archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-09-22 12:04:39 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

6469266: Integrate Apache XMLSec 1.4.2 into JDK 7

Browse source 
Reviewed-by: valeriep
This commit is contained in:
Sean Mullan 2008-09-22 10:43:17 -04:00
parent 9f7bdd313a
commit c8a68bace6
182 changed files with 9429 additions and 7971 deletions
Download patch file Download diff file Expand all files Collapse all files

90
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
View file

@ -20,12 +20,9 @@
*/ */
package com.sun.org.apache.xml.internal.security; package com.sun.org.apache.xml.internal.security;
import java.io.InputStream; import java.io.InputStream;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
@ -51,7 +48,7 @@ import org.w3c.dom.Node;
* done by calling {@link Init#init} which should be done in any static block * done by calling {@link Init#init} which should be done in any static block
* of the files of this library. We ensure that this call is only executed once. * of the files of this library. We ensure that this call is only executed once.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public final class Init { public final class Init {
@ -113,20 +110,19 @@ public final class Init {
dbf.setValidating(false); dbf.setValidating(false);
DocumentBuilder db = dbf.newDocumentBuilder(); DocumentBuilder db = dbf.newDocumentBuilder();
// We don't allow users to override the Apache XML Security // We don't allow users to override the Apache XML Security
// configuration in the JRE. Users should use the standard security // configuration in the JRE. Users should use the standard security
// provider mechanism instead if implementing their own // provider mechanism instead if implementing their own
// transform or canonicalization algorithms. // transform or canonicalization algorithms.
// String cfile = System.getProperty("com.sun.org.apache.xml.internal.security.resource.config"); // InputStream is = Class.forName("com.sun.org.apache.xml.internal.security.Init").getResourceAsStream("resource/config.xml");
// InputStream is =
// Class.forName("com.sun.org.apache.xml.internal.security.Init")
// .getResourceAsStream(cfile != null ? cfile : "resource/config.xml");
InputStream is = (InputStream) AccessController.doPrivileged( InputStream is = (InputStream) AccessController.doPrivileged(
new PrivilegedAction() { new PrivilegedAction() {
public Object run() { public Object run() {
// String cfile = System.getProperty
// ("com.sun.org.apache.xml.internal.security.resource.config");
return getClass().getResourceAsStream return getClass().getResourceAsStream
("resource/config.xml"); // (cfile != null ? cfile : "resource/config.xml");
("resource/config.xml");
} }
}); });
@ -167,7 +163,7 @@ public final class Init {
// //
// if (tag.equals("ResourceBundles")){ // if (tag.equals("ResourceBundles")){
// XX_configure_i18n_start = System.currentTimeMillis(); // XX_configure_i18n_start = System.currentTimeMillis();
// Element resource=(Element)el; // Element resource=(Element)el;
// /* configure internationalization */ // /* configure internationalization */
// Attr langAttr = resource.getAttributeNode("defaultLanguageCode"); // Attr langAttr = resource.getAttributeNode("defaultLanguageCode");
// Attr countryAttr = resource.getAttributeNode("defaultCountryCode"); // Attr countryAttr = resource.getAttributeNode("defaultCountryCode");
@ -202,11 +198,11 @@ public final class Init {
if (currMeth.getDeclaringClass().getName() if (currMeth.getDeclaringClass().getName()
.equals(JAVACLASS)) { .equals(JAVACLASS)) {
log.log(java.util.logging.Level.FINE, currMeth.getDeclaringClass().toString()); log.log(java.util.logging.Level.FINE, currMeth.getDe claringClass().toString());
} }
}*/ }*/
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + URI + ", " log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + URI + ", "
+ JAVACLASS + ")"); + JAVACLASS + ")");
Canonicalizer.register(URI, JAVACLASS); Canonicalizer.register(URI, JAVACLASS);
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
@ -233,9 +229,8 @@ public final class Init {
"JAVACLASS"); "JAVACLASS");
try { try {
Class.forName(JAVACLASS); Class.forName(JAVACLASS);
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transform.register(" + URI + ", " + JAVACLASS log.log(java.util.logging.Level.FINE, "Transform.register(" + URI + ", " + JAVACLASS + ")");
+ ")");
Transform.register(URI, JAVACLASS); Transform.register(URI, JAVACLASS);
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
Object exArgs[] = { URI, JAVACLASS }; Object exArgs[] = { URI, JAVACLASS };
@ -284,12 +279,11 @@ public final class Init {
// //
// if (currMeth.getDeclaringClass().getName() // if (currMeth.getDeclaringClass().getName()
// .equals(JAVACLASS)) { // .equals(JAVACLASS)) {
// log.log(java.util.logging.Level.FINE, currMeth.getDeclaringClass().toString()); // log.log(java.util.logging.Level.FINE, currMeth.getDe claringClass().toString());
// } // }
// } // }
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + URI + ", " log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + URI + ", " + JAVACLASS + ")");
+ JAVACLASS + ")");
SignatureAlgorithm.register(URI, JAVACLASS); SignatureAlgorithm.register(URI, JAVACLASS);
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
Object exArgs[] = { URI, JAVACLASS }; Object exArgs[] = { URI, JAVACLASS };
@ -320,13 +314,11 @@ public final class Init {
"DESCRIPTION"); "DESCRIPTION");
if ((Description != null) && (Description.length() > 0)) { if ((Description != null) && (Description.length() > 0)) {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " + Description);
+ Description);
} else { } else {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": For unknown purposes");
+ ": For unknown purposes");
} }
try { try {
ResourceResolver.register(JAVACLASS); ResourceResolver.register(JAVACLASS);
@ -359,13 +351,11 @@ public final class Init {
"DESCRIPTION"); "DESCRIPTION");
if ((Description != null) && (Description.length() > 0)) { if ((Description != null) && (Description.length() > 0)) {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " + Description);
+ Description);
} else { } else {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": For unknown purposes");
+ ": For unknown purposes");
} }
KeyResolver.register(JAVACLASS); KeyResolver.register(JAVACLASS);
@ -376,8 +366,8 @@ public final class Init {
if (tag.equals("PrefixMappings")){ if (tag.equals("PrefixMappings")){
XX_configure_reg_prefixes_start = System.currentTimeMillis(); XX_configure_reg_prefixes_start = System.currentTimeMillis();
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:"); log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:");
Element[] nl = XMLUtils.selectNodes(el.getFirstChild(), CONF_NS,"PrefixMapping"); Element[] nl = XMLUtils.selectNodes(el.getFirstChild(), CONF_NS,"PrefixMapping");
@ -386,8 +376,8 @@ public final class Init {
"namespace"); "namespace");
String prefix = nl[i].getAttributeNS(null, String prefix = nl[i].getAttributeNS(null,
"prefix"); "prefix");
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace); log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace);
com.sun.org.apache.xml.internal.security.utils.ElementProxy com.sun.org.apache.xml.internal.security.utils.ElementProxy
.setDefaultPrefix(namespace, prefix); .setDefaultPrefix(namespace, prefix);
} }
@ -398,19 +388,19 @@ public final class Init {
long XX_init_end = System.currentTimeMillis(); long XX_init_end = System.currentTimeMillis();
//J- //J-
if (true) { if (log.isLoggable(java.util.logging.Level.FINE)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XX_init " + ((int)(XX_init_end - XX_init_start)) + " ms"); log.log(java.util.logging.Level.FINE, "XX_init " + ((int)(XX_init_end - XX_init_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_prng " + ((int)(XX_prng_end - XX_prng_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_prng " + ((int)(XX_prng_end - XX_prng_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_parsing " + ((int)(XX_parsing_end - XX_parsing_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_parsing " + ((int)(XX_parsing_end - XX_parsing_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_i18n " + ((int)(XX_configure_i18n_end- XX_configure_i18n_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_i18n " + ((int)(XX_configure_i18n_end- XX_configure_i18n_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_c14n " + ((int)(XX_configure_reg_c14n_end- XX_configure_reg_c14n_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_c14n " + ((int)(XX_configure_reg_c14n_end- XX_configure_reg_c14n_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_jcemapper " + ((int)(XX_configure_reg_jcemapper_end- XX_configure_reg_jcemapper_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_jcemapper " + ((int)(XX_configure_reg_jcemapper_end- XX_configure_reg_jcemapper_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyInfo " + ((int)(XX_configure_reg_keyInfo_end- XX_configure_reg_keyInfo_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyInfo " + ((int)(XX_configure_reg_keyInfo_end- XX_configure_reg_keyInfo_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyResolver " + ((int)(XX_configure_reg_keyResolver_end- XX_configure_reg_keyResolver_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyResolver " + ((int)(XX_configure_reg_keyResolver_end- XX_configure_reg_keyResolver_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_prefixes " + ((int)(XX_configure_reg_prefixes_end- XX_configure_reg_prefixes_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_prefixes " + ((int)(XX_configure_reg_prefixes_end- XX_configure_reg_prefixes_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_resourceresolver " + ((int)(XX_configure_reg_resourceresolver_end- XX_configure_reg_resourceresolver_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_resourceresolver " + ((int)(XX_configure_reg_resourceresolver_end- XX_configure_reg_resourceresolver_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_sigalgos " + ((int)(XX_configure_reg_sigalgos_end- XX_configure_reg_sigalgos_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_sigalgos " + ((int)(XX_configure_reg_sigalgos_end- XX_configure_reg_sigalgos_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_transforms " + ((int)(XX_configure_reg_transforms_end- XX_configure_reg_transforms_start)) + " ms"); log.log(java.util.logging.Level.FINE, " XX_configure_reg_transforms " + ((int)(XX_configure_reg_transforms_end- XX_configure_reg_transforms_start)) + " ms");
} }
} catch (Exception e) { } catch (Exception e) {
log.log(java.util.logging.Level.SEVERE, "Bad: ", e); log.log(java.util.logging.Level.SEVERE, "Bad: ", e);

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java
View file

@ -24,7 +24,7 @@ package com.sun.org.apache.xml.internal.security.algorithms;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
@ -33,11 +33,7 @@ import org.w3c.dom.Element;
* The Algorithm class which stores the Algorithm URI as a string. * The Algorithm class which stores the Algorithm URI as a string.
* *
*/ */
public abstract class Algorithm extends ElementProxy { public abstract class Algorithm extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Algorithm.class.getName());
/** /**
* *
@ -79,7 +75,7 @@ public abstract class Algorithm extends ElementProxy {
*/ */
protected void setAlgorithmURI(String algorithmURI) { protected void setAlgorithmURI(String algorithmURI) {
if ((this._state == MODE_CREATE) && (algorithmURI != null)) { if ( (algorithmURI != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, this._constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM,
algorithmURI); algorithmURI);
} }

17
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
View file

@ -35,7 +35,7 @@ import org.w3c.dom.Element;
/** /**
* This class maps algorithm identifier URIs to JAVA JCE class names. * This class maps algorithm identifier URIs to JAVA JCE class names.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class JCEMapper { public class JCEMapper {
@ -45,9 +45,9 @@ public class JCEMapper {
private static Map uriToJCEName = new HashMap(); private static Map uriToJCEName;
private static Map algorithmsMap = new HashMap(); private static Map algorithmsMap;
private static String providerName = null; private static String providerName = null;
/** /**
@ -63,6 +63,8 @@ public class JCEMapper {
static void loadAlgorithms( Element algorithmsEl) { static void loadAlgorithms( Element algorithmsEl) {
Element[] algorithms = XMLUtils.selectNodes(algorithmsEl.getFirstChild(),Init.CONF_NS,"Algorithm"); Element[] algorithms = XMLUtils.selectNodes(algorithmsEl.getFirstChild(),Init.CONF_NS,"Algorithm");
uriToJCEName = new HashMap( algorithms.length * 2);
algorithmsMap = new HashMap( algorithms.length * 2);
for (int i = 0 ;i < algorithms.length ;i ++) { for (int i = 0 ;i < algorithms.length ;i ++) {
Element el = algorithms[i]; Element el = algorithms[i];
String id = el.getAttribute("URI"); String id = el.getAttribute("URI");
@ -70,6 +72,7 @@ public class JCEMapper {
uriToJCEName.put(id, jceName); uriToJCEName.put(id, jceName);
algorithmsMap.put(id, new Algorithm(el)); algorithmsMap.put(id, new Algorithm(el));
} }
} }
static Algorithm getAlgorithmMapping(String algoURI) { static Algorithm getAlgorithmMapping(String algoURI) {
@ -84,8 +87,8 @@ public class JCEMapper {
* *
*/ */
public static String translateURItoJCEID(String AlgorithmURI) { public static String translateURItoJCEID(String AlgorithmURI) {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI); log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI);
String jceName = (String) uriToJCEName.get(AlgorithmURI); String jceName = (String) uriToJCEName.get(AlgorithmURI);
return jceName; return jceName;
@ -100,8 +103,8 @@ public class JCEMapper {
* *
*/ */
public static String getAlgorithmClassFromURI(String AlgorithmURI) { public static String getAlgorithmClassFromURI(String AlgorithmURI) {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI); log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI);
return ((Algorithm) algorithmsMap.get(AlgorithmURI)).algorithmClass; return ((Algorithm) algorithmsMap.get(AlgorithmURI)).algorithmClass;
} }

