try to load the resources
* using the following methods (in order):
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>callingClass.getClassLoader()
* </ul>
*
* @param resourceName The name of the resource to load
* @param callingClass The Class object of the calling object
*/
static List<URL> getResources(String resourceName, Class<?> callingClass) {
List<URL> ret = new ArrayList<URL>();
Enumeration<URL> urls = new Enumeration<URL>() {
public boolean hasMoreElements() {
return false;
}
public URL nextElement() {
return null;
}
};
try {
urls = Thread.currentThread().getContextClassLoader().getResources(resourceName);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
//ignore
}
if (!urls.hasMoreElements() && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
try {
urls =
Thread.currentThread().getContextClassLoader().getResources(
resourceName.substring(1)
);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
ClassLoader cluClassloader = ClassLoaderUtils.class.getClassLoader();
if (cluClassloader == null) {
cluClassloader = ClassLoader.getSystemClassLoader();
}
if (!urls.hasMoreElements()) {
try {
urls = cluClassloader.getResources(resourceName);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
if (!urls.hasMoreElements() && resourceName.startsWith("/")) {
//certain classloaders need it without the leading /
try {
urls = cluClassloader.getResources(resourceName.substring(1));
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
if (!urls.hasMoreElements()) {
ClassLoader cl = callingClass.getClassLoader();
if (cl != null) {
try {
urls = cl.getResources(resourceName);
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
// ignore
}
}
}
if (!urls.hasMoreElements()) {
URL url = callingClass.getResource(resourceName);
if (url != null) {
ret.add(url);
}
}
while (urls.hasMoreElements()) {
ret.add(urls.nextElement());
}
if (ret.isEmpty() && (resourceName != null) && (resourceName.charAt(0) != '/')) {
return getResources('/' + resourceName, callingClass);
}
return ret;
}
/**
* This is a convenience method to load a resource as a stream. <p/> The
* algorithm used to find the resource is given in getResource()
*
* @param resourceName The name of the resource to load
* @param callingClass The Class object of the calling object
*/
static InputStream getResourceAsStream(String resourceName, Class<?> callingClass) {
URL url = getResource(resourceName, callingClass);
try {
return (url != null) ? url.openStream() : null;
} catch (IOException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
return null;
}
}
/**
* Load a class with a given name. <p/> It will try to load the class in the
* Load a class with a given name. <p></p> It will try to load the class in the
* following order:
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
@ -249,9 +57,7 @@ final class ClassLoaderUtils {
return cl.loadClass(className);
}
} catch (ClassNotFoundException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
LOG.debug(e.getMessage(), e);
//ignore
}
return loadClass2(className, callingClass);
@ -271,9 +77,7 @@ final class ClassLoaderUtils {
return callingClass.getClassLoader().loadClass(className);
}
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
LOG.debug(ex.getMessage(), ex);
throw ex;
}
}

275
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.algorithms;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Element;
@ -36,14 +35,13 @@ import org.w3c.dom.Element;
*/
public class JCEMapper {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(JCEMapper.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(JCEMapper.class);
private static Map<String, Algorithm> algorithmsMap =
new ConcurrentHashMap<String, Algorithm>();
private static String providerName = null;
private static String providerName;
/**
* Method register
@ -62,6 +60,7 @@ public class JCEMapper {
* This method registers the default algorithms.
*/
public static void registerDefaultAlgorithms() {
// Digest algorithms
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5,
new Algorithm("", "MD5", "MessageDigest")
@ -74,6 +73,10 @@ public class JCEMapper {
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1,
new Algorithm("", "SHA-1", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA224,
new Algorithm("", "SHA-224", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256,
new Algorithm("", "SHA-256", "MessageDigest")
@ -86,137 +89,150 @@ public class JCEMapper {
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512,
new Algorithm("", "SHA-512", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_WHIRLPOOL,
new Algorithm("", "WHIRLPOOL", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_224,
new Algorithm("", "SHA3-224", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_256,
new Algorithm("", "SHA3-256", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_384,
new Algorithm("", "SHA3-384", "MessageDigest")
);
algorithmsMap.put(
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_512,
new Algorithm("", "SHA3-512", "MessageDigest")
);
// Signature algorithms
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_DSA,
new Algorithm("", "SHA1withDSA", "Signature")
new Algorithm("DSA", "SHA1withDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_DSA_SHA256,
new Algorithm("", "SHA256withDSA", "Signature")
new Algorithm("DSA", "SHA256withDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5,
new Algorithm("", "MD5withRSA", "Signature")
new Algorithm("RSA", "MD5withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
new Algorithm("", "RIPEMD160withRSA", "Signature")
new Algorithm("RSA", "RIPEMD160withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1,
new Algorithm("", "SHA1withRSA", "Signature")
new Algorithm("RSA", "SHA1withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224,
new Algorithm("RSA", "SHA224withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
new Algorithm("", "SHA256withRSA", "Signature")
new Algorithm("RSA", "SHA256withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384,
new Algorithm("", "SHA384withRSA", "Signature")
new Algorithm("RSA", "SHA384withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512,
new Algorithm("", "SHA512withRSA", "Signature")
new Algorithm("RSA", "SHA512withRSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1,
new Algorithm("RSA", "SHA1withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1,
new Algorithm("RSA", "SHA224withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1,
new Algorithm("RSA", "SHA256withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1,
new Algorithm("RSA", "SHA384withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1,
new Algorithm("RSA", "SHA512withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1,
new Algorithm("RSA", "SHA3-224withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1,
new Algorithm("RSA", "SHA3-256withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1,
new Algorithm("RSA", "SHA3-384withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1,
new Algorithm("RSA", "SHA3-512withRSAandMGF1", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1,
new Algorithm("", "SHA1withECDSA", "Signature")
new Algorithm("EC", "SHA1withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA224,
new Algorithm("EC", "SHA224withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256,
new Algorithm("", "SHA256withECDSA", "Signature")
new Algorithm("EC", "SHA256withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384,
new Algorithm("", "SHA384withECDSA", "Signature")
new Algorithm("EC", "SHA384withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512,
new Algorithm("", "SHA512withECDSA", "Signature")
new Algorithm("EC", "SHA512withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_RIPEMD160,
new Algorithm("EC", "RIPEMD160withECDSA", "Signature")
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5,
new Algorithm("", "HmacMD5", "Mac")
new Algorithm("", "HmacMD5", "Mac", 0, 0)
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160,
new Algorithm("", "HMACRIPEMD160", "Mac")
new Algorithm("", "HMACRIPEMD160", "Mac", 0, 0)
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA1,
new Algorithm("", "HmacSHA1", "Mac")
new Algorithm("", "HmacSHA1", "Mac", 0, 0)
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA224,
new Algorithm("", "HmacSHA224", "Mac", 0, 0)
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA256,
new Algorithm("", "HmacSHA256", "Mac")
new Algorithm("", "HmacSHA256", "Mac", 0, 0)
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA384,
new Algorithm("", "HmacSHA384", "Mac")
new Algorithm("", "HmacSHA384", "Mac", 0, 0)
);
algorithmsMap.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA512,
new Algorithm("", "HmacSHA512", "Mac")
);
algorithmsMap.put(
XMLCipher.TRIPLEDES,
new Algorithm("DESede", "DESede/CBC/ISO10126Padding", "BlockEncryption", 192)
);
algorithmsMap.put(
XMLCipher.AES_128,
new Algorithm("AES", "AES/CBC/ISO10126Padding", "BlockEncryption", 128)
);
algorithmsMap.put(
XMLCipher.AES_192,
new Algorithm("AES", "AES/CBC/ISO10126Padding", "BlockEncryption", 192)
);
algorithmsMap.put(
XMLCipher.AES_256,
new Algorithm("AES", "AES/CBC/ISO10126Padding", "BlockEncryption", 256)
);
algorithmsMap.put(
XMLCipher.AES_128_GCM,
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 128)
);
algorithmsMap.put(
XMLCipher.AES_192_GCM,
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 192)
);
algorithmsMap.put(
XMLCipher.AES_256_GCM,
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 256)
);
algorithmsMap.put(
XMLCipher.RSA_v1dot5,
new Algorithm("RSA", "RSA/ECB/PKCS1Padding", "KeyTransport")
);
algorithmsMap.put(
XMLCipher.RSA_OAEP,
new Algorithm("RSA", "RSA/ECB/OAEPPadding", "KeyTransport")
);
algorithmsMap.put(
XMLCipher.RSA_OAEP_11,
new Algorithm("RSA", "RSA/ECB/OAEPPadding", "KeyTransport")
);
algorithmsMap.put(
XMLCipher.DIFFIE_HELLMAN,
new Algorithm("", "", "KeyAgreement")
);
algorithmsMap.put(
XMLCipher.TRIPLEDES_KeyWrap,
new Algorithm("DESede", "DESedeWrap", "SymmetricKeyWrap", 192)
);
algorithmsMap.put(
XMLCipher.AES_128_KeyWrap,
new Algorithm("AES", "AESWrap", "SymmetricKeyWrap", 128)
);
algorithmsMap.put(
XMLCipher.AES_192_KeyWrap,
new Algorithm("AES", "AESWrap", "SymmetricKeyWrap", 192)
);
algorithmsMap.put(
XMLCipher.AES_256_KeyWrap,
new Algorithm("AES", "AESWrap", "SymmetricKeyWrap", 256)
new Algorithm("", "HmacSHA512", "Mac", 0, 0)
);
}
@ -227,11 +243,7 @@ public class JCEMapper {
* @return the JCE standard name corresponding to the given URI
*/
public static String translateURItoJCEID(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.jceName;
}
@ -244,11 +256,7 @@ public class JCEMapper {
* @return the class name that implements this algorithm
*/
public static String getAlgorithmClassFromURI(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.algorithmClass;
}
@ -262,16 +270,21 @@ public class JCEMapper {
* @return The length of the key used in the algorithm
*/
public static int getKeyLengthFromURI(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.keyLength;
}
return 0;
}
public static int getIVLengthFromURI(String algorithmURI) {
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.ivLength;
}
return 0;
}
/**
* Method getJCEKeyAlgorithmFromURI
*
@ -279,16 +292,42 @@ public class JCEMapper {
* @return The KeyAlgorithm for the given URI.
*/
public static String getJCEKeyAlgorithmFromURI(String algorithmURI) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Request for URI " + algorithmURI);
}
Algorithm algorithm = algorithmsMap.get(algorithmURI);
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.requiredKey;
}
return null;
}
/**
* Method getJCEProviderFromURI
*
* @param algorithmURI
* @return The JCEProvider for the given URI.
*/
public static String getJCEProviderFromURI(String algorithmURI) {
Algorithm algorithm = getAlgorithm(algorithmURI);
if (algorithm != null) {
return algorithm.jceProvider;
}
return null;
}
/**
* Method getAlgorithm
*
* @param algorithmURI
* @return The Algorithm object for the given URI.
*/
private static Algorithm getAlgorithm(String algorithmURI) {
LOG.debug("Request for URI {}", algorithmURI);
if (algorithmURI != null) {
return algorithmsMap.get(algorithmURI);
}
return null;
}
/**
* Gets the default Provider for obtaining the security algorithms
* @return the default providerId.
@ -301,7 +340,7 @@ public class JCEMapper {
* Sets the default Provider for obtaining the security algorithms
* @param provider the default providerId.
* @throws SecurityException if a security manager is installed and the
* caller does not have permission to set the JCE provider
* caller does not have permission to register the JCE algorithm
*/
public static void setProviderId(String provider) {
JavaUtils.checkRegisterPermission();
@ -317,40 +356,54 @@ public class JCEMapper {
final String jceName;
final String algorithmClass;
final int keyLength;
final int ivLength;
final String jceProvider;
/**
* Gets data from element
* @param el
*/
public Algorithm(Element el) {
requiredKey = el.getAttribute("RequiredKey");
jceName = el.getAttribute("JCEName");
algorithmClass = el.getAttribute("AlgorithmClass");
requiredKey = el.getAttributeNS(null, "RequiredKey");
jceName = el.getAttributeNS(null, "JCEName");
algorithmClass = el.getAttributeNS(null, "AlgorithmClass");
jceProvider = el.getAttributeNS(null, "JCEProvider");
if (el.hasAttribute("KeyLength")) {
keyLength = Integer.parseInt(el.getAttribute("KeyLength"));
keyLength = Integer.parseInt(el.getAttributeNS(null, "KeyLength"));
} else {
keyLength = 0;
}
if (el.hasAttribute("IVLength")) {
ivLength = Integer.parseInt(el.getAttributeNS(null, "IVLength"));
} else {
ivLength = 0;
}
}
public Algorithm(String requiredKey, String jceName) {
this(requiredKey, jceName, null, 0);
this(requiredKey, jceName, null, 0, 0);
}
public Algorithm(String requiredKey, String jceName, String algorithmClass) {
this(requiredKey, jceName, algorithmClass, 0);
this(requiredKey, jceName, algorithmClass, 0, 0);
}
public Algorithm(String requiredKey, String jceName, int keyLength) {
this(requiredKey, jceName, null, keyLength);
this(requiredKey, jceName, null, keyLength, 0);
}
public Algorithm(String requiredKey, String jceName, String algorithmClass, int keyLength) {
public Algorithm(String requiredKey, String jceName, String algorithmClass, int keyLength, int ivLength) {
this(requiredKey, jceName, algorithmClass, keyLength, ivLength, null);
}
public Algorithm(String requiredKey, String jceName,
String algorithmClass, int keyLength, int ivLength, String jceProvider) {
this.requiredKey = requiredKey;
this.jceName = jceName;
this.algorithmClass = algorithmClass;
this.keyLength = keyLength;
this.ivLength = ivLength;
this.jceProvider = jceProvider;
}
}
}

25
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java
View File

@ -31,7 +31,7 @@ import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import org.w3c.dom.Document;
/**
* Digest Message wrapper & selector class.
* Digest Message wrapper and selector class.
*
* <pre>
* MessageDigestAlgorithm.getInstance()
@ -44,6 +44,9 @@ public class MessageDigestAlgorithm extends Algorithm {
Constants.MoreAlgorithmsSpecNS + "md5";
/** Digest - Required SHA1*/
public static final String ALGO_ID_DIGEST_SHA1 = Constants.SignatureSpecNS + "sha1";
/** Message Digest - OPTIONAL SHA224*/
public static final String ALGO_ID_DIGEST_SHA224 =
Constants.MoreAlgorithmsSpecNS + "sha224";
/** Message Digest - RECOMMENDED SHA256*/
public static final String ALGO_ID_DIGEST_SHA256 =
EncryptionConstants.EncryptionSpecNS + "sha256";
@ -57,6 +60,18 @@ public class MessageDigestAlgorithm extends Algorithm {
public static final String ALGO_ID_DIGEST_RIPEMD160 =
EncryptionConstants.EncryptionSpecNS + "ripemd160";
// Newer digest algorithms...all optional
public static final String ALGO_ID_DIGEST_WHIRLPOOL =
Constants.XML_DSIG_NS_MORE_07_05 + "whirlpool";
public static final String ALGO_ID_DIGEST_SHA3_224 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-224";
public static final String ALGO_ID_DIGEST_SHA3_256 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-256";
public static final String ALGO_ID_DIGEST_SHA3_384 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-384";
public static final String ALGO_ID_DIGEST_SHA3_512 =
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-512";
/** Field algorithm stores the actual {@link java.security.MessageDigest} */
private final MessageDigest algorithm;
@ -121,7 +136,7 @@ public class MessageDigestAlgorithm extends Algorithm {
*
* @return the actual {@link java.security.MessageDigest} algorithm object
*/
public java.security.MessageDigest getAlgorithm() {
public MessageDigest getAlgorithm() {
return algorithm;
}
@ -134,7 +149,7 @@ public class MessageDigestAlgorithm extends Algorithm {
* @return the result of the {@link java.security.MessageDigest#isEqual} method
*/
public static boolean isEqual(byte[] digesta, byte[] digestb) {
return java.security.MessageDigest.isEqual(digesta, digestb);
return MessageDigest.isEqual(digesta, digestb);
}
/**
@ -243,12 +258,12 @@ public class MessageDigestAlgorithm extends Algorithm {
algorithm.update(buf, offset, len);
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseNamespace() {
return Constants.SignatureSpecNS;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_DIGESTMETHOD;
}

98
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
View File

@ -46,13 +46,11 @@ import org.w3c.dom.Element;
* Allows selection of digital signature's algorithm, private keys, other
* security parameters, and algorithm's ID.
*
* @author Christian Geuer-Pollmann
*/
public class SignatureAlgorithm extends Algorithm {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureAlgorithm.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureAlgorithm.class);
/** All available algorithm classes are registered here */
private static Map<String, Class<? extends SignatureAlgorithmSpi>> algorithmHash =
@ -75,7 +73,7 @@ public class SignatureAlgorithm extends Algorithm {
this.algorithmURI = algorithmURI;
signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
signatureAlgorithm.engineGetContextFromElement(this.constructionElement);
signatureAlgorithm.engineGetContextFromElement(getElement());
}
/**
@ -93,10 +91,10 @@ public class SignatureAlgorithm extends Algorithm {
this.algorithmURI = algorithmURI;
signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
signatureAlgorithm.engineGetContextFromElement(this.constructionElement);
signatureAlgorithm.engineGetContextFromElement(getElement());
signatureAlgorithm.engineSetHMACOutputLength(hmacOutputLength);
((IntegrityHmac)signatureAlgorithm).engineAddContextToElement(constructionElement);
((IntegrityHmac)signatureAlgorithm).engineAddContextToElement(getElement());
}
/**
@ -107,7 +105,7 @@ public class SignatureAlgorithm extends Algorithm {
* @throws XMLSecurityException
*/
public SignatureAlgorithm(Element element, String baseURI) throws XMLSecurityException {
this(element, baseURI, false);
this(element, baseURI, true);
}
/**
@ -137,7 +135,7 @@ public class SignatureAlgorithm extends Algorithm {
}
signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
signatureAlgorithm.engineGetContextFromElement(this.constructionElement);
signatureAlgorithm.engineGetContextFromElement(getElement());
}
/**
@ -148,22 +146,17 @@ public class SignatureAlgorithm extends Algorithm {
try {
Class<? extends SignatureAlgorithmSpi> implementingClass =
algorithmHash.get(algorithmURI);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ implementingClass + "\"");
LOG.debug("Create URI \"{}\" class \"{}\"", algorithmURI, implementingClass);
if (implementingClass == null) {
Object exArgs[] = { algorithmURI };
throw new XMLSignatureException("algorithms.NoSuchAlgorithmNoEx", exArgs);
}
@SuppressWarnings("deprecation")
SignatureAlgorithmSpi result = implementingClass.newInstance();
return result;
} catch (IllegalAccessException ex) {
SignatureAlgorithmSpi tmp = implementingClass.newInstance();
return tmp;
} catch (IllegalAccessException | InstantiationException | NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
} catch (InstantiationException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
} catch (NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
throw new XMLSignatureException(ex, "algorithms.NoSuchAlgorithm", exArgs);
}
}
@ -313,14 +306,14 @@ public class SignatureAlgorithm extends Algorithm {
* @return the URI representation of Transformation algorithm
*/
public final String getURI() {
return constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM);
return getLocalAttribute(Constants._ATT_ALGORITHM);
}
/**
* Registers implementing class of the SignatureAlgorithm with algorithmURI
*
* @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>.
* @param implementingClass <code>implementingClass</code> the implementing class of
* @param algorithmURI algorithmURI URI representation of {@code SignatureAlgorithm}.
* @param implementingClass {@code implementingClass} the implementing class of
* {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException
@ -332,9 +325,7 @@ public class SignatureAlgorithm extends Algorithm {
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException {
JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
LOG.debug("Try to register {} {}", algorithmURI, implementingClass);
// are we already registered?
Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI);
@ -351,15 +342,15 @@ public class SignatureAlgorithm extends Algorithm {
algorithmHash.put(algorithmURI, clazz);
} catch (NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
throw new XMLSignatureException(ex, "algorithms.NoSuchAlgorithm", exArgs);
}
}
/**
* Registers implementing class of the Transform algorithm with algorithmURI
* Registers implementing class of the SignatureAlgorithm with algorithmURI
*
* @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>.
* @param implementingClass <code>implementingClass</code> the implementing class of
* @param algorithmURI algorithmURI URI representation of {@code SignatureAlgorithm}.
* @param implementingClass {@code implementingClass} the implementing class of
* {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException
@ -370,9 +361,7 @@ public class SignatureAlgorithm extends Algorithm {
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException {
JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
LOG.debug("Try to register {} {}", algorithmURI, implementingClass);
// are we already registered?
Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI);
@ -409,6 +398,9 @@ public class SignatureAlgorithm extends Algorithm {
XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
SignatureBaseRSA.SignatureRSARIPEMD160.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224, SignatureBaseRSA.SignatureRSASHA224.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256, SignatureBaseRSA.SignatureRSASHA256.class
);
@ -418,9 +410,39 @@ public class SignatureAlgorithm extends Algorithm {
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512, SignatureBaseRSA.SignatureRSASHA512.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1, SignatureBaseRSA.SignatureRSASHA1MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1, SignatureBaseRSA.SignatureRSASHA224MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1, SignatureBaseRSA.SignatureRSASHA256MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1, SignatureBaseRSA.SignatureRSASHA384MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1, SignatureBaseRSA.SignatureRSASHA512MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1, SignatureBaseRSA.SignatureRSASHA3_224MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1, SignatureBaseRSA.SignatureRSASHA3_256MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1, SignatureBaseRSA.SignatureRSASHA3_384MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1, SignatureBaseRSA.SignatureRSASHA3_512MGF1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, SignatureECDSA.SignatureECDSASHA1.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA224, SignatureECDSA.SignatureECDSASHA224.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256, SignatureECDSA.SignatureECDSASHA256.class
);
@ -430,12 +452,18 @@ public class SignatureAlgorithm extends Algorithm {
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512, SignatureECDSA.SignatureECDSASHA512.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_SIGNATURE_ECDSA_RIPEMD160, SignatureECDSA.SignatureECDSARIPEMD160.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5, IntegrityHmac.IntegrityHmacMD5.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160, IntegrityHmac.IntegrityHmacRIPEMD160.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA224, IntegrityHmac.IntegrityHmacSHA224.class
);
algorithmHash.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA256, IntegrityHmac.IntegrityHmacSHA256.class
);

4
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java
View File

@ -32,9 +32,9 @@ import org.w3c.dom.Element;
public abstract class SignatureAlgorithmSpi {
/**
* Returns the URI representation of <code>Transformation algorithm</code>
* Returns the URI representation of {@code Transformation algorithm}
*
* @return the URI representation of <code>Transformation algorithm</code>
* @return the URI representation of {@code Transformation algorithm}
*/
protected abstract String engineGetURI();

918
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/ECDSAUtils.java Normal file
View File

@ -0,0 +1,918 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.io.IOException;
import java.math.BigInteger;
import java.security.interfaces.ECPublicKey;
import java.security.spec.*;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
public final class ECDSAUtils {
private ECDSAUtils() {
// complete
}
/**
* Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
* <p></p>
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
* @return the decode bytes
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
public static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) throws IOException {
if (asn1Bytes.length < 8 || asn1Bytes[0] != 48) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
int offset;
if (asn1Bytes[1] > 0) {
offset = 2;
} else if (asn1Bytes[1] == (byte) 0x81) {
offset = 3;
} else {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte rLength = asn1Bytes[offset + 1];
int i;
for (i = rLength; i > 0 && asn1Bytes[offset + 2 + rLength - i] == 0; i--); //NOPMD
byte sLength = asn1Bytes[offset + 2 + rLength + 1];
int j;
for (j = sLength; j > 0 && asn1Bytes[offset + 2 + rLength + 2 + sLength - j] == 0; j--); //NOPMD
int rawLen = Math.max(i, j);
if ((asn1Bytes[offset - 1] & 0xff) != asn1Bytes.length - offset
|| (asn1Bytes[offset - 1] & 0xff) != 2 + rLength + 2 + sLength
|| asn1Bytes[offset] != 2
|| asn1Bytes[offset + 2 + rLength] != 2) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte xmldsigBytes[] = new byte[2 * rawLen];
System.arraycopy(asn1Bytes, offset + 2 + rLength - i, xmldsigBytes, rawLen - i, i);
System.arraycopy(asn1Bytes, offset + 2 + rLength + 2 + sLength - j, xmldsigBytes,
2 * rawLen - j, j);
return xmldsigBytes;
}
/**
* Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
* <p></p>
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param xmldsigBytes
* @return the encoded ASN.1 bytes
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
public static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) throws IOException {
int rawLen = xmldsigBytes.length / 2;
int i;
for (i = rawLen; i > 0 && xmldsigBytes[rawLen - i] == 0; i--); //NOPMD
int j = i;
if (xmldsigBytes[rawLen - i] < 0) {
j += 1;
}
int k;
for (k = rawLen; k > 0 && xmldsigBytes[2 * rawLen - k] == 0; k--); //NOPMD
int l = k;
if (xmldsigBytes[2 * rawLen - k] < 0) {
l += 1;
}
int len = 2 + j + 2 + l;
if (len > 255) {
throw new IOException("Invalid XMLDSIG format of ECDSA signature");
}
int offset;
byte asn1Bytes[];
if (len < 128) {
asn1Bytes = new byte[2 + 2 + j + 2 + l];
offset = 1;
} else {
asn1Bytes = new byte[3 + 2 + j + 2 + l];
asn1Bytes[1] = (byte) 0x81;
offset = 2;
}
asn1Bytes[0] = 48;
asn1Bytes[offset++] = (byte) len;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) j;
System.arraycopy(xmldsigBytes, rawLen - i, asn1Bytes, offset + j - i, i);
offset += j;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) l;
System.arraycopy(xmldsigBytes, 2 * rawLen - k, asn1Bytes, offset + l - k, k);
return asn1Bytes;
}
private static final List<ECCurveDefinition> ecCurveDefinitions = new ArrayList<>();
static {
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp112r1",
"1.3.132.0.6",
"db7c2abf62e35e668076bead208b",
"db7c2abf62e35e668076bead2088",
"659ef8ba043916eede8911702b22",
"09487239995a5ee76b55f9c2f098",
"a89ce5af8724c0a23e0e0ff77500",
"db7c2abf62e35e7628dfac6561c5",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp112r2",
"1.3.132.0.7",
"db7c2abf62e35e668076bead208b",
"6127c24c05f38a0aaaf65c0ef02c",
"51def1815db5ed74fcc34c85d709",
"4ba30ab5e892b4e1649dd0928643",
"adcd46f5882e3747def36e956e97",
"36df0aafd8b8d7597ca10520d04b",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp128r1",
"1.3.132.0.28",
"fffffffdffffffffffffffffffffffff",
"fffffffdfffffffffffffffffffffffc",
"e87579c11079f43dd824993c2cee5ed3",
"161ff7528b899b2d0c28607ca52c5b86",
"cf5ac8395bafeb13c02da292dded7a83",
"fffffffe0000000075a30d1b9038a115",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp128r2",
"1.3.132.0.29",
"fffffffdffffffffffffffffffffffff",
"d6031998d1b3bbfebf59cc9bbff9aee1",
"5eeefca380d02919dc2c6558bb6d8a5d",
"7b6aa5d85e572983e6fb32a7cdebc140",
"27b6916a894d3aee7106fe805fc34b44",
"3fffffff7fffffffbe0024720613b5a3",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp160k1",
"1.3.132.0.9",
"fffffffffffffffffffffffffffffffeffffac73",
"0000000000000000000000000000000000000000",
"0000000000000000000000000000000000000007",
"3b4c382ce37aa192a4019e763036f4f5dd4d7ebb",
"938cf935318fdced6bc28286531733c3f03c4fee",
"0100000000000000000001b8fa16dfab9aca16b6b3",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp160r1",
"1.3.132.0.8",
"ffffffffffffffffffffffffffffffff7fffffff",
"ffffffffffffffffffffffffffffffff7ffffffc",
"1c97befc54bd7a8b65acf89f81d4d4adc565fa45",
"4a96b5688ef573284664698968c38bb913cbfc82",
"23a628553168947d59dcc912042351377ac5fb32",
"0100000000000000000001f4c8f927aed3ca752257",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp160r2",
"1.3.132.0.30",
"fffffffffffffffffffffffffffffffeffffac73",
"fffffffffffffffffffffffffffffffeffffac70",
"b4e134d3fb59eb8bab57274904664d5af50388ba",
"52dcb034293a117e1f4ff11b30f7199d3144ce6d",
"feaffef2e331f296e071fa0df9982cfea7d43f2e",
"0100000000000000000000351ee786a818f3a1a16b",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp192k1",
"1.3.132.0.31",
"fffffffffffffffffffffffffffffffffffffffeffffee37",
"000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000003",
"db4ff10ec057e9ae26b07d0280b7f4341da5d1b1eae06c7d",
"9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d",
"fffffffffffffffffffffffe26f2fc170f69466a74defd8d",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp192r1 [NIST P-192, X9.62 prime192v1]",
"1.2.840.10045.3.1.1",
"fffffffffffffffffffffffffffffffeffffffffffffffff",
"fffffffffffffffffffffffffffffffefffffffffffffffc",
"64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1",
"188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012",
"07192b95ffc8da78631011ed6b24cdd573f977a11e794811",
"ffffffffffffffffffffffff99def836146bc9b1b4d22831",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp224k1",
"1.3.132.0.32",
"fffffffffffffffffffffffffffffffffffffffffffffffeffffe56d",
"00000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000005",
"a1455b334df099df30fc28a169a467e9e47075a90f7e650eb6b7a45c",
"7e089fed7fba344282cafbd6f7e319f7c0b0bd59e2ca4bdb556d61a5",
"010000000000000000000000000001dce8d2ec6184caf0a971769fb1f7",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp224r1 [NIST P-224]",
"1.3.132.0.33",
"ffffffffffffffffffffffffffffffff000000000000000000000001",
"fffffffffffffffffffffffffffffffefffffffffffffffffffffffe",
"b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4",
"b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21",
"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34",
"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp256k1",
"1.3.132.0.10",
"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f",
"0000000000000000000000000000000000000000000000000000000000000000",
"0000000000000000000000000000000000000000000000000000000000000007",
"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
"483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8",
"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp256r1 [NIST P-256, X9.62 prime256v1]",
"1.2.840.10045.3.1.7",
"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
"ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp384r1 [NIST P-384]",
"1.3.132.0.34",
"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff",
"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc",
"b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef",
"aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7",
"3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f",
"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"secp521r1 [NIST P-521]",
"1.3.132.0.35",
"01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
"0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
"00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
"011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime192v2",
"1.2.840.10045.3.1.2",
"fffffffffffffffffffffffffffffffeffffffffffffffff",
"fffffffffffffffffffffffffffffffefffffffffffffffc",
"cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953",
"eea2bae7e1497842f2de7769cfe9c989c072ad696f48034a",
"6574d11d69b6ec7a672bb82a083df2f2b0847de970b2de15",
"fffffffffffffffffffffffe5fb1a724dc80418648d8dd31",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime192v3",
"1.2.840.10045.3.1.3",
"fffffffffffffffffffffffffffffffeffffffffffffffff",
"fffffffffffffffffffffffffffffffefffffffffffffffc",
"22123dc2395a05caa7423daeccc94760a7d462256bd56916",
"7d29778100c65a1da1783716588dce2b8b4aee8e228f1896",
"38a90f22637337334b49dcb66a6dc8f9978aca7648a943b0",
"ffffffffffffffffffffffff7a62d031c83f4294f640ec13",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime239v1",
"1.2.840.10045.3.1.4",
"7fffffffffffffffffffffff7fffffffffff8000000000007fffffffffff",
"7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc",
"6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a",
"0ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf",
"7debe8e4e90a5dae6e4054ca530ba04654b36818ce226b39fccb7b02f1ae",
"7fffffffffffffffffffffff7fffff9e5e9a9f5d9071fbd1522688909d0b",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime239v2",
"1.2.840.10045.3.1.5",
"7fffffffffffffffffffffff7fffffffffff8000000000007fffffffffff",
"7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc",
"617fab6832576cbbfed50d99f0249c3fee58b94ba0038c7ae84c8c832f2c",
"38af09d98727705120c921bb5e9e26296a3cdcf2f35757a0eafd87b830e7",
"5b0125e4dbea0ec7206da0fc01d9b081329fb555de6ef460237dff8be4ba",
"7fffffffffffffffffffffff800000cfa7e8594377d414c03821bc582063",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 prime239v3",
"1.2.840.10045.3.1.6",
"7fffffffffffffffffffffff7fffffffffff8000000000007fffffffffff",
"7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc",
"255705fa2a306654b1f4cb03d6a750a30c250102d4988717d9ba15ab6d3e",
"6768ae8e18bb92cfcf005c949aa2c6d94853d0e660bbf854b1c9505fe95a",
"1607e6898f390c06bc1d552bad226f3b6fcfe48b6e818499af18e3ed6cf3",
"7fffffffffffffffffffffff7fffff975deb41b3a6057c3c432146526551",
1)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect113r1",
"1.3.132.0.4",
"020000000000000000000000000201",
"003088250ca6e7c7fe649ce85820f7",
"00e8bee4d3e2260744188be0e9c723",
"009d73616f35f4ab1407d73562c10f",
"00a52830277958ee84d1315ed31886",
"0100000000000000d9ccec8a39e56f",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect113r2",
"1.3.132.0.5",
"020000000000000000000000000201",
"00689918dbec7e5a0dd6dfc0aa55c7",
"0095e9a9ec9b297bd4bf36e059184f",
"01a57a6a7b26ca5ef52fcdb8164797",
"00b3adc94ed1fe674c06e695baba1d",
"010000000000000108789b2496af93",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect131r1",
"1.3.132.0.22",
"080000000000000000000000000000010d",
"07a11b09a76b562144418ff3ff8c2570b8",
"0217c05610884b63b9c6c7291678f9d341",
"0081baf91fdf9833c40f9c181343638399",
"078c6e7ea38c001f73c8134b1b4ef9e150",
"0400000000000000023123953a9464b54d",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect131r2",
"1.3.132.0.23",
"080000000000000000000000000000010d",
"03e5a88919d7cafcbf415f07c2176573b2",
"04b8266a46c55657ac734ce38f018f2192",
"0356dcd8f2f95031ad652d23951bb366a8",
"0648f06d867940a5366d9e265de9eb240f",
"0400000000000000016954a233049ba98f",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect163k1 [NIST K-163]",
"1.3.132.0.1",
"0800000000000000000000000000000000000000c9",
"000000000000000000000000000000000000000001",
"000000000000000000000000000000000000000001",
"02fe13c0537bbc11acaa07d793de4e6d5e5c94eee8",
"0289070fb05d38ff58321f2e800536d538ccdaa3d9",
"04000000000000000000020108a2e0cc0d99f8a5ef",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect163r1",
"1.3.132.0.2",
"0800000000000000000000000000000000000000c9",
"07b6882caaefa84f9554ff8428bd88e246d2782ae2",
"0713612dcddcb40aab946bda29ca91f73af958afd9",
"0369979697ab43897789566789567f787a7876a654",
"00435edb42efafb2989d51fefce3c80988f41ff883",
"03ffffffffffffffffffff48aab689c29ca710279b",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect163r2 [NIST B-163]",
"1.3.132.0.15",
"0800000000000000000000000000000000000000c9",
"000000000000000000000000000000000000000001",
"020a601907b8c953ca1481eb10512f78744a3205fd",
"03f0eba16286a2d57ea0991168d4994637e8343e36",
"00d51fbc6c71a0094fa2cdd545b11c5c0c797324f1",
"040000000000000000000292fe77e70c12a4234c33",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect193r1",
"1.3.132.0.24",
"02000000000000000000000000000000000000000000008001",
"0017858feb7a98975169e171f77b4087de098ac8a911df7b01",
"00fdfb49bfe6c3a89facadaa7a1e5bbc7cc1c2e5d831478814",
"01f481bc5f0ff84a74ad6cdf6fdef4bf6179625372d8c0c5e1",
"0025e399f2903712ccf3ea9e3a1ad17fb0b3201b6af7ce1b05",
"01000000000000000000000000c7f34a778f443acc920eba49",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect193r2",
"1.3.132.0.25",
"02000000000000000000000000000000000000000000008001",
"0163f35a5137c2ce3ea6ed8667190b0bc43ecd69977702709b",
"00c9bb9e8927d4d64c377e2ab2856a5b16e3efb7f61d4316ae",
"00d9b67d192e0367c803f39e1a7e82ca14a651350aae617e8f",
"01ce94335607c304ac29e7defbd9ca01f596f927224cdecf6c",
"010000000000000000000000015aab561b005413ccd4ee99d5",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect233k1 [NIST K-233]",
"1.3.132.0.26",
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"017232ba853a7e731af129f22ff4149563a419c26bf50a4c9d6eefad6126",
"01db537dece819b7f70f555a67c427a8cd9bf18aeb9b56e0c11056fae6a3",
"008000000000000000000000000000069d5bb915bcd46efb1ad5f173abdf",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect233r1 [NIST B-233]",
"1.3.132.0.27",
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000001",
"0066647ede6c332c7f8c0923bb58213b333b20e9ce4281fe115f7d8f90ad",
"00fac9dfcbac8313bb2139f1bb755fef65bc391f8b36f8f8eb7371fd558b",
"01006a08a41903350678e58528bebf8a0beff867a7ca36716f7e01f81052",
"01000000000000000000000000000013e974e72f8a6922031d2603cfe0d7",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect239k1",
"1.3.132.0.3",
"800000000000000000004000000000000000000000000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"29a0b6a887a983e9730988a68727a8b2d126c44cc2cc7b2a6555193035dc",
"76310804f12e549bdb011c103089e73510acb275fc312a5dc6b76553f0ca",
"2000000000000000000000000000005a79fec67cb6e91f1c1da800e478a5",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect283k1 [NIST K-283]",
"1.3.132.0.16",
"0800000000000000000000000000000000000000000000000000000000000000000010a1",
"000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"0503213f78ca44883f1a3b8162f188e553cd265f23c1567a16876913b0c2ac2458492836",
"01ccda380f1c9e318d90f95d07e5426fe87e45c0e8184698e45962364e34116177dd2259",
"01ffffffffffffffffffffffffffffffffffe9ae2ed07577265dff7f94451e061e163c61",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect283r1 [NIST B-283]",
"1.3.132.0.17",
"0800000000000000000000000000000000000000000000000000000000000000000010a1",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"027b680ac8b8596da5a4af8a19a0303fca97fd7645309fa2a581485af6263e313b79a2f5",
"05f939258db7dd90e1934f8c70b0dfec2eed25b8557eac9c80e2e198f8cdbecd86b12053",
"03676854fe24141cb98fe6d4b20d02b4516ff702350eddb0826779c813f0df45be8112f4",
"03ffffffffffffffffffffffffffffffffffef90399660fc938a90165b042a7cefadb307",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect409k1 [NIST K-409]",
"1.3.132.0.36",
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0060f05f658f49c1ad3ab1890f7184210efd0987e307c84c27accfb8f9f67cc2c460189eb5aaaa62ee222eb1b35540cfe9023746",
"01e369050b7c4e42acba1dacbf04299c3460782f918ea427e6325165e9ea10e3da5f6c42e9c55215aa9ca27a5863ec48d8e0286b",
"007ffffffffffffffffffffffffffffffffffffffffffffffffffe5f83b2d4ea20400ec4557d5ed3e3e7ca5b4b5c83b8e01e5fcf",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect409r1 [NIST B-409]",
"1.3.132.0.37",
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0021a5c2c8ee9feb5c4b9a753b7b476b7fd6422ef1f3dd674761fa99d6ac27c8a9a197b272822f6cd57a55aa4f50ae317b13545f",
"015d4860d088ddb3496b0c6064756260441cde4af1771d4db01ffe5b34e59703dc255a868a1180515603aeab60794e54bb7996a7",
"0061b1cfab6be5f32bbfa78324ed106a7636b9c5a7bd198d0158aa4f5488d08f38514f1fdf4b4f40d2181b3681c364ba0273c706",
"010000000000000000000000000000000000000000000000000001e2aad6a612f33307be5fa47c3c9e052f838164cd37d9a21173",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect571k1 [NIST K-571]",
"1.3.132.0.38",
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"026eb7a859923fbc82189631f8103fe4ac9ca2970012d5d46024804801841ca44370958493b205e647da304db4ceb08cbbd1ba39494776fb988b47174dca88c7e2945283a01c8972",
"0349dc807f4fbf374f4aeade3bca95314dd58cec9f307a54ffc61efc006d8a2c9d4979c0ac44aea74fbebbb9f772aedcb620b01a7ba7af1b320430c8591984f601cd4c143ef1c7a3",
"020000000000000000000000000000000000000000000000000000000000000000000000131850e1f19a63e4b391a8db917f4138b630d84be5d639381e91deb45cfe778f637c1001",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"sect571r1 [NIST B-571]",
"1.3.132.0.39",
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a",
"0303001d34b856296c16c0d40d3cd7750a93d1d2955fa80aa5f40fc8db7b2abdbde53950f4c0d293cdd711a35b67fb1499ae60038614f1394abfa3b4c850d927e1e7769c8eec2d19",
"037bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b",
"03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb191v1",
"1.2.840.10045.3.0.5",
"800000000000000000000000000000000000000000000201",
"2866537b676752636a68f56554e12640276b649ef7526267",
"2e45ef571f00786f67b0081b9495a3d95462f5de0aa185ec",
"36b3daf8a23206f9c4f299d7b21a9c369137f2c84ae1aa0d",
"765be73433b3f95e332932e70ea245ca2418ea0ef98018fb",
"40000000000000000000000004a20e90c39067c893bbb9a5",
2)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb191v2",
"1.2.840.10045.3.0.6",
"800000000000000000000000000000000000000000000201",
"401028774d7777c7b7666d1366ea432071274f89ff01e718",
"0620048d28bcbd03b6249c99182b7c8cd19700c362c46a01",
"3809b2b7cc1b28cc5a87926aad83fd28789e81e2c9e3bf10",
"17434386626d14f3dbf01760d9213a3e1cf37aec437d668a",
"20000000000000000000000050508cb89f652824e06b8173",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb191v3",
"1.2.840.10045.3.0.7",
"800000000000000000000000000000000000000000000201",
"6c01074756099122221056911c77d77e77a777e7e7e77fcb",
"71fe1af926cf847989efef8db459f66394d90f32ad3f15e8",
"375d4ce24fde434489de8746e71786015009e66e38a926dd",
"545a39176196575d985999366e6ad34ce0a77cd7127b06be",
"155555555555555555555555610c0b196812bfb6288a3ea3",
6)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb239v1",
"1.2.840.10045.3.0.11",
"800000000000000000000000000000000000000000000000001000000001",
"32010857077c5431123a46b808906756f543423e8d27877578125778ac76",
"790408f2eedaf392b012edefb3392f30f4327c0ca3f31fc383c422aa8c16",
"57927098fa932e7c0a96d3fd5b706ef7e5f5c156e16b7e7c86038552e91d",
"61d8ee5077c33fecf6f1a16b268de469c3c7744ea9a971649fc7a9616305",
"2000000000000000000000000000000f4d42ffe1492a4993f1cad666e447",
4)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb239v2",
"1.2.840.10045.3.0.12",
"800000000000000000000000000000000000000000000000001000000001",
"4230017757a767fae42398569b746325d45313af0766266479b75654e65f",
"5037ea654196cff0cd82b2c14a2fcf2e3ff8775285b545722f03eacdb74b",
"28f9d04e900069c8dc47a08534fe76d2b900b7d7ef31f5709f200c4ca205",
"5667334c45aff3b5a03bad9dd75e2c71a99362567d5453f7fa6e227ec833",
"1555555555555555555555555555553c6f2885259c31e3fcdf154624522d",
6)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb239v3",
"1.2.840.10045.3.0.13",
"800000000000000000000000000000000000000000000000001000000001",
"01238774666a67766d6676f778e676b66999176666e687666d8766c66a9f",
"6a941977ba9f6a435199acfc51067ed587f519c5ecb541b8e44111de1d40",
"70f6e9d04d289c4e89913ce3530bfde903977d42b146d539bf1bde4e9c92",
"2e5a0eaf6e5e1305b9004dce5c0ed7fe59a35608f33837c816d80b79f461",
"0cccccccccccccccccccccccccccccac4912d2d9df903ef9888b8a0e4cff",
0xA)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb359v1",
"1.2.840.10045.3.0.18",
"800000000000000000000000000000000000000000000000000000000000000000000000100000000000000001",
"5667676a654b20754f356ea92017d946567c46675556f19556a04616b567d223a5e05656fb549016a96656a557",
"2472e2d0197c49363f1fe7f5b6db075d52b6947d135d8ca445805d39bc345626089687742b6329e70680231988",
"3c258ef3047767e7ede0f1fdaa79daee3841366a132e163aced4ed2401df9c6bdcde98e8e707c07a2239b1b097",
"53d7e08529547048121e9c95f3791dd804963948f34fae7bf44ea82365dc7868fe57e4ae2de211305a407104bd",
"01af286bca1af286bca1af286bca1af286bca1af286bc9fb8f6b85c556892c20a7eb964fe7719e74f490758d3b",
0x4C)
);
ecCurveDefinitions.add(
new ECCurveDefinition(
"X9.62 c2tnb431r1",
"1.2.840.10045.3.0.20",
"800000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000001",
"1a827ef00dd6fc0e234caf046c6a5d8a85395b236cc4ad2cf32a0cadbdc9ddf620b0eb9906d0957f6c6feacd615468df104de296cd8f",
"10d9b4a3d9047d8b154359abfb1b7f5485b04ceb868237ddc9deda982a679a5a919b626d4e50a8dd731b107a9962381fb5d807bf2618",
"120fc05d3c67a99de161d2f4092622feca701be4f50f4758714e8a87bbf2a658ef8c21e7c5efe965361f6c2999c0c247b0dbd70ce6b7",
"20d0af8903a96f8d5fa2c255745d3c451b302c9346d9b7e485e7bce41f6b591f3e8f6addcbb0bc4c2f947a7de1a89b625d6a598b3760",
"0340340340340340340340340340340340340340340340340340340323c313fab50589703b5ec68d3587fec60d161cc149c1ad4a91",
0x2760)
);
}
public static String getOIDFromPublicKey(ECPublicKey ecPublicKey) {
ECParameterSpec ecParameterSpec = ecPublicKey.getParams();
BigInteger order = ecParameterSpec.getOrder();
BigInteger affineX = ecParameterSpec.getGenerator().getAffineX();
BigInteger affineY = ecParameterSpec.getGenerator().getAffineY();
BigInteger a = ecParameterSpec.getCurve().getA();
BigInteger b = ecParameterSpec.getCurve().getB();
int h = ecParameterSpec.getCofactor();
ECField ecField = ecParameterSpec.getCurve().getField();
BigInteger field;
if (ecField instanceof ECFieldFp) {
ECFieldFp ecFieldFp = (ECFieldFp) ecField;
field = ecFieldFp.getP();
} else {
ECFieldF2m ecFieldF2m = (ECFieldF2m) ecField;
field = ecFieldF2m.getReductionPolynomial();
}
Iterator<ECCurveDefinition> ecCurveDefinitionIterator = ecCurveDefinitions.iterator();
while (ecCurveDefinitionIterator.hasNext()) {
ECCurveDefinition ecCurveDefinition = ecCurveDefinitionIterator.next();
String oid = ecCurveDefinition.equals(field, a, b, affineX, affineY, order, h);
if (oid != null) {
return oid;
}
}
return null;
}
public static ECCurveDefinition getECCurveDefinition(String oid) {
Iterator<ECCurveDefinition> ecCurveDefinitionIterator = ecCurveDefinitions.iterator();
while (ecCurveDefinitionIterator.hasNext()) {
ECCurveDefinition ecCurveDefinition = ecCurveDefinitionIterator.next();
if (ecCurveDefinition.getOid().equals(oid)) {
return ecCurveDefinition;
}
}
return null;
}
public static class ECCurveDefinition {
private final String name;
private final String oid;
private final String field;
private final String a;
private final String b;
private final String x;
private final String y;
private final String n;
private final int h;
public ECCurveDefinition(String name, String oid, String field, String a, String b, String x, String y, String n, int h) {
this.name = name;
this.oid = oid;
this.field = field;
this.a = a;
this.b = b;
this.x = x;
this.y = y;
this.n = n;
this.h = h;
}
/**
* returns the ec oid if parameter are equal to this definition
*/
public String equals(BigInteger field, BigInteger a, BigInteger b, BigInteger x, BigInteger y, BigInteger n, int h) {
if (this.field.equals(field.toString(16))
&& this.a.equals(a.toString(16))
&& this.b.equals(b.toString(16))
&& this.x.equals(x.toString(16))
&& this.y.equals(y.toString(16))
&& this.n.equals(n.toString(16))
&& this.h == h) {
return this.oid;
}
return null;
}
public String getName() {
return name;
}
public String getOid() {
return oid;
}
public String getField() {
return field;
}
public String getA() {
return a;
}
public String getB() {
return b;
}
public String getX() {
return x;
}
public String getY() {
return y;
}
public String getN() {
return n;
}
public int getH() {
return h;
}
}
public static byte[] encodePoint(ECPoint ecPoint, EllipticCurve ellipticCurve) {
int size = (ellipticCurve.getField().getFieldSize() + 7) / 8;
byte affineXBytes[] = stripLeadingZeros(ecPoint.getAffineX().toByteArray());
byte affineYBytes[] = stripLeadingZeros(ecPoint.getAffineY().toByteArray());
byte encodedBytes[] = new byte[size * 2 + 1];
encodedBytes[0] = 0x04; //uncompressed
System.arraycopy(affineXBytes, 0, encodedBytes, size - affineXBytes.length + 1, affineXBytes.length);
System.arraycopy(affineYBytes, 0, encodedBytes, encodedBytes.length - affineYBytes.length, affineYBytes.length);
return encodedBytes;
}
public static ECPoint decodePoint(byte[] encodedBytes, EllipticCurve elliptiCcurve) {
if (encodedBytes[0] != 0x04) {
throw new IllegalArgumentException("Only uncompressed format is supported");
}
int size = (elliptiCcurve.getField().getFieldSize() + 7) / 8;
byte affineXBytes[] = new byte[size];
byte affineYBytes[] = new byte[size];
System.arraycopy(encodedBytes, 1, affineXBytes, 0, size);
System.arraycopy(encodedBytes, size + 1, affineYBytes, 0, size);
return new ECPoint(new BigInteger(1, affineXBytes), new BigInteger(1, affineYBytes));
}
public static byte[] stripLeadingZeros(byte[] bytes) {
int i;
for (i = 0; i < bytes.length - 1; i++) {
if (bytes[i] != 0) {
break;
}
}
if (i == 0) {
return bytes;
} else {
byte stripped[] = new byte[bytes.length - i];
System.arraycopy(bytes, i, stripped, 0, stripped.length);
return stripped;
}
}
}

119
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
View File

@ -44,21 +44,20 @@ import org.w3c.dom.Text;
public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(IntegrityHmac.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(IntegrityHmac.class);
/** Field macAlgorithm */
private Mac macAlgorithm = null;
private Mac macAlgorithm;
/** Field HMACOutputLength */
private int HMACOutputLength = 0;
private int HMACOutputLength;
private boolean HMACOutputLengthSet = false;
/**
* Method engineGetURI
*
*@inheritDoc
*{@inheritDoc}
*/
public abstract String engineGetURI();
@ -74,9 +73,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
*/
public IntegrityHmac() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID);
}
LOG.debug("Created IntegrityHmacSHA1 using {}", algorithmID);
try {
this.macAlgorithm = Mac.getInstance(algorithmID);
@ -96,7 +93,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
* @throws XMLSignatureException
*/
protected void engineSetParameter(AlgorithmParameterSpec params) throws XMLSignatureException {
throw new XMLSignatureException("empty");
throw new XMLSignatureException("empty", new Object[]{"Incorrect method call"});
}
public void reset() {
@ -116,9 +113,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try {
if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
}
LOG.debug("HMACOutputLength must not be less than {}", getDigestLength());
Object[] exArgs = { String.valueOf(getDigestLength()) };
throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
} else {
@ -126,7 +121,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
return MessageDigestAlgorithm.isEqual(completeResult, signature);
}
} catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
@ -139,7 +134,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
*/
protected void engineInitVerify(Key secretKey) throws XMLSignatureException {
if (!(secretKey instanceof SecretKey)) {
String supplied = secretKey.getClass().getName();
String supplied = null;
if (secretKey != null) {
supplied = secretKey.getClass().getName();
}
String needed = SecretKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -156,12 +154,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
this.macAlgorithm = Mac.getInstance(macAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous Mac
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Mac:" + e);
}
LOG.debug("Exception when reinstantiating Mac: {}", e);
this.macAlgorithm = mac;
}
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
@ -175,16 +171,14 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
protected byte[] engineSign() throws XMLSignatureException {
try {
if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
}
LOG.debug("HMACOutputLength must not be less than {}", getDigestLength());
Object[] exArgs = { String.valueOf(getDigestLength()) };
throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
} else {
return this.macAlgorithm.doFinal();
}
} catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
@ -195,19 +189,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
* @throws XMLSignatureException
*/
protected void engineInitSign(Key secretKey) throws XMLSignatureException {
if (!(secretKey instanceof SecretKey)) {
String supplied = secretKey.getClass().getName();
String needed = SecretKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.macAlgorithm.init(secretKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
engineInitSign(secretKey, (AlgorithmParameterSpec)null);
}
/**
@ -221,7 +203,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
Key secretKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException {
if (!(secretKey instanceof SecretKey)) {
String supplied = secretKey.getClass().getName();
String supplied = null;
if (secretKey != null) {
supplied = secretKey.getClass().getName();
}
String needed = SecretKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -229,11 +214,15 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
}
try {
if (algorithmParameterSpec == null) {
this.macAlgorithm.init(secretKey);
} else {
this.macAlgorithm.init(secretKey, algorithmParameterSpec);
}
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
@ -260,7 +249,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try {
this.macAlgorithm.update(input);
} catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
@ -275,7 +264,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try {
this.macAlgorithm.update(input);
} catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
@ -292,13 +281,13 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try {
this.macAlgorithm.update(buf, offset, len);
} catch (IllegalStateException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/**
* Method engineGetJCEAlgorithmString
* @inheritDoc
* {@inheritDoc}
*
*/
protected String engineGetJCEAlgorithmString() {
@ -308,7 +297,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Method engineGetJCEAlgorithmString
*
* @inheritDoc
* {@inheritDoc}
*/
protected String engineGetJCEProviderName() {
return this.macAlgorithm.getProvider().getName();
@ -360,7 +349,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
Element HMElem =
XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_HMACOUTPUTLENGTH);
Text HMText =
doc.createTextNode(Integer.valueOf(this.HMACOutputLength).toString());
doc.createTextNode("" + this.HMACOutputLength);
HMElem.appendChild(HMText);
XMLUtils.addReturnToElement(element);
@ -385,7 +374,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Method engineGetURI
* @inheritDoc
* {@inheritDoc}
*
*/
public String engineGetURI() {
@ -397,6 +386,34 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
}
}
/**
* Class IntegrityHmacSHA224
*/
public static class IntegrityHmacSHA224 extends IntegrityHmac {
/**
* Constructor IntegrityHmacSHA224
*
* @throws XMLSignatureException
*/
public IntegrityHmacSHA224() throws XMLSignatureException {
super();
}
/**
* Method engineGetURI
*
* {@inheritDoc}
*/
public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_SHA224;
}
int getDigestLength() {
return 224;
}
}
/**
* Class IntegrityHmacSHA256
*/
@ -414,7 +431,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Method engineGetURI
*
* @inheritDoc
* {@inheritDoc}
*/
public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_SHA256;
@ -441,7 +458,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Method engineGetURI
* @inheritDoc
* {@inheritDoc}
*
*/
public String engineGetURI() {
@ -469,7 +486,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Method engineGetURI
* @inheritDoc
* {@inheritDoc}
*
*/
public String engineGetURI() {
@ -498,7 +515,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Method engineGetURI
*
* @inheritDoc
* {@inheritDoc}
*/
public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160;
@ -526,7 +543,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Method engineGetURI
*
* @inheritDoc
* {@inheritDoc}
*/
public String engineGetURI() {
return XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5;

307
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
View File

@ -40,15 +40,14 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureBaseRSA.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureBaseRSA.class);
/** @inheritDoc */
/** {@inheritDoc} */
public abstract String engineGetURI();
/** Field algorithm */
private java.security.Signature signatureAlgorithm = null;
private Signature signatureAlgorithm;
/**
* Constructor SignatureRSA
@ -58,15 +57,13 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
public SignatureBaseRSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Created SignatureRSA using " + algorithmID);
}
LOG.debug("Created SignatureRSA using {}", algorithmID);
String provider = JCEMapper.getProviderId();
try {
if (provider == null) {
this.signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
this.signatureAlgorithm = Signature.getInstance(algorithmID,provider);
this.signatureAlgorithm = Signature.getInstance(algorithmID, provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
@ -79,29 +76,32 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
try {
this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try {
return this.signatureAlgorithm.verify(signature);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String supplied = null;
if (publicKey != null) {
supplied = publicKey.getClass().getName();
}
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -119,46 +119,30 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
LOG.debug("Exception when reinstantiating Signature: {}", e);
this.signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected byte[] engineSign() throws XMLSignatureException {
try {
return this.signatureAlgorithm.sign();
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String supplied = null;
if (privateKey != null) {
supplied = privateKey.getClass().getName();
}
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -166,56 +150,65 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
}
try {
if (secureRandom == null) {
this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} else {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
}
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
engineInitSign(privateKey, (SecureRandom)null);
}
/** {@inheritDoc} */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected String engineGetJCEAlgorithmString() {
return this.signatureAlgorithm.getAlgorithm();
}
/** @inheritDoc */
/** {@inheritDoc} */
protected String engineGetJCEProviderName() {
return this.signatureAlgorithm.getProvider().getName();
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException {
@ -236,12 +229,32 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1;
}
}
/**
* Class SignatureRSASHA224
*/
public static class SignatureRSASHA224 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA224
*
* @throws XMLSignatureException
*/
public SignatureRSASHA224() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224;
}
}
/**
* Class SignatureRSASHA256
*/
@ -256,7 +269,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
}
@ -276,7 +289,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384;
}
@ -296,7 +309,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
}
@ -316,7 +329,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160;
}
@ -336,9 +349,189 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5;
}
}
/**
* Class SignatureRSASHA1MGF1
*/
public static class SignatureRSASHA1MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA1MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA1MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1;
}
}
/**
* Class SignatureRSASHA224MGF1
*/
public static class SignatureRSASHA224MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA224MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA224MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1;
}
}
/**
* Class SignatureRSASHA256MGF1
*/
public static class SignatureRSASHA256MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA256MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA256MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1;
}
}
/**
* Class SignatureRSASHA384MGF1
*/
public static class SignatureRSASHA384MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA384MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA384MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1;
}
}
/**
* Class SignatureRSASHA512MGF1
*/
public static class SignatureRSASHA512MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA512MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA512MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1;
}
}
/**
* Class SignatureRSA3_SHA224MGF1
*/
public static class SignatureRSASHA3_224MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_224MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_224MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1;
}
}
/**
* Class SignatureRSA3_SHA256MGF1
*/
public static class SignatureRSASHA3_256MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_256MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_256MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1;
}
}
/**
* Class SignatureRSA3_SHA384MGF1
*/
public static class SignatureRSASHA3_384MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_384MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_384MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1;
}
}
/**
* Class SignatureRSASHA3_512MGF1
*/
public static class SignatureRSASHA3_512MGF1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA3_512MGF1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA3_512MGF1() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1;
}
}
}

97
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
View File

@ -33,22 +33,24 @@ import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Base64;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
public class SignatureDSA extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureDSA.class.getName());
public static final String URI = Constants.SignatureSpecNS + "dsa-sha1";
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureDSA.class);
/** Field algorithm */
private java.security.Signature signatureAlgorithm = null;
private Signature signatureAlgorithm;
/** size of Q */
private int size;
@ -56,7 +58,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
/**
* Method engineGetURI
*
* @inheritDoc
* {@inheritDoc}
*/
protected String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_DSA;
@ -69,9 +71,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
*/
public SignatureDSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID);
}
LOG.debug("Created SignatureDSA using {}", algorithmID);
String provider = JCEMapper.getProviderId();
try {
@ -91,25 +91,25 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
try {
this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException {
try {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature));
if (LOG.isDebugEnabled()) {
LOG.debug("Called DSA.verify() on " + Base64.getMimeEncoder().encodeToString(signature));
}
byte[] jcebytes = JavaUtils.convertDsaXMLDSIGtoASN1(signature,
@ -117,18 +117,21 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
return this.signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String supplied = null;
if (publicKey != null) {
supplied = publicKey.getClass().getName();
}
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -146,18 +149,16 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
LOG.debug("Exception when reinstantiating Signature: {}", e);
this.signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
size = ((DSAKey)publicKey).getParams().getQ().bitLength();
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected byte[] engineSign() throws XMLSignatureException {
try {
@ -165,19 +166,22 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
return JavaUtils.convertDsaASN1toXMLDSIG(jcebytes, size/8);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String supplied = null;
if (privateKey != null) {
supplied = privateKey.getClass().getName();
}
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -185,70 +189,61 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
}
try {
if (secureRandom == null) {
this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} else {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
}
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
size = ((DSAKey)privateKey).getParams().getQ().bitLength();
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
size = ((DSAKey)privateKey).getParams().getQ().bitLength();
engineInitSign(privateKey, (SecureRandom)null);
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/**
* @inheritDoc
* {@inheritDoc}
*/
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/**
* Method engineGetJCEAlgorithmString
*
* @inheritDoc
* {@inheritDoc}
*/
protected String engineGetJCEAlgorithmString() {
return this.signatureAlgorithm.getAlgorithm();
@ -257,7 +252,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
/**
* Method engineGetJCEProviderName
*
* @inheritDoc
* {@inheritDoc}
*/
protected String engineGetJCEProviderName() {
return this.signatureAlgorithm.getProvider().getName();

272
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java
View File

@ -33,34 +33,31 @@ import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Base64;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
/**
*
* @author $Author: raul $
* @author Alex Dupre
*/
public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureECDSA.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(SignatureECDSA.class);
/** @inheritDoc */
/** {@inheritDoc} */
public abstract String engineGetURI();
/** Field algorithm */
private java.security.Signature signatureAlgorithm = null;
private Signature signatureAlgorithm;
/**
* Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
*
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
@ -71,51 +68,13 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
public static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) throws IOException {
if (asn1Bytes.length < 8 || asn1Bytes[0] != 48) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
int offset;
if (asn1Bytes[1] > 0) {
offset = 2;
} else if (asn1Bytes[1] == (byte) 0x81) {
offset = 3;
} else {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte rLength = asn1Bytes[offset + 1];
int i;
for (i = rLength; (i > 0) && (asn1Bytes[(offset + 2 + rLength) - i] == 0); i--);
byte sLength = asn1Bytes[offset + 2 + rLength + 1];
int j;
for (j = sLength;
(j > 0) && (asn1Bytes[(offset + 2 + rLength + 2 + sLength) - j] == 0); j--);
int rawLen = Math.max(i, j);
if ((asn1Bytes[offset - 1] & 0xff) != asn1Bytes.length - offset
|| (asn1Bytes[offset - 1] & 0xff) != 2 + rLength + 2 + sLength
|| asn1Bytes[offset] != 2
|| asn1Bytes[offset + 2 + rLength] != 2) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte xmldsigBytes[] = new byte[2*rawLen];
System.arraycopy(asn1Bytes, (offset + 2 + rLength) - i, xmldsigBytes, rawLen - i, i);
System.arraycopy(asn1Bytes, (offset + 2 + rLength + 2 + sLength) - j, xmldsigBytes,
2*rawLen - j, j);
return xmldsigBytes;
return ECDSAUtils.convertASN1toXMLDSIG(asn1Bytes);
}
/**
* Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
*
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r, s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param xmldsigBytes
@ -126,58 +85,7 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
public static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) throws IOException {
int rawLen = xmldsigBytes.length/2;
int i;
for (i = rawLen; (i > 0) && (xmldsigBytes[rawLen - i] == 0); i--);
int j = i;
if (xmldsigBytes[rawLen - i] < 0) {
j += 1;
}
int k;
for (k = rawLen; (k > 0) && (xmldsigBytes[2*rawLen - k] == 0); k--);
int l = k;
if (xmldsigBytes[2*rawLen - k] < 0) {
l += 1;
}
int len = 2 + j + 2 + l;
if (len > 255) {
throw new IOException("Invalid XMLDSIG format of ECDSA signature");
}
int offset;
byte asn1Bytes[];
if (len < 128) {
asn1Bytes = new byte[2 + 2 + j + 2 + l];
offset = 1;
} else {
asn1Bytes = new byte[3 + 2 + j + 2 + l];
asn1Bytes[1] = (byte) 0x81;
offset = 2;
}
asn1Bytes[0] = 48;
asn1Bytes[offset++] = (byte) len;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) j;
System.arraycopy(xmldsigBytes, rawLen - i, asn1Bytes, (offset + j) - i, i);
offset += j;
asn1Bytes[offset++] = 2;
asn1Bytes[offset++] = (byte) l;
System.arraycopy(xmldsigBytes, 2*rawLen - k, asn1Bytes, (offset + l) - k, k);
return asn1Bytes;
return ECDSAUtils.convertXMLDSIGtoASN1(xmldsigBytes);
}
/**
@ -189,15 +97,13 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Created SignatureECDSA using " + algorithmID);
}
LOG.debug("Created SignatureECDSA using {}", algorithmID);
String provider = JCEMapper.getProviderId();
try {
if (provider == null) {
this.signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
this.signatureAlgorithm = Signature.getInstance(algorithmID,provider);
this.signatureAlgorithm = Signature.getInstance(algorithmID, provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
@ -210,38 +116,41 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
try {
this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try {
byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Called ECDSA.verify() on " + Base64.encode(signature));
if (LOG.isDebugEnabled()) {
LOG.debug("Called ECDSA.verify() on " + Base64.getMimeEncoder().encodeToString(signature));
}
return this.signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String supplied = null;
if (publicKey != null) {
supplied = publicKey.getClass().getName();
}
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -259,50 +168,34 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
LOG.debug("Exception when reinstantiating Signature: {}", e);
this.signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this.signatureAlgorithm.sign();
return SignatureECDSA.convertASN1toXMLDSIG(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String supplied = null;
if (privateKey != null) {
supplied = privateKey.getClass().getName();
}
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
@ -310,56 +203,65 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
}
try {
if (secureRandom == null) {
this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} else {
this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
}
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
engineInitSign(privateKey, (SecureRandom)null);
}
/** {@inheritDoc} */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try {
this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
throw new XMLSignatureException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
protected String engineGetJCEAlgorithmString() {
return this.signatureAlgorithm.getAlgorithm();
}
/** @inheritDoc */
/** {@inheritDoc} */
protected String engineGetJCEProviderName() {
return this.signatureAlgorithm.getProvider().getName();
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/** @inheritDoc */
/** {@inheritDoc} */
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException {
@ -367,13 +269,12 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
}
/**
* Class SignatureRSASHA1
* Class SignatureECDSASHA1
*
* @author $Author: marcx $
*/
public static class SignatureECDSASHA1 extends SignatureECDSA {
/**
* Constructor SignatureRSASHA1
* Constructor SignatureECDSASHA1
*
* @throws XMLSignatureException
*/
@ -381,21 +282,40 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1;
}
}
/**
* Class SignatureRSASHA256
* Class SignatureECDSASHA224
*/
public static class SignatureECDSASHA224 extends SignatureECDSA {
/**
* Constructor SignatureECDSASHA224
*
* @throws XMLSignatureException
*/
public SignatureECDSASHA224() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA224;
}
}
/**
* Class SignatureECDSASHA256
*
* @author Alex Dupre
*/
public static class SignatureECDSASHA256 extends SignatureECDSA {
/**
* Constructor SignatureRSASHA256
* Constructor SignatureECDSASHA256
*
* @throws XMLSignatureException
*/
@ -403,21 +323,20 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256;
}
}
/**
* Class SignatureRSASHA384
* Class SignatureECDSASHA384
*
* @author Alex Dupre
*/
public static class SignatureECDSASHA384 extends SignatureECDSA {
/**
* Constructor SignatureRSASHA384
* Constructor SignatureECDSASHA384
*
* @throws XMLSignatureException
*/
@ -425,21 +344,20 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384;
}
}
/**
* Class SignatureRSASHA512
* Class SignatureECDSASHA512
*
* @author Alex Dupre
*/
public static class SignatureECDSASHA512 extends SignatureECDSA {
/**
* Constructor SignatureRSASHA512
* Constructor SignatureECDSASHA512
*
* @throws XMLSignatureException
*/
@ -447,10 +365,30 @@ public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
super();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512;
}
}
/**
* Class SignatureECDSARIPEMD160
*/
public static class SignatureECDSARIPEMD160 extends SignatureECDSA {
/**
* Constructor SignatureECDSARIPEMD160
*
* @throws XMLSignatureException
*/
public SignatureECDSARIPEMD160() throws XMLSignatureException {
super();
}
/** {@inheritDoc} */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_RIPEMD160;
}
}
}