29
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java
View file

@ -20,10 +20,10 @@
*/ */
package com.sun.org.apache.xml.internal.security.algorithms; package com.sun.org.apache.xml.internal.security.algorithms;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchProviderException; import java.security.NoSuchProviderException;
import java.util.HashMap;
import java.util.Map;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
@ -41,11 +41,6 @@ import org.w3c.dom.Document;
*/ */
public class MessageDigestAlgorithm extends Algorithm { public class MessageDigestAlgorithm extends Algorithm {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(
MessageDigestAlgorithm.class.getName());
/** Message Digest - NOT RECOMMENDED MD5*/ /** Message Digest - NOT RECOMMENDED MD5*/
public static final String ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5 = Constants.MoreAlgorithmsSpecNS + "md5"; public static final String ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5 = Constants.MoreAlgorithmsSpecNS + "md5";
/** Digest - Required SHA1*/ /** Digest - Required SHA1*/
@ -76,6 +71,12 @@ public class MessageDigestAlgorithm extends Algorithm {
this.algorithm = messageDigest; this.algorithm = messageDigest;
} }
static ThreadLocal instances=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
/** /**
* Factory method for constructing a message digest algorithm by name. * Factory method for constructing a message digest algorithm by name.
* *
@ -86,8 +87,15 @@ public class MessageDigestAlgorithm extends Algorithm {
*/ */
public static MessageDigestAlgorithm getInstance( public static MessageDigestAlgorithm getInstance(
Document doc, String algorithmURI) throws XMLSignatureException { Document doc, String algorithmURI) throws XMLSignatureException {
MessageDigest md = getDigestInstance(algorithmURI);
return new MessageDigestAlgorithm(doc, md, algorithmURI);
}
String algorithmID = JCEMapper.translateURItoJCEID(algorithmURI); private static MessageDigest getDigestInstance(String algorithmURI) throws XMLSignatureException {
MessageDigest result=(MessageDigest) ((Map)instances.get()).get(algorithmURI);
if (result!=null)
return result;
String algorithmID = JCEMapper.translateURItoJCEID(algorithmURI);
if (algorithmID == null) { if (algorithmID == null) {
Object[] exArgs = { algorithmURI }; Object[] exArgs = { algorithmURI };
@ -113,8 +121,9 @@ public class MessageDigestAlgorithm extends Algorithm {
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} }
return new MessageDigestAlgorithm(doc, md, algorithmURI); ((Map)instances.get()).put(algorithmURI, md);
} return md;
}
/** /**
* Returns the actual {@link java.security.MessageDigest} algorithm object * Returns the actual {@link java.security.MessageDigest} algorithm object

146
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
View file

@ -25,6 +25,7 @@ import java.security.Key;
import java.security.SecureRandom; import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec; import java.security.spec.AlgorithmParameterSpec;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map;
import com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac; import com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException; import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
@ -52,9 +53,35 @@ public class SignatureAlgorithm extends Algorithm {
/** All available algorithm classes are registered here */ /** All available algorithm classes are registered here */
static HashMap _algorithmHash = null; static HashMap _algorithmHash = null;
static ThreadLocal instancesSigning=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
static ThreadLocal instancesVerify=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
static ThreadLocal keysSigning=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
static ThreadLocal keysVerify=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
// boolean isForSigning=false;
/** Field _signatureAlgorithm */ /** Field _signatureAlgorithm */
protected SignatureAlgorithmSpi _signatureAlgorithm = null; protected SignatureAlgorithmSpi _signatureAlgorithm = null;
private String algorithmURI;
/** /**
* Constructor SignatureAlgorithm * Constructor SignatureAlgorithm
* *
@ -64,18 +91,49 @@ public class SignatureAlgorithm extends Algorithm {
*/ */
public SignatureAlgorithm(Document doc, String algorithmURI) public SignatureAlgorithm(Document doc, String algorithmURI)
throws XMLSecurityException { throws XMLSecurityException {
super(doc, algorithmURI); super(doc, algorithmURI);
this.algorithmURI = algorithmURI;
}
try {
private void initializeAlgorithm(boolean isForSigning) throws XMLSignatureException {
if (_signatureAlgorithm!=null) {
return;
}
_signatureAlgorithm=isForSigning ? getInstanceForSigning(algorithmURI) : getInstanceForVerify(algorithmURI);
this._signatureAlgorithm
.engineGetContextFromElement(this._constructionElement);
}
private static SignatureAlgorithmSpi getInstanceForSigning(String algorithmURI) throws XMLSignatureException {
SignatureAlgorithmSpi result=(SignatureAlgorithmSpi) ((Map)instancesSigning.get()).get(algorithmURI);
if (result!=null) {
result.reset();
return result;
}
result=buildSigner(algorithmURI, result);
((Map)instancesSigning.get()).put(algorithmURI,result);
return result;
}
private static SignatureAlgorithmSpi getInstanceForVerify(String algorithmURI) throws XMLSignatureException {
SignatureAlgorithmSpi result=(SignatureAlgorithmSpi) ((Map)instancesVerify.get()).get(algorithmURI);
if (result!=null) {
result.reset();
return result;
}
result=buildSigner(algorithmURI, result);
((Map)instancesVerify.get()).put(algorithmURI,result);
return result;
}
private static SignatureAlgorithmSpi buildSigner(String algorithmURI, SignatureAlgorithmSpi result) throws XMLSignatureException {
try {
Class implementingClass = Class implementingClass =
SignatureAlgorithm.getImplementingClass(algorithmURI); SignatureAlgorithm.getImplementingClass(algorithmURI);
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \"" log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ implementingClass + "\""); + implementingClass + "\"");
result=(SignatureAlgorithmSpi) implementingClass.newInstance();
this._signatureAlgorithm = return result;
(SignatureAlgorithmSpi) implementingClass.newInstance();
} catch (IllegalAccessException ex) { } catch (IllegalAccessException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() }; Object exArgs[] = { algorithmURI, ex.getMessage() };
@ -92,7 +150,7 @@ public class SignatureAlgorithm extends Algorithm {
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex); ex);
} }
} }
/** /**
* Constructor SignatureAlgorithm * Constructor SignatureAlgorithm
@ -107,7 +165,8 @@ public class SignatureAlgorithm extends Algorithm {
throws XMLSecurityException { throws XMLSecurityException {
this(doc, algorithmURI); this(doc, algorithmURI);
this.algorithmURI=algorithmURI;
initializeAlgorithm(true);
this._signatureAlgorithm.engineSetHMACOutputLength(HMACOutputLength); this._signatureAlgorithm.engineSetHMACOutputLength(HMACOutputLength);
((IntegrityHmac)this._signatureAlgorithm) ((IntegrityHmac)this._signatureAlgorithm)
.engineAddContextToElement(this._constructionElement); .engineAddContextToElement(this._constructionElement);
@ -124,37 +183,7 @@ public class SignatureAlgorithm extends Algorithm {
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, BaseURI);
algorithmURI = this.getURI();
String algorithmURI = this.getURI();
try {
Class implementingClass =
SignatureAlgorithm.getImplementingClass(algorithmURI);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ implementingClass + "\"");
this._signatureAlgorithm =
(SignatureAlgorithmSpi) implementingClass.newInstance();
this._signatureAlgorithm
.engineGetContextFromElement(this._constructionElement);
} catch (IllegalAccessException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex);
} catch (InstantiationException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex);
} catch (NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex);
}
} }
/** /**
@ -175,7 +204,12 @@ public class SignatureAlgorithm extends Algorithm {
* @return the result of the {@link java.security.Signature#getAlgorithm} method * @return the result of the {@link java.security.Signature#getAlgorithm} method
*/ */
public String getJCEAlgorithmString() { public String getJCEAlgorithmString() {
return this._signatureAlgorithm.engineGetJCEAlgorithmString(); try {
return getInstanceForVerify(algorithmURI).engineGetJCEAlgorithmString();
} catch (XMLSignatureException e) {
//Ignore.
return null;
}
} }
/** /**
@ -184,7 +218,11 @@ public class SignatureAlgorithm extends Algorithm {
* @return The Provider of this Signature Alogrithm * @return The Provider of this Signature Alogrithm
*/ */
public String getJCEProviderName() { public String getJCEProviderName() {
return this._signatureAlgorithm.engineGetJCEProviderName(); try {
return getInstanceForVerify(algorithmURI).engineGetJCEProviderName();
} catch (XMLSignatureException e) {
return null;
}
} }
/** /**
@ -231,7 +269,13 @@ public class SignatureAlgorithm extends Algorithm {
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
public void initSign(Key signingKey) throws XMLSignatureException { public void initSign(Key signingKey) throws XMLSignatureException {
this._signatureAlgorithm.engineInitSign(signingKey); initializeAlgorithm(true);
Map map=(Map)keysSigning.get();
if (map.get(this.algorithmURI)==signingKey) {
return;
}
map.put(this.algorithmURI,signingKey);
this._signatureAlgorithm.engineInitSign(signingKey);
} }
/** /**
@ -244,6 +288,7 @@ public class SignatureAlgorithm extends Algorithm {
*/ */
public void initSign(Key signingKey, SecureRandom secureRandom) public void initSign(Key signingKey, SecureRandom secureRandom)
throws XMLSignatureException { throws XMLSignatureException {
initializeAlgorithm(true);
this._signatureAlgorithm.engineInitSign(signingKey, secureRandom); this._signatureAlgorithm.engineInitSign(signingKey, secureRandom);
} }
@ -258,6 +303,7 @@ public class SignatureAlgorithm extends Algorithm {
public void initSign( public void initSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException { throws XMLSignatureException {
initializeAlgorithm(true);
this._signatureAlgorithm.engineInitSign(signingKey, this._signatureAlgorithm.engineInitSign(signingKey,
algorithmParameterSpec); algorithmParameterSpec);
} }
@ -282,7 +328,13 @@ public class SignatureAlgorithm extends Algorithm {
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
public void initVerify(Key verificationKey) throws XMLSignatureException { public void initVerify(Key verificationKey) throws XMLSignatureException {
this._signatureAlgorithm.engineInitVerify(verificationKey); initializeAlgorithm(false);
Map map=(Map)keysVerify.get();
if (map.get(this.algorithmURI)==verificationKey) {
return;
}
map.put(this.algorithmURI,verificationKey);
this._signatureAlgorithm.engineInitVerify(verificationKey);
} }
/** /**
@ -320,7 +372,7 @@ public class SignatureAlgorithm extends Algorithm {
.getLogger(SignatureAlgorithm.class.getName()); .getLogger(SignatureAlgorithm.class.getName());
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Init() called"); log.log(java.util.logging.Level.FINE, "Init() called");
if (!SignatureAlgorithm._alreadyInitialized) { if (!SignatureAlgorithm._alreadyInitialized) {
SignatureAlgorithm._algorithmHash = new HashMap(10); SignatureAlgorithm._algorithmHash = new HashMap(10);
@ -340,8 +392,8 @@ public class SignatureAlgorithm extends Algorithm {
throws AlgorithmAlreadyRegisteredException,XMLSignatureException { throws AlgorithmAlreadyRegisteredException,XMLSignatureException {
{ {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass); log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
// are we already registered? // are we already registered?
Class registeredClassClass = Class registeredClassClass =

27
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java
View file

@ -20,27 +20,20 @@
*/ */
package com.sun.org.apache.xml.internal.security.algorithms; package com.sun.org.apache.xml.internal.security.algorithms;
import java.security.Key; import java.security.Key;
import java.security.SecureRandom; import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec; import java.security.spec.AlgorithmParameterSpec;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public abstract class SignatureAlgorithmSpi { public abstract class SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureAlgorithmSpi.class.getName());
/** /**
* Returns the URI representation of <code>Transformation algorithm</code> * Returns the URI representation of <code>Transformation algorithm</code>
* *
@ -167,20 +160,6 @@ public abstract class SignatureAlgorithmSpi {
protected abstract void engineSetParameter(AlgorithmParameterSpec params) protected abstract void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException; throws XMLSignatureException;
/** Field _doc */
Document _doc = null;
/**
* Method engineSetDocument
*
* @param doc
*/
protected void engineSetDocument(Document doc) {
this._doc = doc;
}
/** Field _constructionElement */
Element _constructionElement = null;
/** /**
* Method engineGetContextFromElement * Method engineGetContextFromElement
@ -188,7 +167,6 @@ public abstract class SignatureAlgorithmSpi {
* @param element * @param element
*/ */
protected void engineGetContextFromElement(Element element) { protected void engineGetContextFromElement(Element element) {
this._constructionElement = element;
} }
/** /**
@ -199,4 +177,7 @@ public abstract class SignatureAlgorithmSpi {
*/ */
protected abstract void engineSetHMACOutputLength(int HMACOutputLength) protected abstract void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException; throws XMLSignatureException;
public void reset() {
}
} }