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/package.html
View File

@ -1,3 +0,0 @@
<HTML> <HEAD> </HEAD> <BODY> <P>
implementations of {@link com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi}.
</P></BODY> </HTML>

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
algorithm factories.
</P></BODY></HTML>

25
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
View File

@ -27,7 +27,6 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/**
* Class CanonicalizationException
*
* @author Christian Geuer-Pollmann
*/
public class CanonicalizationException extends XMLSecurityException {
@ -44,6 +43,10 @@ public class CanonicalizationException extends XMLSecurityException {
super();
}
public CanonicalizationException(Exception ex) {
super(ex);
}
/**
* Constructor CanonicalizationException
*
@ -66,23 +69,33 @@ public class CanonicalizationException extends XMLSecurityException {
/**
* Constructor CanonicalizationException
*
* @param msgID
* @param originalException
* @param msgID
*/
public CanonicalizationException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public CanonicalizationException(String msgID, Exception originalException) {
super(msgID, originalException);
this(originalException, msgID);
}
/**
* Constructor CanonicalizationException
*
* @param originalException
* @param msgID
* @param exArgs
* @param originalException
*/
public CanonicalizationException(
String msgID, Object exArgs[], Exception originalException
Exception originalException, String msgID, Object exArgs[]
) {
super(msgID, exArgs, originalException);
super(originalException, msgID, exArgs);
}
@Deprecated
public CanonicalizationException(String msgID, Object exArgs[], Exception originalException) {
this(originalException, msgID, exArgs);
}
}

65
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
View File

@ -25,13 +25,12 @@ package com.sun.org.apache.xml.internal.security.c14n;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments;
@ -42,6 +41,7 @@ import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicaliz
import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
@ -49,12 +49,11 @@ import org.xml.sax.InputSource;
/**
*
* @author Christian Geuer-Pollmann
*/
public class Canonicalizer {
/** The output encoding of canonicalized data */
public static final String ENCODING = "UTF8";
public static final String ENCODING = StandardCharsets.UTF_8.name();
/**
* XPath Expression for selecting every node and continuous comments joined
@ -103,6 +102,7 @@ public class Canonicalizer {
new ConcurrentHashMap<String, Class<? extends CanonicalizerSpi>>();
private final CanonicalizerSpi canonicalizerSpi;
private boolean secureValidation;
/**
* Constructor Canonicalizer
@ -122,7 +122,7 @@ public class Canonicalizer {
} catch (Exception e) {
Object exArgs[] = { algorithmURI };
throw new InvalidCanonicalizerException(
"signature.Canonicalizer.UnknownCanonicalizer", exArgs, e
e, "signature.Canonicalizer.UnknownCanonicalizer", exArgs
);
}
}
@ -162,7 +162,8 @@ public class Canonicalizer {
}
canonicalizerHash.put(
algorithmURI, (Class<? extends CanonicalizerSpi>)Class.forName(implementingClass)
algorithmURI, (Class<? extends CanonicalizerSpi>)
ClassLoaderUtils.loadClass(implementingClass, Canonicalizer.class)
);
}
@ -244,7 +245,7 @@ public class Canonicalizer {
/**
* This method tries to canonicalize the given bytes. It's possible to even
* canonicalize non-wellformed sequences if they are well-formed after being
* wrapped with a <CODE>&gt;a&lt;...&gt;/a&lt;</CODE>.
* wrapped with a {@code &gt;a&lt;...&gt;/a&lt;}.
*
* @param inputBytes
* @return the result of the canonicalization.
@ -256,17 +257,12 @@ public class Canonicalizer {
public byte[] canonicalize(byte[] inputBytes)
throws javax.xml.parsers.ParserConfigurationException,
java.io.IOException, org.xml.sax.SAXException, CanonicalizationException {
InputStream bais = new ByteArrayInputStream(inputBytes);
Document document = null;
try (InputStream bais = new ByteArrayInputStream(inputBytes)) {
InputSource in = new InputSource(bais);
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
dfactory.setNamespaceAware(true);
// needs to validate for ID attribute normalization
dfactory.setValidating(true);
DocumentBuilder db = dfactory.newDocumentBuilder();
DocumentBuilder db = XMLUtils.createDocumentBuilder(true, secureValidation);
/*
* for some of the test vectors from the specification,
@ -291,12 +287,13 @@ public class Canonicalizer {
*/
db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils.IgnoreAllErrorHandler());
Document document = db.parse(in);
document = db.parse(in);
}
return this.canonicalizeSubtree(document);
}
/**
* Canonicalizes the subtree rooted by <CODE>node</CODE>.
* Canonicalizes the subtree rooted by {@code node}.
*
* @param node The node to canonicalize
* @return the result of the c14n.
@ -304,11 +301,12 @@ public class Canonicalizer {
* @throws CanonicalizationException
*/
public byte[] canonicalizeSubtree(Node node) throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeSubTree(node);
}
/**
* Canonicalizes the subtree rooted by <CODE>node</CODE>.
* Canonicalizes the subtree rooted by {@code node}.
*
* @param node
* @param inclusiveNamespaces
@ -317,11 +315,26 @@ public class Canonicalizer {
*/
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces)
throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces);
}
/**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* Canonicalizes the subtree rooted by {@code node}.
*
* @param node
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces, propagateDefaultNamespace);
}
/**
* Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated
* as a list of XPath nodes, not as a list of subtrees.
*
* @param xpathNodeSet
@ -330,11 +343,12 @@ public class Canonicalizer {
*/
public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet)
throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
}
/**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated
* as a list of XPath nodes, not as a list of subtrees.
*
* @param xpathNodeSet
@ -345,6 +359,7 @@ public class Canonicalizer {
public byte[] canonicalizeXPathNodeSet(
NodeList xpathNodeSet, String inclusiveNamespaces
) throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces);
}
@ -358,6 +373,7 @@ public class Canonicalizer {
*/
public byte[] canonicalizeXPathNodeSet(Set<Node> xpathNodeSet)
throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
}
@ -372,6 +388,7 @@ public class Canonicalizer {
public byte[] canonicalizeXPathNodeSet(
Set<Node> xpathNodeSet, String inclusiveNamespaces
) throws CanonicalizationException {
canonicalizerSpi.secureValidation = secureValidation;
return
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces);
}
@ -401,4 +418,12 @@ public class Canonicalizer {
canonicalizerSpi.reset = false;
}
public boolean isSecureValidation() {
return secureValidation;
}
public void setSecureValidation(boolean secureValidation) {
this.secureValidation = secureValidation;
}
}

38
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java
View File

@ -26,9 +26,7 @@ import java.io.ByteArrayInputStream;
import java.io.OutputStream;
import java.util.Set;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
@ -39,12 +37,12 @@ import org.xml.sax.InputSource;
/**
* Base class which all Canonicalization algorithms extend.
*
* @author Christian Geuer-Pollmann
*/
public abstract class CanonicalizerSpi {
/** Reset the writer after a c14n */
protected boolean reset = false;
protected boolean secureValidation;
/**
* Method canonicalize
@ -61,17 +59,14 @@ public abstract class CanonicalizerSpi {
throws javax.xml.parsers.ParserConfigurationException, java.io.IOException,
org.xml.sax.SAXException, CanonicalizationException {
java.io.InputStream bais = new ByteArrayInputStream(inputBytes);
Document document = null;
try (java.io.InputStream bais = new ByteArrayInputStream(inputBytes)) {
InputSource in = new InputSource(bais);
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
// needs to validate for ID attribute normalization
dfactory.setNamespaceAware(true);
DocumentBuilder db = XMLUtils.createDocumentBuilder(false, secureValidation);
DocumentBuilder db = dfactory.newDocumentBuilder();
Document document = db.parse(in);
document = db.parse(in);
}
return this.engineCanonicalizeSubTree(document);
}
@ -159,6 +154,19 @@ public abstract class CanonicalizerSpi {
public abstract byte[] engineCanonicalizeSubTree(Node rootNode, String inclusiveNamespaces)
throws CanonicalizationException;
/**
* C14n a node tree.
*
* @param rootNode
* @param inclusiveNamespaces
* @param propagateDefaultNamespace If true the default namespace will be propagated to the c14n-ized root element
* @return the c14n bytes
* @throws CanonicalizationException
*/
public abstract byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException;
/**
* Sets the writer where the canonicalization ends. ByteArrayOutputStream if
* none is set.
@ -166,4 +174,12 @@ public abstract class CanonicalizerSpi {
*/
public abstract void setWriter(OutputStream os);
public boolean isSecureValidation() {
return secureValidation;
}
public void setSecureValidation(boolean secureValidation) {
this.secureValidation = secureValidation;
}
}

84
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/ClassLoaderUtils.java Normal file
View File

@ -0,0 +1,84 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.c14n;
// NOTE! This is a duplicate of utils.ClassLoaderUtils with public
// modifiers changed to package-private. Make sure to integrate any future
// changes to utils.ClassLoaderUtils to this file.
final class ClassLoaderUtils {
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(ClassLoaderUtils.class);
private ClassLoaderUtils() {
}
/**
* Load a class with a given name. <p></p> It will try to load the class in the
* following order:
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>Using the basic Class.forName()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>From the callingClass.getClassLoader()
* </ul>
*
* @param className The name of the class to load
* @param callingClass The Class object of the calling object
* @throws ClassNotFoundException If the class cannot be found anywhere.
*/
static Class<?> loadClass(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
if (cl != null) {
return cl.loadClass(className);
}
} catch (ClassNotFoundException e) {
LOG.debug(e.getMessage(), e);
//ignore
}
return loadClass2(className, callingClass);
}
private static Class<?> loadClass2(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
return Class.forName(className);
} catch (ClassNotFoundException ex) {
try {
if (ClassLoaderUtils.class.getClassLoader() != null) {
return ClassLoaderUtils.class.getClassLoader().loadClass(className);
}
} catch (ClassNotFoundException exc) {
if (callingClass != null && callingClass.getClassLoader() != null) {
return callingClass.getClassLoader().loadClass(className);
}
}
LOG.debug(ex.getMessage(), ex);
throw ex;
}
}
}

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java
View File

@ -61,23 +61,33 @@ public class InvalidCanonicalizerException extends XMLSecurityException {
/**
* Constructor InvalidCanonicalizerException
*
* @param msgID
* @param originalException
* @param msgID
*/
public InvalidCanonicalizerException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public InvalidCanonicalizerException(String msgID, Exception originalException) {
super(msgID, originalException);
this(originalException, msgID);
}
/**
* Constructor InvalidCanonicalizerException
*
* @param originalException
* @param msgID
* @param exArgs
* @param originalException
*/
public InvalidCanonicalizerException(
String msgID, Object exArgs[], Exception originalException
Exception originalException, String msgID, Object exArgs[]
) {
super(msgID, exArgs, originalException);
super(originalException, msgID, exArgs);
}
@Deprecated
public InvalidCanonicalizerException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
}

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java
View File

@ -41,7 +41,6 @@ import java.util.Comparator;
* key (an empty namespace URI is lexicographically least).
* </UL>
*
* @author Christian Geuer-Pollmann
*/
public class AttrCompare implements Comparator<Attr>, Serializable {
@ -117,6 +116,6 @@ public class AttrCompare implements Comparator<Attr>, Serializable {
return a;
}
return (attr0.getLocalName()).compareTo(attr1.getLocalName());
return attr0.getLocalName().compareTo(attr1.getLocalName());
}
}

8
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/C14nHelper.java
View File

@ -31,9 +31,8 @@ import org.w3c.dom.NamedNodeMap;
/**
* Temporary swapped static functions from the normalizer Section
*
* @author Christian Geuer-Pollmann
*/
public class C14nHelper {
public final class C14nHelper {
/**
* Constructor C14nHelper
@ -100,7 +99,7 @@ public class C14nHelper {
}
String nodeAttrName = attr.getNodeName();
boolean definesDefaultNS = nodeAttrName.equals("xmlns");
boolean definesDefaultNS = "xmlns".equals(nodeAttrName);
boolean definesNonDefaultNS = nodeAttrName.startsWith("xmlns:");
if ((definesDefaultNS || definesNonDefaultNS) && namespaceIsRelative(attr)) {
@ -145,7 +144,8 @@ public class C14nHelper {
if (ctxNode != null) {
NamedNodeMap attributes = ctxNode.getAttributes();
for (int i = 0; i < attributes.getLength(); i++) {
int length = attributes.getLength();
for (int i = 0; i < length; i++) {
C14nHelper.assertNotRelativeNS((Attr) attributes.item(i));
}
} else {

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/package.html
View File

@ -1,3 +0,0 @@
<HTML> <HEAD> </HEAD> <BODY> <P>
helper classes for canonicalization.
</P></BODY> </HTML>

687
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java
View File

@ -1,687 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
/**
* Implements <A HREF="http://www.w3.org/TR/2008/PR-xml-c14n11-20080129/">
* Canonical XML Version 1.1</A>, a W3C Proposed Recommendation from 29
* January 2008.
*
* @author Sean Mullan
* @author Raul Benito
*/
public abstract class Canonicalizer11 extends CanonicalizerBase {
private static final String XMLNS_URI = Constants.NamespaceSpecNS;
private static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Canonicalizer11.class.getName());
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
private boolean firstCall = true;
private static class XmlAttrStack {
static class XmlsStackElement {
int level;
boolean rendered = false;
List<Attr> nodes = new ArrayList<Attr>();
};
int currentLevel = 0;
int lastlevel = 0;
XmlsStackElement cur;
List<XmlsStackElement> levels = new ArrayList<XmlsStackElement>();
void push(int level) {
currentLevel = level;
if (currentLevel == -1) {
return;
}
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
int newSize = levels.size();
if (newSize == 0) {
lastlevel = 0;
return;
}
lastlevel = (levels.get(newSize - 1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection<Attr> col) {
int size = levels.size() - 1;
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = levels.get(size);
if (e.rendered && e.level + 1 == currentLevel) {
parentRendered = true;
}
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map<String, Attr> loa = new HashMap<String, Attr>();
List<Attr> baseAttrs = new ArrayList<Attr>();
boolean successiveOmitted = true;
for (; size >= 0; size--) {
e = levels.get(size);
if (e.rendered) {
successiveOmitted = false;
}
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext() && successiveOmitted) {
Attr n = it.next();
if (n.getLocalName().equals("base") && !e.rendered) {
baseAttrs.add(n);
} else if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
if (!baseAttrs.isEmpty()) {
Iterator<Attr> it = col.iterator();
String base = null;
Attr baseAttr = null;
while (it.hasNext()) {
Attr n = it.next();
if (n.getLocalName().equals("base")) {
base = n.getValue();
baseAttr = n;
break;
}
}
it = baseAttrs.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (base == null) {
base = n.getValue();
baseAttr = n;
} else {
try {
base = joinURI(n.getValue(), base);
} catch (URISyntaxException ue) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, ue.getMessage(), ue);
}
}
}
}
if (base != null && base.length() != 0) {
baseAttr.setValue(base);
col.add(baseAttr);
}
}
cur.rendered = true;
col.addAll(loa.values());
}
};
private XmlAttrStack xmlattrStack = new XmlAttrStack();
/**
* Constructor Canonicalizer11
*
* @param includeComments
*/
public Canonicalizer11(boolean includeComments) {
super(includeComments);
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException always
*/
public byte[] engineCanonicalizeXPathNodeSet(
Set<Node> xpathNodeSet, String inclusiveNamespaces
) throws CanonicalizationException {
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces
) throws CanonicalizationException {
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Returns the Attr[]s to be output for the given element.
* <br>
* The code of this method is a copy of {@link #handleAttributes(Element,
* NameSpaceSymbTable)},
* whereas it takes into account that subtree-c14n is -- well --
* subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
*/
@Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
if (!element.hasAttributes() && !firstCall) {
return null;
}
// result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result;
result.clear();
if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr attribute = (Attr) attrs.item(i);
String NUri = attribute.getNamespaceURI();
String NName = attribute.getLocalName();
String NValue = attribute.getValue();
if (!XMLNS_URI.equals(NUri)) {
// It's not a namespace attr node. Add to the result and continue.
result.add(attribute);
} else if (!(XML.equals(NName) && XML_LANG_URI.equals(NValue))) {
// The default mapping for xml must not be output.
Node n = ns.addMappingAndRender(NName, NValue, attribute);
if (n != null) {
// Render the ns definition
result.add((Attr)n);
if (C14nHelper.namespaceIsRelative(attribute)) {
Object exArgs[] = {element.getTagName(), NName, attribute.getNodeValue()};
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs
);
}
}
}
}
}
if (firstCall) {
// It is the first node of the subtree
// Obtain all the namespaces defined in the parents, and added to the output.
ns.getUnrenderedNodes(result);
// output the attributes in the xml namespace.
xmlattrStack.getXmlnsAttr(result);
firstCall = false;
}
return result.iterator();
}
/**
* Returns the Attr[]s to be output for the given element.
* <br>
* IMPORTANT: This method expects to work on a modified DOM tree, i.e. a
* DOM which has been prepared using
* {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650(
* org.w3c.dom.Document)}.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
*/
@Override
protected Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
// result will contain the attrs which have to be output
xmlattrStack.push(ns.getLevel());
boolean isRealVisible = isVisibleDO(element, ns.getLevel()) == 1;
final SortedSet<Attr> result = this.result;
result.clear();
if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr attribute = (Attr) attrs.item(i);
String NUri = attribute.getNamespaceURI();
String NName = attribute.getLocalName();
String NValue = attribute.getValue();
if (!XMLNS_URI.equals(NUri)) {
//A non namespace definition node.
if (XML_LANG_URI.equals(NUri)) {
if (NName.equals("id")) {
if (isRealVisible) {
// treat xml:id like any other attribute
// (emit it, but don't inherit it)
result.add(attribute);
}
} else {
xmlattrStack.addXmlnsAttr(attribute);
}
} else if (isRealVisible) {
//The node is visible add the attribute to the list of output attributes.
result.add(attribute);
}
} else if (!XML.equals(NName) || !XML_LANG_URI.equals(NValue)) {
/* except omit namespace node with local name xml, which defines
* the xml prefix, if its string value is
* http://www.w3.org/XML/1998/namespace.
*/
// add the prefix binding to the ns symb table.
if (isVisible(attribute)) {
if (isRealVisible || !ns.removeMappingIfRender(NName)) {
// The xpath select this node output it if needed.
Node n = ns.addMappingAndRender(NName, NValue, attribute);
if (n != null) {
result.add((Attr)n);
if (C14nHelper.namespaceIsRelative(attribute)) {
Object exArgs[] = { element.getTagName(), NName, attribute.getNodeValue() };
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs
);
}
}
}
} else {
if (isRealVisible && !XMLNS.equals(NName)) {
ns.removeMapping(NName);
} else {
ns.addMapping(NName, NValue, attribute);
}
}
}
}
}
if (isRealVisible) {
//The element is visible, handle the xmlns definition
Attr xmlns = element.getAttributeNodeNS(XMLNS_URI, XMLNS);
Node n = null;
if (xmlns == null) {
//No xmlns def just get the already defined.
n = ns.getMapping(XMLNS);
} else if (!isVisible(xmlns)) {
//There is a definition but the xmlns is not selected by the xpath.
//then xmlns=""
n = ns.addMappingAndRender(
XMLNS, "", getNullNode(xmlns.getOwnerDocument()));
}
//output the xmlns def if needed.
if (n != null) {
result.add((Attr)n);
}
//Float all xml:* attributes of the unselected parent elements to this one.
xmlattrStack.getXmlnsAttr(result);
ns.getUnrenderedNodes(result);
}
return result.iterator();
}
protected void circumventBugIfNeeded(XMLSignatureInput input)
throws CanonicalizationException, ParserConfigurationException,
IOException, SAXException {
if (!input.isNeedsToBeExpanded()) {
return;
}
Document doc = null;
if (input.getSubNode() != null) {
doc = XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc = XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
protected void handleParent(Element e, NameSpaceSymbTable ns) {
if (!e.hasAttributes() && e.getNamespaceURI() == null) {
return;
}
xmlattrStack.push(-1);
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr attribute = (Attr) attrs.item(i);
String NName = attribute.getLocalName();
String NValue = attribute.getNodeValue();
if (Constants.NamespaceSpecNS.equals(attribute.getNamespaceURI())) {
if (!XML.equals(NName) || !Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
ns.addMapping(NName, NValue, attribute);
}
} else if (!"id".equals(NName) && XML_LANG_URI.equals(attribute.getNamespaceURI())) {
xmlattrStack.addXmlnsAttr(attribute);
}
}
if (e.getNamespaceURI() != null) {
String NName = e.getPrefix();
String NValue = e.getNamespaceURI();
String Name;
if (NName == null || NName.equals("")) {
NName = "xmlns";
Name = "xmlns";
} else {
Name = "xmlns:" + NName;
}
Attr n = e.getOwnerDocument().createAttributeNS("http://www.w3.org/2000/xmlns/", Name);
n.setValue(NValue);
ns.addMapping(NName, NValue, n);
}
}
private static String joinURI(String baseURI, String relativeURI) throws URISyntaxException {
String bscheme = null;
String bauthority = null;
String bpath = "";
String bquery = null;
// pre-parse the baseURI
if (baseURI != null) {
if (baseURI.endsWith("..")) {
baseURI = baseURI + "/";
}
URI base = new URI(baseURI);
bscheme = base.getScheme();
bauthority = base.getAuthority();
bpath = base.getPath();
bquery = base.getQuery();
}
URI r = new URI(relativeURI);
String rscheme = r.getScheme();
String rauthority = r.getAuthority();
String rpath = r.getPath();
String rquery = r.getQuery();
String tscheme, tauthority, tpath, tquery;
if (rscheme != null && rscheme.equals(bscheme)) {
rscheme = null;
}
if (rscheme != null) {
tscheme = rscheme;
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rauthority != null) {
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rpath.length() == 0) {
tpath = bpath;
if (rquery != null) {
tquery = rquery;
} else {
tquery = bquery;
}
} else {
if (rpath.startsWith("/")) {
tpath = removeDotSegments(rpath);
} else {
if (bauthority != null && bpath.length() == 0) {
tpath = "/" + rpath;
} else {
int last = bpath.lastIndexOf('/');
if (last == -1) {
tpath = rpath;
} else {
tpath = bpath.substring(0, last+1) + rpath;
}
}
tpath = removeDotSegments(tpath);
}
tquery = rquery;
}
tauthority = bauthority;
}
tscheme = bscheme;
}
return new URI(tscheme, tauthority, tpath, tquery, null).toString();
}
private static String removeDotSegments(String path) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "STEP OUTPUT BUFFER\t\tINPUT BUFFER");
}
// 1. The input buffer is initialized with the now-appended path
// components then replace occurrences of "//" in the input buffer
// with "/" until no more occurrences of "//" are in the input buffer.
String input = path;
while (input.indexOf("//") > -1) {
input = input.replaceAll("//", "/");
}
// Initialize the output buffer with the empty string.
StringBuilder output = new StringBuilder();
// If the input buffer starts with a root slash "/" then move this
// character to the output buffer.
if (input.charAt(0) == '/') {
output.append("/");
input = input.substring(1);
}
printStep("1 ", output.toString(), input);
// While the input buffer is not empty, loop as follows
while (input.length() != 0) {
// 2A. If the input buffer begins with a prefix of "./",
// then remove that prefix from the input buffer
// else if the input buffer begins with a prefix of "../", then
// if also the output does not contain the root slash "/" only,
// then move this prefix to the end of the output buffer else
// remove that prefix
if (input.startsWith("./")) {
input = input.substring(2);
printStep("2A", output.toString(), input);
} else if (input.startsWith("../")) {
input = input.substring(3);
if (!output.toString().equals("/")) {
output.append("../");
}
printStep("2A", output.toString(), input);
// 2B. if the input buffer begins with a prefix of "/./" or "/.",
// where "." is a complete path segment, then replace that prefix
// with "/" in the input buffer; otherwise,
} else if (input.startsWith("/./")) {
input = input.substring(2);
printStep("2B", output.toString(), input);
} else if (input.equals("/.")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/.", "/");
printStep("2B", output.toString(), input);
// 2C. if the input buffer begins with a prefix of "/../" or "/..",
// where ".." is a complete path segment, then replace that prefix
// with "/" in the input buffer and if also the output buffer is
// empty, last segment in the output buffer equals "../" or "..",
// where ".." is a complete path segment, then append ".." or "/.."
// for the latter case respectively to the output buffer else
// remove the last segment and its preceding "/" (if any) from the
// output buffer and if hereby the first character in the output
// buffer was removed and it was not the root slash then delete a
// leading slash from the input buffer; otherwise,
} else if (input.startsWith("/../")) {
input = input.substring(3);
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
} else if (input.equals("/..")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/..", "/");
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
// 2D. if the input buffer consists only of ".", then remove
// that from the input buffer else if the input buffer consists
// only of ".." and if the output buffer does not contain only
// the root slash "/", then move the ".." to the output buffer
// else delte it.; otherwise,
} else if (input.equals(".")) {
input = "";
printStep("2D", output.toString(), input);
} else if (input.equals("..")) {
if (!output.toString().equals("/")) {
output.append("..");
}
input = "";
printStep("2D", output.toString(), input);
// 2E. move the first path segment (if any) in the input buffer
// to the end of the output buffer, including the initial "/"
// character (if any) and any subsequent characters up to, but not
// including, the next "/" character or the end of the input buffer.
} else {
int end = -1;
int begin = input.indexOf('/');
if (begin == 0) {
end = input.indexOf('/', 1);
} else {
end = begin;
begin = 0;
}
String segment;
if (end == -1) {
segment = input.substring(begin);
input = "";
} else {
segment = input.substring(begin, end);
input = input.substring(end);
}
output.append(segment);
printStep("2E", output.toString(), input);
}
}
// 3. Finally, if the only or last segment of the output buffer is
// "..", where ".." is a complete path segment not followed by a slash
// then append a slash "/". The output buffer is returned as the result
// of remove_dot_segments
if (output.toString().endsWith("..")) {
output.append("/");
printStep("3 ", output.toString(), input);
}
return output.toString();
}
private static void printStep(String step, String output, String input) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, " " + step + ": " + output);
if (output.length() == 0) {
log.log(java.util.logging.Level.FINE, "\t\t\t\t" + input);
} else {
log.log(java.util.logging.Level.FINE, "\t\t\t" + input);
}
}
}
}

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java
View File

@ -25,12 +25,11 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Sean Mullan
*/
public class Canonicalizer11_OmitComments extends Canonicalizer11 {
public class Canonicalizer11_OmitComments extends Canonicalizer20010315 {
public Canonicalizer11_OmitComments() {
super(false);
super(false, true);
}
public final String engineGetURI() {

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java
View File

@ -25,12 +25,11 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Sean Mullan
*/
public class Canonicalizer11_WithComments extends Canonicalizer11 {
public class Canonicalizer11_WithComments extends Canonicalizer20010315 {
public Canonicalizer11_WithComments() {
super(true);
super(true, true);
}
public final String engineGetURI() {

188
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java
View File

@ -23,11 +23,7 @@
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.io.OutputStream;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
@ -38,9 +34,9 @@ import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
@ -51,97 +47,13 @@ import org.xml.sax.SAXException;
* Implements <A HREF="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">Canonical
* XML Version 1.0</A>, a W3C Recommendation from 15 March 2001.
*
* @author Christian Geuer-Pollmann <geuerp@apache.org>
*/
public abstract class Canonicalizer20010315 extends CanonicalizerBase {
private static final String XMLNS_URI = Constants.NamespaceSpecNS;
private static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
private boolean firstCall = true;
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
private static class XmlAttrStack {
static class XmlsStackElement {
int level;
boolean rendered = false;
List<Attr> nodes = new ArrayList<Attr>();
};
int currentLevel = 0;
int lastlevel = 0;
XmlsStackElement cur;
List<XmlsStackElement> levels = new ArrayList<XmlsStackElement>();
void push(int level) {
currentLevel = level;
if (currentLevel == -1) {
return;
}
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
int newSize = levels.size();
if (newSize == 0) {
lastlevel = 0;
return;
}
lastlevel = (levels.get(newSize - 1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection<Attr> col) {
int size = levels.size() - 1;
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = levels.get(size);
if (e.rendered && e.level + 1 == currentLevel) {
parentRendered = true;
}
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map<String, Attr> loa = new HashMap<String, Attr>();
for (; size >= 0; size--) {
e = levels.get(size);
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
cur.rendered = true;
col.addAll(loa.values());
}
}
private XmlAttrStack xmlattrStack = new XmlAttrStack();
private final XmlAttrStack xmlattrStack;
private final boolean c14n11;
/**
* Constructor Canonicalizer20010315
@ -149,9 +61,22 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
* @param includeComments
*/
public Canonicalizer20010315(boolean includeComments) {
super(includeComments);
this(includeComments, false);
}
/**
* Constructor Canonicalizer20010315
*
* @param includeComments
* @param c14n11 Whether this is a Canonical XML 1.1 implementation or not
*/
public Canonicalizer20010315(boolean includeComments, boolean c14n11) {
super(includeComments);
xmlattrStack = new XmlAttrStack(c14n11);
this.c14n11 = c14n11;
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
@ -183,28 +108,44 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
}
/**
* Returns the Attr[]s to be output for the given element.
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException {
/** $todo$ well, should we throw UnsupportedOperationException ? */
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Output the Attr[]s for the given element.
* <br>
* The code of this method is a copy of {@link #handleAttributes(Element,
* NameSpaceSymbTable)},
* The code of this method is a copy of {@link #outputAttributes(Element,
* NameSpaceSymbTable, Map<String, byte[]>)},
* whereas it takes into account that subtree-c14n is -- well -- subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
* @param cache
* @throws CanonicalizationException, DOMException, IOException
*/
@Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
protected void outputAttributesSubtree(Element element, NameSpaceSymbTable ns,
Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
if (!element.hasAttributes() && !firstCall) {
return null;
return;
}
// result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result;
result.clear();
SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes();
@ -246,11 +187,15 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
firstCall = false;
}
return result.iterator();
OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
/**
* Returns the Attr[]s to be output for the given element.
* Output the Attr[]s for the given element.
* <br>
* IMPORTANT: This method expects to work on a modified DOM tree, i.e. a DOM which has
* been prepared using {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650(
@ -258,17 +203,17 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
* @param cache
* @throws CanonicalizationException, DOMException, IOException
*/
@Override
protected Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
protected void outputAttributes(Element element, NameSpaceSymbTable ns,
Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
// result will contain the attrs which have to be output
xmlattrStack.push(ns.getLevel());
boolean isRealVisible = isVisibleDO(element, ns.getLevel()) == 1;
final SortedSet<Attr> result = this.result;
result.clear();
SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
if (element.hasAttributes()) {
NamedNodeMap attrs = element.getAttributes();
@ -283,7 +228,15 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
if (!XMLNS_URI.equals(NUri)) {
//A non namespace definition node.
if (XML_LANG_URI.equals(NUri)) {
if (c14n11 && "id".equals(NName)) {
if (isRealVisible) {
// treat xml:id like any other attribute
// (emit it, but don't inherit it)
result.add(attribute);
}
} else {
xmlattrStack.addXmlnsAttr(attribute);
}
} else if (isRealVisible) {
//The node is visible add the attribute to the list of output attributes.
result.add(attribute);
@ -339,7 +292,11 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
ns.getUnrenderedNodes(result);
}
return result.iterator();
OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
protected void circumventBugIfNeeded(XMLSignatureInput input)
@ -369,11 +326,12 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
String NName = attribute.getLocalName();
String NValue = attribute.getNodeValue();
if (Constants.NamespaceSpecNS.equals(attribute.getNamespaceURI())) {
if (!XML.equals(NName) || !Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
if (XMLNS_URI.equals(attribute.getNamespaceURI())) {
if (!XML.equals(NName) || !XML_LANG_URI.equals(NValue)) {
ns.addMapping(NName, NValue, attribute);
}
} else if (XML_LANG_URI.equals(attribute.getNamespaceURI())) {
} else if (XML_LANG_URI.equals(attribute.getNamespaceURI())
&& (!c14n11 || c14n11 && !"id".equals(NName))) {
xmlattrStack.addXmlnsAttr(attribute);
}
}

82
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java
View File

@ -23,7 +23,8 @@
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.util.Iterator;
import java.io.OutputStream;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
@ -33,9 +34,9 @@ import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
@ -45,31 +46,25 @@ import org.xml.sax.SAXException;
/**
* Implements &quot; <A
* HREF="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">Exclusive XML
* Canonicalization, Version 1.0 </A>&quot; <BR />
* Canonicalization, Version 1.0 </A>&quot; <p></p>
* Credits: During restructuring of the Canonicalizer framework, Ren??
* Kollmorgen from Software AG submitted an implementation of ExclC14n which
* fitted into the old architecture and which based heavily on my old (and slow)
* implementation of "Canonical XML". A big "thank you" to Ren?? for this.
* <BR />
* <p></p>
* <i>THIS </i> implementation is a complete rewrite of the algorithm.
*
* @author Christian Geuer-Pollmann <geuerp@apache.org>
* @version $Revision: 1147448 $
* @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ Exclusive#">
* XML Canonicalization, Version 1.0</a>
* @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">
* Exclusive XML Canonicalization, Version 1.0</a>
*/
public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
private static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
private static final String XMLNS_URI = Constants.NamespaceSpecNS;
/**
* This Set contains the names (Strings like "xmlns" or "xmlns:foo") of
* the inclusive namespaces.
*/
private SortedSet<String> inclusiveNSSet;
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
private boolean propagateDefaultNamespace = false;
/**
* Constructor Canonicalizer20010315Excl
@ -82,7 +77,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
/**
* Method engineCanonicalizeSubTree
* @inheritDoc
* {@inheritDoc}
* @param rootNode
*
* @throws CanonicalizationException
@ -94,7 +89,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
/**
* Method engineCanonicalizeSubTree
* @inheritDoc
* {@inheritDoc}
* @param rootNode
* @param inclusiveNamespaces
*
@ -106,6 +101,22 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
return engineCanonicalizeSubTree(rootNode, inclusiveNamespaces, null);
}
/**
* Method engineCanonicalizeSubTree
* {@inheritDoc}
* @param rootNode
* @param inclusiveNamespaces
* @param propagateDefaultNamespace If true the default namespace will be propagated to the c14n-ized root element
*
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace
) throws CanonicalizationException {
this.propagateDefaultNamespace = propagateDefaultNamespace;
return engineCanonicalizeSubTree(rootNode, inclusiveNamespaces, null);
}
/**
* Method engineCanonicalizeSubTree
* @param rootNode
@ -137,7 +148,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
/**
* Method engineCanonicalizeXPathNodeSet
* @inheritDoc
* {@inheritDoc}
* @param xpathNodeSet
* @param inclusiveNamespaces
* @throws CanonicalizationException
@ -150,11 +161,11 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
@Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
protected void outputAttributesSubtree(Element element, NameSpaceSymbTable ns,
Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
// result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result;
result.clear();
SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
// The prefix visibly utilized (in the attribute or in the name) in
// the element
@ -193,6 +204,13 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
}
}
if (propagateDefaultNamespace && ns.getLevel() == 1 &&
inclusiveNSSet.contains(XMLNS) &&
ns.getMappingWithoutRendered(XMLNS) == null) {
ns.removeMapping(XMLNS);
ns.addMapping(
XMLNS, "", getNullNode(element.getOwnerDocument()));
}
String prefix = null;
if (element.getNamespaceURI() != null
&& !(element.getPrefix() == null || element.getPrefix().length() == 0)) {
@ -209,20 +227,22 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
}
return result.iterator();
OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
/**
* @inheritDoc
* @param element
* @throws CanonicalizationException
* {@inheritDoc}
*/
@Override
protected final Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
protected void outputAttributes(Element element, NameSpaceSymbTable ns,
Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
// result will contain the attrs which have to be output
final SortedSet<Attr> result = this.result;
result.clear();
SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
// The prefix visibly utilized (in the attribute or in the name) in
// the element
@ -312,7 +332,11 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
}
return result.iterator();
OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
protected void circumventBugIfNeeded(XMLSignatureInput input)

4
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclOmitComments.java
View File

@ -33,12 +33,12 @@ public class Canonicalizer20010315ExclOmitComments extends Canonicalizer20010315
super(false);
}
/** @inheritDoc */
/** {@inheritDoc} */
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
}
/** @inheritDoc */
/** {@inheritDoc} */
public final boolean engineGetIncludeComments() {
return false;
}

4
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java
View File

@ -37,12 +37,12 @@ public class Canonicalizer20010315ExclWithComments extends Canonicalizer20010315
super(true);
}
/** @inheritDoc */
/** {@inheritDoc} */
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
}
/** @inheritDoc */
/** {@inheritDoc} */
public final boolean engineGetIncludeComments() {
return true;
}

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315OmitComments.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Christian Geuer-Pollmann
*/
public class Canonicalizer20010315OmitComments extends Canonicalizer20010315 {
@ -37,12 +36,12 @@ public class Canonicalizer20010315OmitComments extends Canonicalizer20010315 {
super(false);
}
/** @inheritDoc */
/** {@inheritDoc} */
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
}
/** @inheritDoc */
/** {@inheritDoc} */
public final boolean engineGetIncludeComments() {
return false;
}

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Christian Geuer-Pollmann
*/
public class Canonicalizer20010315WithComments extends Canonicalizer20010315 {
@ -36,12 +35,12 @@ public class Canonicalizer20010315WithComments extends Canonicalizer20010315 {
super(true);
}
/** @inheritDoc */
/** {@inheritDoc} */
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
}
/** @inheritDoc */
/** {@inheritDoc} */
public final boolean engineGetIncludeComments() {
return true;
}

156
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java
View File

@ -46,8 +46,9 @@ import com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStrea
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.Comment;
import org.w3c.dom.Element;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.ProcessingInstruction;
@ -55,12 +56,14 @@ import org.xml.sax.SAXException;
/**
* Abstract base class for canonicalization algorithms.
*
* @author Christian Geuer-Pollmann <geuerp@apache.org>
* Please note that these implementations are NOT thread safe - please see the following JIRA for more information:
* https://issues.apache.org/jira/browse/SANTUARIO-463
*/
public abstract class CanonicalizerBase extends CanonicalizerSpi {
public static final String XML = "xml";
public static final String XMLNS = "xmlns";
public static final String XMLNS_URI = Constants.NamespaceSpecNS;
public static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
protected static final AttrCompare COMPARE = new AttrCompare();
@ -112,7 +115,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
/**
* Method engineCanonicalizeSubTree
* @inheritDoc
* {@inheritDoc}
* @param rootNode
* @throws CanonicalizationException
*/
@ -123,7 +126,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
/**
* Method engineCanonicalizeXPathNodeSet
* @inheritDoc
* {@inheritDoc}
* @param xpathNodeSet
* @throws CanonicalizationException
*/
@ -161,14 +164,12 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
}
}
return null;
} catch (CanonicalizationException ex) {
throw new CanonicalizationException("empty", ex);
} catch (ParserConfigurationException ex) {
throw new CanonicalizationException("empty", ex);
throw new CanonicalizationException(ex);
} catch (IOException ex) {
throw new CanonicalizationException("empty", ex);
throw new CanonicalizationException(ex);
} catch (SAXException ex) {
throw new CanonicalizationException("empty", ex);
throw new CanonicalizationException(ex);
}
}
@ -179,6 +180,10 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
this.writer = writer;
}
protected OutputStream getWriter() {
return writer;
}
/**
* Canonicalizes a Subtree node.
*
@ -224,9 +229,9 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return null;
} catch (UnsupportedEncodingException ex) {
throw new CanonicalizationException("empty", ex);
throw new CanonicalizationException(ex);
} catch (IOException ex) {
throw new CanonicalizationException("empty", ex);
throw new CanonicalizationException(ex);
}
}
@ -243,7 +248,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
protected final void canonicalizeSubTree(
Node currentNode, NameSpaceSymbTable ns, Node endnode, int documentLevel
) throws CanonicalizationException, IOException {
if (isVisibleInt(currentNode) == -1) {
if (currentNode == null || isVisibleInt(currentNode) == -1) {
return;
}
Node sibling = null;
@ -251,7 +256,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final OutputStream writer = this.writer;
final Node excludeNode = this.excludeNode;
final boolean includeComments = this.includeComments;
Map<String, byte[]> cache = new HashMap<String, byte[]>();
Map<String, byte[]> cache = new HashMap<>();
do {
switch (currentNode.getNodeType()) {
@ -259,7 +264,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
case Node.NOTATION_NODE :
case Node.ATTRIBUTE_NODE :
// illegal node type during traversal
throw new CanonicalizationException("empty");
throw new CanonicalizationException("empty",
new Object[]{"illegal node type during traversal"});
case Node.DOCUMENT_FRAGMENT_NODE :
case Node.DOCUMENT_NODE :
@ -294,14 +300,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
String name = currentElement.getTagName();
UtfHelpper.writeByte(name, writer, cache);
Iterator<Attr> attrs = this.handleAttributesSubtree(currentElement, ns);
if (attrs != null) {
//we output all Attrs which are available
while (attrs.hasNext()) {
Attr attr = attrs.next();
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
outputAttributesSubtree(currentElement, ns, cache);
writer.write('>');
sibling = currentNode.getFirstChild();
if (sibling == null) {
@ -373,9 +373,9 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
}
return null;
} catch (UnsupportedEncodingException ex) {
throw new CanonicalizationException("empty", ex);
throw new CanonicalizationException(ex);
} catch (IOException ex) {
throw new CanonicalizationException("empty", ex);
throw new CanonicalizationException(ex);
}
}
@ -403,9 +403,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
}
Node sibling = null;
Node parentNode = null;
OutputStream writer = this.writer;
int documentLevel = NODE_BEFORE_DOCUMENT_ELEMENT;
Map<String, byte[]> cache = new HashMap<String, byte[]>();
Map<String, byte[]> cache = new HashMap<>();
do {
switch (currentNode.getNodeType()) {
@ -413,7 +412,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
case Node.NOTATION_NODE :
case Node.ATTRIBUTE_NODE :
// illegal node type during traversal
throw new CanonicalizationException("empty");
throw new CanonicalizationException("empty",
new Object[]{"illegal node type during traversal"});
case Node.DOCUMENT_FRAGMENT_NODE :
case Node.DOCUMENT_NODE :
@ -422,7 +422,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break;
case Node.COMMENT_NODE :
if (this.includeComments && (isVisibleDO(currentNode, ns.getLevel()) == 1)) {
if (this.includeComments && isVisibleDO(currentNode, ns.getLevel()) == 1) {
outputCommentToWriter((Comment) currentNode, writer, documentLevel);
}
break;
@ -438,8 +438,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (isVisible(currentNode)) {
outputTextToWriter(currentNode.getNodeValue(), writer);
for (Node nextSibling = currentNode.getNextSibling();
(nextSibling != null) && ((nextSibling.getNodeType() == Node.TEXT_NODE)
|| (nextSibling.getNodeType() == Node.CDATA_SECTION_NODE));
nextSibling != null && (nextSibling.getNodeType() == Node.TEXT_NODE
|| nextSibling.getNodeType() == Node.CDATA_SECTION_NODE);
nextSibling = nextSibling.getNextSibling()) {
outputTextToWriter(nextSibling.getNodeValue(), writer);
currentNode = nextSibling;
@ -458,7 +458,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
sibling = currentNode.getNextSibling();
break;
}
currentNodeIsVisible = (i == 1);
currentNodeIsVisible = i == 1;
if (currentNodeIsVisible) {
ns.outputNodePush();
writer.write('<');
@ -468,14 +468,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
ns.push();
}
Iterator<Attr> attrs = handleAttributes(currentElement,ns);
if (attrs != null) {
//we output all Attrs which are available
while (attrs.hasNext()) {
Attr attr = attrs.next();
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
outputAttributes(currentElement, ns, cache);
if (currentNodeIsVisible) {
writer.write('>');
}
@ -535,13 +529,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (nodeFilter != null) {
Iterator<NodeFilter> it = nodeFilter.iterator();
while (it.hasNext()) {
int i = (it.next()).isNodeIncludeDO(currentNode, level);
int i = it.next().isNodeIncludeDO(currentNode, level);
if (i != 1) {
return i;
}
}
}
if ((this.xpathNodeSet != null) && !this.xpathNodeSet.contains(currentNode)) {
if (this.xpathNodeSet != null && !this.xpathNodeSet.contains(currentNode)) {
return 0;
}
return 1;
@ -551,13 +545,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (nodeFilter != null) {
Iterator<NodeFilter> it = nodeFilter.iterator();
while (it.hasNext()) {
int i = (it.next()).isNodeInclude(currentNode);
int i = it.next().isNodeInclude(currentNode);
if (i != 1) {
return i;
}
}
}
if ((this.xpathNodeSet != null) && !this.xpathNodeSet.contains(currentNode)) {
if (this.xpathNodeSet != null && !this.xpathNodeSet.contains(currentNode)) {
return 0;
}
return 1;
@ -572,7 +566,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
}
}
}
if ((this.xpathNodeSet != null) && !this.xpathNodeSet.contains(currentNode)) {
if (this.xpathNodeSet != null && !this.xpathNodeSet.contains(currentNode)) {
return false;
}
return true;
@ -621,7 +615,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return;
}
//Obtain all the parents of the element
List<Element> parents = new ArrayList<Element>();
List<Element> parents = new ArrayList<>();
Node parent = n1;
while (parent != null && Node.ELEMENT_NODE == parent.getNodeType()) {
parents.add((Element)parent);
@ -634,35 +628,34 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
handleParent(ele, ns);
}
parents.clear();
Attr nsprefix;
if (((nsprefix = ns.getMappingWithoutRendered(XMLNS)) != null)
&& "".equals(nsprefix.getValue())) {
Attr nsprefix = ns.getMappingWithoutRendered(XMLNS);
if (nsprefix != null && "".equals(nsprefix.getValue())) {
ns.addMappingAndRender(
XMLNS, "", getNullNode(nsprefix.getOwnerDocument()));
}
}
/**
* Obtain the attributes to output for this node in XPathNodeSet c14n.
* Output the attributes for this node in XPathNodeSet c14n.
*
* @param element
* @param ns
* @return the attributes nodes to output.
* @throws CanonicalizationException
* @param cache
* @throws CanonicalizationException, DOMException, IOException
*/
abstract Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException;
abstract void outputAttributes(Element element, NameSpaceSymbTable ns, Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException;
/**
* Obtain the attributes to output for this node in a Subtree c14n.
* Output the attributes for this node in a Subtree c14n.
*
* @param element
* @param ns
* @return the attributes nodes to output.
* @throws CanonicalizationException
* @param cache
* @throws CanonicalizationException, DOMException, IOException
*/
abstract Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException;
abstract void outputAttributesSubtree(Element element, NameSpaceSymbTable ns, Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException;
abstract void circumventBugIfNeeded(XMLSignatureInput input)
throws CanonicalizationException, ParserConfigurationException, IOException, SAXException;
@ -672,13 +665,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
*
* The string value of the node is modified by replacing
* <UL>
* <LI>all ampersands (&) with <CODE>&amp;amp;</CODE></LI>
* <LI>all open angle brackets (<) with <CODE>&amp;lt;</CODE></LI>
* <LI>all quotation mark characters with <CODE>&amp;quot;</CODE></LI>
* <LI>and the whitespace characters <CODE>#x9</CODE>, #xA, and #xD, with character
* <LI>all ampersands with {@code &amp;amp;}</LI>
* <LI>all open angle brackets with {@code &amp;lt;}</LI>
* <LI>all quotation mark characters with {@code &amp;quot;}</LI>
* <LI>and the whitespace characters {@code #x9}, #xA, and #xD, with character
* references. The character references are written in uppercase
* hexadecimal with no leading zeroes (for example, <CODE>#xD</CODE> is represented
* by the character reference <CODE>&amp;#xD;</CODE>)</LI>
* hexadecimal with no leading zeroes (for example, {@code #xD} is represented
* by the character reference {@code &amp;#xD;})</LI>
* </UL>
*
* @param name
@ -697,7 +690,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final int length = value.length();
int i = 0;
while (i < length) {
char c = value.charAt(i++);
int c = value.codePointAt(i);
i += Character.charCount(c);
switch (c) {
@ -729,7 +723,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c, writer);
UtfHelpper.writeCodePointToUtf8(c, writer);
}
continue;
}
@ -757,15 +751,16 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final String target = currentPI.getTarget();
int length = target.length();
for (int i = 0; i < length; i++) {
char c = target.charAt(i);
for (int i = 0; i < length; ) {
int c = target.codePointAt(i);
i += Character.charCount(c);
if (c == 0x0D) {
writer.write(XD.clone());
} else {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c, writer);
UtfHelpper.writeCodePointToUtf8(c, writer);
}
}
}
@ -777,12 +772,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (length > 0) {
writer.write(' ');
for (int i = 0; i < length; i++) {
char c = data.charAt(i);
for (int i = 0; i < length; ) {
int c = data.codePointAt(i);
i += Character.charCount(c);
if (c == 0x0D) {
writer.write(XD.clone());
} else {
UtfHelpper.writeCharToUtf8(c, writer);
UtfHelpper.writeCodePointToUtf8(c, writer);
}
}
}
@ -811,15 +807,16 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
final String data = currentComment.getData();
final int length = data.length();
for (int i = 0; i < length; i++) {
char c = data.charAt(i);
for (int i = 0; i < length; ) {
int c = data.codePointAt(i);
i += Character.charCount(c);
if (c == 0x0D) {
writer.write(XD.clone());
} else {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c, writer);
UtfHelpper.writeCodePointToUtf8(c, writer);
}
}
}
@ -842,8 +839,9 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
) throws IOException {
final int length = text.length();
byte[] toWrite;
for (int i = 0; i < length; i++) {
char c = text.charAt(i);
for (int i = 0; i < length; ) {
int c = text.codePointAt(i);
i += Character.charCount(c);
switch (c) {
@ -867,7 +865,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c, writer);
UtfHelpper.writeCodePointToUtf8(c, writer);
}
continue;
}

74
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerPhysical.java
View File

@ -24,7 +24,7 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
@ -36,6 +36,7 @@ import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import org.w3c.dom.Attr;
import org.w3c.dom.Comment;
import org.w3c.dom.DOMException;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
@ -54,8 +55,6 @@ import org.xml.sax.SAXException;
*/
public class CanonicalizerPhysical extends CanonicalizerBase {
private final SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
/**
* Constructor Canonicalizer20010315
*/
@ -94,31 +93,43 @@ public class CanonicalizerPhysical extends CanonicalizerBase {
}
/**
* Returns the Attr[]s to be output for the given element.
* Always throws a CanonicalizationException.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(
Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace)
throws CanonicalizationException {
/** $todo$ well, should we throw UnsupportedOperationException ? */
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Output the Attr[]s for the given element.
* <br>
* The code of this method is a copy of {@link #handleAttributes(Element,
* NameSpaceSymbTable)},
* The code of this method is a copy of {@link #outputAttributes(Element,
* NameSpaceSymbTable, Map<String, byte[]>)},
* whereas it takes into account that subtree-c14n is -- well -- subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
* @param cache
* @throws CanonicalizationException, DOMException, IOException
*/
@Override
protected Iterator<Attr> handleAttributesSubtree(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
if (!element.hasAttributes()) {
return null;
}
// result will contain all the attrs declared directly on that element
final SortedSet<Attr> result = this.result;
result.clear();
protected void outputAttributesSubtree(Element element, NameSpaceSymbTable ns,
Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
if (element.hasAttributes()) {
// result will contain all the attrs declared directly on that element
SortedSet<Attr> result = new TreeSet<Attr>(COMPARE);
NamedNodeMap attrs = element.getAttributes();
int attrsLength = attrs.getLength();
@ -126,22 +137,19 @@ public class CanonicalizerPhysical extends CanonicalizerBase {
Attr attribute = (Attr) attrs.item(i);
result.add(attribute);
}
OutputStream writer = getWriter();
//we output all Attrs which are available
for (Attr attr : result) {
outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache);
}
}
}
return result.iterator();
}
/**
* Returns the Attr[]s to be output for the given element.
*
* @param element
* @param ns
* @return the Attr[]s to be output
* @throws CanonicalizationException
*/
@Override
protected Iterator<Attr> handleAttributes(Element element, NameSpaceSymbTable ns)
throws CanonicalizationException {
protected void outputAttributes(Element element, NameSpaceSymbTable ns,
Map<String, byte[]> cache)
throws CanonicalizationException, DOMException, IOException {
/** $todo$ well, should we throw UnsupportedOperationException ? */
throw new CanonicalizationException("c14n.Canonicalizer.UnsupportedOperation");
@ -157,12 +165,12 @@ public class CanonicalizerPhysical extends CanonicalizerBase {
// nothing to do
}
/** @inheritDoc */
/** {@inheritDoc} */
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N_PHYSICAL;
}
/** @inheritDoc */
/** {@inheritDoc} */
public final boolean engineGetIncludeComments() {
return true;
}

33
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java
View File

@ -35,7 +35,6 @@ import org.w3c.dom.Node;
* A stack based Symbol Table.
*<br>For speed reasons all the symbols are introduced in the same map,
* and at the same time in a list so it can be removed when the frame is pop back.
* @author Raul Benito
*/
public class NameSpaceSymbTable {
@ -59,7 +58,7 @@ public class NameSpaceSymbTable {
* Default constractor
**/
public NameSpaceSymbTable() {
level = new ArrayList<SymbMap>();
level = new ArrayList<>();
//Insert the default binding for xmlns.
symb = (SymbMap) initialMap.clone();
}
@ -74,7 +73,7 @@ public class NameSpaceSymbTable {
while (it.hasNext()) {
NameSpaceSymbEntry n = it.next();
//put them rendered?
if ((!n.rendered) && (n.n != null)) {
if (!n.rendered && n.n != null) {
n = (NameSpaceSymbEntry) n.clone();
needsClone();
symb.put(n.prefix, n);
@ -123,7 +122,7 @@ public class NameSpaceSymbTable {
if (size == 0) {
cloned = false;
} else {
cloned = (level.get(size - 1) != symb);
cloned = level.get(size - 1) != symb;
}
} else {
cloned = false;
@ -191,7 +190,7 @@ public class NameSpaceSymbTable {
**/
public boolean addMapping(String prefix, String uri, Attr n) {
NameSpaceSymbEntry ob = symb.get(prefix);
if ((ob != null) && uri.equals(ob.uri)) {
if (ob != null && uri.equals(ob.uri)) {
//If we have it previously defined. Don't keep working.
return false;
}
@ -203,7 +202,7 @@ public class NameSpaceSymbTable {
//We have a previous definition store it for the pop.
//Check if a previous definition(not the inmidiatly one) has been rendered.
ne.lastrendered = ob.lastrendered;
if ((ob.lastrendered != null) && (ob.lastrendered.equals(uri))) {
if (ob.lastrendered != null && ob.lastrendered.equals(uri)) {
//Yes it is. Mark as rendered.
ne.rendered = true;
}
@ -222,7 +221,7 @@ public class NameSpaceSymbTable {
public Node addMappingAndRender(String prefix, String uri, Attr n) {
NameSpaceSymbEntry ob = symb.get(prefix);
if ((ob != null) && uri.equals(ob.uri)) {
if (ob != null && uri.equals(ob.uri)) {
if (!ob.rendered) {
ob = (NameSpaceSymbEntry) ob.clone();
needsClone();
@ -234,11 +233,11 @@ public class NameSpaceSymbTable {
return null;
}
NameSpaceSymbEntry ne = new NameSpaceSymbEntry(uri,n,true,prefix);
NameSpaceSymbEntry ne = new NameSpaceSymbEntry(uri, n, true, prefix);
ne.lastrendered = uri;
needsClone();
symb.put(prefix, ne);
if ((ob != null) && (ob.lastrendered != null) && (ob.lastrendered.equals(uri))) {
if (ob != null && ob.lastrendered != null && ob.lastrendered.equals(uri)) {
ne.rendered = true;
return null;
}
@ -304,7 +303,7 @@ class NameSpaceSymbEntry implements Cloneable {
this.prefix = prefix;
}
/** @inheritDoc */
/** {@inheritDoc} */
public Object clone() {
try {
return super.clone();
@ -312,7 +311,7 @@ class NameSpaceSymbEntry implements Cloneable {
return null;
}
}
};
}
class SymbMap implements Cloneable {
int free = 23;
@ -329,7 +328,7 @@ class SymbMap implements Cloneable {
Object oldKey = keys[index];
keys[index] = key;
entries[index] = value;
if ((oldKey == null || !oldKey.equals(key)) && (--free == 0)) {
if ((oldKey == null || !oldKey.equals(key)) && --free == 0) {
free = entries.length;
int newCapacity = free << 2;
rehash(newCapacity);
@ -337,9 +336,9 @@ class SymbMap implements Cloneable {
}
List<NameSpaceSymbEntry> entrySet() {
List<NameSpaceSymbEntry> a = new ArrayList<NameSpaceSymbEntry>();
List<NameSpaceSymbEntry> a = new ArrayList<>();
for (int i = 0;i < entries.length;i++) {
if ((entries[i] != null) && !("".equals(entries[i].uri))) {
if (entries[i] != null && !"".equals(entries[i].uri)) {
a.add(entries[i]);
}
}
@ -353,21 +352,21 @@ class SymbMap implements Cloneable {
int index = (obj.hashCode() & 0x7fffffff) % length;
Object cur = set[index];
if (cur == null || (cur.equals(obj))) {
if (cur == null || cur.equals(obj)) {
return index;
}
length--;
do {
index = index == length ? 0 : ++index;
cur = set[index];
} while (cur != null && (!cur.equals(obj)));
} while (cur != null && !cur.equals(obj));
return index;
}
/**
* rehashes the map to the new capacity.
*
* @param newCapacity an <code>int</code> value
* @param newCapacity an {@code int} value
*/
protected void rehash(int newCapacity) {
int oldCapacity = keys.length;

247
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java
View File

@ -24,11 +24,27 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.io.OutputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Map;
public class UtfHelpper {
public final class UtfHelpper {
static final void writeByte(
/**
* Revert to the old behavior (version 2 or before), i.e. surrogate pairs characters becomes
* '??' in output. Set system property com.sun.org.apache.xml.internal.security.c14n.oldUtf8=true if you want
* to verify signatures generated by version 2 or before that contains 32 bit chars in the
* XML document.
*/
private static final boolean OLD_UTF8 =
AccessController.doPrivileged((PrivilegedAction<Boolean>)
() -> Boolean.getBoolean("com.sun.org.apache.xml.internal.security.c14n.oldUtf8"));
private UtfHelpper() {
// complete
}
public static void writeByte(
final String str,
final OutputStream out,
Map<String, byte[]> cache
@ -42,12 +58,73 @@ public class UtfHelpper {
out.write(result);
}
static final void writeCharToUtf8(final char c, final OutputStream out) throws IOException {
public static void writeCodePointToUtf8(final int c, final OutputStream out) throws IOException {
if (!Character.isValidCodePoint(c) || c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
// valid code point: c >= 0x0000 && c <= 0x10FFFF
out.write(0x3f);
return;
}
if (OLD_UTF8 && c >= Character.MIN_SUPPLEMENTARY_CODE_POINT) {
// version 2 or before output 2 question mark characters for 32 bit chars
out.write(0x3f);
out.write(0x3f);
return;
}
if (c < 0x80) {
// 0x00000000 - 0x0000007F
// 0xxxxxxx
out.write(c);
return;
}
byte extraByte = 0;
if (c < 0x800) {
// 0x00000080 - 0x000007FF
// 110xxxxx 10xxxxxx
extraByte = 1;
} else if (c < 0x10000) {
// 0x00000800 - 0x0000FFFF
// 1110xxxx 10xxxxxx 10xxxxxx
extraByte = 2;
} else if (c < 0x200000) {
// 0x00010000 - 0x001FFFFF
// 11110xxx 10xxxxx 10xxxxxx 10xxxxxx
extraByte = 3;
} else if (c < 0x4000000) {
// 0x00200000 - 0x03FFFFFF
// 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 4;
} else if (c <= 0x7FFFFFFF) {
// 0x04000000 - 0x7FFFFFFF
// 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 5;
} else {
// 0x80000000 - 0xFFFFFFFF
// case not possible as java has no unsigned int
out.write(0x3f);
return;
}
byte write;
int shift = 6 * extraByte;
write = (byte)((0xFE << (6 - extraByte)) | (c >>> shift));
out.write(write);
for (int i = extraByte - 1; i >= 0; i--) {
shift -= 6;
write = (byte)(0x80 | ((c >>> shift) & 0x3F));
out.write(write);
}
}
@Deprecated
public static void writeCharToUtf8(final char c, final OutputStream out) throws IOException {
if (c < 0x80) {
out.write(c);
return;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF)) {
if (c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
//No Surrogates in sun java
out.write(0x3f);
return;
@ -59,7 +136,7 @@ public class UtfHelpper {
ch = (char)(c>>>12);
write = 0xE0;
if (ch > 0) {
write |= (ch & 0x0F);
write |= ch & 0x0F;
}
out.write(write);
write = 0x80;
@ -70,104 +147,149 @@ public class UtfHelpper {
}
ch = (char)(c>>>6);
if (ch > 0) {
write |= (ch & bias);
write |= ch & bias;
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
static final void writeStringToUtf8(
final String str,
final OutputStream out
) throws IOException{
public static void writeStringToUtf8(
final String str, final OutputStream out
) throws IOException {
final int length = str.length();
int i = 0;
char c;
int c;
while (i < length) {
c = str.charAt(i++);
c = str.codePointAt(i);
i += Character.charCount(c);
if (!Character.isValidCodePoint(c) || c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
// valid code point: c >= 0x0000 && c <= 0x10FFFF
out.write(0x3f);
continue;
}
if (OLD_UTF8 && c >= Character.MIN_SUPPLEMENTARY_CODE_POINT) {
// version 2 or before output 2 question mark characters for 32 bit chars
out.write(0x3f);
out.write(0x3f);
continue;
}
if (c < 0x80) {
out.write(c);
continue;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF)) {
//No Surrogates in sun java
byte extraByte = 0;
if (c < 0x800) {
// 0x00000080 - 0x000007FF
// 110xxxxx 10xxxxxx
extraByte = 1;
} else if (c < 0x10000) {
// 0x00000800 - 0x0000FFFF
// 1110xxxx 10xxxxxx 10xxxxxx
extraByte = 2;
} else if (c < 0x200000) {
// 0x00010000 - 0x001FFFFF
// 11110xxx 10xxxxx 10xxxxxx 10xxxxxx
extraByte = 3;
} else if (c < 0x4000000) {
// 0x00200000 - 0x03FFFFFF
// 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 4;
} else if (c <= 0x7FFFFFFF) {
// 0x04000000 - 0x7FFFFFFF
// 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 5;
} else {
// 0x80000000 - 0xFFFFFFFF
// case not possible as java has no unsigned int
out.write(0x3f);
continue;
}
char ch;
int bias;
int write;
if (c > 0x07FF) {
ch = (char)(c>>>12);
write = 0xE0;
if (ch > 0) {
write |= (ch & 0x0F);
}
byte write;
int shift = 6 * extraByte;
write = (byte)((0xFE << (6 - extraByte)) | (c >>> shift));
out.write(write);
write = 0x80;
bias = 0x3F;
} else {
write = 0xC0;
bias = 0x1F;
}
ch = (char)(c>>>6);
if (ch > 0) {
write |= (ch & bias);
}
for (int j = extraByte - 1; j >= 0; j--) {
shift -= 6;
write = (byte)(0x80 | ((c >>> shift) & 0x3F));
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
}
}
public static final byte[] getStringInUtf8(final String str) {
public static byte[] getStringInUtf8(final String str) {
final int length = str.length();
boolean expanded = false;
byte[] result = new byte[length];
int i = 0;
int out = 0;
char c;
int c;
while (i < length) {
c = str.charAt(i++);
c = str.codePointAt(i);
i += Character.charCount(c);
if (!Character.isValidCodePoint(c) || c >= 0xD800 && c <= 0xDBFF || c >= 0xDC00 && c <= 0xDFFF) {
// valid code point: c >= 0x0000 && c <= 0x10FFFF
result[out++] = (byte)0x3f;
continue;
}
if (OLD_UTF8 && c >= Character.MIN_SUPPLEMENTARY_CODE_POINT) {
// version 2 or before output 2 question mark characters for 32 bit chars
result[out++] = (byte)0x3f;
result[out++] = (byte)0x3f;
continue;
}
if (c < 0x80) {
result[out++] = (byte)c;
continue;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF)) {
//No Surrogates in sun java
result[out++] = 0x3f;
continue;
}
if (!expanded) {
byte newResult[] = new byte[3*length];
byte newResult[] = new byte[6*length];
System.arraycopy(result, 0, newResult, 0, out);
result = newResult;
expanded = true;
}
char ch;
int bias;
byte write;
if (c > 0x07FF) {
ch = (char)(c>>>12);
write = (byte)0xE0;
if (ch > 0) {
write |= (ch & 0x0F);
}
result[out++] = write;
write = (byte)0x80;
bias = 0x3F;
byte extraByte = 0;
if (c < 0x800) {
// 0x00000080 - 0x000007FF
// 110xxxxx 10xxxxxx
extraByte = 1;
} else if (c < 0x10000) {
// 0x00000800 - 0x0000FFFF
// 1110xxxx 10xxxxxx 10xxxxxx
extraByte = 2;
} else if (c < 0x200000) {
// 0x00010000 - 0x001FFFFF
// 11110xxx 10xxxxx 10xxxxxx 10xxxxxx
extraByte = 3;
} else if (c < 0x4000000) {
// 0x00200000 - 0x03FFFFFF
// 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 4;
} else if (c <= 0x7FFFFFFF) {
// 0x04000000 - 0x7FFFFFFF
// 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
// already outside valid Character range, just for completeness
extraByte = 5;
} else {
write = (byte)0xC0;
bias = 0x1F;
}
ch = (char)(c>>>6);
if (ch > 0) {
write |= (ch & bias);
// 0x80000000 - 0xFFFFFFFF
// case not possible as java has no unsigned int
result[out++] = 0x3f;
continue;
}
byte write;
int shift = 6 * extraByte;
write = (byte)((0xFE << (6 - extraByte)) | (c >>> shift));
result[out++] = write;
result[out++] = (byte)(0x80 | ((c) & 0x3F));
for (int j = extraByte - 1; j >= 0; j--) {
shift -= 6;
write = (byte)(0x80 | ((c >>> shift) & 0x3F));
result[out++] = write;
}
}
if (expanded) {
byte newResult[] = new byte[out];
@ -176,5 +298,4 @@ public class UtfHelpper {
}
return result;
}
}

412
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/XmlAttrStack.java Normal file
View File