45
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
View file

@ -45,7 +45,7 @@ import org.w3c.dom.Text;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public abstract class IntegrityHmac extends SignatureAlgorithmSpi { public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
@ -74,8 +74,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
public IntegrityHmac() throws XMLSignatureException { public IntegrityHmac() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID); log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID);
try { try {
this._macAlgorithm = Mac.getInstance(algorithmID); this._macAlgorithm = Mac.getInstance(algorithmID);
@ -99,6 +99,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
throw new XMLSignatureException("empty"); throw new XMLSignatureException("empty");
} }
public void reset() {
_HMACOutputLength=0;
}
/** /**
* Proxy method for {@link java.security.Signature#verify(byte[])} * Proxy method for {@link java.security.Signature#verify(byte[])}
* which is executed on the internal {@link java.security.Signature} object. * which is executed on the internal {@link java.security.Signature} object.
@ -145,7 +149,20 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try { try {
this._macAlgorithm.init(secretKey); this._macAlgorithm.init(secretKey);
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); // reinstantiate Mac object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
Mac mac = this._macAlgorithm;
try {
this._macAlgorithm = Mac.getInstance
(_macAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous Mac
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Mac:" + e);
}
this._macAlgorithm = mac;
}
throw new XMLSignatureException("empty", ex);
} }
} }
@ -323,7 +340,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
*/ */
protected String engineGetJCEAlgorithmString() { protected String engineGetJCEAlgorithmString() {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()"); log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()");
return this._macAlgorithm.getAlgorithm(); return this._macAlgorithm.getAlgorithm();
} }
@ -397,7 +414,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Class IntegrityHmacSHA1 * Class IntegrityHmacSHA1
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public static class IntegrityHmacSHA1 extends IntegrityHmac { public static class IntegrityHmacSHA1 extends IntegrityHmac {
@ -423,7 +441,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Class IntegrityHmacSHA256 * Class IntegrityHmacSHA256
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public static class IntegrityHmacSHA256 extends IntegrityHmac { public static class IntegrityHmacSHA256 extends IntegrityHmac {
@ -449,7 +468,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Class IntegrityHmacSHA384 * Class IntegrityHmacSHA384
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public static class IntegrityHmacSHA384 extends IntegrityHmac { public static class IntegrityHmacSHA384 extends IntegrityHmac {
@ -475,7 +495,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Class IntegrityHmacSHA512 * Class IntegrityHmacSHA512
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public static class IntegrityHmacSHA512 extends IntegrityHmac { public static class IntegrityHmacSHA512 extends IntegrityHmac {
@ -501,7 +522,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Class IntegrityHmacRIPEMD160 * Class IntegrityHmacRIPEMD160
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public static class IntegrityHmacRIPEMD160 extends IntegrityHmac { public static class IntegrityHmacRIPEMD160 extends IntegrityHmac {
@ -527,7 +549,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/** /**
* Class IntegrityHmacMD5 * Class IntegrityHmacMD5
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public static class IntegrityHmacMD5 extends IntegrityHmac { public static class IntegrityHmacMD5 extends IntegrityHmac {

551
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
View file

@ -3,7 +3,7 @@
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2007 The Apache Software Foundation.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.algorithms.implementations; package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.security.Key; import java.security.Key;
@ -38,329 +36,344 @@ import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi
import com.sun.org.apache.xml.internal.security.signature.XMLSignature; import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi { public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureBaseRSA.class.getName()); java.util.logging.Logger.getLogger
(SignatureBaseRSA.class.getName());
/** @inheritDoc */ /** @inheritDoc */
public abstract String engineGetURI(); public abstract String engineGetURI();
/** Field algorithm */ /** Field algorithm */
private java.security.Signature _signatureAlgorithm = null; private java.security.Signature _signatureAlgorithm = null;
/** /**
* Constructor SignatureRSA * Constructor SignatureRSA
* *
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
public SignatureBaseRSA() throws XMLSignatureException { public SignatureBaseRSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID); log.log(java.util.logging.Level.FINE, "Created SignatureRSA using " + algorithmID);
String provider=JCEMapper.getProviderId(); String provider=JCEMapper.getProviderId();
try { try {
if (provider==null) { if (provider==null) {
this._signatureAlgorithm = Signature.getInstance(algorithmID); this._signatureAlgorithm = Signature.getInstance(algorithmID);
} else { } else {
this._signatureAlgorithm = Signature.getInstance(algorithmID,provider); this._signatureAlgorithm = Signature.getInstance(algorithmID,provider);
} }
} catch (java.security.NoSuchAlgorithmException ex) { } catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (NoSuchProviderException ex) { } catch (NoSuchProviderException ex) {
Object[] exArgs = { algorithmID, Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} }
} }
/** @inheritDoc */ /** @inheritDoc */
protected void engineSetParameter(AlgorithmParameterSpec params) protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException { throws XMLSignatureException {
try { try {
this._signatureAlgorithm.setParameter(params); this._signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) { } catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException("empty", ex);
} }
} }
/** @inheritDoc */ /** @inheritDoc */
protected boolean engineVerify(byte[] signature) protected boolean engineVerify(byte[] signature)
throws XMLSignatureException { throws XMLSignatureException {
try { try {
return this._signatureAlgorithm.verify(signature); return this._signatureAlgorithm.verify(signature);
} catch (SignatureException ex) { } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException("empty", ex);
} }
} }
/** @inheritDoc */ /** @inheritDoc */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException { protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) { if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName(); String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName(); String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", throw new XMLSignatureException
exArgs); ("algorithms.WrongKeyForThisOperation", exArgs);
} }
try { try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey); this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); // reinstantiate Signature object to work around bug in JDK
} // see: http://bugs.sun.com/view_bug.do?bug_id=4953555
} Signature sig = this._signatureAlgorithm;
try {
this._signatureAlgorithm = Signature.getInstance
(_signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this._signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */ /** @inheritDoc */
protected byte[] engineSign() throws XMLSignatureException { protected byte[] engineSign() throws XMLSignatureException {
try {
return this._signatureAlgorithm.sign();
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try { /** @inheritDoc */
return this._signatureAlgorithm.sign(); protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
} catch (SignatureException ex) { throws XMLSignatureException {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */ if (!(privateKey instanceof PrivateKey)) {
protected void engineInitSign(Key privateKey, SecureRandom secureRandom) String supplied = privateKey.getClass().getName();
throws XMLSignatureException { String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
if (!(privateKey instanceof PrivateKey)) { throw new XMLSignatureException
String supplied = privateKey.getClass().getName(); ("algorithms.WrongKeyForThisOperation", exArgs);
String needed = PrivateKey.class.getName(); }
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", try {
exArgs); this._signatureAlgorithm.initSign
} ((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try { /** @inheritDoc */
this._signatureAlgorithm.initSign((PrivateKey) privateKey, protected void engineInitSign(Key privateKey) throws XMLSignatureException {
secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */ if (!(privateKey instanceof PrivateKey)) {
protected void engineInitSign(Key privateKey) throws XMLSignatureException { String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
if (!(privateKey instanceof PrivateKey)) { throw new XMLSignatureException
String supplied = privateKey.getClass().getName(); ("algorithms.WrongKeyForThisOperation", exArgs);
String needed = PrivateKey.class.getName(); }
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", try {
exArgs); this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try { /** @inheritDoc */
this._signatureAlgorithm.initSign((PrivateKey) privateKey); protected void engineUpdate(byte[] input) throws XMLSignatureException {
} catch (InvalidKeyException ex) { try {
throw new XMLSignatureException("empty", ex); this._signatureAlgorithm.update(input);
} } catch (SignatureException ex) {
} throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */ /** @inheritDoc */
protected void engineUpdate(byte[] input) throws XMLSignatureException { protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try { /** @inheritDoc */
this._signatureAlgorithm.update(input); protected void engineUpdate(byte buf[], int offset, int len)
} catch (SignatureException ex) { throws XMLSignatureException {
throw new XMLSignatureException("empty", ex); try {
} this._signatureAlgorithm.update(buf, offset, len);
} } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */ /** @inheritDoc */
protected void engineUpdate(byte input) throws XMLSignatureException { protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
try { /** @inheritDoc */
this._signatureAlgorithm.update(input); protected String engineGetJCEProviderName() {
} catch (SignatureException ex) { return this._signatureAlgorithm.getProvider().getName();
throw new XMLSignatureException("empty", ex); }
}
}
/** @inheritDoc */ /** @inheritDoc */
protected void engineUpdate(byte buf[], int offset, int len) protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException { throws XMLSignatureException {
throw new XMLSignatureException
("algorithms.HMACOutputLengthOnlyForHMAC");
}
try { /** @inheritDoc */
this._signatureAlgorithm.update(buf, offset, len); protected void engineInitSign(
} catch (SignatureException ex) { Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throw new XMLSignatureException("empty", ex); throws XMLSignatureException {
} throw new XMLSignatureException(
} "algorithms.CannotUseAlgorithmParameterSpecOnRSA");
}
/** @inheritDoc */ /**
protected String engineGetJCEAlgorithmString() { * Class SignatureRSASHA1
return this._signatureAlgorithm.getAlgorithm(); *
} * @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class SignatureRSASHA1 extends SignatureBaseRSA {
/** @inheritDoc */ /**
protected String engineGetJCEProviderName() { * Constructor SignatureRSASHA1
return this._signatureAlgorithm.getProvider().getName(); *
} * @throws XMLSignatureException
*/
public SignatureRSASHA1() throws XMLSignatureException {
super();
}
/** @inheritDoc */ /** @inheritDoc */
protected void engineSetHMACOutputLength(int HMACOutputLength) public String engineGetURI() {
throws XMLSignatureException { return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1;
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); }
} }
/** @inheritDoc */ /**
protected void engineInitSign( * Class SignatureRSASHA256
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) *
throws XMLSignatureException { * @author $Author: mullan $
throw new XMLSignatureException( * @version $Revision: 1.5 $
"algorithms.CannotUseAlgorithmParameterSpecOnRSA"); */
} public static class SignatureRSASHA256 extends SignatureBaseRSA {
/** /**
* Class SignatureRSASHA1 * Constructor SignatureRSASHA256
* *
* @author $Author: raul $ * @throws XMLSignatureException
*/ */
public static class SignatureRSASHA1 extends SignatureBaseRSA { public SignatureRSASHA256() throws XMLSignatureException {
super();
}
/** /** @inheritDoc */
* Constructor SignatureRSASHA1 public String engineGetURI() {
* return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
* @throws XMLSignatureException }
*/ }
public SignatureRSASHA1() throws XMLSignatureException {
super();
}
/** @inheritDoc */ /**
public String engineGetURI() { * Class SignatureRSASHA384
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1; *
} * @author $Author: mullan $
} * @version $Revision: 1.5 $
*/
public static class SignatureRSASHA384 extends SignatureBaseRSA {
/** /**
* Class SignatureRSASHA256 * Constructor SignatureRSASHA384
* *
* @author $Author: raul $ * @throws XMLSignatureException
*/ */
public static class SignatureRSASHA256 extends SignatureBaseRSA { public SignatureRSASHA384() throws XMLSignatureException {
super();
}
/** /** @inheritDoc */
* Constructor SignatureRSASHA256 public String engineGetURI() {
* return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384;
* @throws XMLSignatureException }
*/ }
public SignatureRSASHA256() throws XMLSignatureException {
super();
}
/** @inheritDoc */ /**
public String engineGetURI() { * Class SignatureRSASHA512
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256; *
} * @author $Author: mullan $
} * @version $Revision: 1.5 $
*/
public static class SignatureRSASHA512 extends SignatureBaseRSA {
/** /**
* Class SignatureRSASHA384 * Constructor SignatureRSASHA512
* *
* @author $Author: raul $ * @throws XMLSignatureException
*/ */
public static class SignatureRSASHA384 extends SignatureBaseRSA { public SignatureRSASHA512() throws XMLSignatureException {
super();
}
/** /** @inheritDoc */
* Constructor SignatureRSASHA384 public String engineGetURI() {
* return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
* @throws XMLSignatureException }
*/ }
public SignatureRSASHA384() throws XMLSignatureException {
super();
}
/** @inheritDoc */ /**
public String engineGetURI() { * Class SignatureRSARIPEMD160
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384; *
} * @author $Author: mullan $
} * @version $Revision: 1.5 $
*/
public static class SignatureRSARIPEMD160 extends SignatureBaseRSA {
/** /**
* Class SignatureRSASHA512 * Constructor SignatureRSARIPEMD160
* *
* @author $Author: raul $ * @throws XMLSignatureException
*/ */
public static class SignatureRSASHA512 extends SignatureBaseRSA { public SignatureRSARIPEMD160() throws XMLSignatureException {
super();
}
/** /** @inheritDoc */
* Constructor SignatureRSASHA512 public String engineGetURI() {
* return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160;
* @throws XMLSignatureException }
*/ }
public SignatureRSASHA512() throws XMLSignatureException {
super();
}
/** @inheritDoc */ /**
public String engineGetURI() { * Class SignatureRSAMD5
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512; *
} * @author $Author: mullan $
} * @version $Revision: 1.5 $
*/
public static class SignatureRSAMD5 extends SignatureBaseRSA {
/** /**
* Class SignatureRSARIPEMD160 * Constructor SignatureRSAMD5
* *
* @author $Author: raul $ * @throws XMLSignatureException
*/ */
public static class SignatureRSARIPEMD160 extends SignatureBaseRSA { public SignatureRSAMD5() throws XMLSignatureException {
super();
}
/** /** @inheritDoc */
* Constructor SignatureRSARIPEMD160 public String engineGetURI() {
* return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5;
* @throws XMLSignatureException }
*/ }
public SignatureRSARIPEMD160() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160;
}
}
/**
* Class SignatureRSAMD5
*
* @author $Author: raul $
*/
public static class SignatureRSAMD5 extends SignatureBaseRSA {
/**
* Constructor SignatureRSAMD5
*
* @throws XMLSignatureException
*/
public SignatureRSAMD5() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5;
}
}
} }