@ -0,0 +1,412 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.w3c.dom.Attr;
/**
* An XmlAttrStack that is shared between the Canonical XML 1.0 and 1.1 implementations.
*/
class XmlAttrStack {
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(XmlAttrStack.class);
static class XmlsStackElement {
int level;
boolean rendered = false;
List<Attr> nodes = new ArrayList<>();
}
private int currentLevel = 0;
private int lastlevel = 0;
private XmlsStackElement cur;
private List<XmlsStackElement> levels = new ArrayList<>();
private boolean c14n11;
public XmlAttrStack(boolean c14n11) {
this.c14n11 = c14n11;
}
void push(int level) {
currentLevel = level;
if (currentLevel == -1) {
return;
}
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
int newSize = levels.size();
if (newSize == 0) {
lastlevel = 0;
return;
}
lastlevel = levels.get(newSize - 1).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection<Attr> col) {
int size = levels.size() - 1;
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = levels.get(size);
if (e.rendered && e.level + 1 == currentLevel) {
parentRendered = true;
}
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map<String, Attr> loa = new HashMap<>();
if (c14n11) {
List<Attr> baseAttrs = new ArrayList<>();
boolean successiveOmitted = true;
for (; size >= 0; size--) {
e = levels.get(size);
if (e.rendered) {
successiveOmitted = false;
}
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext() && successiveOmitted) {
Attr n = it.next();
if (n.getLocalName().equals("base") && !e.rendered) {
baseAttrs.add(n);
} else if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
if (!baseAttrs.isEmpty()) {
Iterator<Attr> it = col.iterator();
String base = null;
Attr baseAttr = null;
while (it.hasNext()) {
Attr n = it.next();
if (n.getLocalName().equals("base")) {
base = n.getValue();
baseAttr = n;
break;
}
}
it = baseAttrs.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (base == null) {
base = n.getValue();
baseAttr = n;
} else {
try {
base = joinURI(n.getValue(), base);
} catch (URISyntaxException ue) {
LOG.debug(ue.getMessage(), ue);
}
}
}
if (base != null && base.length() != 0) {
baseAttr.setValue(base);
col.add(baseAttr);
}
}
} else {
for (; size >= 0; size--) {
e = levels.get(size);
Iterator<Attr> it = e.nodes.iterator();
while (it.hasNext()) {
Attr n = it.next();
if (!loa.containsKey(n.getName())) {
loa.put(n.getName(), n);
}
}
}
}
cur.rendered = true;
col.addAll(loa.values());
}
private static String joinURI(String baseURI, String relativeURI) throws URISyntaxException {
String bscheme = null;
String bauthority = null;
String bpath = "";
String bquery = null;
// pre-parse the baseURI
if (baseURI != null) {
if (baseURI.endsWith("..")) {
baseURI = baseURI + "/";
}
URI base = new URI(baseURI);
bscheme = base.getScheme();
bauthority = base.getAuthority();
bpath = base.getPath();
bquery = base.getQuery();
}
URI r = new URI(relativeURI);
String rscheme = r.getScheme();
String rauthority = r.getAuthority();
String rpath = r.getPath();
String rquery = r.getQuery();
String tscheme, tauthority, tpath, tquery;
if (rscheme != null && rscheme.equals(bscheme)) {
rscheme = null;
}
if (rscheme != null) {
tscheme = rscheme;
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rauthority != null) {
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rpath.length() == 0) {
tpath = bpath;
if (rquery != null) {
tquery = rquery;
} else {
tquery = bquery;
}
} else {
if (rpath.startsWith("/")) {
tpath = removeDotSegments(rpath);
} else {
if (bauthority != null && bpath.length() == 0) {
tpath = "/" + rpath;
} else {
int last = bpath.lastIndexOf('/');
if (last == -1) {
tpath = rpath;
} else {
tpath = bpath.substring(0, last+1) + rpath;
}
}
tpath = removeDotSegments(tpath);
}
tquery = rquery;
}
tauthority = bauthority;
}
tscheme = bscheme;
}
return new URI(tscheme, tauthority, tpath, tquery, null).toString();
}
private static String removeDotSegments(String path) {
LOG.debug("STEP OUTPUT BUFFER\t\tINPUT BUFFER");
// 1. The input buffer is initialized with the now-appended path
// components then replace occurrences of "//" in the input buffer
// with "/" until no more occurrences of "//" are in the input buffer.
String input = path;
while (input.indexOf("//") > -1) {
input = input.replaceAll("//", "/");
}
// Initialize the output buffer with the empty string.
StringBuilder output = new StringBuilder();
// If the input buffer starts with a root slash "/" then move this
// character to the output buffer.
if (input.charAt(0) == '/') {
output.append("/");
input = input.substring(1);
}
printStep("1 ", output.toString(), input);
// While the input buffer is not empty, loop as follows
while (input.length() != 0) {
// 2A. If the input buffer begins with a prefix of "./",
// then remove that prefix from the input buffer
// else if the input buffer begins with a prefix of "../", then
// if also the output does not contain the root slash "/" only,
// then move this prefix to the end of the output buffer else
// remove that prefix
if (input.startsWith("./")) {
input = input.substring(2);
printStep("2A", output.toString(), input);
} else if (input.startsWith("../")) {
input = input.substring(3);
if (!output.toString().equals("/")) {
output.append("../");
}
printStep("2A", output.toString(), input);
// 2B. if the input buffer begins with a prefix of "/./" or "/.",
// where "." is a complete path segment, then replace that prefix
// with "/" in the input buffer; otherwise,
} else if (input.startsWith("/./")) {
input = input.substring(2);
printStep("2B", output.toString(), input);
} else if (input.equals("/.")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/.", "/");
printStep("2B", output.toString(), input);
// 2C. if the input buffer begins with a prefix of "/../" or "/..",
// where ".." is a complete path segment, then replace that prefix
// with "/" in the input buffer and if also the output buffer is
// empty, last segment in the output buffer equals "../" or "..",
// where ".." is a complete path segment, then append ".." or "/.."
// for the latter case respectively to the output buffer else
// remove the last segment and its preceding "/" (if any) from the
// output buffer and if hereby the first character in the output
// buffer was removed and it was not the root slash then delete a
// leading slash from the input buffer; otherwise,
} else if (input.startsWith("/../")) {
input = input.substring(3);
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
} else if (input.equals("/..")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/..", "/");
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuilder();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
// 2D. if the input buffer consists only of ".", then remove
// that from the input buffer else if the input buffer consists
// only of ".." and if the output buffer does not contain only
// the root slash "/", then move the ".." to the output buffer
// else delte it.; otherwise,
} else if (input.equals(".")) {
input = "";
printStep("2D", output.toString(), input);
} else if (input.equals("..")) {
if (!output.toString().equals("/")) {
output.append("..");
}
input = "";
printStep("2D", output.toString(), input);
// 2E. move the first path segment (if any) in the input buffer
// to the end of the output buffer, including the initial "/"
// character (if any) and any subsequent characters up to, but not
// including, the next "/" character or the end of the input buffer.
} else {
int end = -1;
int begin = input.indexOf('/');
if (begin == 0) {
end = input.indexOf('/', 1);
} else {
end = begin;
begin = 0;
}
String segment;
if (end == -1) {
segment = input.substring(begin);
input = "";
} else {
segment = input.substring(begin, end);
input = input.substring(end);
}
output.append(segment);
printStep("2E", output.toString(), input);
}
}
// 3. Finally, if the only or last segment of the output buffer is
// "..", where ".." is a complete path segment not followed by a slash
// then append a slash "/". The output buffer is returned as the result
// of remove_dot_segments
if (output.toString().endsWith("..")) {
output.append("/");
printStep("3 ", output.toString(), input);
}
return output.toString();
}
private static void printStep(String step, String output, String input) {
if (LOG.isDebugEnabled()) {
LOG.debug(" " + step + ": " + output);
if (output.length() == 0) {
LOG.debug("\t\t\t\t" + input);
} else {
LOG.debug("\t\t\t" + input);
}
}
}
}

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/package.html
View File

@ -1,3 +0,0 @@
<HTML> <HEAD> </HEAD> <BODY> <P>
canonicalization implementations.
</P></BODY> </HTML>

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
Canonicalization related material and algorithms.
</P></BODY></HTML>

250
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/AbstractSerializer.java
View File

@ -1,250 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* Converts <code>String</code>s into <code>Node</code>s and visa versa.
*
* An abstract class for common Serializer functionality
*/
public abstract class AbstractSerializer implements Serializer {
protected Canonicalizer canon;
public void setCanonicalizer(Canonicalizer canon) {
this.canon = canon;
}
/**
* Returns a <code>String</code> representation of the specified
* <code>Element</code>.
* <p/>
* Refer also to comments about setup of format.
*
* @param element the <code>Element</code> to serialize.
* @return the <code>String</code> representation of the serilaized
* <code>Element</code>.
* @throws Exception
*/
public String serialize(Element element) throws Exception {
return canonSerialize(element);
}
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>Element</code>.
*
* @param element the <code>Element</code> to serialize.
* @return the <code>byte[]</code> representation of the serilaized
* <code>Element</code>.
* @throws Exception
*/
public byte[] serializeToByteArray(Element element) throws Exception {
return canonSerializeToByteArray(element);
}
/**
* Returns a <code>String</code> representation of the specified
* <code>NodeList</code>.
* <p/>
* This is a special case because the NodeList may represent a
* <code>DocumentFragment</code>. A document fragment may be a
* non-valid XML document (refer to appropriate description of
* W3C) because it my start with a non-element node, e.g. a text
* node.
* <p/>
* The methods first converts the node list into a document fragment.
* Special care is taken to not destroy the current document, thus
* the method clones the nodes (deep cloning) before it appends
* them to the document fragment.
* <p/>
* Refer also to comments about setup of format.
*
* @param content the <code>NodeList</code> to serialize.
* @return the <code>String</code> representation of the serialized
* <code>NodeList</code>.
* @throws Exception
*/
public String serialize(NodeList content) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
for (int i = 0; i < content.getLength(); i++) {
canon.canonicalizeSubtree(content.item(i));
}
String ret = baos.toString("UTF-8");
baos.reset();
return ret;
}
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>NodeList</code>.
*
* @param content the <code>NodeList</code> to serialize.
* @return the <code>byte[]</code> representation of the serialized
* <code>NodeList</code>.
* @throws Exception
*/
public byte[] serializeToByteArray(NodeList content) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
for (int i = 0; i < content.getLength(); i++) {
canon.canonicalizeSubtree(content.item(i));
}
return baos.toByteArray();
}
/**
* Use the Canonicalizer to serialize the node
* @param node
* @return the canonicalization of the node
* @throws Exception
*/
public String canonSerialize(Node node) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
canon.canonicalizeSubtree(node);
String ret = baos.toString("UTF-8");
baos.reset();
return ret;
}
/**
* Use the Canonicalizer to serialize the node
* @param node
* @return the (byte[]) canonicalization of the node
* @throws Exception
*/
public byte[] canonSerializeToByteArray(Node node) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
canon.setWriter(baos);
canon.notReset();
canon.canonicalizeSubtree(node);
return baos.toByteArray();
}
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public abstract Node deserialize(String source, Node ctx) throws XMLEncryptionException;
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public abstract Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
protected static byte[] createContext(byte[] source, Node ctx) throws XMLEncryptionException {
// Create the context to parse the document against
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
try {
OutputStreamWriter outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, "UTF-8");
outputStreamWriter.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?><dummy");
// Run through each node up to the document node and find any xmlns: nodes
Map<String, String> storedNamespaces = new HashMap<String, String>();
Node wk = ctx;
while (wk != null) {
NamedNodeMap atts = wk.getAttributes();
if (atts != null) {
for (int i = 0; i < atts.getLength(); ++i) {
Node att = atts.item(i);
String nodeName = att.getNodeName();
if ((nodeName.equals("xmlns") || nodeName.startsWith("xmlns:"))
&& !storedNamespaces.containsKey(att.getNodeName())) {
outputStreamWriter.write(" ");
outputStreamWriter.write(nodeName);
outputStreamWriter.write("=\"");
outputStreamWriter.write(att.getNodeValue());
outputStreamWriter.write("\"");
storedNamespaces.put(nodeName, att.getNodeValue());
}
}
}
wk = wk.getParentNode();
}
outputStreamWriter.write(">");
outputStreamWriter.flush();
byteArrayOutputStream.write(source);
outputStreamWriter.write("</dummy>");
outputStreamWriter.close();
return byteArrayOutputStream.toByteArray();
} catch (UnsupportedEncodingException e) {
throw new XMLEncryptionException("empty", e);
} catch (IOException e) {
throw new XMLEncryptionException("empty", e);
}
}
protected static String createContext(String source, Node ctx) {
// Create the context to parse the document against
StringBuilder sb = new StringBuilder();
sb.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?><dummy");
// Run through each node up to the document node and find any xmlns: nodes
Map<String, String> storedNamespaces = new HashMap<String, String>();
Node wk = ctx;
while (wk != null) {
NamedNodeMap atts = wk.getAttributes();
if (atts != null) {
for (int i = 0; i < atts.getLength(); ++i) {
Node att = atts.item(i);
String nodeName = att.getNodeName();
if ((nodeName.equals("xmlns") || nodeName.startsWith("xmlns:"))
&& !storedNamespaces.containsKey(att.getNodeName())) {
sb.append(' ').append(nodeName).append("=\"")
.append(att.getNodeValue()).append('"');
storedNamespaces.put(nodeName, att.getNodeValue());
}
}
}
wk = wk.getParentNode();
}
sb.append('>').append(source).append("</dummy>");
return sb.toString();
}
}

157
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/AgreementMethod.java
View File

@ -1,157 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import com.sun.org.apache.xml.internal.security.keys.KeyInfo;
import org.w3c.dom.Element;
/**
* A Key Agreement algorithm provides for the derivation of a shared secret key
* based on a shared secret computed from certain types of compatible public
* keys from both the sender and the recipient. Information from the originator
* to determine the secret is indicated by an optional OriginatorKeyInfo
* parameter child of an {@code AgreementMethod} element while that
* associated with the recipient is indicated by an optional RecipientKeyInfo. A
* shared key is derived from this shared secret by a method determined by the
* Key Agreement algorithm.
* <p>
* <b>Note:</b> XML Encryption does not provide an on-line key agreement
* negotiation protocol. The {@code AgreementMethod} element can be used by
* the originator to identify the keys and computational procedure that were
* used to obtain a shared encryption key. The method used to obtain or select
* the keys or algorithm used for the agreement computation is beyond the scope
* of this specification.
* <p>
* The {@code AgreementMethod} element appears as the content of a
* {@code ds:KeyInfo} since, like other {@code ds:KeyInfo} children,
* it yields a key. This {@code ds:KeyInfo} is in turn a child of an
* {@code EncryptedData} or {@code EncryptedKey} element. The
* Algorithm attribute and KeySize child of the {@code EncryptionMethod}
* element under this {@code EncryptedData} or {@code EncryptedKey}
* element are implicit parameters to the key agreement computation. In cases
* where this {@code EncryptionMethod} algorithm {@code URI} is
* insufficient to determine the key length, a KeySize MUST have been included.
* In addition, the sender may place a KA-Nonce element under
* {@code AgreementMethod} to assure that different keying material is
* generated even for repeated agreements using the same sender and recipient
* public keys.
* <p>
* If the agreed key is being used to wrap a key, then
* {@code AgreementMethod} would appear inside a {@code ds:KeyInfo}
* inside an {@code EncryptedKey} element.
* <p>
* The Schema for AgreementMethod is as follows:
* <pre>{@code
* <element name="AgreementMethod" type="xenc:AgreementMethodType"/>
* <complexType name="AgreementMethodType" mixed="true">
* <sequence>
* <element name="KA-Nonce" minOccurs="0" type="base64Binary"/>
* <!-- <element ref="ds:DigestMethod" minOccurs="0"/> -->
* <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
* <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
* <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
* </sequence>
* <attribute name="Algorithm" type="anyURI" use="required"/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface AgreementMethod {
/**
* Returns a {@code byte} array.
* @return a {@code byte} array.
*/
byte[] getKANonce();
/**
* Sets the KANonce.jj
* @param kanonce
*/
void setKANonce(byte[] kanonce);
/**
* Returns additional information regarding the {@code AgreementMethod}.
* @return additional information regarding the {@code AgreementMethod}.
*/
Iterator<Element> getAgreementMethodInformation();
/**
* Adds additional {@code AgreementMethod} information.
*
* @param info an {@code Element} that represents additional information
* specified by
* <pre>{@code
* <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
* }</pre>
*/
void addAgreementMethodInformation(Element info);
/**
* Removes additional {@code AgreementMethod} information.
*
* @param info an {@code Element} that represents additional information
* specified by
* <pre>{@code
* <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
* }</pre>
*/
void revoveAgreementMethodInformation(Element info);
/**
* Returns information relating to the originator's shared secret.
*
* @return information relating to the originator's shared secret.
*/
KeyInfo getOriginatorKeyInfo();
/**
* Sets the information relating to the originator's shared secret.
*
* @param keyInfo information relating to the originator's shared secret.
*/
void setOriginatorKeyInfo(KeyInfo keyInfo);
/**
* Returns information relating to the recipient's shared secret.
*
* @return information relating to the recipient's shared secret.
*/
KeyInfo getRecipientKeyInfo();
/**
* Sets the information relating to the recipient's shared secret.
*
* @param keyInfo information relating to the recipient's shared secret.
*/
void setRecipientKeyInfo(KeyInfo keyInfo);
/**
* Returns the algorithm URI of this {@code CryptographicMethod}.
*
* @return the algorithm URI of this {@code CryptographicMethod}
*/
String getAlgorithm();
}

95
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherData.java
View File

@ -1,95 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* {@code CipherData} provides encrypted data. It must either contain the
* encrypted octet sequence as base64 encoded text of the
* {@code CipherValue} element, or provide a reference to an external
* location containing the encrypted octet sequence via the
* {@code CipherReference} element.
* <p>
* The schema definition is as follows:
* <pre>{@code
* <element name='CipherData' type='xenc:CipherDataType'/>
* <complexType name='CipherDataType'>
* <choice>
* <element name='CipherValue' type='base64Binary'/>
* <element ref='xenc:CipherReference'/>
* </choice>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface CipherData {
/** VALUE_TYPE ASN */
int VALUE_TYPE = 0x00000001;
/** REFERENCE_TYPE ASN */
int REFERENCE_TYPE = 0x00000002;
/**
* Returns the type of encrypted data contained in the
* {@code CipherData}.
*
* @return {@code VALUE_TYPE} if the encrypted data is contained as
* {@code CipherValue} or {@code REFERENCE_TYPE} if the
* encrypted data is contained as {@code CipherReference}.
*/
int getDataType();
/**
* Returns the cipher value as a base64 encoded {@code byte} array.
*
* @return the {@code CipherData}'s value.
*/
CipherValue getCipherValue();
/**
* Sets the {@code CipherData}'s value.
*
* @param value the value of the {@code CipherData}.
* @throws XMLEncryptionException
*/
void setCipherValue(CipherValue value) throws XMLEncryptionException;
/**
* Returns a reference to an external location containing the encrypted
* octet sequence ({@code byte} array).
*
* @return the reference to an external location containing the encrypted
* octet sequence.
*/
CipherReference getCipherReference();
/**
* Sets the {@code CipherData}'s reference.
*
* @param reference an external location containing the encrypted octet sequence.
* @throws XMLEncryptionException
*/
void setCipherReference(CipherReference reference) throws XMLEncryptionException;
}

95
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java
View File

@ -1,95 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import org.w3c.dom.Attr;
/**
* {@code CipherReference} identifies a source which, when processed,
* yields the encrypted octet sequence.
* <p>
* The actual value is obtained as follows. The {@code CipherReference URI}
* contains an identifier that is dereferenced. Should the
* Transforms, the data resulting from dereferencing the {@code URI} is
* transformed as specified so as to yield the intended cipher value. For
* example, if the value is base64 encoded within an XML document; the
* transforms could specify an XPath expression followed by a base64 decoding so
* as to extract the octets.
* <p>
* The syntax of the {@code URI} and Transforms is similar to that of
* [XML-DSIG]. However, there is a difference between signature and encryption
* processing. In [XML-DSIG] both generation and validation processing start
* with the same source data and perform that transform in the same order. In
* encryption, the decryptor has only the cipher data and the specified
* transforms are enumerated for the decryptor, in the order necessary to obtain
* the octets. Consequently, because it has different semantics Transforms is in
* the &xenc; namespace.
* <p>
* The schema definition is as follows:
* <pre>{@code
* <element name='CipherReference' type='xenc:CipherReferenceType'/>
* <complexType name='CipherReferenceType'>
* <sequence>
* <element name='Transforms' type='xenc:TransformsType' minOccurs='0'/>
* </sequence>
* <attribute name='URI' type='anyURI' use='required'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface CipherReference {
/**
* Returns an {@code URI} that contains an identifier that should be
* dereferenced.
* @return an {@code URI} that contains an identifier that should be
* dereferenced.
*/
String getURI();
/**
* Gets the URI as an Attribute node. Used to meld the CipherReference
* with the XMLSignature ResourceResolvers
* @return the URI as an Attribute node
*/
Attr getURIAsAttr();
/**
* Returns the {@code Transforms} that specifies how to transform the
* {@code URI} to yield the appropriate cipher value.
*
* @return the transform that specifies how to transform the reference to
* yield the intended cipher value.
*/
Transforms getTransforms();
/**
* Sets the {@code Transforms} that specifies how to transform the
* {@code URI} to yield the appropriate cipher value.
*
* @param transforms the set of {@code Transforms} that specifies how
* to transform the reference to yield the intended cipher value.
*/
void setTransforms(Transforms transforms);
}

46
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java
View File

@ -1,46 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* <code>CipherValue</code> is the wrapper for cipher text.
*
* @author Axl Mattheus
*/
public interface CipherValue {
/**
* Returns the Base 64 encoded, encrypted octets that is the
* <code>CipherValue</code>.
*
* @return cipher value.
*/
String getValue();
/**
* Sets the Base 64 encoded, encrypted octets that is the
* <code>CipherValue</code>.
*
* @param value the cipher value.
*/
void setValue(String value);
}

114
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/DocumentSerializer.java
View File

@ -1,114 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.DocumentFragment;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
/**
* Converts <code>String</code>s into <code>Node</code>s and visa versa.
*/
public class DocumentSerializer extends AbstractSerializer {
protected DocumentBuilderFactory dbf;
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException {
byte[] fragment = createContext(source, ctx);
return deserialize(ctx, new InputSource(new ByteArrayInputStream(fragment)));
}
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
public Node deserialize(String source, Node ctx) throws XMLEncryptionException {
String fragment = createContext(source, ctx);
return deserialize(ctx, new InputSource(new StringReader(fragment)));
}
/**
* @param ctx
* @param inputSource
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
private Node deserialize(Node ctx, InputSource inputSource) throws XMLEncryptionException {
try {
if (dbf == null) {
dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
dbf.setValidating(false);
}
DocumentBuilder db = dbf.newDocumentBuilder();
Document d = db.parse(inputSource);
Document contextDocument = null;
if (Node.DOCUMENT_NODE == ctx.getNodeType()) {
contextDocument = (Document)ctx;
} else {
contextDocument = ctx.getOwnerDocument();
}
Element fragElt =
(Element) contextDocument.importNode(d.getDocumentElement(), true);
DocumentFragment result = contextDocument.createDocumentFragment();
Node child = fragElt.getFirstChild();
while (child != null) {
fragElt.removeChild(child);
result.appendChild(child);
child = fragElt.getFirstChild();
}
return result;
} catch (SAXException se) {
throw new XMLEncryptionException("empty", se);
} catch (ParserConfigurationException pce) {
throw new XMLEncryptionException("empty", pce);
} catch (IOException ioe) {
throw new XMLEncryptionException("empty", ioe);
}
}
}

46
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java
View File

@ -1,46 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* The {@code EncryptedData} element is the core element in the syntax. Not
* only does its {@code CipherData} child contain the encrypted data, but
* it's also the element that replaces the encrypted element, or serves as the
* new document root.
* <p>
* It's schema definition is as follows:
* <p>
* <pre>{@code
* <element name='EncryptedData' type='xenc:EncryptedDataType'/>
* <complexType name='EncryptedDataType'>
* <complexContent>
* <extension base='xenc:EncryptedType'/>
* </complexContent>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptedData extends EncryptedType {
}

113
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java
View File

@ -1,113 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* The {@code EncryptedKey} element is used to transport encryption keys
* from the originator to a known recipient(s). It may be used as a stand-alone
* XML document, be placed within an application document, or appear inside an
* {@code EncryptedData} element as a child of a {@code ds:KeyInfo}
* element. The key value is always encrypted to the recipient(s). When
* {@code EncryptedKey} is decrypted the resulting octets are made
* available to the {@code EncryptionMethod} algorithm without any
* additional processing.
* <p>
* Its schema definition is as follows:
* <pre>{@code
* <element name='EncryptedKey' type='xenc:EncryptedKeyType'/>
* <complexType name='EncryptedKeyType'>
* <complexContent>
* <extension base='xenc:EncryptedType'>
* <sequence>
* <element ref='xenc:ReferenceList' minOccurs='0'/>
* <element name='CarriedKeyName' type='string' minOccurs='0'/>
* </sequence>
* <attribute name='Recipient' type='string' use='optional'/>
* </extension>
* </complexContent>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptedKey extends EncryptedType {
/**
* Returns a hint as to which recipient this encrypted key value is intended for.
*
* @return the recipient of the {@code EncryptedKey}.
*/
String getRecipient();
/**
* Sets the recipient for this {@code EncryptedKey}.
*
* @param recipient the recipient for this {@code EncryptedKey}.
*/
void setRecipient(String recipient);
/**
* Returns pointers to data and keys encrypted using this key. The reference
* list may contain multiple references to {@code EncryptedKey} and
* {@code EncryptedData} elements. This is done using
* {@code KeyReference} and {@code DataReference} elements
* respectively.
*
* @return an {@code Iterator} over all the {@code ReferenceList}s
* contained in this {@code EncryptedKey}.
*/
ReferenceList getReferenceList();
/**
* Sets the {@code ReferenceList} to the {@code EncryptedKey}.
*
* @param list a list of pointers to data elements encrypted using this key.
*/
void setReferenceList(ReferenceList list);
/**
* Returns a user readable name with the key value. This may then be used to
* reference the key using the {@code ds:KeyName} element within
* {@code ds:KeyInfo}. The same {@code CarriedKeyName} label,
* unlike an ID type, may occur multiple times within a single document. The
* value of the key is to be the same in all {@code EncryptedKey}
* elements identified with the same {@code CarriedKeyName} label
* within a single XML document.
* <br>
* <b>Note</b> that because whitespace is significant in the value of
* the {@code ds:KeyName} element, whitespace is also significant in
* the value of the {@code CarriedKeyName} element.
*
* @return over all the carried names contained in
* this {@code EncryptedKey}.
*/
String getCarriedName();
/**
* Sets the carried name.
*
* @param name the carried name.
*/
void setCarriedName(String name);
}

197
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java
View File

@ -1,197 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import com.sun.org.apache.xml.internal.security.keys.KeyInfo;
/**
* EncryptedType is the abstract type from which {@code EncryptedData} and
* {@code EncryptedKey} are derived. While these two latter element types
* are very similar with respect to their content models, a syntactical
* distinction is useful to processing.
* <p>
* Its schema definition is as follows:
* <pre>{@code
* <complexType name='EncryptedType' abstract='true'>
* <sequence>
* <element name='EncryptionMethod' type='xenc:EncryptionMethodType'
* minOccurs='0'/>
* <element ref='ds:KeyInfo' minOccurs='0'/>
* <element ref='xenc:CipherData'/>
* <element ref='xenc:EncryptionProperties' minOccurs='0'/>
* </sequence>
* <attribute name='Id' type='ID' use='optional'/>
* <attribute name='Type' type='anyURI' use='optional'/>
* <attribute name='MimeType' type='string' use='optional'/>
* <attribute name='Encoding' type='anyURI' use='optional'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptedType {
/**
* Returns a {@code String} providing for the standard method of
* assigning an id to the element within the document context.
*
* @return the id for the {@code EncryptedType}.
*/
String getId();
/**
* Sets the id.
*
* @param id
*/
void setId(String id);
/**
* Returns an {@code URI} identifying type information about the
* plaintext form of the encrypted content. While optional, this
* specification takes advantage of it for mandatory processing described in
* Processing Rules: Decryption (section 4.2). If the
* {@code EncryptedData} element contains data of Type 'element' or
* element 'content', and replaces that data in an XML document context, it
* is strongly recommended the Type attribute be provided. Without this
* information, the decryptor will be unable to automatically restore the
* XML document to its original cleartext form.
*
* @return the identifier for the type of information in plaintext form of
* encrypted content.
*/
String getType();
/**
* Sets the type.
*
* @param type an {@code URI} identifying type information about the
* plaintext form of the encrypted content.
*/
void setType(String type);
/**
* Returns a {@code String} which describes the media type of the data
* which has been encrypted. The value of this attribute has values defined
* by [MIME]. For example, if the data that is encrypted is a base64 encoded
* PNG, the transfer Encoding may be specified as
* 'http://www.w3.org/2000/09/xmldsig#base64' and the MimeType as
* 'image/png'.
* <br>
* This attribute is purely advisory; no validation of the MimeType
* information is required and it does not indicate the encryption
* application must do any additional processing. Note, this information may
* not be necessary if it is already bound to the identifier in the Type
* attribute. For example, the Element and Content types defined in this
* specification are always UTF-8 encoded text.
*
* @return the media type of the data which was encrypted.
*/
String getMimeType();
/**
* Sets the mime type.
*
* @param type a {@code String} which describes the media type of the
* data which has been encrypted.
*/
void setMimeType(String type);
/**
* Return an {@code URI} representing the encoding of the
* {@code EncryptedType}.
*
* @return the encoding of this {@code EncryptedType}.
*/
String getEncoding();
/**
* Sets the {@code URI} representing the encoding of the
* {@code EncryptedType}.
*
* @param encoding
*/
void setEncoding(String encoding);
/**
* Returns an {@code EncryptionMethod} that describes the encryption
* algorithm applied to the cipher data. If the element is absent, the
* encryption algorithm must be known by the recipient or the decryption
* will fail.
*
* @return the method used to encrypt the cipher data.
*/
EncryptionMethod getEncryptionMethod();
/**
* Sets the {@code EncryptionMethod} used to encrypt the cipher data.
*
* @param method the {@code EncryptionMethod}.
*/
void setEncryptionMethod(EncryptionMethod method);
/**
* Returns the {@code ds:KeyInfo}, that carries information about the
* key used to encrypt the data. Subsequent sections of this specification
* define new elements that may appear as children of
* {@code ds:KeyInfo}.
*
* @return information about the key that encrypted the cipher data.
*/
KeyInfo getKeyInfo();
/**
* Sets the encryption key information.
*
* @param info the {@code ds:KeyInfo}, that carries information about
* the key used to encrypt the data.
*/
void setKeyInfo(KeyInfo info);
/**
* Returns the {@code CipherReference} that contains the
* {@code CipherValue} or {@code CipherReference} with the
* encrypted data.
*
* @return the cipher data for the encrypted type.
*/
CipherData getCipherData();
/**
* Returns additional information concerning the generation of the
* {@code EncryptedType}.
*
* @return information relating to the generation of the
* {@code EncryptedType}.
*/
EncryptionProperties getEncryptionProperties();
/**
* Sets the {@code EncryptionProperties} that supplies additional
* information about the generation of the {@code EncryptedType}.
*
* @param properties
*/
void setEncryptionProperties(EncryptionProperties properties);
}

132
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java
View File

@ -1,132 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import org.w3c.dom.Element;
/**
* {@code EncryptionMethod} describes the encryption algorithm applied to
* the cipher data. If the element is absent, the encryption algorithm must be
* known by the recipient or the decryption will fail.
* <p>
* It is defined as follows:
* <pre>{@code
* <complexType name='EncryptionMethodType' mixed='true'>
* <sequence>
* <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/>
* <element name='OAEPparams' minOccurs='0' type='base64Binary'/>
* <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
* </sequence>
* <attribute name='Algorithm' type='anyURI' use='required'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptionMethod {
/**
* Returns the algorithm applied to the cipher data.
*
* @return the encryption algorithm.
*/
String getAlgorithm();
/**
* Returns the key size of the key of the algorithm applied to the cipher
* data.
*
* @return the key size.
*/
int getKeySize();
/**
* Sets the size of the key of the algorithm applied to the cipher data.
*
* @param size the key size.
*/
void setKeySize(int size);
/**
* Returns the OAEP parameters of the algorithm applied to the
* cipher data.
*
* @return the OAEP parameters.
*/
byte[] getOAEPparams();
/**
* Sets the OAEP parameters.
*
* @param parameters the OAEP parameters.
*/
void setOAEPparams(byte[] parameters);
/**
* Set the Digest Algorithm to use
* @param digestAlgorithm the Digest Algorithm to use
*/
void setDigestAlgorithm(String digestAlgorithm);
/**
* Get the Digest Algorithm to use
* @return the Digest Algorithm to use
*/
String getDigestAlgorithm();
/**
* Set the MGF Algorithm to use
* @param mgfAlgorithm the MGF Algorithm to use
*/
void setMGFAlgorithm(String mgfAlgorithm);
/**
* Get the MGF Algorithm to use
* @return the MGF Algorithm to use
*/
String getMGFAlgorithm();
/**
* Returns an iterator over all the additional elements contained in the
* {@code EncryptionMethod}.
*
* @return an {@code Iterator} over all the additional information
* about the {@code EncryptionMethod}.
*/
Iterator<Element> getEncryptionMethodInformation();
/**
* Adds encryption method information.
*
* @param information additional encryption method information.
*/
void addEncryptionMethodInformation(Element information);
/**
* Removes encryption method information.
*
* @param information the information to remove from the
* {@code EncryptionMethod}.
*/
void removeEncryptionMethodInformation(Element information);
}

87
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java
View File

@ -1,87 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
/**
* {@code EncryptionProperties} can hold additional information concerning
* the generation of the {@code EncryptedData} or
* {@code EncryptedKey}. This information is wraped int an
* {@code EncryptionProperty} element. Examples of additional information
* is e.g., a date/time stamp or the serial number of cryptographic hardware
* used during encryption).
* <p>
* It is defined as follows:
* <pre>{@code
* <element name='EncryptionProperties' type='xenc:EncryptionPropertiesType'/>
* <complexType name='EncryptionPropertiesType'>
* <sequence>
* <element ref='xenc:EncryptionProperty' maxOccurs='unbounded'/>
* </sequence>
* <attribute name='Id' type='ID' use='optional'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptionProperties {
/**
* Returns the {@code EncryptionProperties}' id.
*
* @return the id.
*/
String getId();
/**
* Sets the id.
*
* @param id the id.
*/
void setId(String id);
/**
* Returns an {@code Iterator} over all the
* {@code EncryptionPropterty} elements contained in this
* {@code EncryptionProperties}.
*
* @return an {@code Iterator} over all the encryption properties.
*/
Iterator<EncryptionProperty> getEncryptionProperties();
/**
* Adds an {@code EncryptionProperty}.
*
* @param property
*/
void addEncryptionProperty(EncryptionProperty property);
/**
* Removes the specified {@code EncryptionProperty}.
*
* @param property
*/
void removeEncryptionProperty(EncryptionProperty property);
}