563
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.algorithms.implementations; package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.io.IOException; import java.io.IOException;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
@ -39,342 +37,359 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64; import com.sun.org.apache.xml.internal.security.utils.Base64;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
/** /**
* *
* @author $Author: vishal $ * @author $Author: mullan $
*/ */
public class SignatureDSA extends SignatureAlgorithmSpi { public class SignatureDSA extends SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureDSA.class.getName()); java.util.logging.Logger.getLogger(SignatureDSA.class.getName());
/** Field _URI */ /** Field _URI */
public static final String _URI = Constants.SignatureSpecNS + "dsa-sha1"; public static final String _URI = Constants.SignatureSpecNS + "dsa-sha1";
/** Field algorithm */ /** Field algorithm */
private java.security.Signature _signatureAlgorithm = null; private java.security.Signature _signatureAlgorithm = null;
/** /**
* Method engineGetURI * Method engineGetURI
* *
* @inheritDoc * @inheritDoc
*/ */
protected String engineGetURI() { protected String engineGetURI() {
return SignatureDSA._URI; return SignatureDSA._URI;
} }
/** /**
* Constructor SignatureDSA * Constructor SignatureDSA
* *
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
public SignatureDSA() throws XMLSignatureException { public SignatureDSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA._URI); String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA._URI);
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID); log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID);
try { String provider = JCEMapper.getProviderId();
this._signatureAlgorithm = Signature.getInstance(algorithmID); try {
} catch (java.security.NoSuchAlgorithmException ex) { if (provider == null) {
Object[] exArgs = { algorithmID, this._signatureAlgorithm = Signature.getInstance(algorithmID);
ex.getLocalizedMessage() }; } else {
this._signatureAlgorithm =
Signature.getInstance(algorithmID, provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (java.security.NoSuchProviderException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
}
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); /**
} * @inheritDoc
} */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
/** try {
* @inheritDoc this._signatureAlgorithm.setParameter(params);
*/ } catch (InvalidAlgorithmParameterException ex) {
protected void engineSetParameter(AlgorithmParameterSpec params) throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException { throws XMLSignatureException {
try { try {
this._signatureAlgorithm.setParameter(params); if (log.isLoggable(java.util.logging.Level.FINE))
} catch (InvalidAlgorithmParameterException ex) { log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature));
throw new XMLSignatureException("empty", ex);
}
}
/** byte[] jcebytes = SignatureDSA.convertXMLDSIGtoASN1(signature);
* @inheritDoc
*/ return this._signatureAlgorithm.verify(jcebytes);
protected boolean engineVerify(byte[] signature) } catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
Signature sig = this._signatureAlgorithm;
try {
this._signatureAlgorithm = Signature.getInstance
(_signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this._signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this._signatureAlgorithm.sign();
return SignatureDSA.convertASN1toXMLDSIG(jcebytes);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException { throws XMLSignatureException {
try { if (!(privateKey instanceof PrivateKey)) {
if (true) String supplied = privateKey.getClass().getName();
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature)); String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
byte[] jcebytes = SignatureDSA.convertXMLDSIGtoASN1(signature); throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
return this._signatureAlgorithm.verify(jcebytes); try {
} catch (SignatureException ex) { this._signatureAlgorithm.initSign((PrivateKey) privateKey,
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this._signatureAlgorithm.sign();
return SignatureDSA.convertASN1toXMLDSIG(jcebytes);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey,
secureRandom); secureRandom);
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException("empty", ex);
} }
} }
/** /**
* @inheritDoc * @inheritDoc
*/ */
protected void engineInitSign(Key privateKey) throws XMLSignatureException { protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) { if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName(); String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName(); String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed }; Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", throw new XMLSignatureException
exArgs); ("algorithms.WrongKeyForThisOperation", exArgs);
} }
try { try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey); this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) { } catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException("empty", ex);
} }
} }
/** /**
* @inheritDoc * @inheritDoc
*/ */
protected void engineUpdate(byte[] input) throws XMLSignatureException { protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try { /**
this._signatureAlgorithm.update(input); * @inheritDoc
} catch (SignatureException ex) { */
throw new XMLSignatureException("empty", ex); protected void engineUpdate(byte input) throws XMLSignatureException {
} try {
} this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** /**
* @inheritDoc * @inheritDoc
*/ */
protected void engineUpdate(byte input) throws XMLSignatureException { protected void engineUpdate(byte buf[], int offset, int len)
throws XMLSignatureException {
try {
this._signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try { /**
this._signatureAlgorithm.update(input); * Method engineGetJCEAlgorithmString
} catch (SignatureException ex) { *
throw new XMLSignatureException("empty", ex); * @inheritDoc
} */
} protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
/** /**
* @inheritDoc * Method engineGetJCEProviderName
*/ *
protected void engineUpdate(byte buf[], int offset, int len) * @inheritDoc
throws XMLSignatureException { */
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
try { /**
this._signatureAlgorithm.update(buf, offset, len); * Converts an ASN.1 DSA value to a XML Signature DSA Value.
} catch (SignatureException ex) { *
throw new XMLSignatureException("empty", ex); * The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value
} * pairs; the XML Signature requires the core BigInteger values.
} *
* @param asn1Bytes
/** * @return the decode bytes
* Method engineGetJCEAlgorithmString *
* * @throws IOException
* @inheritDoc * @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
*/ */
protected String engineGetJCEAlgorithmString() { private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
return this._signatureAlgorithm.getAlgorithm();
}
/**
* Method engineGetJCEProviderName
*
* @inheritDoc
*/
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
/**
* Converts an ASN.1 DSA value to a XML Signature DSA Value.
*
* The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
* @return the decode bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
*/
private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
throws IOException { throws IOException {
byte rLength = asn1Bytes[3]; byte rLength = asn1Bytes[3];
int i; int i;
for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--); for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--);
byte sLength = asn1Bytes[5 + rLength]; byte sLength = asn1Bytes[5 + rLength];
int j; int j;
for (j = sLength; for (j = sLength;
(j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--); (j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--);
if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2) if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2)
|| (asn1Bytes[2] != 2) || (i > 20) || (asn1Bytes[2] != 2) || (i > 20)
|| (asn1Bytes[4 + rLength] != 2) || (j > 20)) { || (asn1Bytes[4 + rLength] != 2) || (j > 20)) {
throw new IOException("Invalid ASN.1 format of DSA signature"); throw new IOException("Invalid ASN.1 format of DSA signature");
} }
byte xmldsigBytes[] = new byte[40]; byte xmldsigBytes[] = new byte[40];
System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i, System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i,
i); i);
System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes, System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes,
40 - j, j); 40 - j, j);
return xmldsigBytes; return xmldsigBytes;
} }
/** /**
* Converts a XML Signature DSA Value to an ASN.1 DSA value. * Converts a XML Signature DSA Value to an ASN.1 DSA value.
* *
* The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value * The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values. * pairs; the XML Signature requires the core BigInteger values.
* *
* @param xmldsigBytes * @param xmldsigBytes
* @return the encoded ASN.1 bytes * @return the encoded ASN.1 bytes
* *
* @throws IOException * @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A> * @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
*/ */
private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[])
throws IOException { throws IOException {
if (xmldsigBytes.length != 40) { if (xmldsigBytes.length != 40) {
throw new IOException("Invalid XMLDSIG format of DSA signature"); throw new IOException("Invalid XMLDSIG format of DSA signature");
} }
int i; int i;
for (i = 20; (i > 0) && (xmldsigBytes[20 - i] == 0); i--); for (i = 20; (i > 0) && (xmldsigBytes[20 - i] == 0); i--);
int j = i; int j = i;
if (xmldsigBytes[20 - i] < 0) { if (xmldsigBytes[20 - i] < 0) {
j += 1; j += 1;
} }
int k; int k;
for (k = 20; (k > 0) && (xmldsigBytes[40 - k] == 0); k--); for (k = 20; (k > 0) && (xmldsigBytes[40 - k] == 0); k--);
int l = k; int l = k;
if (xmldsigBytes[40 - k] < 0) { if (xmldsigBytes[40 - k] < 0) {
l += 1; l += 1;
} }
byte asn1Bytes[] = new byte[6 + j + l]; byte asn1Bytes[] = new byte[6 + j + l];
asn1Bytes[0] = 48; asn1Bytes[0] = 48;
asn1Bytes[1] = (byte) (4 + j + l); asn1Bytes[1] = (byte) (4 + j + l);
asn1Bytes[2] = 2; asn1Bytes[2] = 2;
asn1Bytes[3] = (byte) j; asn1Bytes[3] = (byte) j;
System.arraycopy(xmldsigBytes, 20 - i, asn1Bytes, (4 + j) - i, i); System.arraycopy(xmldsigBytes, 20 - i, asn1Bytes, (4 + j) - i, i);
asn1Bytes[4 + j] = 2; asn1Bytes[4 + j] = 2;
asn1Bytes[5 + j] = (byte) l; asn1Bytes[5 + j] = (byte) l;
System.arraycopy(xmldsigBytes, 40 - k, asn1Bytes, (6 + j + l) - k, k); System.arraycopy(xmldsigBytes, 40 - k, asn1Bytes, (6 + j + l) - k, k);
return asn1Bytes; return asn1Bytes;
} }
/** /**
* Method engineSetHMACOutputLength * Method engineSetHMACOutputLength
* *
* @param HMACOutputLength * @param HMACOutputLength
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
protected void engineSetHMACOutputLength(int HMACOutputLength) protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException { throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); throw new XMLSignatureException(
} "algorithms.HMACOutputLengthOnlyForHMAC");
}
/** /**
* Method engineInitSign * Method engineInitSign
* *
* @param signingKey * @param signingKey
* @param algorithmParameterSpec * @param algorithmParameterSpec
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
protected void engineInitSign( protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException { throws XMLSignatureException {
throw new XMLSignatureException( throw new XMLSignatureException(
"algorithms.CannotUseAlgorithmParameterSpecOnDSA"); "algorithms.CannotUseAlgorithmParameterSpecOnDSA");
} }
} }

384
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java Normal file
View file

@ -0,0 +1,384 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
/**
*
* @author $Author: mullan $
*/
public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureECDSA.class.getName());
/** @inheritDoc */
public abstract String engineGetURI();
/** Field algorithm */
private java.security.Signature _signatureAlgorithm = null;
/**
* Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
*
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
* @return the decode bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
throws IOException {
byte rLength = asn1Bytes[3];
int i;
for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--);
byte sLength = asn1Bytes[5 + rLength];
int j;
for (j = sLength;
(j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--);
if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2)
|| (asn1Bytes[2] != 2) || (i > 24)
|| (asn1Bytes[4 + rLength] != 2) || (j > 24)) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte xmldsigBytes[] = new byte[48];
System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 24 - i,
i);
System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes,
48 - j, j);
return xmldsigBytes;
}
/**
* Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
*
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param xmldsigBytes
* @return the encoded ASN.1 bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[])
throws IOException {
if (xmldsigBytes.length != 48) {
throw new IOException("Invalid XMLDSIG format of ECDSA signature");
}
int i;
for (i = 24; (i > 0) && (xmldsigBytes[24 - i] == 0); i--);
int j = i;
if (xmldsigBytes[24 - i] < 0) {
j += 1;
}
int k;
for (k = 24; (k > 0) && (xmldsigBytes[48 - k] == 0); k--);
int l = k;
if (xmldsigBytes[48 - k] < 0) {
l += 1;
}
byte asn1Bytes[] = new byte[6 + j + l];
asn1Bytes[0] = 48;
asn1Bytes[1] = (byte) (4 + j + l);
asn1Bytes[2] = 2;
asn1Bytes[3] = (byte) j;
System.arraycopy(xmldsigBytes, 24 - i, asn1Bytes, (4 + j) - i, i);
asn1Bytes[4 + j] = 2;
asn1Bytes[5 + j] = (byte) l;
System.arraycopy(xmldsigBytes, 48 - k, asn1Bytes, (6 + j + l) - k, k);
return asn1Bytes;
}
/**
* Constructor SignatureRSA
*
* @throws XMLSignatureException
*/
public SignatureECDSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Created SignatureECDSA using " + algorithmID);
String provider=JCEMapper.getProviderId();
try {
if (provider==null) {
this._signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
this._signatureAlgorithm = Signature.getInstance(algorithmID,provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID,
ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (NoSuchProviderException ex) {
Object[] exArgs = { algorithmID,
ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
}
/** @inheritDoc */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
try {
this._signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException {
try {
byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Called ECDSA.verify() on " + Base64.encode(signature));
return this._signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
Signature sig = this._signatureAlgorithm;
try {
this._signatureAlgorithm = Signature.getInstance
(_signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this._signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this._signatureAlgorithm.sign();
return SignatureECDSA.convertASN1toXMLDSIG(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey,
secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte buf[], int offset, int len)
throws XMLSignatureException {
try {
this._signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
/** @inheritDoc */
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
/** @inheritDoc */
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/** @inheritDoc */
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException {
throw new XMLSignatureException(
"algorithms.CannotUseAlgorithmParameterSpecOnRSA");
}
/**
* Class SignatureRSASHA1
*
* @author $Author: mullan $
* @version $Revision: 1.2 $
*/
public static class SignatureECDSASHA1 extends SignatureECDSA {
/**
* Constructor SignatureRSASHA1
*
* @throws XMLSignatureException
*/
public SignatureECDSASHA1() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1;
}
}
}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

518
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
View file

@ -3,7 +3,7 @@
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2008 The Apache Software Foundation.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.c14n; package com.sun.org.apache.xml.internal.security.c14n;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.util.HashMap; import java.util.HashMap;
@ -37,318 +35,326 @@ import org.w3c.dom.Node;
import org.w3c.dom.NodeList; import org.w3c.dom.NodeList;
import org.xml.sax.InputSource; import org.xml.sax.InputSource;
/** /**
*
* *
* @author Christian Geuer-Pollmann * @author Christian Geuer-Pollmann
*/ */
public class Canonicalizer { public class Canonicalizer {
//J- /** The output encoding of canonicalized data */
/** The output encoding of canonicalized data */ public static final String ENCODING = "UTF8";
public static final String ENCODING = "UTF8";
/**
/** * XPath Expresion for selecting every node and continuous comments joined
* XPath Expresion for selecting every node and continuos comments joined in only one node * in only one node
*/ */
public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE = "(.//. | .//@* | .//namespace::*)"; public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE =
"(.//. | .//@* | .//namespace::*)";
/**
/**
* The URL defined in XML-SEC Rec for inclusive c14n <b>without</b> comments. * The URL defined in XML-SEC Rec for inclusive c14n <b>without</b> comments.
*/ */
public static final String ALGO_ID_C14N_OMIT_COMMENTS = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; public static final String ALGO_ID_C14N_OMIT_COMMENTS =
/** "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
* The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments. /**
*/ * The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments.
public static final String ALGO_ID_C14N_WITH_COMMENTS = ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments"; */
/** public static final String ALGO_ID_C14N_WITH_COMMENTS =
* The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments. ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments";
*/ /**
public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = "http://www.w3.org/2001/10/xml-exc-c14n#"; * The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments.
/** */
* The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments. public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS =
*/ "http://www.w3.org/2001/10/xml-exc-c14n#";
public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments"; /**
* The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments.
*/
public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS =
ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments";
/**
* The URI for inclusive c14n 1.1 <b>without</b> comments.
*/
public static final String ALGO_ID_C14N11_OMIT_COMMENTS =
"http://www.w3.org/2006/12/xml-c14n11";
/**
* The URI for inclusive c14n 1.1 <b>with</b> comments.
*/
public static final String ALGO_ID_C14N11_WITH_COMMENTS =
ALGO_ID_C14N11_OMIT_COMMENTS + "#WithComments";
static boolean _alreadyInitialized = false; static boolean _alreadyInitialized = false;
static Map _canonicalizerHash = null; static Map _canonicalizerHash = null;
protected CanonicalizerSpi canonicalizerSpi = null; protected CanonicalizerSpi canonicalizerSpi = null;
//J+
/** /**
* Method init * Method init
* *
*/ */
public static void init() { public static void init() {
if (!Canonicalizer._alreadyInitialized) { if (!Canonicalizer._alreadyInitialized) {
Canonicalizer._canonicalizerHash = new HashMap(10); Canonicalizer._canonicalizerHash = new HashMap(10);
Canonicalizer._alreadyInitialized = true; Canonicalizer._alreadyInitialized = true;
} }
} }
/** /**
* Constructor Canonicalizer * Constructor Canonicalizer
* *
* @param algorithmURI * @param algorithmURI
* @throws InvalidCanonicalizerException * @throws InvalidCanonicalizerException
*/ */
private Canonicalizer(String algorithmURI) private Canonicalizer(String algorithmURI)
throws InvalidCanonicalizerException { throws InvalidCanonicalizerException {
try { try {
Class implementingClass = getImplementingClass(algorithmURI); Class implementingClass = getImplementingClass(algorithmURI);
this.canonicalizerSpi = this.canonicalizerSpi =
(CanonicalizerSpi) implementingClass.newInstance(); (CanonicalizerSpi) implementingClass.newInstance();
this.canonicalizerSpi.reset=true; this.canonicalizerSpi.reset=true;
} catch (Exception e) { } catch (Exception e) {
Object exArgs[] = { algorithmURI }; Object exArgs[] = { algorithmURI };
throw new InvalidCanonicalizerException( throw new InvalidCanonicalizerException(
"signature.Canonicalizer.UnknownCanonicalizer", exArgs); "signature.Canonicalizer.UnknownCanonicalizer", exArgs);
} }
} }
/** /**
* Method getInstance * Method getInstance
* *
* @param algorithmURI * @param algorithmURI
* @return a Conicicalizer instance ready for the job * @return a Conicicalizer instance ready for the job
* @throws InvalidCanonicalizerException * @throws InvalidCanonicalizerException
*/ */
public static final Canonicalizer getInstance(String algorithmURI) public static final Canonicalizer getInstance(String algorithmURI)
throws InvalidCanonicalizerException { throws InvalidCanonicalizerException {
Canonicalizer c14nizer = new Canonicalizer(algorithmURI); Canonicalizer c14nizer = new Canonicalizer(algorithmURI);
return c14nizer; return c14nizer;
} }
/** /**
* Method register * Method register
* *
* @param algorithmURI * @param algorithmURI
* @param implementingClass * @param implementingClass
* @throws AlgorithmAlreadyRegisteredException * @throws AlgorithmAlreadyRegisteredException
*/ */
public static void register(String algorithmURI, String implementingClass) public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException { throws AlgorithmAlreadyRegisteredException {
// check whether URI is already registered // check whether URI is already registered
Class registeredClass = getImplementingClass(algorithmURI); Class registeredClass = getImplementingClass(algorithmURI);
if (registeredClass != null) { if (registeredClass != null) {
Object exArgs[] = { algorithmURI, registeredClass }; Object exArgs[] = { algorithmURI, registeredClass };
throw new AlgorithmAlreadyRegisteredException( throw new AlgorithmAlreadyRegisteredException(
"algorithm.alreadyRegistered", exArgs); "algorithm.alreadyRegistered", exArgs);
}
try {
_canonicalizerHash.put(algorithmURI, Class.forName(implementingClass));
} catch (ClassNotFoundException e) {
throw new RuntimeException("c14n class not found");
} }
}
/** try {
* Method getURI _canonicalizerHash.put(algorithmURI, Class.forName(implementingClass));
* } catch (ClassNotFoundException e) {
* @return the URI defined for this c14n instance. throw new RuntimeException("c14n class not found");
*/ }
public final String getURI() { }
return this.canonicalizerSpi.engineGetURI();
}
/** /**
* Method getIncludeComments * Method getURI
* *
* @return true if the c14n respect the comments. * @return the URI defined for this c14n instance.
*/ */
public boolean getIncludeComments() { public final String getURI() {
return this.canonicalizerSpi.engineGetIncludeComments(); return this.canonicalizerSpi.engineGetURI();
} }
/** /**
* This method tries to canonicalize the given bytes. It's possible to even * Method getIncludeComments
* canonicalize non-wellformed sequences if they are well-formed after being *
* wrapped with a <CODE>&gt;a&lt;...&gt;/a&lt;</CODE>. * @return true if the c14n respect the comments.
* */
* @param inputBytes public boolean getIncludeComments() {
* @return the result of the conicalization. return this.canonicalizerSpi.engineGetIncludeComments();
* @throws CanonicalizationException }
* @throws java.io.IOException
* @throws javax.xml.parsers.ParserConfigurationException /**
* @throws org.xml.sax.SAXException * This method tries to canonicalize the given bytes. It's possible to even
*/ * canonicalize non-wellformed sequences if they are well-formed after being
public byte[] canonicalize(byte[] inputBytes) * wrapped with a <CODE>&gt;a&lt;...&gt;/a&lt;</CODE>.
*
* @param inputBytes
* @return the result of the conicalization.
* @throws CanonicalizationException
* @throws java.io.IOException
* @throws javax.xml.parsers.ParserConfigurationException
* @throws org.xml.sax.SAXException
*/
public byte[] canonicalize(byte[] inputBytes)
throws javax.xml.parsers.ParserConfigurationException, throws javax.xml.parsers.ParserConfigurationException,
java.io.IOException, org.xml.sax.SAXException, java.io.IOException, org.xml.sax.SAXException,
CanonicalizationException { CanonicalizationException {
ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes); ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes);
InputSource in = new InputSource(bais); InputSource in = new InputSource(bais);
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance(); DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setNamespaceAware(true); dfactory.setNamespaceAware(true);
// needs to validate for ID attribute nomalization // needs to validate for ID attribute nomalization
dfactory.setValidating(true); dfactory.setValidating(true);
DocumentBuilder db = dfactory.newDocumentBuilder(); DocumentBuilder db = dfactory.newDocumentBuilder();
/* /*
* for some of the test vectors from the specification, * for some of the test vectors from the specification,
* there has to be a validatin parser for ID attributes, default * there has to be a validatin parser for ID attributes, default
* attribute values, NMTOKENS, etc. * attribute values, NMTOKENS, etc.
* Unfortunaltely, the test vectors do use different DTDs or * Unfortunaltely, the test vectors do use different DTDs or
* even no DTD. So Xerces 1.3.1 fires many warnings about using * even no DTD. So Xerces 1.3.1 fires many warnings about using
* ErrorHandlers. * ErrorHandlers.
* *
* Text from the spec: * Text from the spec:
* *
* The input octet stream MUST contain a well-formed XML document, * The input octet stream MUST contain a well-formed XML document,
* but the input need not be validated. However, the attribute * but the input need not be validated. However, the attribute
* value normalization and entity reference resolution MUST be * value normalization and entity reference resolution MUST be
* performed in accordance with the behaviors of a validating * performed in accordance with the behaviors of a validating
* XML processor. As well, nodes for default attributes (declared * XML processor. As well, nodes for default attributes (declared
* in the ATTLIST with an AttValue but not specified) are created * in the ATTLIST with an AttValue but not specified) are created
* in each element. Thus, the declarations in the document type * in each element. Thus, the declarations in the document type
* declaration are used to help create the canonical form, even * declaration are used to help create the canonical form, even
* though the document type declaration is not retained in the * though the document type declaration is not retained in the
* canonical form. * canonical form.
* *
*/ */
db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils
.IgnoreAllErrorHandler()); .IgnoreAllErrorHandler());
Document document = db.parse(in); Document document = db.parse(in);
byte result[] = this.canonicalizeSubtree(document); byte result[] = this.canonicalizeSubtree(document);
return result; return result;
} }
/** /**
* Canonicalizes the subtree rooted by <CODE>node</CODE>. * Canonicalizes the subtree rooted by <CODE>node</CODE>.
* *
* @param node The node to canicalize * @param node The node to canicalize
* @return the result of the c14n. * @return the result of the c14n.
* *
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
public byte[] canonicalizeSubtree(Node node) public byte[] canonicalizeSubtree(Node node)
throws CanonicalizationException { throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeSubTree(node); return this.canonicalizerSpi.engineCanonicalizeSubTree(node);
} }
/** /**
* Canonicalizes the subtree rooted by <CODE>node</CODE>. * Canonicalizes the subtree rooted by <CODE>node</CODE>.
* *
* @param node * @param node
* @param inclusiveNamespaces * @param inclusiveNamespaces
* @return the result of the c14n. * @return the result of the c14n.
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces) public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces)
throws CanonicalizationException { throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeSubTree(node, return this.canonicalizerSpi.engineCanonicalizeSubTree(node,
inclusiveNamespaces); inclusiveNamespaces);
} }
/** /**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated * Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* as a list of XPath nodes, not as a list of subtrees. * as a list of XPath nodes, not as a list of subtrees.
* *
* @param xpathNodeSet * @param xpathNodeSet
* @return the result of the c14n. * @return the result of the c14n.
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet) public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet)
throws CanonicalizationException { throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
} }
/** /**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated * Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* as a list of XPath nodes, not as a list of subtrees. * as a list of XPath nodes, not as a list of subtrees.
* *
* @param xpathNodeSet * @param xpathNodeSet
* @param inclusiveNamespaces * @param inclusiveNamespaces
* @return the result of the c14n. * @return the result of the c14n.
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
public byte[] canonicalizeXPathNodeSet( public byte[] canonicalizeXPathNodeSet(
NodeList xpathNodeSet, String inclusiveNamespaces) NodeList xpathNodeSet, String inclusiveNamespaces)
throws CanonicalizationException { throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
inclusiveNamespaces); inclusiveNamespaces);
} }
/** /**
* Canonicalizes an XPath node set. * Canonicalizes an XPath node set.
* *
* @param xpathNodeSet * @param xpathNodeSet
* @return the result of the c14n. * @return the result of the c14n.
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet) public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet)
throws CanonicalizationException { throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
} }
/** /**
* Canonicalizes an XPath node set. * Canonicalizes an XPath node set.
* *
* @param xpathNodeSet * @param xpathNodeSet
* @param inclusiveNamespaces * @param inclusiveNamespaces
* @return the result of the c14n. * @return the result of the c14n.
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
public byte[] canonicalizeXPathNodeSet( public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet,
Set xpathNodeSet, String inclusiveNamespaces) String inclusiveNamespaces) throws CanonicalizationException {
throws CanonicalizationException { return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces);
inclusiveNamespaces); }
}
/** /**
* Sets the writter where the cannocalization ends. ByteArrayOutputStream if * Sets the writer where the canonicalization ends. ByteArrayOutputStream
* none is setted. * if none is set.
* @param os * @param os
*/ */
public void setWriter(OutputStream os) { public void setWriter(OutputStream os) {
this.canonicalizerSpi.setWriter(os); this.canonicalizerSpi.setWriter(os);
} }
/** /**
* Returns the name of the implementing {@link CanonicalizerSpi} class * Returns the name of the implementing {@link CanonicalizerSpi} class
* *
* @return the name of the implementing {@link CanonicalizerSpi} class * @return the name of the implementing {@link CanonicalizerSpi} class
*/ */
public String getImplementingCanonicalizerClass() { public String getImplementingCanonicalizerClass() {
return this.canonicalizerSpi.getClass().getName(); return this.canonicalizerSpi.getClass().getName();
} }
/** /**
* Method getImplementingClass * Method getImplementingClass
* *
* @param URI * @param URI
* @return the name of the class that implements the give URI * @return the name of the class that implements the given URI
*/ */
private static Class getImplementingClass(String URI) { private static Class getImplementingClass(String URI) {
return (Class) _canonicalizerHash.get(URI); return (Class) _canonicalizerHash.get(URI);
} }
/** /**
* Set the canonicalizator behaviour to not reset. * Set the canonicalizer behaviour to not reset.
* */
*/ public void notReset() {
public void notReset() { this.canonicalizerSpi.reset = false;
this.canonicalizerSpi.reset=false; }
}
} }