121
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java
View File

@ -1,121 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import org.w3c.dom.Element;
/**
* Additional information items concerning the generation of the
* {@code EncryptedData} or {@code EncryptedKey} can be placed in an
* {@code EncryptionProperty} element (e.g., date/time stamp or the serial
* number of cryptographic hardware used during encryption). The Target
* attribute identifies the {@code EncryptedType} structure being
* described. anyAttribute permits the inclusion of attributes from the XML
* namespace to be included (i.e., {@code xml:space},
* {@code xml:lang}, and {@code xml:base}).
* <p>
* It is defined as follows:
* <pre>{@code
* <element name='EncryptionProperty' type='xenc:EncryptionPropertyType'/>
* <complexType name='EncryptionPropertyType' mixed='true'>
* <choice maxOccurs='unbounded'>
* <any namespace='##other' processContents='lax'/>
* </choice>
* <attribute name='Target' type='anyURI' use='optional'/>
* <attribute name='Id' type='ID' use='optional'/>
* <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
*/
public interface EncryptionProperty {
/**
* Returns the {@code EncryptedType} being described.
*
* @return the {@code EncryptedType} being described by this
* {@code EncryptionProperty}.
*/
String getTarget();
/**
* Sets the target.
*
* @param target
*/
void setTarget(String target);
/**
* Returns the id of the {@code EncryptionProperty}.
*
* @return the id.
*/
String getId();
/**
* Sets the id.
*
* @param id
*/
void setId(String id);
/**
* Returns the attribute's value in the {@code xml} namespace.
*
* @param attribute
* @return the attribute's value.
*/
String getAttribute(String attribute);
/**
* Set the attribute value.
*
* @param attribute the attribute's name.
* @param value the attribute's value.
*/
void setAttribute(String attribute, String value);
/**
* Returns the properties of the {@code EncryptionProperty}.
*
* @return an {@code Iterator} over all the additional encryption
* information contained in this class.
*/
Iterator<Element> getEncryptionInformation();
/**
* Adds encryption information.
*
* @param information the additional encryption information.
*/
void addEncryptionInformation(Element information);
/**
* Removes encryption information.
*
* @param information the information to remove.
*/
void removeEncryptionInformation(Element information);
}

99
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/Reference.java
View File

@ -1,99 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
import org.w3c.dom.Element;
/**
* A wrapper for a pointer from a key value of an {@code EncryptedKey} to
* items encrypted by that key value ({@code EncryptedData} or
* {@code EncryptedKey} elements).
* <p>
* It is defined as follows:
* <pre>{@code
* <complexType name='ReferenceType'>
* <sequence>
* <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
* </sequence>
* <attribute name='URI' type='anyURI' use='required'/>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
* @see ReferenceList
*/
public interface Reference {
/**
* Returns the {@code Element} tag name for this {@code Reference}.
*
* @return the tag name of this {@code Reference}.
*/
String getType();
/**
* Returns a {@code URI} that points to an {@code Element} that
* were encrypted using the key defined in the enclosing
* {@code EncryptedKey} element.
*
* @return an Uniform Resource Identifier that qualifies an
* {@code EncryptedType}.
*/
String getURI();
/**
* Sets a {@code URI} that points to an {@code Element} that
* were encrypted using the key defined in the enclosing
* {@code EncryptedKey} element.
*
* @param uri the Uniform Resource Identifier that qualifies an
* {@code EncryptedType}.
*/
void setURI(String uri);
/**
* Returns an {@code Iterator} over all the child elements contained in
* this {@code Reference} that will aid the recipient in retrieving the
* {@code EncryptedKey} and/or {@code EncryptedData} elements.
* These could include information such as XPath transforms, decompression
* transforms, or information on how to retrieve the elements from a
* document storage facility.
*
* @return child elements.
*/
Iterator<Element> getElementRetrievalInformation();
/**
* Adds retrieval information.
*
* @param info
*/
void addElementRetrievalInformation(Element info);
/**
* Removes the specified retrieval information.
*
* @param info
*/
void removeElementRetrievalInformation(Element info);
}

109
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java
View File

@ -1,109 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.util.Iterator;
/**
* {@code ReferenceList} is an element that contains pointers from a key
* value of an {@code EncryptedKey} to items encrypted by that key value
* ({@code EncryptedData} or {@code EncryptedKey} elements).
* <p>
* It is defined as follows:
* <pre>{@code
* <element name='ReferenceList'>
* <complexType>
* <choice minOccurs='1' maxOccurs='unbounded'>
* <element name='DataReference' type='xenc:ReferenceType'/>
* <element name='KeyReference' type='xenc:ReferenceType'/>
* </choice>
* </complexType>
* </element>
* }</pre>
*
* @author Axl Mattheus
* @see Reference
*/
public interface ReferenceList {
/** DATA TAG */
int DATA_REFERENCE = 0x00000001;
/** KEY TAG */
int KEY_REFERENCE = 0x00000002;
/**
* Adds a reference to this reference list.
*
* @param reference the reference to add.
* @throws IllegalAccessException if the {@code Reference} is not an
* instance of {@code DataReference} or {@code KeyReference}.
*/
void add(Reference reference);
/**
* Removes a reference from the {@code ReferenceList}.
*
* @param reference the reference to remove.
*/
void remove(Reference reference);
/**
* Returns the size of the {@code ReferenceList}.
*
* @return the size of the {@code ReferenceList}.
*/
int size();
/**
* Indicates if the {@code ReferenceList} is empty.
*
* @return <b>{@code true}</b> if the {@code ReferenceList} is
* empty, else <b>{@code false}</b>.
*/
boolean isEmpty();
/**
* Returns an {@code Iterator} over all the {@code Reference}s
* contained in this {@code ReferenceList}.
*
* @return Iterator.
*/
Iterator<Reference> getReferences();
/**
* {@code DataReference} factory method. Returns a
* {@code DataReference}.
* @param uri
* @return a {@code DataReference}.
*/
Reference newDataReference(String uri);
/**
* {@code KeyReference} factory method. Returns a
* {@code KeyReference}.
* @param uri
* @return a {@code KeyReference}.
*/
Reference newKeyReference(String uri);
}

77
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/Serializer.java
View File

@ -1,77 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* Converts <code>String</code>s into <code>Node</code>s and visa versa.
*/
public interface Serializer {
/**
* Set the Canonicalizer object to use.
*/
void setCanonicalizer(Canonicalizer canon);
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>Element</code>.
*
* @param element the <code>Element</code> to serialize.
* @return the <code>byte[]</code> representation of the serilaized
* <code>Element</code>.
* @throws Exception
*/
byte[] serializeToByteArray(Element element) throws Exception;
/**
* Returns a <code>byte[]</code> representation of the specified
* <code>NodeList</code>.
*
* @param content the <code>NodeList</code> to serialize.
* @return the <code>byte[]</code> representation of the serialized
* <code>NodeList</code>.
* @throws Exception
*/
byte[] serializeToByteArray(NodeList content) throws Exception;
/**
* Use the Canonicalizer to serialize the node
* @param node
* @return the (byte[]) canonicalization of the node
* @throws Exception
*/
byte[] canonSerializeToByteArray(Node node) throws Exception;
/**
* @param source
* @param ctx
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
}

50
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java
View File

@ -1,50 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* A container for {@code ds:Transform}s.
* <p>
* It is defined as follows:
* <pre>{@code
* <complexType name='TransformsType'>
* <sequence>
* <element ref='ds:Transform' maxOccurs='unbounded'/>
* </sequence>
* </complexType>
* }</pre>
*
* @author Axl Mattheus
* @see com.sun.org.apache.xml.internal.security.encryption.CipherReference
*/
public interface Transforms {
/**
* Temporary method to turn the XMLEncryption Transforms class
* into a DS class. The main logic is currently implemented in the
* DS class, so we need to get to get the base class.
* <p>
* <b>Note</b> This will be removed in future versions
*/
com.sun.org.apache.xml.internal.security.transforms.Transforms getDSTransforms();
}

3539
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
View File

File diff suppressed because it is too large Load Diff

192
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java
View File

@ -1,192 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import java.io.IOException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException;
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import org.w3c.dom.Attr;
import com.sun.org.apache.xml.internal.security.utils.Base64;
/**
* <code>XMLCipherInput</code> is used to wrap input passed into the
* XMLCipher encryption operations.
*
* In decryption mode, it takes a <code>CipherData</code> object and allows
* callers to dereference the CipherData into the encrypted bytes that it
* actually represents. This takes care of all base64 encoding etc.
*
* While primarily an internal class, this can be used by applications to
* quickly and easily retrieve the encrypted bytes from an EncryptedType
* object
*
* @author Berin Lautenbach
*/
public class XMLCipherInput {
private static java.util.logging.Logger logger =
java.util.logging.Logger.getLogger(XMLCipherInput.class.getName());
/** The data we are working with */
private CipherData cipherData;
/** MODES */
private int mode;
private boolean secureValidation;
/**
* Constructor for processing encrypted octets
*
* @param data The <code>CipherData</code> object to read the bytes from
* @throws XMLEncryptionException {@link XMLEncryptionException}
*/
public XMLCipherInput(CipherData data) throws XMLEncryptionException {
cipherData = data;
mode = XMLCipher.DECRYPT_MODE;
if (cipherData == null) {
throw new XMLEncryptionException("CipherData is null");
}
}
/**
* Constructor for processing encrypted octets
*
* @param input The <code>EncryptedType</code> object to read
* the bytes from.
* @throws XMLEncryptionException {@link XMLEncryptionException}
*/
public XMLCipherInput(EncryptedType input) throws XMLEncryptionException {
cipherData = ((input == null) ? null : input.getCipherData());
mode = XMLCipher.DECRYPT_MODE;
if (cipherData == null) {
throw new XMLEncryptionException("CipherData is null");
}
}
/**
* Set whether secure validation is enabled or not. The default is false.
*/
public void setSecureValidation(boolean secureValidation) {
this.secureValidation = secureValidation;
}
/**
* Dereferences the input and returns it as a single byte array.
*
* @throws XMLEncryptionException
* @return The decripted bytes.
*/
public byte[] getBytes() throws XMLEncryptionException {
if (mode == XMLCipher.DECRYPT_MODE) {
return getDecryptBytes();
}
return null;
}
/**
* Internal method to get bytes in decryption mode
* @return the decrypted bytes
* @throws XMLEncryptionException
*/
private byte[] getDecryptBytes() throws XMLEncryptionException {
String base64EncodedEncryptedOctets = null;
if (cipherData.getDataType() == CipherData.REFERENCE_TYPE) {
// Fun time!
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData");
}
CipherReference cr = cipherData.getCipherReference();
// Need to wrap the uri in an Attribute node so that we can
// Pass to the resource resolvers
Attr uriAttr = cr.getURIAsAttr();
XMLSignatureInput input = null;
try {
ResourceResolver resolver =
ResourceResolver.getInstance(uriAttr, null, secureValidation);
input = resolver.resolve(uriAttr, null, secureValidation);
} catch (ResourceResolverException ex) {
throw new XMLEncryptionException("empty", ex);
}
if (input != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\"");
}
} else {
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\"");
}
}
// Lets see if there are any transforms
Transforms transforms = cr.getTransforms();
if (transforms != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference");
}
try {
com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms =
transforms.getDSTransforms();
dsTransforms.setSecureValidation(secureValidation);
input = dsTransforms.performTransforms(input);
} catch (TransformationException ex) {
throw new XMLEncryptionException("empty", ex);
}
}
try {
return input.getBytes();
} catch (IOException ex) {
throw new XMLEncryptionException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLEncryptionException("empty", ex);
}
// retrieve the cipher text
} else if (cipherData.getDataType() == CipherData.VALUE_TYPE) {
base64EncodedEncryptedOctets = cipherData.getCipherValue().getValue();
} else {
throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
}
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
}
try {
return Base64.decode(base64EncodedEncryptedOctets);
} catch (Base64DecodingException bde) {
throw new XMLEncryptionException("empty", bde);
}
}
}

86
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java
View File

@ -1,86 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
/**
* Constants
*/
public interface XMLCipherParameters {
String AES_128 =
"http://www.w3.org/2001/04/xmlenc#aes128-cbc";
String AES_256 =
"http://www.w3.org/2001/04/xmlenc#aes256-cbc";
String AES_192 =
"http://www.w3.org/2001/04/xmlenc#aes192-cbc";
String RSA_1_5 =
"http://www.w3.org/2001/04/xmlenc#rsa-1_5";
String RSA_OAEP =
"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
String DIFFIE_HELLMAN =
"http://www.w3.org/2001/04/xmlenc#dh";
String TRIPLEDES_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-tripledes";
String AES_128_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes128";
String AES_256_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes256";
String AES_192_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes192";
String SHA1 =
"http://www.w3.org/2000/09/xmldsig#sha1";
String SHA256 =
"http://www.w3.org/2001/04/xmlenc#sha256";
String SHA512 =
"http://www.w3.org/2001/04/xmlenc#sha512";
String RIPEMD_160 =
"http://www.w3.org/2001/04/xmlenc#ripemd160";
String XML_DSIG =
"http://www.w3.org/2000/09/xmldsig#";
String N14C_XML =
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
String N14C_XML_CMMNTS =
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
String EXCL_XML_N14C =
"http://www.w3.org/2001/10/xml-exc-c14n#";
String EXCL_XML_N14C_CMMNTS =
"http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
}

80
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionException.java
View File

@ -1,80 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/**
*
*/
public class XMLEncryptionException extends XMLSecurityException {
/**
*
*/
private static final long serialVersionUID = 1L;
/**
*
*
*/
public XMLEncryptionException() {
super();
}
/**
*
* @param msgID
*/
public XMLEncryptionException(String msgID) {
super(msgID);
}
/**
*
* @param msgID
* @param exArgs
*/
public XMLEncryptionException(String msgID, Object exArgs[]) {
super(msgID, exArgs);
}
/**
*
* @param msgID
* @param originalException
*/
public XMLEncryptionException(String msgID, Exception originalException) {
super(msgID, originalException);
}
/**
*
* @param msgID
* @param exArgs
* @param originalException
*/
public XMLEncryptionException(String msgID, Object exArgs[], Exception originalException) {
super(msgID, exArgs, originalException);
}
}

25
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/encryption/package.html
View File

@ -1,25 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
</head>
<body>
Provides classes for implementing XML Encryption applications. There are two
main families of classes in this package. The first group of classes is an
XML Schema to Java mapping of &nbsp;the complex types and elements of the
XML Encryption Schema as outllined at <a
href="http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/">XML Encrtypyion
Specification</a>. The second group of classes are used to perform encryption
operations, and to manipulate the first group of classes. The most important
classes in this second group is <code><a
href="file://./com/sun/org/apache/xml/internal/security/encryption/XMLCipher.html">XMLCipher</a></code>,
<code><a
href="file://./com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionFactory.html">XMLEncryptionFactory</a></code>
and <code>XMLSerializer</code>. <code>XMLCipher</code> was designed to resemble
<code>javax.crypto.Cipher</code>. The aforementioned classes were desinged
with ease-of-use and configurability in mind. Becuase of this, the programmer
may at times be exposed to lower level programming tasks. This library strives
to be as simple as possible to use, but no simpler.<br>
<br>
</body>
</html>

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/AlgorithmAlreadyRegisteredException.java
View File

@ -58,24 +58,34 @@ public class AlgorithmAlreadyRegisteredException extends XMLSecurityException {
/**
* Constructor AlgorithmAlreadyRegisteredException
*
* @param msgID
* @param originalException
* @param msgID
*/
public AlgorithmAlreadyRegisteredException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public AlgorithmAlreadyRegisteredException(String msgID, Exception originalException) {
super(msgID, originalException);
this(originalException, msgID);
}
/**
* Constructor AlgorithmAlreadyRegisteredException
*
* @param originalException
* @param msgID
* @param exArgs
* @param originalException
*/
public AlgorithmAlreadyRegisteredException(
String msgID, Object exArgs[], Exception originalException
Exception originalException, String msgID, Object exArgs[]
) {
super(msgID, exArgs, originalException);
super(originalException, msgID, exArgs);
}
@Deprecated
public AlgorithmAlreadyRegisteredException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
}

21
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/Base64DecodingException.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.exceptions;
/**
* This Exception is thrown if decoding of Base64 data fails.
*
* @author Christian Geuer-Pollmann
*/
public class Base64DecodingException extends XMLSecurityException {
@ -61,22 +60,32 @@ public class Base64DecodingException extends XMLSecurityException {
/**
* Constructor Base64DecodingException
*
* @param msgID
* @param originalException
* @param msgID
*/
public Base64DecodingException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public Base64DecodingException(String msgID, Exception originalException) {
super(msgID, originalException);
this(originalException, msgID);
}
/**
* Constructor Base64DecodingException
*
* @param originalException
* @param msgID
* @param exArgs
* @param originalException
*/
public Base64DecodingException(String msgID, Object exArgs[], Exception originalException) {
super(msgID, exArgs, originalException);
public Base64DecodingException(Exception originalException, String msgID, Object exArgs[]) {
super(originalException, msgID, exArgs);
}
@Deprecated
public Base64DecodingException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
}

51
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityException.java
View File

@ -22,18 +22,15 @@
*/
package com.sun.org.apache.xml.internal.security.exceptions;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.text.MessageFormat;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.I18n;
/**
* The mother of all Exceptions in this bundle. It allows exceptions to have
* their messages translated to the different locales.
*
* The <code>xmlsecurity_en.properties</code> file contains this line:
* The {@code xmlsecurity_en.properties} file contains this line:
* <pre>
* xml.WrongElement = Can't create a {0} from a {1} element
* </pre>
@ -47,7 +44,7 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* }
* </pre>
*
* Additionally, if another Exception has been caught, we can supply it, too>
* Additionally, if another Exception has been caught, we can supply it, too
* <pre>
* try {
* ...
@ -59,7 +56,6 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* </pre>
*
*
* @author Christian Geuer-Pollmann
*/
public class XMLSecurityException extends Exception {
@ -98,7 +94,7 @@ public class XMLSecurityException extends Exception {
* @param msgID
* @param exArgs
*/
public XMLSecurityException(String msgID, Object exArgs[]) {
public XMLSecurityException(String msgID, Object[] exArgs) {
super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs));
@ -112,11 +108,7 @@ public class XMLSecurityException extends Exception {
*/
public XMLSecurityException(Exception originalException) {
super("Missing message ID to locate message string in resource bundle \""
+ Constants.exceptionMessagesResourceBundleBase
+ "\". Original Exception was a "
+ originalException.getClass().getName() + " and message "
+ originalException.getMessage(), originalException);
super(originalException.getMessage(), originalException);
}
/**
@ -125,12 +117,17 @@ public class XMLSecurityException extends Exception {
* @param msgID
* @param originalException
*/
public XMLSecurityException(String msgID, Exception originalException) {
public XMLSecurityException(Exception originalException, String msgID) {
super(I18n.getExceptionMessage(msgID, originalException), originalException);
this.msgID = msgID;
}
@Deprecated
public XMLSecurityException(String msgID, Exception originalException) {
this(originalException, msgID);
}
/**
* Constructor XMLSecurityException
*
@ -138,12 +135,18 @@ public class XMLSecurityException extends Exception {
* @param exArgs
* @param originalException
*/
public XMLSecurityException(String msgID, Object exArgs[], Exception originalException) {
public XMLSecurityException(Exception originalException, String msgID, Object[] exArgs) {
super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs), originalException);
this.msgID = msgID;
}
@Deprecated
public XMLSecurityException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
/**
* Method getMsgID
*
@ -156,7 +159,7 @@ public class XMLSecurityException extends Exception {
return msgID;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String toString() {
String s = this.getClass().getName();
String message = super.getLocalizedMessage();
@ -184,24 +187,6 @@ public class XMLSecurityException extends Exception {
}
}
/**
* Method printStackTrace
*
* @param printwriter
*/
public void printStackTrace(PrintWriter printwriter) {
super.printStackTrace(printwriter);
}
/**
* Method printStackTrace
*
* @param printstream
*/
public void printStackTrace(PrintStream printstream) {
super.printStackTrace(printstream);
}
/**
* Method getOriginalException
*

39
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityRuntimeException.java
View File

@ -22,8 +22,6 @@
*/
package com.sun.org.apache.xml.internal.security.exceptions;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.text.MessageFormat;
import com.sun.org.apache.xml.internal.security.utils.Constants;
@ -33,7 +31,7 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* The mother of all runtime Exceptions in this bundle. It allows exceptions to have
* their messages translated to the different locales.
*
* The <code>xmlsecurity_en.properties</code> file contains this line:
* The {@code xmlsecurity_en.properties} file contains this line:
* <pre>
* xml.WrongElement = Can't create a {0} from a {1} element
* </pre>
@ -47,7 +45,7 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* }
* </pre>
*
* Additionally, if another Exception has been caught, we can supply it, too>
* Additionally, if another Exception has been caught, we can supply it, too
* <pre>
* try {
* ...
@ -59,7 +57,6 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
* </pre>
*
*
* @author Christian Geuer-Pollmann
*/
public class XMLSecurityRuntimeException extends RuntimeException {
@ -134,7 +131,7 @@ public class XMLSecurityRuntimeException extends RuntimeException {
* @param originalException
*/
public XMLSecurityRuntimeException(String msgID, Object exArgs[], Exception originalException) {
super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs));
super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs), originalException);
this.msgID = msgID;
}
@ -151,7 +148,7 @@ public class XMLSecurityRuntimeException extends RuntimeException {
return msgID;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String toString() {
String s = this.getClass().getName();
String message = super.getLocalizedMessage();
@ -169,34 +166,6 @@ public class XMLSecurityRuntimeException extends RuntimeException {
return message;
}
/**
* Method printStackTrace
*
*/
public void printStackTrace() {
synchronized (System.err) {
super.printStackTrace(System.err);
}
}
/**
* Method printStackTrace
*
* @param printwriter
*/
public void printStackTrace(PrintWriter printwriter) {
super.printStackTrace(printwriter);
}
/**
* Method printStackTrace
*
* @param printstream
*/
public void printStackTrace(PrintStream printstream) {
super.printStackTrace(printstream);
}
/**
* Method getOriginalException
*

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/exceptions/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
general exceptions used by this library.
</P></BODY></HTML>

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java
View File

@ -61,24 +61,34 @@ public class ContentHandlerAlreadyRegisteredException extends XMLSecurityExcepti
/**
* Constructor ContentHandlerAlreadyRegisteredException
*
* @param msgID
* @param originalException
* @param msgID
*/
public ContentHandlerAlreadyRegisteredException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public ContentHandlerAlreadyRegisteredException(String msgID, Exception originalException) {
super(msgID, originalException);
this(originalException, msgID);
}
/**
* Constructor ContentHandlerAlreadyRegisteredException
*
* @param originalException
* @param msgID
* @param exArgs
* @param originalException
*/
public ContentHandlerAlreadyRegisteredException(
String msgID, Object exArgs[], Exception originalException
Exception originalException, String msgID, Object exArgs[]
) {
super(msgID, exArgs, originalException);
super(originalException, msgID, exArgs);
}
@Deprecated
public ContentHandlerAlreadyRegisteredException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
}

330
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
View File

@ -31,9 +31,6 @@ import java.util.List;
import javax.crypto.SecretKey;
import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.encryption.XMLEncryptionException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.DEREncodedKeyValue;
import com.sun.org.apache.xml.internal.security.keys.content.KeyInfoReference;
@ -52,6 +49,7 @@ import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy;
import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
@ -59,55 +57,52 @@ import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
/**
* This class stand for KeyInfo Element that may contain keys, names,
* certificates and other public key management information,
* such as in-band key distribution or key agreement data.
* <BR />
* <p></p>
* KeyInfo Element has two basic functions:
* One is KeyResolve for getting the public key in signature validation processing.
* the other one is toElement for getting the element in signature generation processing.
* <BR />
* The <CODE>lengthXXX()</CODE> methods provide access to the internal Key
* <p></p>
* The {@code lengthXXX()} methods provide access to the internal Key
* objects:
* <UL>
* <LI>If the <CODE>KeyInfo</CODE> was constructed from an Element
* (Signature verification), the <CODE>lengthXXX()</CODE> methods searches
* for child elements of <CODE>ds:KeyInfo</CODE> for known types. </LI>
* <LI>If the <CODE>KeyInfo</CODE> was constructed from scratch (during
* Signature generation), the <CODE>lengthXXX()</CODE> methods return the number
* of <CODE>XXXs</CODE> objects already passed to the KeyInfo</LI>
* <LI>If the {@code KeyInfo} was constructed from an Element
* (Signature verification), the {@code lengthXXX()} methods searches
* for child elements of {@code ds:KeyInfo} for known types. </LI>
* <LI>If the {@code KeyInfo} was constructed from scratch (during
* Signature generation), the {@code lengthXXX()} methods return the number
* of {@code XXXs} objects already passed to the KeyInfo</LI>
* </UL>
* <BR />
* The <CODE>addXXX()</CODE> methods are used for adding Objects of the
* appropriate type to the <CODE>KeyInfo</CODE>. This is used during signature
* <p></p>
* The {@code addXXX()} methods are used for adding Objects of the
* appropriate type to the {@code KeyInfo}. This is used during signature
* generation.
* <BR />
* The <CODE>itemXXX(int i)</CODE> methods return the i'th object of the
* <p></p>
* The {@code itemXXX(int i)} methods return the i'th object of the
* corresponding type.
* <BR />
* The <CODE>containsXXX()</CODE> methods return <I>whether</I> the KeyInfo
* <p></p>
* The {@code containsXXX()} methods return <I>whether</I> the KeyInfo
* contains the corresponding type.
*
*/
public class KeyInfo extends SignatureElementProxy {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyInfo.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(KeyInfo.class);
// We need at least one StorageResolver otherwise
// the KeyResolvers would not be called.
// The default StorageResolver is null.
private List<X509Data> x509Datas = null;
private List<EncryptedKey> encryptedKeys = null;
private List<X509Data> x509Datas;
private static final List<StorageResolver> nullList;
static {
List<StorageResolver> list = new ArrayList<StorageResolver>(1);
List<StorageResolver> list = new ArrayList<>(1);
list.add(null);
nullList = java.util.Collections.unmodifiableList(list);
}
@ -118,7 +113,7 @@ public class KeyInfo extends SignatureElementProxy {
/**
* Stores the individual (per-KeyInfo) {@link KeyResolverSpi}s
*/
private List<KeyResolverSpi> internalKeyResolvers = new ArrayList<KeyResolverSpi>();
private List<KeyResolverSpi> internalKeyResolvers = new ArrayList<>();
private boolean secureValidation;
@ -128,8 +123,14 @@ public class KeyInfo extends SignatureElementProxy {
*/
public KeyInfo(Document doc) {
super(doc);
addReturnToSelf();
String prefix = ElementProxy.getDefaultPrefix(this.getBaseNamespace());
if (prefix != null && prefix.length() > 0) {
getElement().setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + prefix,
this.getBaseNamespace());
}
XMLUtils.addReturnToElement(this.constructionElement);
}
/**
@ -156,24 +157,23 @@ public class KeyInfo extends SignatureElementProxy {
}
/**
* Sets the <code>Id</code> attribute
* Sets the {@code Id} attribute
*
* @param Id ID
* @param id ID
*/
public void setId(String id) {
if (id != null) {
this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
setLocalIdAttribute(Constants._ATT_ID, id);
}
}
/**
* Returns the <code>Id</code> attribute
* Returns the {@code Id} attribute
*
* @return the <code>Id</code> attribute
* @return the {@code Id} attribute
*/
public String getId() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ID);
return getLocalAttribute(Constants._ATT_ID);
}
/**
@ -182,7 +182,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param keynameString
*/
public void addKeyName(String keynameString) {
this.add(new KeyName(this.doc, keynameString));
this.add(new KeyName(getDocument(), keynameString));
}
/**
@ -191,8 +191,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyname
*/
public void add(KeyName keyname) {
this.constructionElement.appendChild(keyname.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(keyname);
addReturnToSelf();
}
/**
@ -201,7 +201,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param pk
*/
public void addKeyValue(PublicKey pk) {
this.add(new KeyValue(this.doc, pk));
this.add(new KeyValue(getDocument(), pk));
}
/**
@ -210,7 +210,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param unknownKeyValueElement
*/
public void addKeyValue(Element unknownKeyValueElement) {
this.add(new KeyValue(this.doc, unknownKeyValueElement));
this.add(new KeyValue(getDocument(), unknownKeyValueElement));
}
/**
@ -219,7 +219,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param dsakeyvalue
*/
public void add(DSAKeyValue dsakeyvalue) {
this.add(new KeyValue(this.doc, dsakeyvalue));
this.add(new KeyValue(getDocument(), dsakeyvalue));
}
/**
@ -228,7 +228,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param rsakeyvalue
*/
public void add(RSAKeyValue rsakeyvalue) {
this.add(new KeyValue(this.doc, rsakeyvalue));
this.add(new KeyValue(getDocument(), rsakeyvalue));
}
/**
@ -237,7 +237,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param pk
*/
public void add(PublicKey pk) {
this.add(new KeyValue(this.doc, pk));
this.add(new KeyValue(getDocument(), pk));
}
/**
@ -246,8 +246,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyvalue
*/
public void add(KeyValue keyvalue) {
this.constructionElement.appendChild(keyvalue.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(keyvalue);
addReturnToSelf();
}
/**
@ -256,7 +256,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param mgmtdata
*/
public void addMgmtData(String mgmtdata) {
this.add(new MgmtData(this.doc, mgmtdata));
this.add(new MgmtData(getDocument(), mgmtdata));
}
/**
@ -265,8 +265,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param mgmtdata
*/
public void add(MgmtData mgmtdata) {
this.constructionElement.appendChild(mgmtdata.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(mgmtdata);
addReturnToSelf();
}
/**
@ -275,8 +275,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param pgpdata
*/
public void add(PGPData pgpdata) {
this.constructionElement.appendChild(pgpdata.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(pgpdata);
addReturnToSelf();
}
/**
@ -287,7 +287,7 @@ public class KeyInfo extends SignatureElementProxy {
* @param Type
*/
public void addRetrievalMethod(String uri, Transforms transforms, String Type) {
this.add(new RetrievalMethod(this.doc, uri, transforms, Type));
this.add(new RetrievalMethod(getDocument(), uri, transforms, Type));
}
/**
@ -296,8 +296,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param retrievalmethod
*/
public void add(RetrievalMethod retrievalmethod) {
this.constructionElement.appendChild(retrievalmethod.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(retrievalmethod);
addReturnToSelf();
}
/**
@ -306,8 +306,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param spkidata
*/
public void add(SPKIData spkidata) {
this.constructionElement.appendChild(spkidata.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(spkidata);
addReturnToSelf();
}
/**
@ -317,27 +317,11 @@ public class KeyInfo extends SignatureElementProxy {
*/
public void add(X509Data x509data) {
if (x509Datas == null) {
x509Datas = new ArrayList<X509Data>();
x509Datas = new ArrayList<>();
}
x509Datas.add(x509data);
this.constructionElement.appendChild(x509data.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
}
/**
* Method addEncryptedKey
*
* @param encryptedKey
* @throws XMLEncryptionException
*/
public void add(EncryptedKey encryptedKey) throws XMLEncryptionException {
if (encryptedKeys == null) {
encryptedKeys = new ArrayList<EncryptedKey>();
}
encryptedKeys.add(encryptedKey);
XMLCipher cipher = XMLCipher.getInstance();
this.constructionElement.appendChild(cipher.martial(encryptedKey));
appendSelf(x509data);
addReturnToSelf();
}
/**
@ -347,7 +331,7 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException
*/
public void addDEREncodedKeyValue(PublicKey pk) throws XMLSecurityException {
this.add(new DEREncodedKeyValue(this.doc, pk));
this.add(new DEREncodedKeyValue(getDocument(), pk));
}
/**
@ -356,8 +340,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param derEncodedKeyValue
*/
public void add(DEREncodedKeyValue derEncodedKeyValue) {
this.constructionElement.appendChild(derEncodedKeyValue.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(derEncodedKeyValue);
addReturnToSelf();
}
/**
@ -367,7 +351,7 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException
*/
public void addKeyInfoReference(String URI) throws XMLSecurityException {
this.add(new KeyInfoReference(this.doc, URI));
this.add(new KeyInfoReference(getDocument(), URI));
}
/**
@ -376,8 +360,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyInfoReference
*/
public void add(KeyInfoReference keyInfoReference) {
this.constructionElement.appendChild(keyInfoReference.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(keyInfoReference);
addReturnToSelf();
}
/**
@ -386,8 +370,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param element
*/
public void addUnknownElement(Element element) {
this.constructionElement.appendChild(element);
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(element);
addReturnToSelf();
}
/**
@ -481,19 +465,17 @@ public class KeyInfo extends SignatureElementProxy {
*/
public int lengthUnknownElement() {
int res = 0;
NodeList nl = this.constructionElement.getChildNodes();
for (int i = 0; i < nl.getLength(); i++) {
Node current = nl.item(i);
Node childNode = getElement().getFirstChild();
while (childNode != null) {
/**
* $todo$ using this method, we don't see unknown Elements
* from Signature NS; revisit
*/
if ((current.getNodeType() == Node.ELEMENT_NODE)
&& current.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
if (childNode.getNodeType() == Node.ELEMENT_NODE
&& childNode.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
res++;
}
childNode = childNode.getNextSibling();
}
return res;
@ -509,7 +491,7 @@ public class KeyInfo extends SignatureElementProxy {
public KeyName itemKeyName(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_KEYNAME, i);
getFirstChild(), Constants._TAG_KEYNAME, i);
if (e != null) {
return new KeyName(e, this.baseURI);
@ -527,7 +509,7 @@ public class KeyInfo extends SignatureElementProxy {
public KeyValue itemKeyValue(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_KEYVALUE, i);
getFirstChild(), Constants._TAG_KEYVALUE, i);
if (e != null) {
return new KeyValue(e, this.baseURI);
@ -545,7 +527,7 @@ public class KeyInfo extends SignatureElementProxy {
public MgmtData itemMgmtData(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_MGMTDATA, i);
getFirstChild(), Constants._TAG_MGMTDATA, i);
if (e != null) {
return new MgmtData(e, this.baseURI);
@ -563,7 +545,7 @@ public class KeyInfo extends SignatureElementProxy {
public PGPData itemPGPData(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_PGPDATA, i);
getFirstChild(), Constants._TAG_PGPDATA, i);
if (e != null) {
return new PGPData(e, this.baseURI);
@ -581,7 +563,7 @@ public class KeyInfo extends SignatureElementProxy {
public RetrievalMethod itemRetrievalMethod(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_RETRIEVALMETHOD, i);
getFirstChild(), Constants._TAG_RETRIEVALMETHOD, i);
if (e != null) {
return new RetrievalMethod(e, this.baseURI);
@ -599,7 +581,7 @@ public class KeyInfo extends SignatureElementProxy {
public SPKIData itemSPKIData(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_SPKIDATA, i);
getFirstChild(), Constants._TAG_SPKIDATA, i);
if (e != null) {
return new SPKIData(e, this.baseURI);
@ -620,7 +602,7 @@ public class KeyInfo extends SignatureElementProxy {
}
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509DATA, i);
getFirstChild(), Constants._TAG_X509DATA, i);
if (e != null) {
return new X509Data(e, this.baseURI);
@ -628,29 +610,6 @@ public class KeyInfo extends SignatureElementProxy {
return null;
}
/**
* Method itemEncryptedKey
*
* @param i
* @return the asked EncryptedKey element, null if the index is too big
* @throws XMLSecurityException
*/
public EncryptedKey itemEncryptedKey(int i) throws XMLSecurityException {
if (encryptedKeys != null) {
return encryptedKeys.get(i);
}
Element e =
XMLUtils.selectXencNode(
this.constructionElement.getFirstChild(), EncryptionConstants._TAG_ENCRYPTEDKEY, i);
if (e != null) {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, null);
return cipher.loadEncryptedKey(e);
}
return null;
}
/**
* Method itemDEREncodedKeyValue
*
@ -661,7 +620,7 @@ public class KeyInfo extends SignatureElementProxy {
public DEREncodedKeyValue itemDEREncodedKeyValue(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDs11Node(
this.constructionElement.getFirstChild(), Constants._TAG_DERENCODEDKEYVALUE, i);
getFirstChild(), Constants._TAG_DERENCODEDKEYVALUE, i);
if (e != null) {
return new DEREncodedKeyValue(e, this.baseURI);
@ -679,7 +638,7 @@ public class KeyInfo extends SignatureElementProxy {
public KeyInfoReference itemKeyInfoReference(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDs11Node(
this.constructionElement.getFirstChild(), Constants._TAG_KEYINFOREFERENCE, i);
getFirstChild(), Constants._TAG_KEYINFOREFERENCE, i);
if (e != null) {
return new KeyInfoReference(e, this.baseURI);
@ -694,24 +653,22 @@ public class KeyInfo extends SignatureElementProxy {
* @return the element number of the unknown elements
*/
public Element itemUnknownElement(int i) {
NodeList nl = this.constructionElement.getChildNodes();
int res = 0;
for (int j = 0; j < nl.getLength(); j++) {
Node current = nl.item(j);
Node childNode = getElement().getFirstChild();
while (childNode != null) {
/**
* $todo$ using this method, we don't see unknown Elements
* from Signature NS; revisit
*/
if ((current.getNodeType() == Node.ELEMENT_NODE)
&& current.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
if (childNode.getNodeType() == Node.ELEMENT_NODE
&& childNode.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
res++;
if (res == i) {
return (Element) current;
return (Element) childNode;
}
}
childNode = childNode.getNextSibling();
}
return null;
@ -723,7 +680,7 @@ public class KeyInfo extends SignatureElementProxy {
* @return true if the element has no descendants.
*/
public boolean isEmpty() {
return this.constructionElement.getFirstChild() == null;
return getFirstChild() == null;
}
/**
@ -826,28 +783,20 @@ public class KeyInfo extends SignatureElementProxy {
PublicKey pk = this.getPublicKeyFromInternalResolvers();
if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers");
}
LOG.debug("I could find a key using the per-KeyInfo key resolvers");
return pk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers");
}
LOG.debug("I couldn't find a key using the per-KeyInfo key resolvers");
pk = this.getPublicKeyFromStaticResolvers();
if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers");
}
LOG.debug("I could find a key using the system-wide key resolvers");
return pk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers");
}
LOG.debug("I couldn't find a key using the system-wide key resolvers");
return null;
}
@ -863,7 +812,7 @@ public class KeyInfo extends SignatureElementProxy {
while (it.hasNext()) {
KeyResolverSpi keyResolver = it.next();
keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild();
Node currentChild = getFirstChild();
String uri = this.getBaseURI();
while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -892,11 +841,9 @@ public class KeyInfo extends SignatureElementProxy {
*/
PublicKey getPublicKeyFromInternalResolvers() throws KeyResolverException {
for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
LOG.debug("Try {}", keyResolver.getClass().getName());
keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild();
Node currentChild = getFirstChild();
String uri = this.getBaseURI();
while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -929,29 +876,21 @@ public class KeyInfo extends SignatureElementProxy {
X509Certificate cert = this.getX509CertificateFromInternalResolvers();
if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a X509Certificate using the per-KeyInfo key resolvers");
}
LOG.debug("I could find a X509Certificate using the per-KeyInfo key resolvers");
return cert;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a X509Certificate using the per-KeyInfo key resolvers");
}
LOG.debug("I couldn't find a X509Certificate using the per-KeyInfo key resolvers");
// Then use the system-wide Resolvers
cert = this.getX509CertificateFromStaticResolvers();
if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a X509Certificate using the system-wide key resolvers");
}
LOG.debug("I could find a X509Certificate using the system-wide key resolvers");
return cert;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a X509Certificate using the system-wide key resolvers");
}
LOG.debug("I couldn't find a X509Certificate using the system-wide key resolvers");
return null;
}
@ -966,12 +905,9 @@ public class KeyInfo extends SignatureElementProxy {
*/
X509Certificate getX509CertificateFromStaticResolvers()
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE,
"Start getX509CertificateFromStaticResolvers() with " + KeyResolver.length()
+ " resolvers"
LOG.debug(
"Start getX509CertificateFromStaticResolvers() with {} resolvers", KeyResolver.length()
);
}
String uri = this.getBaseURI();
Iterator<KeyResolverSpi> it = KeyResolver.iterator();
while (it.hasNext()) {
@ -988,7 +924,7 @@ public class KeyInfo extends SignatureElementProxy {
private X509Certificate applyCurrentResolver(
String uri, KeyResolverSpi keyResolver
) throws KeyResolverException {
Node currentChild = this.constructionElement.getFirstChild();
Node currentChild = getFirstChild();
while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
for (StorageResolver storage : storageResolvers) {
@ -1015,17 +951,13 @@ public class KeyInfo extends SignatureElementProxy {
*/
X509Certificate getX509CertificateFromInternalResolvers()
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE,
"Start getX509CertificateFromInternalResolvers() with "
+ this.lengthInternalKeyResolver() + " resolvers"
LOG.debug(
"Start getX509CertificateFromInternalResolvers() with {} resolvers",
+ this.lengthInternalKeyResolver()
);
}
String uri = this.getBaseURI();
for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
LOG.debug("Try {}", keyResolver.getClass().getName());
keyResolver.setSecureValidation(secureValidation);
X509Certificate cert = applyCurrentResolver(uri, keyResolver);
if (cert != null) {
@ -1045,28 +977,20 @@ public class KeyInfo extends SignatureElementProxy {
SecretKey sk = this.getSecretKeyFromInternalResolvers();
if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a secret key using the per-KeyInfo key resolvers");
}
LOG.debug("I could find a secret key using the per-KeyInfo key resolvers");
return sk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers");
}
LOG.debug("I couldn't find a secret key using the per-KeyInfo key resolvers");
sk = this.getSecretKeyFromStaticResolvers();
if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a secret key using the system-wide key resolvers");
}
LOG.debug("I could find a secret key using the system-wide key resolvers");
return sk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the system-wide key resolvers");
}
LOG.debug("I couldn't find a secret key using the system-wide key resolvers");
return null;
}
@ -1083,7 +1007,7 @@ public class KeyInfo extends SignatureElementProxy {
KeyResolverSpi keyResolver = it.next();
keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild();
Node currentChild = getFirstChild();
String uri = this.getBaseURI();
while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1113,11 +1037,9 @@ public class KeyInfo extends SignatureElementProxy {
SecretKey getSecretKeyFromInternalResolvers() throws KeyResolverException {
for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
LOG.debug("Try {}", keyResolver.getClass().getName());
keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild();
Node currentChild = getFirstChild();
String uri = this.getBaseURI();
while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1148,25 +1070,17 @@ public class KeyInfo extends SignatureElementProxy {
PrivateKey pk = this.getPrivateKeyFromInternalResolvers();
if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a private key using the per-KeyInfo key resolvers");
}
LOG.debug("I could find a private key using the per-KeyInfo key resolvers");
return pk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers");
}
LOG.debug("I couldn't find a secret key using the per-KeyInfo key resolvers");
pk = this.getPrivateKeyFromStaticResolvers();
if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I could find a private key using the system-wide key resolvers");
}
LOG.debug("I could find a private key using the system-wide key resolvers");
return pk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I couldn't find a private key using the system-wide key resolvers");
}
LOG.debug("I couldn't find a private key using the system-wide key resolvers");
return null;
}
@ -1183,7 +1097,7 @@ public class KeyInfo extends SignatureElementProxy {
KeyResolverSpi keyResolver = it.next();
keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild();
Node currentChild = getFirstChild();
String uri = this.getBaseURI();
while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1212,11 +1126,9 @@ public class KeyInfo extends SignatureElementProxy {
*/
PrivateKey getPrivateKeyFromInternalResolvers() throws KeyResolverException {
for (KeyResolverSpi keyResolver : internalKeyResolvers) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
}
LOG.debug("Try {}", keyResolver.getClass().getName());
keyResolver.setSecureValidation(secureValidation);
Node currentChild = this.constructionElement.getFirstChild();
Node currentChild = getFirstChild();
String uri = this.getBaseURI();
while (currentChild != null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
@ -1274,13 +1186,13 @@ public class KeyInfo extends SignatureElementProxy {
public void addStorageResolver(StorageResolver storageResolver) {
if (storageResolvers == nullList) {
// Replace the default null StorageResolver
storageResolvers = new ArrayList<StorageResolver>();
storageResolvers = new ArrayList<>();
}
this.storageResolvers.add(storageResolver);
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_KEYINFO;
}

5
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyUtils.java
View File

@ -32,11 +32,10 @@ import com.sun.org.apache.xml.internal.security.keys.content.MgmtData;
import com.sun.org.apache.xml.internal.security.keys.content.X509Data;
/**
* Utility class for the <CODE>com.sun.org.apache.xml.internal.security.keys</CODE> package.
* Utility class for {@code com.sun.org.apache.xml.internal.security.keys} package.
*
* @author $Author: coheigea $
*/
public class KeyUtils {
public final class KeyUtils {
private KeyUtils() {
// no instantiation

38
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/DEREncodedKeyValue.java
View File

@ -35,9 +35,8 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* Provides content model support for the <code>dsig11:DEREncodedKeyvalue</code> element.
* Provides content model support for the {@code dsig11:DEREncodedKeyvalue} element.
*
* @author Brent Putman (putmanb@georgetown.edu)
*/
public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyInfoContent {
@ -48,11 +47,11 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
* Constructor DEREncodedKeyValue
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public DEREncodedKeyValue(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public DEREncodedKeyValue(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -72,7 +71,7 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
* Constructor DEREncodedKeyValue
*
* @param doc
* @param base64EncodedKey
* @param encodedKey
*/
public DEREncodedKeyValue(Document doc, byte[] encodedKey) {
super(doc);
@ -81,29 +80,24 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
}
/**
* Sets the <code>Id</code> attribute
* Sets the {@code Id} attribute
*
* @param Id ID
* @param id ID
*/
public void setId(String id) {
if (id != null) {
this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
} else {
this.constructionElement.removeAttributeNS(null, Constants._ATT_ID);
}
setLocalIdAttribute(Constants._ATT_ID, id);
}
/**
* Returns the <code>Id</code> attribute
* Returns the {@code Id} attribute
*
* @return the <code>Id</code> attribute
* @return the {@code Id} attribute
*/
public String getId() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ID);
return getLocalAttribute(Constants._ATT_ID);
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_DERENCODEDKEYVALUE;
}
@ -126,9 +120,9 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
if (publicKey != null) {
return publicKey;
}
} catch (NoSuchAlgorithmException e) {
} catch (NoSuchAlgorithmException e) { //NOPMD
// Do nothing, try the next type
} catch (InvalidKeySpecException e) {
} catch (InvalidKeySpecException e) { //NOPMD
// Do nothing, try the next type
}
}
@ -148,10 +142,10 @@ public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyIn
return keySpec.getEncoded();
} catch (NoSuchAlgorithmException e) {
Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e);
throw new XMLSecurityException(e, "DEREncodedKeyValue.UnsupportedPublicKey", exArgs);
} catch (InvalidKeySpecException e) {
Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e);
throw new XMLSecurityException(e, "DEREncodedKeyValue.UnsupportedPublicKey", exArgs);
}
}

1
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.keys.content;
/**
* Empty interface just to identify Elements that can be children of ds:KeyInfo.
*
* @author $Author: coheigea $
*/
public interface KeyInfoContent {
}

32
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoReference.java
View File

@ -30,9 +30,8 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* Provides content model support for the <code>dsig11:KeyInfoReference</code> element.
* Provides content model support for the {@code dsig11:KeyInfoReference} element.
*
* @author Brent Putman (putmanb@georgetown.edu)
*/
public class KeyInfoReference extends Signature11ElementProxy implements KeyInfoContent {
@ -40,7 +39,7 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
* Constructor RetrievalMethod
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public KeyInfoReference(Element element, String baseURI) throws XMLSecurityException {
@ -51,12 +50,12 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
* Constructor RetrievalMethod
*
* @param doc
* @param URI
* @param uri
*/
public KeyInfoReference(Document doc, String URI) {
public KeyInfoReference(Document doc, String uri) {
super(doc);
this.constructionElement.setAttributeNS(null, Constants._ATT_URI, URI);
setLocalAttribute(Constants._ATT_URI, uri);
}
/**
@ -65,7 +64,7 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
* @return the URI attribute
*/
public Attr getURIAttr() {
return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_URI);
return getElement().getAttributeNodeNS(null, Constants._ATT_URI);
}
/**
@ -78,29 +77,24 @@ public class KeyInfoReference extends Signature11ElementProxy implements KeyInfo
}
/**
* Sets the <code>Id</code> attribute
* Sets the {@code Id} attribute
*
* @param Id ID
* @param id ID
*/
public void setId(String id) {
if (id != null) {
this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
} else {
this.constructionElement.removeAttributeNS(null, Constants._ATT_ID);
}
setLocalIdAttribute(Constants._ATT_ID, id);
}
/**
* Returns the <code>Id</code> attribute
* Returns the {@code Id} attribute
*
* @return the <code>Id</code> attribute
* @return the {@code Id} attribute
*/
public String getId() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_ID);
return getLocalAttribute(Constants._ATT_ID);
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_KEYINFOREFERENCE;
}

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java
View File

@ -29,7 +29,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* @author $Author: coheigea $
*/
public class KeyName extends SignatureElementProxy implements KeyInfoContent {
@ -37,11 +36,11 @@ public class KeyName extends SignatureElementProxy implements KeyInfoContent {
* Constructor KeyName
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public KeyName(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public KeyName(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -65,7 +64,7 @@ public class KeyName extends SignatureElementProxy implements KeyInfoContent {
return this.getTextFromTextChild();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_KEYNAME;
}

49
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java
View File

@ -41,7 +41,6 @@ import org.w3c.dom.Element;
* keys values represented as PCDATA or element types from an external
* namespace.
*
* @author $Author: coheigea $
*/
public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
@ -54,9 +53,9 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, DSAKeyValue dsaKeyValue) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
this.constructionElement.appendChild(dsaKeyValue.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
appendSelf(dsaKeyValue);
addReturnToSelf();
}
/**
@ -68,9 +67,9 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, RSAKeyValue rsaKeyValue) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
this.constructionElement.appendChild(rsaKeyValue.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
appendSelf(rsaKeyValue);
addReturnToSelf();
}
/**
@ -82,9 +81,9 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, Element unknownKeyValue) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
this.constructionElement.appendChild(unknownKeyValue);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
appendSelf(unknownKeyValue);
addReturnToSelf();
}
/**
@ -96,18 +95,22 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public KeyValue(Document doc, PublicKey pk) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
if (pk instanceof java.security.interfaces.DSAPublicKey) {
DSAKeyValue dsa = new DSAKeyValue(this.doc, pk);
DSAKeyValue dsa = new DSAKeyValue(getDocument(), pk);
this.constructionElement.appendChild(dsa.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(dsa);
addReturnToSelf();
} else if (pk instanceof java.security.interfaces.RSAPublicKey) {
RSAKeyValue rsa = new RSAKeyValue(this.doc, pk);
RSAKeyValue rsa = new RSAKeyValue(getDocument(), pk);
this.constructionElement.appendChild(rsa.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(rsa);
addReturnToSelf();
} else {
String error = "The given PublicKey type " + pk + " is not supported. Only DSAPublicKey and "
+ "RSAPublicKey types are currently supported";
throw new IllegalArgumentException(error);
}
}
@ -115,11 +118,11 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* Constructor KeyValue
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public KeyValue(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public KeyValue(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -131,7 +134,7 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
public PublicKey getPublicKey() throws XMLSecurityException {
Element rsa =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_RSAKEYVALUE, 0);
getFirstChild(), Constants._TAG_RSAKEYVALUE, 0);
if (rsa != null) {
RSAKeyValue kv = new RSAKeyValue(rsa, this.baseURI);
@ -140,7 +143,7 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
Element dsa =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_DSAKEYVALUE, 0);
getFirstChild(), Constants._TAG_DSAKEYVALUE, 0);
if (dsa != null) {
DSAKeyValue kv = new DSAKeyValue(dsa, this.baseURI);
@ -150,7 +153,7 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
return null;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_KEYVALUE;
}

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java
View File

@ -29,7 +29,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* @author $Author: coheigea $
*/
public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
@ -37,12 +36,12 @@ public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
* Constructor MgmtData
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public MgmtData(Element element, String BaseURI)
public MgmtData(Element element, String baseURI)
throws XMLSecurityException {
super(element, BaseURI);
super(element, baseURI);
}
/**
@ -66,7 +65,7 @@ public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
return this.getTextFromTextChild();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_MGMTDATA;
}

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java
View File

@ -28,7 +28,6 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element;
/**
* @author $Author: coheigea $
* $todo$ Implement
*/
public class PGPData extends SignatureElementProxy implements KeyInfoContent {
@ -37,14 +36,14 @@ public class PGPData extends SignatureElementProxy implements KeyInfoContent {
* Constructor PGPData
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public PGPData(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public PGPData(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_PGPDATA;
}

26
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java
View File

@ -53,11 +53,11 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
* Constructor RetrievalMethod
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public RetrievalMethod(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public RetrievalMethod(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -71,15 +71,15 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
public RetrievalMethod(Document doc, String URI, Transforms transforms, String Type) {
super(doc);
this.constructionElement.setAttributeNS(null, Constants._ATT_URI, URI);
setLocalAttribute(Constants._ATT_URI, URI);
if (Type != null) {
this.constructionElement.setAttributeNS(null, Constants._ATT_TYPE, Type);
setLocalAttribute(Constants._ATT_TYPE, Type);
}
if (transforms != null) {
this.constructionElement.appendChild(transforms.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(transforms);
addReturnToSelf();
}
}
@ -89,7 +89,7 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
* @return the URI attribute
*/
public Attr getURIAttr() {
return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_URI);
return getElement().getAttributeNodeNS(null, Constants._ATT_URI);
}
/**
@ -98,12 +98,12 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
* @return URI string
*/
public String getURI() {
return this.getURIAttr().getNodeValue();
return getLocalAttribute(Constants._ATT_URI);
}
/** @return the type*/
public String getType() {
return this.constructionElement.getAttributeNS(null, Constants._ATT_TYPE);
return getLocalAttribute(Constants._ATT_TYPE);
}
/**
@ -116,7 +116,7 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
try {
Element transformsElem =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_TRANSFORMS, 0);
getFirstChild(), Constants._TAG_TRANSFORMS, 0);
if (transformsElem != null) {
return new Transforms(transformsElem, this.baseURI);
@ -124,11 +124,11 @@ public class RetrievalMethod extends SignatureElementProxy implements KeyInfoCon
return null;
} catch (XMLSignatureException ex) {
throw new XMLSecurityException("empty", ex);
throw new XMLSecurityException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_RETRIEVALMETHOD;
}

9
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java
View File

@ -28,7 +28,6 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element;
/**
* @author $Author: coheigea $
* $todo$ implement
*/
public class SPKIData extends SignatureElementProxy implements KeyInfoContent {
@ -37,15 +36,15 @@ public class SPKIData extends SignatureElementProxy implements KeyInfoContent {
* Constructor SPKIData
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public SPKIData(Element element, String BaseURI)
public SPKIData(Element element, String baseURI)
throws XMLSecurityException {
super(element, BaseURI);
super(element, baseURI);
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_SPKIDATA;
}

101
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java
View File

@ -41,9 +41,8 @@ import org.w3c.dom.Node;
public class X509Data extends SignatureElementProxy implements KeyInfoContent {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(X509Data.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(X509Data.class);
/**
* Constructor X509Data
@ -53,7 +52,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
public X509Data(Document doc) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
}
/**
@ -66,18 +65,16 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
public X509Data(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
Node sibling = this.constructionElement.getFirstChild();
while (sibling != null) {
if (sibling.getNodeType() != Node.ELEMENT_NODE) {
Node sibling = getFirstChild();
while (sibling != null && sibling.getNodeType() != Node.ELEMENT_NODE) {
sibling = sibling.getNextSibling();
continue;
}
return;
}
if (sibling == null || sibling.getNodeType() != Node.ELEMENT_NODE) {
/* No Elements found */
Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
throw new XMLSecurityException("xml.WrongContent", exArgs);
}
}
/**
* Method addIssuerSerial
@ -86,7 +83,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param X509SerialNumber
*/
public void addIssuerSerial(String X509IssuerName, BigInteger X509SerialNumber) {
this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber));
this.add(new XMLX509IssuerSerial(getDocument(), X509IssuerName, X509SerialNumber));
}
/**
@ -96,7 +93,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param X509SerialNumber
*/
public void addIssuerSerial(String X509IssuerName, String X509SerialNumber) {
this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber));
this.add(new XMLX509IssuerSerial(getDocument(), X509IssuerName, X509SerialNumber));
}
/**
@ -106,7 +103,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param X509SerialNumber
*/
public void addIssuerSerial(String X509IssuerName, int X509SerialNumber) {
this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber));
this.add(new XMLX509IssuerSerial(getDocument(), X509IssuerName, X509SerialNumber));
}
/**
@ -116,8 +113,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/
public void add(XMLX509IssuerSerial xmlX509IssuerSerial) {
this.constructionElement.appendChild(xmlX509IssuerSerial.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(xmlX509IssuerSerial);
addReturnToSelf();
}
/**
@ -126,7 +123,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param skiBytes
*/
public void addSKI(byte[] skiBytes) {
this.add(new XMLX509SKI(this.doc, skiBytes));
this.add(new XMLX509SKI(getDocument(), skiBytes));
}
/**
@ -137,7 +134,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/
public void addSKI(X509Certificate x509certificate)
throws XMLSecurityException {
this.add(new XMLX509SKI(this.doc, x509certificate));
this.add(new XMLX509SKI(getDocument(), x509certificate));
}
/**
@ -146,8 +143,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SKI
*/
public void add(XMLX509SKI xmlX509SKI) {
this.constructionElement.appendChild(xmlX509SKI.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(xmlX509SKI);
addReturnToSelf();
}
/**
@ -156,7 +153,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param subjectName
*/
public void addSubjectName(String subjectName) {
this.add(new XMLX509SubjectName(this.doc, subjectName));
this.add(new XMLX509SubjectName(getDocument(), subjectName));
}
/**
@ -165,7 +162,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param x509certificate
*/
public void addSubjectName(X509Certificate x509certificate) {
this.add(new XMLX509SubjectName(this.doc, x509certificate));
this.add(new XMLX509SubjectName(getDocument(), x509certificate));
}
/**
@ -174,8 +171,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SubjectName
*/
public void add(XMLX509SubjectName xmlX509SubjectName) {
this.constructionElement.appendChild(xmlX509SubjectName.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(xmlX509SubjectName);
addReturnToSelf();
}
/**
@ -186,7 +183,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/
public void addCertificate(X509Certificate x509certificate)
throws XMLSecurityException {
this.add(new XMLX509Certificate(this.doc, x509certificate));
this.add(new XMLX509Certificate(getDocument(), x509certificate));
}
/**
@ -195,7 +192,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param x509certificateBytes
*/
public void addCertificate(byte[] x509certificateBytes) {
this.add(new XMLX509Certificate(this.doc, x509certificateBytes));
this.add(new XMLX509Certificate(getDocument(), x509certificateBytes));
}
/**
@ -204,8 +201,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509Certificate
*/
public void add(XMLX509Certificate xmlX509Certificate) {
this.constructionElement.appendChild(xmlX509Certificate.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(xmlX509Certificate);
addReturnToSelf();
}
/**
@ -214,7 +211,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param crlBytes
*/
public void addCRL(byte[] crlBytes) {
this.add(new XMLX509CRL(this.doc, crlBytes));
this.add(new XMLX509CRL(getDocument(), crlBytes));
}
/**
@ -223,8 +220,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509CRL
*/
public void add(XMLX509CRL xmlX509CRL) {
this.constructionElement.appendChild(xmlX509CRL.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(xmlX509CRL);
addReturnToSelf();
}
/**
@ -236,27 +233,27 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/
public void addDigest(X509Certificate x509certificate, String algorithmURI)
throws XMLSecurityException {
this.add(new XMLX509Digest(this.doc, x509certificate, algorithmURI));
this.add(new XMLX509Digest(getDocument(), x509certificate, algorithmURI));
}
/**
* Method addDigest
*
* @param x509CertificateDigestByes
* @param x509CertificateDigestBytes
* @param algorithmURI
*/
public void addDigest(byte[] x509certificateDigestBytes, String algorithmURI) {
this.add(new XMLX509Digest(this.doc, x509certificateDigestBytes, algorithmURI));
public void addDigest(byte[] x509CertificateDigestBytes, String algorithmURI) {
this.add(new XMLX509Digest(getDocument(), x509CertificateDigestBytes, algorithmURI));
}
/**
* Method add
*
* @param XMLX509Digest
* @param xmlX509Digest
*/
public void add(XMLX509Digest xmlX509Digest) {
this.constructionElement.appendChild(xmlX509Digest.getElement());
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(xmlX509Digest);
addReturnToSelf();
}
/**
@ -265,8 +262,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param element
*/
public void addUnknownElement(Element element) {
this.constructionElement.appendChild(element);
XMLUtils.addReturnToElement(this.constructionElement);
appendSelf(element);
addReturnToSelf();
}
/**
@ -330,9 +327,9 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/
public int lengthUnknownElement() {
int result = 0;
Node n = this.constructionElement.getFirstChild();
while (n != null){
if ((n.getNodeType() == Node.ELEMENT_NODE)
Node n = getFirstChild();
while (n != null) {
if (n.getNodeType() == Node.ELEMENT_NODE
&& !n.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
result++;
}
@ -352,7 +349,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
public XMLX509IssuerSerial itemIssuerSerial(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509ISSUERSERIAL, i);
getFirstChild(), Constants._TAG_X509ISSUERSERIAL, i);
if (e != null) {
return new XMLX509IssuerSerial(e, this.baseURI);
@ -371,7 +368,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509SKI, i);
getFirstChild(), Constants._TAG_X509SKI, i);
if (e != null) {
return new XMLX509SKI(e, this.baseURI);
@ -390,7 +387,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509SUBJECTNAME, i);
getFirstChild(), Constants._TAG_X509SUBJECTNAME, i);
if (e != null) {
return new XMLX509SubjectName(e, this.baseURI);
@ -402,14 +399,14 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* Method itemCertificate
*
* @param i
* @return the X509Certifacte, null if not present
* @return the X509Certificate, null if not present
* @throws XMLSecurityException
*/
public XMLX509Certificate itemCertificate(int i) throws XMLSecurityException {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509CERTIFICATE, i);
getFirstChild(), Constants._TAG_X509CERTIFICATE, i);
if (e != null) {
return new XMLX509Certificate(e, this.baseURI);
@ -428,7 +425,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e =
XMLUtils.selectDsNode(
this.constructionElement.getFirstChild(), Constants._TAG_X509CRL, i);
getFirstChild(), Constants._TAG_X509CRL, i);
if (e != null) {
return new XMLX509CRL(e, this.baseURI);
@ -447,7 +444,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
Element e =
XMLUtils.selectDs11Node(
this.constructionElement.getFirstChild(), Constants._TAG_X509DIGEST, i);
getFirstChild(), Constants._TAG_X509DIGEST, i);
if (e != null) {
return new XMLX509Digest(e, this.baseURI);
@ -463,9 +460,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* TODO implement
**/
public Element itemUnknownElement(int i) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:" + i);
}
LOG.debug("itemUnknownElement not implemented: {}", i);
return null;
}
@ -532,7 +527,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
return this.lengthUnknownElement() > 0;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_X509DATA;
}

23
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java
View File

@ -27,6 +27,7 @@ import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
@ -35,7 +36,6 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.I18n;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@ -64,7 +64,7 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
public DSAKeyValue(Document doc, BigInteger P, BigInteger Q, BigInteger G, BigInteger Y) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
this.addBigIntegerElement(P, Constants._TAG_P);
this.addBigIntegerElement(Q, Constants._TAG_Q);
this.addBigIntegerElement(G, Constants._TAG_G);
@ -81,12 +81,13 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
public DSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
if (key instanceof java.security.interfaces.DSAPublicKey) {
this.addBigIntegerElement(((DSAPublicKey) key).getParams().getP(), Constants._TAG_P);
this.addBigIntegerElement(((DSAPublicKey) key).getParams().getQ(), Constants._TAG_Q);
this.addBigIntegerElement(((DSAPublicKey) key).getParams().getG(), Constants._TAG_G);
if (key instanceof DSAPublicKey) {
DSAParams params = ((DSAPublicKey) key).getParams();
this.addBigIntegerElement(params.getP(), Constants._TAG_P);
this.addBigIntegerElement(params.getQ(), Constants._TAG_Q);
this.addBigIntegerElement(params.getG(), Constants._TAG_G);
this.addBigIntegerElement(((DSAPublicKey) key).getY(), Constants._TAG_Y);
} else {
Object exArgs[] = { Constants._TAG_DSAKEYVALUE, key.getClass().getName() };
@ -95,7 +96,7 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
}
}
/** @inheritDoc */
/** {@inheritDoc} */
public PublicKey getPublicKey() throws XMLSecurityException {
try {
DSAPublicKeySpec pkspec =
@ -118,13 +119,13 @@ public class DSAKeyValue extends SignatureElementProxy implements KeyValueConten
return pk;
} catch (NoSuchAlgorithmException ex) {
throw new XMLSecurityException("empty", ex);
throw new XMLSecurityException(ex);
} catch (InvalidKeySpecException ex) {
throw new XMLSecurityException("empty", ex);
throw new XMLSecurityException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_DSAKEYVALUE;
}

21
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java
View File

@ -35,7 +35,6 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.I18n;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@ -45,11 +44,11 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
* Constructor RSAKeyValue
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public RSAKeyValue(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public RSAKeyValue(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -62,7 +61,7 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
public RSAKeyValue(Document doc, BigInteger modulus, BigInteger exponent) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
this.addBigIntegerElement(modulus, Constants._TAG_MODULUS);
this.addBigIntegerElement(exponent, Constants._TAG_EXPONENT);
}
@ -77,9 +76,9 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
public RSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
if (key instanceof java.security.interfaces.RSAPublicKey ) {
if (key instanceof RSAPublicKey ) {
this.addBigIntegerElement(
((RSAPublicKey) key).getModulus(), Constants._TAG_MODULUS
);
@ -93,7 +92,7 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
}
}
/** @inheritDoc */
/** {@inheritDoc} */
public PublicKey getPublicKey() throws XMLSecurityException {
try {
KeyFactory rsaFactory = KeyFactory.getInstance("RSA");
@ -111,13 +110,13 @@ public class RSAKeyValue extends SignatureElementProxy implements KeyValueConten
return pk;
} catch (NoSuchAlgorithmException ex) {
throw new XMLSecurityException("empty", ex);
throw new XMLSecurityException(ex);
} catch (InvalidKeySpecException ex) {
throw new XMLSecurityException("empty", ex);
throw new XMLSecurityException(ex);
}
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_RSAKEYVALUE;
}

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
basic handlers for elements that can occur inside <CODE>ds:KeyValue</CODE>.
</P></BODY></HTML>

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
basic handlers for elements that can occur inside <CODE>ds:KeyInfo</CODE>.
</P></BODY></HTML>

8
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java
View File

@ -34,11 +34,11 @@ public class XMLX509CRL extends SignatureElementProxy implements XMLX509DataCont
* Constructor XMLX509CRL
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public XMLX509CRL(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public XMLX509CRL(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -63,7 +63,7 @@ public class XMLX509CRL extends SignatureElementProxy implements XMLX509DataCont
return this.getBytesFromTextChild();
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_X509CRL;
}