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

152
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -21,17 +20,17 @@
*/ */
package com.sun.org.apache.xml.internal.security.c14n.helper; package com.sun.org.apache.xml.internal.security.c14n.helper;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import java.io.Serializable;
import java.util.Comparator;
/** /**
* Compares two attributes based on the C14n specification. * Compares two attributes based on the C14n specification.
* *
* <UL> * <UL>
* <LI>Namespace nodes have a lesser document order position than attribute nodes. * <LI>Namespace nodes have a lesser document order position than attribute
* nodes.
* <LI> An element's namespace nodes are sorted lexicographically by * <LI> An element's namespace nodes are sorted lexicographically by
* local name (the default namespace node, if one exists, has no * local name (the default namespace node, if one exists, has no
* local name and is therefore lexicographically least). * local name and is therefore lexicographically least).
@ -40,104 +39,89 @@ import org.w3c.dom.Attr;
* key (an empty namespace URI is lexicographically least). * key (an empty namespace URI is lexicographically least).
* </UL> * </UL>
* *
* $todo$ Should we implement java.util.Comparator and import java.util.Arrays to use Arrays.sort(intarray);
* @author Christian Geuer-Pollmann * @author Christian Geuer-Pollmann
*/ */
public class AttrCompare implements java.util.Comparator { public class AttrCompare implements Comparator, Serializable {
private final int ATTR0_BEFORE_ATTR1 = -1; private final static long serialVersionUID = -7113259629930576230L;
private final int ATTR1_BEFORE_ATTR0 = 1; private final static int ATTR0_BEFORE_ATTR1 = -1;
private final static int ATTR1_BEFORE_ATTR0 = 1;
private final static String XMLNS=Constants.NamespaceSpecNS;
private final static String XMLNS=Constants.NamespaceSpecNS; /**
/** * Compares two attributes based on the C14n specification.
* Compares two attributes based on the C14n specification. *
* * <UL>
* <UL> * <LI>Namespace nodes have a lesser document order position than
* <LI>Namespace nodes have a lesser document order position than attribute nodes. * attribute nodes.
* <LI> An element's namespace nodes are sorted lexicographically by * <LI> An element's namespace nodes are sorted lexicographically by
* local name (the default namespace node, if one exists, has no * local name (the default namespace node, if one exists, has no
* local name and is therefore lexicographically least). * local name and is therefore lexicographically least).
* <LI> An element's attribute nodes are sorted lexicographically with * <LI> An element's attribute nodes are sorted lexicographically with
* namespace URI as the primary key and local name as the secondary * namespace URI as the primary key and local name as the secondary
* key (an empty namespace URI is lexicographically least). * key (an empty namespace URI is lexicographically least).
* </UL> * </UL>
* *
* @param obj0 casted Attr * @param obj0 casted Attr
* @param obj1 casted Attr * @param obj1 casted Attr
* @return returns a negative integer, zero, or a positive integer as obj0 is less than, equal to, or greater than obj1 * @return returns a negative integer, zero, or a positive integer as
* * obj0 is less than, equal to, or greater than obj1
*/ *
public int compare(Object obj0, Object obj1) { */
public int compare(Object obj0, Object obj1) {
Attr attr0 = (Attr) obj0; Attr attr0 = (Attr) obj0;
Attr attr1 = (Attr) obj1; Attr attr1 = (Attr) obj1;
String namespaceURI0 = attr0.getNamespaceURI(); String namespaceURI0 = attr0.getNamespaceURI();
String namespaceURI1 = attr1.getNamespaceURI(); String namespaceURI1 = attr1.getNamespaceURI();
boolean isNamespaceAttr0 = boolean isNamespaceAttr0 = XMLNS==namespaceURI0;
XMLNS.equals(namespaceURI0); boolean isNamespaceAttr1 = XMLNS==namespaceURI1;
boolean isNamespaceAttr1 =
XMLNS.equals(namespaceURI1);
if (isNamespaceAttr0) { if (isNamespaceAttr0) {
if (isNamespaceAttr1) { if (isNamespaceAttr1) {
// both are namespaces
String localname0 = attr0.getLocalName();
String localname1 = attr1.getLocalName();
// both are namespaces if (localname0.equals("xmlns")) {
String localname0 = attr0.getLocalName(); localname0 = "";
String localname1 = attr1.getLocalName(); }
if (localname0.equals("xmlns")) { if (localname1.equals("xmlns")) {
localname0 = ""; localname1 = "";
}
return localname0.compareTo(localname1);
} }
// attr0 is a namespace, attr1 is not
return ATTR0_BEFORE_ATTR1;
}
if (localname1.equals("xmlns")) { if (isNamespaceAttr1) {
localname1 = "";
}
return localname0.compareTo(localname1);
}
// attr0 is a namespace, attr1 is not
return ATTR0_BEFORE_ATTR1;
}
if (isNamespaceAttr1) {
// attr1 is a namespace, attr0 is not // attr1 is a namespace, attr0 is not
return ATTR1_BEFORE_ATTR0; return ATTR1_BEFORE_ATTR0;
} }
// none is a namespae
if (namespaceURI0 == null) {
if (namespaceURI1 == null) {
/*
String localName0 = attr0.getLocalName();
String localName1 = attr1.getLocalName();
return localName0.compareTo(localName1);
*/
// none is a namespace
if (namespaceURI0 == null) {
if (namespaceURI1 == null) {
String name0 = attr0.getName(); String name0 = attr0.getName();
String name1 = attr1.getName(); String name1 = attr1.getName();
return name0.compareTo(name1); return name0.compareTo(name1);
}
return ATTR0_BEFORE_ATTR1;
} }
return ATTR0_BEFORE_ATTR1;
} if (namespaceURI1 == null) {
if (namespaceURI1 == null) { return ATTR1_BEFORE_ATTR0;
return ATTR1_BEFORE_ATTR0; }
}
int a = namespaceURI0.compareTo(namespaceURI1);
if (a != 0) { int a = namespaceURI0.compareTo(namespaceURI1);
return a; if (a != 0) {
} return a;
/* }
String localName0 = ;
String localName1 =;*/
return (attr0.getLocalName())
.compareTo( attr1.getLocalName());
}
return (attr0.getLocalName()).compareTo(attr1.getLocalName());
}
} }

684
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java Normal file
View file

@ -0,0 +1,684 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import java.util.logging.Logger;
import java.util.logging.Logger;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
/**
* Implements <A HREF="http://www.w3.org/TR/2008/PR-xml-c14n11-20080129/">
* Canonical XML Version 1.1</A>, a W3C Proposed Recommendation from 29
* January 2008.
*
* @author Sean Mullan
* @author Raul Benito
* @version $Revision: 1.2 $
*/
public abstract class Canonicalizer11 extends CanonicalizerBase {
boolean firstCall = true;
final SortedSet result = new TreeSet(COMPARE);
static final String XMLNS_URI = Constants.NamespaceSpecNS;
static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
static Logger log = Logger.getLogger(Canonicalizer11.class.getName());
static class XmlAttrStack {
int currentLevel = 0;
int lastlevel = 0;
XmlsStackElement cur;
static class XmlsStackElement {
int level;
boolean rendered = false;
List nodes = new ArrayList();
};
List levels = new ArrayList();
void push(int level) {
currentLevel = level;
if (currentLevel == -1)
return;
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
if (levels.size() == 0) {
lastlevel = 0;
return;
}
lastlevel=((XmlsStackElement)levels.get(levels.size()-1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection col) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
int size = levels.size() - 2;
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = (XmlsStackElement) levels.get(size);
if (e.rendered && e.level+1 == currentLevel)
parentRendered = true;
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map loa = new HashMap();
List baseAttrs = new ArrayList();
boolean successiveOmitted = true;
for (;size>=0;size--) {
e = (XmlsStackElement) levels.get(size);
if (e.rendered) {
successiveOmitted = false;
}
Iterator it = e.nodes.iterator();
while (it.hasNext() && successiveOmitted) {
Attr n = (Attr) it.next();
if (n.getLocalName().equals("base")) {
if (!e.rendered) {
baseAttrs.add(n);
}
} else if (!loa.containsKey(n.getName()))
loa.put(n.getName(), n);
}
}
if (!baseAttrs.isEmpty()) {
Iterator it = cur.nodes.iterator();
String base = null;
Attr baseAttr = null;
while (it.hasNext()) {
Attr n = (Attr) it.next();
if (n.getLocalName().equals("base")) {
base = n.getValue();
baseAttr = n;
break;
}
}
it = baseAttrs.iterator();
while (it.hasNext()) {
Attr n = (Attr) it.next();
if (base == null) {
base = n.getValue();
baseAttr = n;
} else {
try {
base = joinURI(n.getValue(), base);
} catch (URISyntaxException ue) {
ue.printStackTrace();
}
}
}
if (base != null && base.length() != 0) {
baseAttr.setValue(base);
col.add(baseAttr);
}
}
cur.rendered = true;
col.addAll(loa.values());
}
};
XmlAttrStack xmlattrStack = new XmlAttrStack();
/**
* Constructor Canonicalizer11
*
* @param includeComments
*/
public Canonicalizer11(boolean includeComments) {
super(includeComments);
}
/**
* Returns the Attr[]s to be outputted for the given element.
* <br>
* The code of this method is a copy of {@link #handleAttributes(Element,
* NameSpaceSymbTable)},
* whereas it takes into account that subtree-c14n is -- well --
* subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors.
*
* @param E
* @param ns
* @return the Attr[]s to be outputted
* @throws CanonicalizationException
*/
Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns)
throws CanonicalizationException {
if (!E.hasAttributes() && !firstCall) {
return null;
}
// result will contain the attrs which have to be outputted
final SortedSet result = this.result;
result.clear();
NamedNodeMap attrs = E.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NUri = N.getNamespaceURI();
if (XMLNS_URI != NUri) {
// It's not a namespace attr node. Add to the result and
// continue.
result.add(N);
continue;
}
String NName = N.getLocalName();
String NValue = N.getValue();
if (XML.equals(NName)
&& XML_LANG_URI.equals(NValue)) {
// The default mapping for xml must not be output.
continue;
}
Node n = ns.addMappingAndRender(NName, NValue, N);
if (n != null) {
// Render the ns definition
result.add(n);
if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] = {E.getTagName(), NName, N.getNodeValue()};
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs);
}
}
}
if (firstCall) {
// It is the first node of the subtree
// Obtain all the namespaces defined in the parents, and added
// to the output.
ns.getUnrenderedNodes(result);
// output the attributes in the xml namespace.
xmlattrStack.getXmlnsAttr(result);
firstCall = false;
}
return result.iterator();
}
/**
* Returns the Attr[]s to be outputted for the given element.
* <br>
* IMPORTANT: This method expects to work on a modified DOM tree, i.e. a
* DOM which has been prepared using
* {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650(
* org.w3c.dom.Document)}.
*
* @param E
* @param ns
* @return the Attr[]s to be outputted
* @throws CanonicalizationException
*/
Iterator handleAttributes(Element E, NameSpaceSymbTable ns)
throws CanonicalizationException {
// result will contain the attrs which have to be output
xmlattrStack.push(ns.getLevel());
boolean isRealVisible = isVisibleDO(E, ns.getLevel()) == 1;
NamedNodeMap attrs = null;
int attrsLength = 0;
if (E.hasAttributes()) {
attrs = E.getAttributes();
attrsLength = attrs.getLength();
}
SortedSet result = this.result;
result.clear();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NUri = N.getNamespaceURI();
if (XMLNS_URI != NUri) {
// A non namespace definition node.
if (XML_LANG_URI == NUri) {
if (N.getLocalName().equals("id")) {
if (isRealVisible) {
// treat xml:id like any other attribute
// (emit it, but don't inherit it)
result.add(N);
}
} else {
xmlattrStack.addXmlnsAttr(N);
}
} else if (isRealVisible) {
// The node is visible add the attribute to the list of
// output attributes.
result.add(N);
}
// keep working
continue;
}
String NName = N.getLocalName();
String NValue = N.getValue();
if ("xml".equals(NName)
&& XML_LANG_URI.equals(NValue)) {
/* except omit namespace node with local name xml, which defines
* the xml prefix, if its string value is
* http://www.w3.org/XML/1998/namespace.
*/
continue;
}
// add the prefix binding to the ns symb table.
// ns.addInclusiveMapping(NName,NValue,N,isRealVisible);
if (isVisible(N)) {
if (!isRealVisible && ns.removeMappingIfRender(NName)) {
continue;
}
// The xpath select this node output it if needed.
// Node n = ns.addMappingAndRenderXNodeSet
// (NName, NValue, N, isRealVisible);
Node n = ns.addMappingAndRender(NName, NValue, N);
if (n != null) {
result.add(n);
if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] =
{ E.getTagName(), NName, N.getNodeValue() };
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs);
}
}
} else {
if (isRealVisible && NName != XMLNS) {
ns.removeMapping(NName);
} else {
ns.addMapping(NName, NValue, N);
}
}
}
if (isRealVisible) {
// The element is visible, handle the xmlns definition
Attr xmlns = E.getAttributeNodeNS(XMLNS_URI, XMLNS);
Node n = null;
if (xmlns == null) {
// No xmlns def just get the already defined.
n = ns.getMapping(XMLNS);
} else if (!isVisible(xmlns)) {
// There is a defn but the xmlns is not selected by the xpath.
// then xmlns=""
n = ns.addMappingAndRender(XMLNS, "", nullNode);
}
// output the xmlns def if needed.
if (n != null) {
result.add(n);
}
// Float all xml:* attributes of the unselected parent elements to
// this one. addXmlAttributes(E,result);
xmlattrStack.getXmlnsAttr(result);
ns.getUnrenderedNodes(result);
}
return result.iterator();
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException always
*/
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet,
String inclusiveNamespaces) throws CanonicalizationException {
throw new CanonicalizationException(
"c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(Node rootNode,
String inclusiveNamespaces) throws CanonicalizationException {
throw new CanonicalizationException(
"c14n.Canonicalizer.UnsupportedOperation");
}
void circumventBugIfNeeded(XMLSignatureInput input)
throws CanonicalizationException, ParserConfigurationException,
IOException, SAXException {
if (!input.isNeedsToBeExpanded())
return;
Document doc = null;
if (input.getSubNode() != null) {
doc = XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc = XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
void handleParent(Element e, NameSpaceSymbTable ns) {
if (!e.hasAttributes()) {
return;
}
xmlattrStack.push(-1);
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (Constants.NamespaceSpecNS != N.getNamespaceURI()) {
// Not a namespace definition, ignore.
if (XML_LANG_URI == N.getNamespaceURI()) {
xmlattrStack.addXmlnsAttr(N);
}
continue;
}
String NName = N.getLocalName();
String NValue = N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
private static String joinURI(String baseURI, String relativeURI)
throws URISyntaxException {
String bscheme = null;
String bauthority = null;
String bpath = "";
String bquery = null;
String bfragment = null; // Is this correct?
// pre-parse the baseURI
if (baseURI != null) {
if (baseURI.endsWith("..")) {
baseURI = baseURI + "/";
}
URI base = new URI(baseURI);
bscheme = base.getScheme();
bauthority = base.getAuthority();
bpath = base.getPath();
bquery = base.getQuery();
bfragment = base.getFragment();
}
URI r = new URI(relativeURI);
String rscheme = r.getScheme();
String rauthority = r.getAuthority();
String rpath = r.getPath();
String rquery = r.getQuery();
String rfragment = null;
String tscheme, tauthority, tpath, tquery, tfragment;
if (rscheme != null && rscheme.equals(bscheme)) {
rscheme = null;
}
if (rscheme != null) {
tscheme = rscheme;
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rauthority != null) {
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rpath.length() == 0) {
tpath = bpath;
if (rquery != null) {
tquery = rquery;
} else {
tquery = bquery;
}
} else {
if (rpath.startsWith("/")) {
tpath = removeDotSegments(rpath);
} else {
if (bauthority != null && bpath.length() == 0) {
tpath = "/" + rpath;
} else {
int last = bpath.lastIndexOf('/');
if (last == -1) {
tpath = rpath;
} else {
tpath = bpath.substring(0, last+1) + rpath;
}
}
tpath = removeDotSegments(tpath);
}
tquery = rquery;
}
tauthority = bauthority;
}
tscheme = bscheme;
}
tfragment = rfragment;
return new URI(tscheme, tauthority, tpath, tquery, tfragment).toString();
}
private static String removeDotSegments(String path) {
log.log(java.util.logging.Level.FINE, "STEP OUTPUT BUFFER\t\tINPUT BUFFER");
// 1. The input buffer is initialized with the now-appended path
// components then replace occurrences of "//" in the input buffer
// with "/" until no more occurrences of "//" are in the input buffer.
String input = path;
while (input.indexOf("//") > -1) {
input = input.replaceAll("//", "/");
}
// Initialize the output buffer with the empty string.
StringBuffer output = new StringBuffer();
// If the input buffer starts with a root slash "/" then move this
// character to the output buffer.
if (input.charAt(0) == '/') {
output.append("/");
input = input.substring(1);
}
printStep("1 ", output.toString(), input);
// While the input buffer is not empty, loop as follows
while (input.length() != 0) {
// 2A. If the input buffer begins with a prefix of "./",
// then remove that prefix from the input buffer
// else if the input buffer begins with a prefix of "../", then
// if also the output does not contain the root slash "/" only,
// then move this prefix to the end of the output buffer else
// remove that prefix
if (input.startsWith("./")) {
input = input.substring(2);
printStep("2A", output.toString(), input);
} else if (input.startsWith("../")) {
input = input.substring(3);
if (!output.toString().equals("/")) {
output.append("../");
}
printStep("2A", output.toString(), input);
// 2B. if the input buffer begins with a prefix of "/./" or "/.",
// where "." is a complete path segment, then replace that prefix
// with "/" in the input buffer; otherwise,
} else if (input.startsWith("/./")) {
input = input.substring(2);
printStep("2B", output.toString(), input);
} else if (input.equals("/.")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/.", "/");
printStep("2B", output.toString(), input);
// 2C. if the input buffer begins with a prefix of "/../" or "/..",
// where ".." is a complete path segment, then replace that prefix
// with "/" in the input buffer and if also the output buffer is
// empty, last segment in the output buffer equals "../" or "..",
// where ".." is a complete path segment, then append ".." or "/.."
// for the latter case respectively to the output buffer else
// remove the last segment and its preceding "/" (if any) from the
// output buffer and if hereby the first character in the output
// buffer was removed and it was not the root slash then delete a
// leading slash from the input buffer; otherwise,
} else if (input.startsWith("/../")) {
input = input.substring(3);
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuffer();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
} else if (input.equals("/..")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/..", "/");
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuffer();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
// 2D. if the input buffer consists only of ".", then remove
// that from the input buffer else if the input buffer consists
// only of ".." and if the output buffer does not contain only
// the root slash "/", then move the ".." to the output buffer
// else delte it.; otherwise,
} else if (input.equals(".")) {
input = "";
printStep("2D", output.toString(), input);
} else if (input.equals("..")) {
if (!output.toString().equals("/"))
output.append("..");
input = "";
printStep("2D", output.toString(), input);
// 2E. move the first path segment (if any) in the input buffer
// to the end of the output buffer, including the initial "/"
// character (if any) and any subsequent characters up to, but not
// including, the next "/" character or the end of the input buffer.
} else {
int end = -1;
int begin = input.indexOf('/');
if (begin == 0) {
end = input.indexOf('/', 1);
} else {
end = begin;
begin = 0;
}
String segment;
if (end == -1) {
segment = input.substring(begin);
input = "";
} else {
segment = input.substring(begin, end);
input = input.substring(end);
}
output.append(segment);
printStep("2E", output.toString(), input);
}
}
// 3. Finally, if the only or last segment of the output buffer is
// "..", where ".." is a complete path segment not followed by a slash
// then append a slash "/". The output buffer is returned as the result
// of remove_dot_segments
if (output.toString().endsWith("..")) {
output.append("/");
printStep("3 ", output.toString(), input);
}
return output.toString();
}
private static void printStep(String step, String output, String input) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, " " + step + ": " + output);
if (output.length() == 0) {
log.log(java.util.logging.Level.FINE, "\t\t\t\t" + input);
} else {
log.log(java.util.logging.Level.FINE, "\t\t\t" + input);
}
}
}
}

41
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java Normal file
View file

@ -0,0 +1,41 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Sean Mullan
*/
public class Canonicalizer11_OmitComments extends Canonicalizer11 {
public Canonicalizer11_OmitComments() {
super(false);
}
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS;
}
public final boolean engineGetIncludeComments() {
return false;
}
}

41
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java Normal file
View file

@ -0,0 +1,41 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Sean Mullan
*/
public class Canonicalizer11_WithComments extends Canonicalizer11 {
public Canonicalizer11_WithComments() {
super(true);
}
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS;
}
public final boolean engineGetIncludeComments() {
return true;
}
}