30
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java
View File

@ -23,6 +23,8 @@
package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
@ -44,11 +46,11 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
* Constructor X509Certificate
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public XMLX509Certificate(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public XMLX509Certificate(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -77,7 +79,7 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
try {
this.addBase64Text(x509certificate.getEncoded());
} catch (java.security.cert.CertificateEncodingException ex) {
throw new XMLSecurityException("empty", ex);
throw new XMLSecurityException(ex);
}
}
@ -98,22 +100,20 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
* @throws XMLSecurityException
*/
public X509Certificate getX509Certificate() throws XMLSecurityException {
try {
byte certbytes[] = this.getCertificateBytes();
try (InputStream is = new ByteArrayInputStream(certbytes)) {
CertificateFactory certFact =
CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =
(X509Certificate) certFact.generateCertificate(
new ByteArrayInputStream(certbytes)
);
(X509Certificate) certFact.generateCertificate(is);
if (cert != null) {
return cert;
}
return null;
} catch (CertificateException ex) {
throw new XMLSecurityException("empty", ex);
} catch (CertificateException | IOException ex) {
throw new XMLSecurityException(ex);
}
}
@ -123,7 +123,7 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
* @return the publickey
* @throws XMLSecurityException
*/
public PublicKey getPublicKey() throws XMLSecurityException {
public PublicKey getPublicKey() throws XMLSecurityException, IOException {
X509Certificate cert = this.getX509Certificate();
if (cert != null) {
@ -133,7 +133,7 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
return null;
}
/** @inheritDoc */
/** {@inheritDoc} */
public boolean equals(Object obj) {
if (!(obj instanceof XMLX509Certificate)) {
return false;
@ -154,14 +154,12 @@ public class XMLX509Certificate extends SignatureElementProxy implements XMLX509
result = 31 * result + bytes[i];
}
} catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
LOG.debug(e.getMessage(), e);
}
return result;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_X509CERTIFICATE;
}

1
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java
View File

@ -25,7 +25,6 @@ package com.sun.org.apache.xml.internal.security.keys.content.x509;
/**
* Just used for tagging contents that are allowed inside a ds:X509Data Element.
*
* @author $Author: coheigea $
*/
public interface XMLX509DataContent {
}

17
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Digest.java
View File

@ -34,9 +34,8 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* Provides content model support for the <code>dsig11:X509Digest</code> element.
* Provides content model support for the {@code dsig11:X509Digest} element.
*
* @author Brent Putman (putmanb@georgetown.edu)
*/
public class XMLX509Digest extends Signature11ElementProxy implements XMLX509DataContent {
@ -44,11 +43,11 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
* Constructor XMLX509Digest
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public XMLX509Digest(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public XMLX509Digest(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -61,7 +60,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
public XMLX509Digest(Document doc, byte[] digestBytes, String algorithmURI) {
super(doc);
this.addBase64Text(digestBytes);
this.constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, algorithmURI);
setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI);
}
/**
@ -75,7 +74,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
public XMLX509Digest(Document doc, X509Certificate x509certificate, String algorithmURI) throws XMLSecurityException {
super(doc);
this.addBase64Text(getDigestBytesFromCert(x509certificate, algorithmURI));
this.constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, algorithmURI);
setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI);
}
/**
@ -84,7 +83,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
* @return the Algorithm attribute
*/
public Attr getAlgorithmAttr() {
return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_ALGORITHM);
return getElement().getAttributeNodeNS(null, Constants._ATT_ALGORITHM);
}
/**
@ -132,7 +131,7 @@ public class XMLX509Digest extends Signature11ElementProxy implements XMLX509Dat
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_X509DIGEST;
}

16
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java
View File

@ -29,15 +29,13 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.RFC2253Parser;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX509DataContent {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509IssuerSerial.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(XMLX509IssuerSerial.class);
/**
* Constructor XMLX509IssuerSerial
@ -59,7 +57,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
*/
public XMLX509IssuerSerial(Document doc, String x509IssuerName, BigInteger x509SerialNumber) {
super(doc);
XMLUtils.addReturnToElement(this.constructionElement);
addReturnToSelf();
addTextElement(x509IssuerName, Constants._TAG_X509ISSUERNAME);
addTextElement(x509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER);
}
@ -108,9 +106,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
public BigInteger getSerialNumber() {
String text =
this.getTextFromChildElement(Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "X509SerialNumber text: " + text);
}
LOG.debug("X509SerialNumber text: {}", text);
return new BigInteger(text);
}
@ -135,7 +131,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
);
}
/** @inheritDoc */
/** {@inheritDoc} */
public boolean equals(Object obj) {
if (!(obj instanceof XMLX509IssuerSerial)) {
return false;
@ -154,7 +150,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX50
return result;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_X509ISSUERSERIAL;
}

33
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java
View File

@ -24,9 +24,9 @@ package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Base64;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
@ -40,20 +40,19 @@ import org.w3c.dom.Element;
*/
public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataContent {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509SKI.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(XMLX509SKI.class);
/**
* <CODE>SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)</CODE>:
* {@code SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)}:
* This extension identifies the public key being certified. It enables
* distinct keys used by the same subject to be differentiated
* (e.g., as key updating occurs).
* <BR />
* <p></p>
* A key identifier shall be unique with respect to all key identifiers
* for the subject with which it is used. This extension is always non-critical.
*/
public static final String SKI_OID = "2.5.29.14";
public static final String SKI_OID = "2.5.29.14"; //NOPMD
/**
* Constructor X509SKI
@ -83,11 +82,11 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
* Constructor XMLX509SKI
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public XMLX509SKI(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
public XMLX509SKI(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
/**
@ -113,7 +112,7 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
throws XMLSecurityException {
if (cert.getVersion() < 3) {
Object exArgs[] = { Integer.valueOf(cert.getVersion()) };
Object exArgs[] = { cert.getVersion() };
throw new XMLSecurityException("certificate.noSki.lowVersion", exArgs);
}
@ -138,14 +137,14 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue));
if (LOG.isDebugEnabled()) {
LOG.debug("Base64 of SKI is " + Base64.getMimeEncoder().encodeToString(skidValue));
}
return skidValue;
}
/** @inheritDoc */
/** {@inheritDoc} */
public boolean equals(Object obj) {
if (!(obj instanceof XMLX509SKI)) {
return false;
@ -168,15 +167,13 @@ public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataCont
result = 31 * result + bytes[i];
}
} catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
LOG.debug(e.getMessage(), e);
}
return result;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_X509SKI;
}

11
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java
View File

@ -32,7 +32,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* @author $Author: coheigea $
*/
public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509DataContent {
@ -40,12 +39,12 @@ public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509
* Constructor X509SubjectName
*
* @param element
* @param BaseURI
* @param baseURI
* @throws XMLSecurityException
*/
public XMLX509SubjectName(Element element, String BaseURI)
public XMLX509SubjectName(Element element, String baseURI)
throws XMLSecurityException {
super(element, BaseURI);
super(element, baseURI);
}
/**
@ -80,7 +79,7 @@ public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509
return RFC2253Parser.normalize(this.getTextFromTextChild());
}
/** @inheritDoc */
/** {@inheritDoc} */
public boolean equals(Object obj) {
if (!(obj instanceof XMLX509SubjectName)) {
return false;
@ -99,7 +98,7 @@ public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509
return result;
}
/** @inheritDoc */
/** {@inheritDoc} */
public String getBaseLocalName() {
return Constants._TAG_X509SUBJECTNAME;
}

3
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/package.html
View File

@ -1,3 +0,0 @@
<HTML><HEAD></HEAD><BODY><P>
basic handlers for elements that can occur inside <CODE>ds:X509Data</CODE>.
</P></BODY></HTML>

84
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/ClassLoaderUtils.java Normal file
View File

@ -0,0 +1,84 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver;
// NOTE! This is a duplicate of utils.ClassLoaderUtils with public
// modifiers changed to package-private. Make sure to integrate any future
// changes to utils.ClassLoaderUtils to this file.
final class ClassLoaderUtils {
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(ClassLoaderUtils.class);
private ClassLoaderUtils() {
}
/**
* Load a class with a given name. <p></p> It will try to load the class in the
* following order:
* <ul>
* <li>From Thread.currentThread().getContextClassLoader()
* <li>Using the basic Class.forName()
* <li>From ClassLoaderUtil.class.getClassLoader()
* <li>From the callingClass.getClassLoader()
* </ul>
*
* @param className The name of the class to load
* @param callingClass The Class object of the calling object
* @throws ClassNotFoundException If the class cannot be found anywhere.
*/
static Class<?> loadClass(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
if (cl != null) {
return cl.loadClass(className);
}
} catch (ClassNotFoundException e) {
LOG.debug(e.getMessage(), e);
//ignore
}
return loadClass2(className, callingClass);
}
private static Class<?> loadClass2(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
return Class.forName(className);
} catch (ClassNotFoundException ex) {
try {
if (ClassLoaderUtils.class.getClassLoader() != null) {
return ClassLoaderUtils.class.getClassLoader().loadClass(className);
}
} catch (ClassNotFoundException exc) {
if (callingClass != null && callingClass.getClassLoader() != null) {
return callingClass.getClassLoader().loadClass(className);
}
}
LOG.debug(ex.getMessage(), ex);
throw ex;
}
}
}

20
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java
View File

@ -61,21 +61,31 @@ public class InvalidKeyResolverException extends XMLSecurityException {
/**
* Constructor InvalidKeyResolverException
*
* @param msgID
* @param originalException
* @param msgID
*/
public InvalidKeyResolverException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public InvalidKeyResolverException(String msgID, Exception originalException) {
super(msgID, originalException);
this(originalException, msgID);
}
/**
* Constructor InvalidKeyResolverException
*
* @param originalException
* @param msgID
* @param exArgs
* @param originalException
*/
public InvalidKeyResolverException(String msgID, Object exArgs[], Exception originalException) {
super(msgID, exArgs, originalException);
public InvalidKeyResolverException(Exception originalException, String msgID, Object exArgs[]) {
super(originalException, msgID, exArgs);
}
@Deprecated
public InvalidKeyResolverException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
}

51
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
View File

@ -52,9 +52,8 @@ import org.w3c.dom.Node;
*/
public class KeyResolver {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyResolver.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(KeyResolver.class);
/** Field resolverVector */
private static List<KeyResolver> resolverVector = new CopyOnWriteArrayList<KeyResolver>();
@ -96,16 +95,14 @@ public class KeyResolver {
for (KeyResolver resolver : resolverVector) {
if (resolver == null) {
Object exArgs[] = {
(((element != null)
&& (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName() : "null")
element != null
&& element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null"
};
throw new KeyResolverException("utils.resolver.noClass", exArgs);
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
}
LOG.debug("check resolvability by class {}", resolver.getClass());
X509Certificate cert = resolver.resolveX509Certificate(element, baseURI, storage);
if (cert != null) {
@ -114,8 +111,8 @@ public class KeyResolver {
}
Object exArgs[] = {
(((element != null) && (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName() : "null")
element != null && element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null"
};
throw new KeyResolverException("utils.resolver.noClass", exArgs);
@ -137,16 +134,14 @@ public class KeyResolver {
for (KeyResolver resolver : resolverVector) {
if (resolver == null) {
Object exArgs[] = {
(((element != null)
&& (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName() : "null")
element != null
&& element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null"
};
throw new KeyResolverException("utils.resolver.noClass", exArgs);
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
}
LOG.debug("check resolvability by class {}", resolver.getClass());
PublicKey cert = resolver.resolvePublicKey(element, baseURI, storage);
if (cert != null) {
@ -155,8 +150,8 @@ public class KeyResolver {
}
Object exArgs[] = {
(((element != null) && (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName() : "null")
element != null && element.getNodeType() == Node.ELEMENT_NODE
? element.getTagName() : "null"
};
throw new KeyResolverException("utils.resolver.noClass", exArgs);
@ -184,7 +179,7 @@ public class KeyResolver {
JavaUtils.checkRegisterPermission();
@SuppressWarnings("deprecation")
KeyResolverSpi keyResolverSpi =
(KeyResolverSpi) Class.forName(className).newInstance();
(KeyResolverSpi) ClassLoaderUtils.loadClass(className, KeyResolver.class).newInstance();
keyResolverSpi.setGlobalResolver(globalResolver);
register(keyResolverSpi, false);
}
@ -209,8 +204,10 @@ public class KeyResolver {
Exception ex = null;
try {
@SuppressWarnings("deprecation")
Object tmp = Class.forName(className).newInstance();
keyResolverSpi = (KeyResolverSpi) tmp;
KeyResolverSpi tmp = (KeyResolverSpi) ClassLoaderUtils.loadClass(className, KeyResolver.class).newInstance();
keyResolverSpi = tmp;
keyResolverSpi.setGlobalResolver(globalResolver);
register(keyResolverSpi, true);
} catch (ClassNotFoundException e) {
ex = e;
} catch (IllegalAccessException e) {
@ -223,8 +220,6 @@ public class KeyResolver {
throw (IllegalArgumentException) new
IllegalArgumentException("Invalid KeyResolver class name").initCause(ex);
}
keyResolverSpi.setGlobalResolver(globalResolver);
register(keyResolverSpi, true);
}
/**
@ -273,11 +268,11 @@ public class KeyResolver {
public static void registerClassNames(List<String> classNames)
throws ClassNotFoundException, IllegalAccessException, InstantiationException {
JavaUtils.checkRegisterPermission();
List<KeyResolver> keyResolverList = new ArrayList<KeyResolver>(classNames.size());
List<KeyResolver> keyResolverList = new ArrayList<>(classNames.size());
for (String className : classNames) {
@SuppressWarnings("deprecation")
KeyResolverSpi keyResolverSpi =
(KeyResolverSpi) Class.forName(className).newInstance();
(KeyResolverSpi)ClassLoaderUtils.loadClass(className, KeyResolver.class).newInstance();
keyResolverSpi.setGlobalResolver(false);
keyResolverList.add(new KeyResolver(keyResolverSpi));
}
@ -289,7 +284,7 @@ public class KeyResolver {
*/
public static void registerDefaultResolvers() {
List<KeyResolver> keyResolverList = new ArrayList<KeyResolver>();
List<KeyResolver> keyResolverList = new ArrayList<>();
keyResolverList.add(new KeyResolver(new RSAKeyValueResolver()));
keyResolverList.add(new KeyResolver(new DSAKeyValueResolver()));
keyResolverList.add(new KeyResolver(new X509CertificateResolver()));
@ -418,7 +413,7 @@ public class KeyResolver {
public void remove() {
throw new UnsupportedOperationException("Can't remove resolvers using the iterator");
}
};
}
public static Iterator<KeyResolverSpi> iterator() {
return new ResolverIterator(resolverVector);

24
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java
View File

@ -39,6 +39,10 @@ public class KeyResolverException extends XMLSecurityException {
super();
}
public KeyResolverException(Exception ex) {
super(ex);
}
/**
* Constructor KeyResolverException
*
@ -61,21 +65,31 @@ public class KeyResolverException extends XMLSecurityException {
/**
* Constructor KeyResolverException
*
* @param msgID
* @param originalException
* @param msgID
*/
public KeyResolverException(Exception originalException, String msgID) {
super(originalException, msgID);
}
@Deprecated
public KeyResolverException(String msgID, Exception originalException) {
super(msgID, originalException);
this(originalException, msgID);
}
/**
* Constructor KeyResolverException
*
* @param originalException
* @param msgID
* @param exArgs
* @param originalException
*/
public KeyResolverException(String msgID, Object exArgs[], Exception originalException) {
super(msgID, exArgs, originalException);
public KeyResolverException(Exception originalException, String msgID, Object exArgs[]) {
super(originalException, msgID, exArgs);
}
@Deprecated
public KeyResolverException(String msgID, Object[] exArgs, Exception originalException) {
this(originalException, msgID, exArgs);
}
}

58
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
View File

@ -22,15 +22,23 @@
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.crypto.SecretKey;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
/**
* This class is an abstract class for a child KeyInfo Element.
@ -45,7 +53,7 @@ import org.w3c.dom.Element;
public abstract class KeyResolverSpi {
/** Field properties */
protected java.util.Map<String, String> properties = null;
protected java.util.Map<String, String> properties;
protected boolean globalResolver = false;
@ -84,7 +92,7 @@ public abstract class KeyResolverSpi {
Element element, String baseURI, StorageResolver storage
) throws KeyResolverException {
throw new UnsupportedOperationException();
};
}
/**
* Method engineLookupAndResolvePublicKey
@ -107,19 +115,18 @@ public abstract class KeyResolverSpi {
}
private KeyResolverSpi cloneIfNeeded() throws KeyResolverException {
KeyResolverSpi tmp = this;
if (globalResolver) {
try {
@SuppressWarnings("deprecation")
KeyResolverSpi krs = getClass().newInstance();
tmp = krs;
} catch (InstantiationException e) {
throw new KeyResolverException("", e);
} catch (IllegalAccessException e) {
throw new KeyResolverException("", e);
}
}
KeyResolverSpi tmp = getClass().newInstance();
return tmp;
} catch (InstantiationException e) {
throw new KeyResolverException(e, "");
} catch (IllegalAccessException e) {
throw new KeyResolverException(e, "");
}
}
return this;
}
/**
@ -136,7 +143,7 @@ public abstract class KeyResolverSpi {
Element element, String baseURI, StorageResolver storage
) throws KeyResolverException{
throw new UnsupportedOperationException();
};
}
/**
* Method engineLookupResolveX509Certificate
@ -172,7 +179,7 @@ public abstract class KeyResolverSpi {
Element element, String baseURI, StorageResolver storage
) throws KeyResolverException{
throw new UnsupportedOperationException();
};
}
/**
* Method engineLookupAndResolveSecretKey
@ -223,7 +230,7 @@ public abstract class KeyResolverSpi {
*/
public void engineSetProperty(String key, String value) {
if (properties == null) {
properties = new HashMap<String, String>();
properties = new HashMap<>();
}
properties.put(key, value);
}
@ -260,4 +267,27 @@ public abstract class KeyResolverSpi {
this.globalResolver = globalResolver;
}
/**
* Parses a byte array and returns the parsed Element.
*
* @param bytes
* @return the Document Element after parsing bytes
* @throws KeyResolverException if something goes wrong
*/
protected static Element getDocFromBytes(byte[] bytes, boolean secureValidation) throws KeyResolverException {
DocumentBuilder db = null;
try (InputStream is = new ByteArrayInputStream(bytes)) {
db = XMLUtils.createDocumentBuilder(false, secureValidation);
Document doc = db.parse(is);
return doc.getDocumentElement();
} catch (SAXException ex) {
throw new KeyResolverException(ex);
} catch (IOException ex) {
throw new KeyResolverException(ex);
} catch (ParserConfigurationException ex) {
throw new KeyResolverException(ex);
}
}
}

44
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DEREncodedKeyValueResolver.java
View File

@ -2,6 +2,24 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.security.PrivateKey;
@ -21,28 +39,24 @@ import org.w3c.dom.Element;
/**
* KeyResolverSpi implementation which resolves public keys from a
* <code>dsig11:DEREncodedKeyValue</code> element.
* {@code dsig11:DEREncodedKeyValue} element.
*
* @author Brent Putman (putmanb@georgetown.edu)
*/
public class DEREncodedKeyValueResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(DEREncodedKeyValueResolver.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(DEREncodedKeyValueResolver.class);
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_DERENCODEDKEYVALUE);
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
LOG.debug("Can I resolve {}", element.getTagName());
if (!engineCanResolve(element, baseURI, storage)) {
return null;
@ -52,27 +66,25 @@ public class DEREncodedKeyValueResolver extends KeyResolverSpi {
DEREncodedKeyValue derKeyValue = new DEREncodedKeyValue(element, baseURI);
return derKeyValue.getPublicKey();
} catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
LOG.debug("XMLSecurityException", e);
}
return null;
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
return null;
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
return null;
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
return null;

23
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java
View File

@ -35,21 +35,20 @@ import org.w3c.dom.Element;
public class DSAKeyValueResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(DSAKeyValueResolver.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(DSAKeyValueResolver.class);
/**
* Method engineResolvePublicKey
*
* @param element
* @param BaseURI
* @param baseURI
* @param storage
* @return null if no {@link PublicKey} could be obtained
*/
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) {
if (element == null) {
return null;
@ -71,14 +70,12 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
}
try {
DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement, BaseURI);
DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement, baseURI);
PublicKey pk = dsaKeyValue.getPublicKey();
return pk;
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
LOG.debug(ex.getMessage(), ex);
//do nothing
}
@ -86,16 +83,16 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
}
/** @inheritDoc */
/** {@inheritDoc} */
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) {
return null;
}
/** @inheritDoc */
/** {@inheritDoc} */
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) {
return null;
}

150
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java
View File

@ -1,150 +0,0 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.SecretKey;
import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.encryption.XMLEncryptionException;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element;
/**
* The <code>EncryptedKeyResolver</code> is not a generic resolver. It can
* only be for specific instantiations, as the key being unwrapped will
* always be of a particular type and will always have been wrapped by
* another key which needs to be recursively resolved.
*
* The <code>EncryptedKeyResolver</code> can therefore only be instantiated
* with an algorithm. It can also be instantiated with a key (the KEK) or
* will search the static KeyResolvers to find the appropriate key.
*
* @author Berin Lautenbach
*/
public class EncryptedKeyResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(EncryptedKeyResolver.class.getName());
private Key kek;
private String algorithm;
private List<KeyResolverSpi> internalKeyResolvers;
/**
* Constructor for use when a KEK needs to be derived from a KeyInfo
* list
* @param algorithm
*/
public EncryptedKeyResolver(String algorithm) {
kek = null;
this.algorithm = algorithm;
}
/**
* Constructor used for when a KEK has been set
* @param algorithm
* @param kek
*/
public EncryptedKeyResolver(String algorithm, Key kek) {
this.algorithm = algorithm;
this.kek = kek;
}
/**
* This method is used to add a custom {@link KeyResolverSpi} to help
* resolve the KEK.
*
* @param realKeyResolver
*/
public void registerInternalKeyResolver(KeyResolverSpi realKeyResolver) {
if (internalKeyResolvers == null) {
internalKeyResolvers = new ArrayList<KeyResolverSpi>();
}
internalKeyResolvers.add(realKeyResolver);
}
/** @inheritDoc */
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage
) {
return null;
}
/** @inheritDoc */
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage
) {
return null;
}
/** @inheritDoc */
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage
) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName());
}
if (element == null) {
return null;
}
SecretKey key = null;
boolean isEncryptedKey =
XMLUtils.elementIsInEncryptionSpace(element, EncryptionConstants._TAG_ENCRYPTEDKEY);
if (isEncryptedKey) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
}
try {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, kek);
if (internalKeyResolvers != null) {
int size = internalKeyResolvers.size();
for (int i = 0; i < size; i++) {
cipher.registerInternalKeyResolver(internalKeyResolvers.get(i));
}
}
EncryptedKey ek = cipher.loadEncryptedKey(element);
key = (SecretKey) cipher.decryptKey(ek, algorithm);
} catch (XMLEncryptionException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, e.getMessage(), e);
}
}
}
return key;
}
}

115
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/KeyInfoReferenceResolver.java
View File

@ -2,19 +2,33 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import javax.crypto.SecretKey;
import javax.xml.XMLConstants;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
@ -29,34 +43,29 @@ import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
/**
* KeyResolverSpi implementation which resolves public keys, private keys, secret keys, and X.509 certificates from a
* <code>dsig11:KeyInfoReference</code> element.
* {@code dsig11:KeyInfoReference} element.
*
* @author Brent Putman (putmanb@georgetown.edu)
*/
public class KeyInfoReferenceResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyInfoReferenceResolver.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(KeyInfoReferenceResolver.class);
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_KEYINFOREFERENCE);
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
LOG.debug("Can I resolve {}", element.getTagName());
if (!engineCanResolve(element, baseURI, storage)) {
return null;
@ -68,21 +77,17 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getPublicKey();
}
} catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
LOG.debug("XMLSecurityException", e);
}
return null;
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
LOG.debug("Can I resolve {}", element.getTagName());
if (!engineCanResolve(element, baseURI, storage)) {
return null;
@ -94,21 +99,17 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getX509Certificate();
}
} catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
LOG.debug("XMLSecurityException", e);
}
return null;
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
LOG.debug("Can I resolve {}", element.getTagName());
if (!engineCanResolve(element, baseURI, storage)) {
return null;
@ -120,21 +121,17 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getSecretKey();
}
} catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
LOG.debug("XMLSecurityException", e);
}
return null;
}
/** {@inheritDoc}. */
/** {{@inheritDoc}}. */
public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
LOG.debug("Can I resolve " + element.getTagName());
if (!engineCanResolve(element, baseURI, storage)) {
return null;
@ -146,9 +143,7 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
return referent.getPrivateKey();
}
} catch (XMLSecurityException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
LOG.debug("XMLSecurityException", e);
}
return null;
@ -173,14 +168,12 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
try {
referentElement = obtainReferenceElement(resource);
} catch (Exception e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
LOG.debug("XMLSecurityException", e);
return null;
}
if (referentElement == null) {
log.log(java.util.logging.Level.FINE, "De-reference of KeyInfoReference URI returned null: " + uriAttr.getValue());
LOG.debug("De-reference of KeyInfoReference URI returned null: {}", uriAttr.getValue());
return null;
}
@ -224,21 +217,20 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
* @param uri
* @param baseURI
* @param secureValidation
* @return
* @return the XML signature input represented by the specified URI.
* @throws XMLSecurityException
*/
private XMLSignatureInput resolveInput(Attr uri, String baseURI, boolean secureValidation)
throws XMLSecurityException {
ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation);
XMLSignatureInput resource = resRes.resolve(uri, baseURI, secureValidation);
return resource;
return resRes.resolve(uri, baseURI, secureValidation);
}
/**
* Resolve the Element effectively represented by the XML signature input source.
*
* @param resource
* @return
* @return the Element effectively represented by the XML signature input source.
* @throws CanonicalizationException
* @throws ParserConfigurationException
* @throws IOException
@ -253,38 +245,13 @@ public class KeyInfoReferenceResolver extends KeyResolverSpi {
if (resource.isElement()){
e = (Element) resource.getSubNode();
} else if (resource.isNodeSet()) {
log.log(java.util.logging.Level.FINE, "De-reference of KeyInfoReference returned an unsupported NodeSet");
LOG.debug("De-reference of KeyInfoReference returned an unsupported NodeSet");
return null;
} else {
// Retrieved resource is a byte stream
byte inputBytes[] = resource.getBytes();
e = getDocFromBytes(inputBytes);
e = getDocFromBytes(inputBytes, this.secureValidation);
}
return e;
}
/**
* Parses a byte array and returns the parsed Element.
*
* @param bytes
* @return the Document Element after parsing bytes
* @throws KeyResolverException if something goes wrong
*/
private Element getDocFromBytes(byte[] bytes) throws KeyResolverException {
try {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
DocumentBuilder db = dbf.newDocumentBuilder();
Document doc = db.parse(new ByteArrayInputStream(bytes));
return doc.getDocumentElement();
} catch (SAXException ex) {
throw new KeyResolverException("empty", ex);
} catch (IOException ex) {
throw new KeyResolverException("empty", ex);
} catch (ParserConfigurationException ex) {
throw new KeyResolverException("empty", ex);
}
}
}

85
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/PrivateKeyResolver.java
View File

@ -2,6 +2,24 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.security.Key;
@ -34,9 +52,9 @@ import org.w3c.dom.Element;
* For a KeyName hint, the KeyName must match the alias of a PrivateKey entry within the KeyStore.
*/
public class PrivateKeyResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(PrivateKeyResolver.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(PrivateKeyResolver.class);
private KeyStore keyStore;
private char[] password;
@ -53,11 +71,11 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* This method returns whether the KeyResolverSpi is able to perform the requested action.
*
* @param element
* @param BaseURI
* @param baseURI
* @param storage
* @return whether the KeyResolverSpi is able to perform the requested action.
*/
public boolean engineCanResolve(Element element, String BaseURI, StorageResolver storage) {
public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)
|| XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) {
return true;
@ -70,27 +88,27 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Method engineLookupAndResolvePublicKey
*
* @param element
* @param BaseURI
* @param baseURI
* @param storage
* @return null if no {@link PublicKey} could be obtained
* @throws KeyResolverException
*/
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) throws KeyResolverException {
return null;
}
/**
* Method engineResolveX509Certificate
* @inheritDoc
* {@inheritDoc}
* @param element
* @param BaseURI
* @param baseURI
* @param storage
* @throws KeyResolverException
*/
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) throws KeyResolverException {
return null;
}
@ -99,21 +117,21 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Method engineResolveSecretKey
*
* @param element
* @param BaseURI
* @param baseURI
* @param storage
* @return resolved SecretKey key or null if no {@link SecretKey} could be obtained
*
* @throws KeyResolverException
*/
public SecretKey engineResolveSecretKey(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) throws KeyResolverException {
return null;
}
/**
* Method engineResolvePrivateKey
* @inheritDoc
* {@inheritDoc}
* @param element
* @param baseURI
* @param storage
@ -123,9 +141,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
public PrivateKey engineLookupAndResolvePrivateKey(
Element element, String baseURI, StorageResolver storage
) throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
}
LOG.debug("Can I resolve {}?", element.getTagName());
if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
PrivateKey privKey = resolveX509Data(element, baseURI);
@ -133,7 +149,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return privKey;
}
} else if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) {
log.log(java.util.logging.Level.FINE, "Can I resolve KeyName?");
LOG.debug("Can I resolve KeyName?");
String keyName = element.getFirstChild().getNodeValue();
try {
@ -142,16 +158,16 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key;
}
} catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
LOG.debug("Cannot recover the key", e);
}
}
log.log(java.util.logging.Level.FINE, "I can't");
LOG.debug("I can't");
return null;
}
private PrivateKey resolveX509Data(Element element, String baseURI) {
log.log(java.util.logging.Level.FINE, "Can I resolve X509Data?");
LOG.debug("Can I resolve X509Data?");
try {
X509Data x509Data = new X509Data(element, baseURI);
@ -192,9 +208,9 @@ public class PrivateKeyResolver extends KeyResolverSpi {
}
}
} catch (XMLSecurityException e) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
LOG.debug("XMLSecurityException", e);
} catch (KeyStoreException e) {
log.log(java.util.logging.Level.FINE, "KeyStoreException", e);
LOG.debug("KeyStoreException", e);
}
return null;
@ -204,7 +220,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Search for a private key entry in the KeyStore with the same Subject Key Identifier
*/
private PrivateKey resolveX509SKI(XMLX509SKI x509SKI) throws XMLSecurityException, KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509SKI?");
LOG.debug("Can I resolve X509SKI?");
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
@ -216,7 +232,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
XMLX509SKI certSKI = new XMLX509SKI(x509SKI.getDocument(), (X509Certificate) cert);
if (certSKI.equals(x509SKI)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
LOG.debug("match !!! ");
try {
Key key = keyStore.getKey(alias, password);
@ -224,7 +240,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key;
}
} catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
LOG.debug("Cannot recover the key", e);
// Keep searching
}
}
@ -239,7 +255,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Search for a private key entry in the KeyStore with the same Issuer/Serial Number pair.
*/
private PrivateKey resolveX509IssuerSerial(XMLX509IssuerSerial x509Serial) throws KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509IssuerSerial?");
LOG.debug("Can I resolve X509IssuerSerial?");
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
@ -252,7 +268,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
new XMLX509IssuerSerial(x509Serial.getDocument(), (X509Certificate) cert);
if (certSerial.equals(x509Serial)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
LOG.debug("match !!! ");
try {
Key key = keyStore.getKey(alias, password);
@ -260,7 +276,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key;
}
} catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
LOG.debug("Cannot recover the key", e);
// Keep searching
}
}
@ -275,7 +291,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
* Search for a private key entry in the KeyStore with the same Subject Name.
*/
private PrivateKey resolveX509SubjectName(XMLX509SubjectName x509SubjectName) throws KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509SubjectName?");
LOG.debug("Can I resolve X509SubjectName?");
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
@ -288,7 +304,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
new XMLX509SubjectName(x509SubjectName.getDocument(), (X509Certificate) cert);
if (certSN.equals(x509SubjectName)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
LOG.debug("match !!! ");
try {
Key key = keyStore.getKey(alias, password);
@ -296,7 +312,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
return (PrivateKey) key;
}
} catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
LOG.debug("Cannot recover the key", e);
// Keep searching
}
}
@ -313,7 +329,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
private PrivateKey resolveX509Certificate(
XMLX509Certificate x509Cert
) throws XMLSecurityException, KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509Certificate?");
LOG.debug("Can I resolve X509Certificate?");
byte[] x509CertBytes = x509Cert.getCertificateBytes();
Enumeration<String> aliases = keyStore.aliases();
@ -328,10 +344,11 @@ public class PrivateKeyResolver extends KeyResolverSpi {
try {
certBytes = cert.getEncoded();
} catch (CertificateEncodingException e1) {
LOG.debug("Cannot recover the key", e1);
}
if (certBytes != null && Arrays.equals(certBytes, x509CertBytes)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
LOG.debug("match !!! ");
try {
Key key = keyStore.getKey(alias, password);
@ -340,7 +357,7 @@ public class PrivateKeyResolver extends KeyResolverSpi {
}
}
catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
LOG.debug("Cannot recover the key", e);
// Keep searching
}
}

27
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java
View File

@ -36,18 +36,15 @@ import org.w3c.dom.Element;
public class RSAKeyValueResolver extends KeyResolverSpi {
/** {@link org.apache.commons.logging} logging facility */
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(RSAKeyValueResolver.class.getName());
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(RSAKeyValueResolver.class);
/** @inheritDoc */
/** {@inheritDoc} */
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
}
LOG.debug("Can I resolve {}", element.getTagName());
if (element == null) {
return null;
}
@ -68,28 +65,26 @@ public class RSAKeyValueResolver extends KeyResolverSpi {
}
try {
RSAKeyValue rsaKeyValue = new RSAKeyValue(rsaKeyElement, BaseURI);
RSAKeyValue rsaKeyValue = new RSAKeyValue(rsaKeyElement, baseURI);
return rsaKeyValue.getPublicKey();
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
}
LOG.debug("XMLSecurityException", ex);
}
return null;
}
/** @inheritDoc */
/** {@inheritDoc} */
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) {
return null;
}
/** @inheritDoc */
/** {@inheritDoc} */
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage
Element element, String baseURI, StorageResolver storage
) {
return null;
}

Some files were not shown because too many files have changed in this diff Show More