300
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -23,20 +22,30 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap; import java.util.HashMap;
import java.util.Iterator; import java.util.Iterator;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.SortedSet; import java.util.SortedSet;
import java.util.TreeSet; import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper; import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap; import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/** /**
@ -44,13 +53,92 @@ import org.w3c.dom.Node;
* XML Version 1.0</A>, a W3C Recommendation from 15 March 2001. * XML Version 1.0</A>, a W3C Recommendation from 15 March 2001.
* *
* @author Christian Geuer-Pollmann <geuerp@apache.org> * @author Christian Geuer-Pollmann <geuerp@apache.org>
* @version $Revision: 1.5 $
*/ */
public abstract class Canonicalizer20010315 extends CanonicalizerBase { public abstract class Canonicalizer20010315 extends CanonicalizerBase {
boolean firstCall=true; boolean firstCall=true;
final SortedSet result= new TreeSet(COMPARE); final SortedSet result= new TreeSet(COMPARE);
static final String XMLNS_URI=Constants.NamespaceSpecNS; static final String XMLNS_URI=Constants.NamespaceSpecNS;
static final String XML_LANG_URI=Constants.XML_LANG_SPACE_SpecNS; static final String XML_LANG_URI=Constants.XML_LANG_SPACE_SpecNS;
/** static class XmlAttrStack {
int currentLevel=0;
int lastlevel=0;
XmlsStackElement cur;
static class XmlsStackElement {
int level;
boolean rendered=false;
List nodes=new ArrayList();
};
List levels=new ArrayList();
void push(int level) {
currentLevel=level;
if (currentLevel==-1)
return;
cur=null;
while (lastlevel>=currentLevel) {
levels.remove(levels.size()-1);
if (levels.size()==0) {
lastlevel=0;
return;
}
lastlevel=((XmlsStackElement)levels.get(levels.size()-1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur==null) {
cur=new XmlsStackElement();
cur.level=currentLevel;
levels.add(cur);
lastlevel=currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection col) {
int size=levels.size()-1;
if (cur==null) {
cur=new XmlsStackElement();
cur.level=currentLevel;
lastlevel=currentLevel;
levels.add(cur);
}
boolean parentRendered=false;
XmlsStackElement e=null;
if (size==-1) {
parentRendered=true;
} else {
e=(XmlsStackElement)levels.get(size);
if (e.rendered && e.level+1==currentLevel)
parentRendered=true;
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered=true;
return;
}
Map loa = new HashMap();
for (;size>=0;size--) {
e=(XmlsStackElement)levels.get(size);
Iterator it=e.nodes.iterator();
while (it.hasNext()) {
Attr n=(Attr)it.next();
if (!loa.containsKey(n.getName()))
loa.put(n.getName(),n);
}
//if (e.rendered)
//break;
};
//cur.nodes.clear();
//cur.nodes.addAll(loa.values());
cur.rendered=true;
col.addAll(loa.values());
}
}
XmlAttrStack xmlattrStack=new XmlAttrStack();
/**
* Constructor Canonicalizer20010315 * Constructor Canonicalizer20010315
* *
* @param includeComments * @param includeComments
@ -86,16 +174,16 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
for (int i = 0; i < attrsLength; i++) { for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i); Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NValue=N.getValue();
String NUri =N.getNamespaceURI(); String NUri =N.getNamespaceURI();
if (!XMLNS_URI.equals(NUri)) { if (XMLNS_URI!=NUri) {
//It's not a namespace attr node. Add to the result and continue. //It's not a namespace attr node. Add to the result and continue.
result.add(N); result.add(N);
continue; continue;
} }
String NName=N.getLocalName();
String NValue=N.getValue();
if (XML.equals(NName) if (XML.equals(NName)
&& XML_LANG_URI.equals(NValue)) { && XML_LANG_URI.equals(NValue)) {
//The default mapping for xml must not be output. //The default mapping for xml must not be output.
@ -120,64 +208,13 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
//Obtain all the namespaces defined in the parents, and added to the output. //Obtain all the namespaces defined in the parents, and added to the output.
ns.getUnrenderedNodes(result); ns.getUnrenderedNodes(result);
//output the attributes in the xml namespace. //output the attributes in the xml namespace.
addXmlAttributesSubtree(E, result); xmlattrStack.getXmlnsAttr(result);
firstCall=false; firstCall=false;
} }
return result.iterator(); return result.iterator();
} }
/**
* Float the xml:* attributes of the parent nodes to the root node of c14n
* @param E the root node.
* @param result the xml:* attributes to output.
*/
private void addXmlAttributesSubtree(Element E, SortedSet result) {
// E is in the node-set
Node parent = E.getParentNode();
Map loa = new HashMap();
if ((parent != null) && (parent.getNodeType() == Node.ELEMENT_NODE)) {
// parent element is not in node set
for (Node ancestor = parent;
(ancestor != null)
&& (ancestor.getNodeType() == Node.ELEMENT_NODE);
ancestor = ancestor.getParentNode()) {
Element el=((Element) ancestor);
if (!el.hasAttributes()) {
continue;
}
// for all ancestor elements
NamedNodeMap ancestorAttrs = el.getAttributes();
for (int i = 0; i < ancestorAttrs.getLength(); i++) {
// for all attributes in the ancestor element
Attr currentAncestorAttr = (Attr) ancestorAttrs.item(i);
if (XML_LANG_URI.equals(
currentAncestorAttr.getNamespaceURI())) {
// do we have an xml:* ?
if (!E.hasAttributeNS(
XML_LANG_URI,
currentAncestorAttr.getLocalName())) {
// the xml:* attr is not in E
if (!loa.containsKey(currentAncestorAttr.getName())) {
loa.put(currentAncestorAttr.getName(),
currentAncestorAttr);
}
}
}
}
}
}
result.addAll( loa.values());
}
/** /**
* Returns the Attr[]s to be outputted for the given element. * Returns the Attr[]s to be outputted for the given element.
* <br> * <br>
@ -192,7 +229,8 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
*/ */
Iterator handleAttributes(Element E, NameSpaceSymbTable ns ) throws CanonicalizationException { Iterator handleAttributes(Element E, NameSpaceSymbTable ns ) throws CanonicalizationException {
// result will contain the attrs which have to be outputted // result will contain the attrs which have to be outputted
boolean isRealVisible=isVisible(E); xmlattrStack.push(ns.getLevel());
boolean isRealVisible=isVisibleDO(E,ns.getLevel())==1;
NamedNodeMap attrs = null; NamedNodeMap attrs = null;
int attrsLength = 0; int attrsLength = 0;
if (E.hasAttributes()) { if (E.hasAttributes()) {
@ -204,16 +242,15 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
SortedSet result = this.result; SortedSet result = this.result;
result.clear(); result.clear();
for (int i = 0; i < attrsLength; i++) { for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i); Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NValue=N.getValue();
String NUri =N.getNamespaceURI(); String NUri =N.getNamespaceURI();
if (!XMLNS_URI.equals(NUri)) { if (XMLNS_URI!=NUri) {
//A non namespace definition node. //A non namespace definition node.
if (isRealVisible){ if (XML_LANG_URI==NUri) {
xmlattrStack.addXmlnsAttr(N);
} else if (isRealVisible){
//The node is visible add the attribute to the list of output attributes. //The node is visible add the attribute to the list of output attributes.
result.add(N); result.add(N);
} }
@ -221,7 +258,8 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
continue; continue;
} }
String NName=N.getLocalName();
String NValue=N.getValue();
if ("xml".equals(NName) if ("xml".equals(NName)
&& XML_LANG_URI.equals(NValue)) { && XML_LANG_URI.equals(NValue)) {
/* except omit namespace node with local name xml, which defines /* except omit namespace node with local name xml, which defines
@ -232,16 +270,26 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
//add the prefix binding to the ns symb table. //add the prefix binding to the ns symb table.
//ns.addInclusiveMapping(NName,NValue,N,isRealVisible); //ns.addInclusiveMapping(NName,NValue,N,isRealVisible);
if (isVisible(N)) { if (isVisible(N)) {
//The xpath select this node output it if needed. if (!isRealVisible && ns.removeMappingIfRender(NName)) {
Node n=ns.addMappingAndRenderXNodeSet(NName,NValue,N,isRealVisible); continue;
if (n!=null) { }
//The xpath select this node output it if needed.
//Node n=ns.addMappingAndRenderXNodeSet(NName,NValue,N,isRealVisible);
Node n=ns.addMappingAndRender(NName,NValue,N);
if (n!=null) {
result.add(n); result.add(n);
if (C14nHelper.namespaceIsRelative(N)) { if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] = { E.getTagName(), NName, N.getNodeValue() }; Object exArgs[] = { E.getTagName(), NName, N.getNodeValue() };
throw new CanonicalizationException( throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs); "c14n.Canonicalizer.RelativeNamespace", exArgs);
} }
} }
} else {
if (isRealVisible && NName!=XMLNS) {
ns.removeMapping(NName);
} else {
ns.addMapping(NName,NValue,N);
}
} }
} }
if (isRealVisible) { if (isRealVisible) {
@ -254,84 +302,21 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
} else if ( !isVisible(xmlns)) { } else if ( !isVisible(xmlns)) {
//There is a definition but the xmlns is not selected by the xpath. //There is a definition but the xmlns is not selected by the xpath.
//then xmlns="" //then xmlns=""
n=ns.addMappingAndRenderXNodeSet(XMLNS,"",nullNode,true); n=ns.addMappingAndRender(XMLNS,"",nullNode);
} }
//output the xmlns def if needed. //output the xmlns def if needed.
if (n!=null) { if (n!=null) {
result.add(n); result.add(n);
} }
//Float all xml:* attributes of the unselected parent elements to this one. //Float all xml:* attributes of the unselected parent elements to this one.
addXmlAttributes(E,result); //addXmlAttributes(E,result);
xmlattrStack.getXmlnsAttr(result);
ns.getUnrenderedNodes(result);
} }
return result.iterator(); return result.iterator();
} }
/**
* Float the xml:* attributes of the unselected parent nodes to the ciurrent node.
* @param E
* @param result
*/
private void addXmlAttributes(Element E, SortedSet result) {
/* The processing of an element node E MUST be modified slightly when an
* XPath node-set is given as input and the element's parent is omitted
* from the node-set. The method for processing the attribute axis of an
* element E in the node-set is enhanced. All element nodes along E's
* ancestor axis are examined for nearest occurrences of attributes in
* the xml namespace, such as xml:lang and xml:space (whether or not they
* are in the node-set). From this list of attributes, remove any that are
* in E's attribute axis (whether or not they are in the node-set). Then,
* lexicographically merge this attribute list with the nodes of E's
* attribute axis that are in the node-set. The result of visiting the
* attribute axis is computed by processing the attribute nodes in this
* merged attribute list.
*/
// E is in the node-set
Node parent = E.getParentNode();
Map loa = new HashMap();
if ((parent != null) && (parent.getNodeType() == Node.ELEMENT_NODE)
&&!isVisible(parent)) {
// parent element is not in node set
for (Node ancestor = parent;
(ancestor != null)
&& (ancestor.getNodeType() == Node.ELEMENT_NODE);
ancestor = ancestor.getParentNode()) {
Element el=((Element) ancestor);
if (!el.hasAttributes()) {
continue;
}
// for all ancestor elements
NamedNodeMap ancestorAttrs =el.getAttributes();
for (int i = 0; i < ancestorAttrs.getLength(); i++) {
// for all attributes in the ancestor element
Attr currentAncestorAttr = (Attr) ancestorAttrs.item(i);
if (XML_LANG_URI.equals(
currentAncestorAttr.getNamespaceURI())) {
// do we have an xml:* ?
if (!E.hasAttributeNS(
XML_LANG_URI,
currentAncestorAttr.getLocalName())) {
// the xml:* attr is not in E
if (!loa.containsKey(currentAncestorAttr.getName())) {
loa.put(currentAncestorAttr.getName(),
currentAncestorAttr);
}
}
}
}
}
}
result.addAll(loa.values());
}
/** /**
* Always throws a CanonicalizationException because this is inclusive c14n. * Always throws a CanonicalizationException because this is inclusive c14n.
* *
@ -363,4 +348,43 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
throw new CanonicalizationException( throw new CanonicalizationException(
"c14n.Canonicalizer.UnsupportedOperation"); "c14n.Canonicalizer.UnsupportedOperation");
} }
void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException {
if (!input.isNeedsToBeExpanded())
return;
Document doc = null;
if (input.getSubNode() != null) {
doc=XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc=XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
void handleParent(Element e, NameSpaceSymbTable ns) {
if (!e.hasAttributes()) {
return;
}
xmlattrStack.push(-1);
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) {
//Not a namespace definition, ignore.
if (XML_LANG_URI==N.getNamespaceURI()) {
xmlattrStack.addXmlnsAttr(N);
}
continue;
}
String NName=N.getLocalName();
String NValue=N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
} }

90
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -21,20 +20,26 @@
*/ */
package com.sun.org.apache.xml.internal.security.c14n.implementations; package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.util.Iterator; import java.util.Iterator;
import java.util.Set; import java.util.Set;
import java.util.SortedSet; import java.util.SortedSet;
import java.util.TreeSet; import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper; import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces; import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap; import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/** /**
* Implements &quot; <A * Implements &quot; <A
* HREF="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">Exclusive XML * HREF="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">Exclusive XML
@ -47,6 +52,7 @@ import org.w3c.dom.Node;
* <i>THIS </i> implementation is a complete rewrite of the algorithm. * <i>THIS </i> implementation is a complete rewrite of the algorithm.
* *
* @author Christian Geuer-Pollmann <geuerp@apache.org> * @author Christian Geuer-Pollmann <geuerp@apache.org>
* @version $Revision: 1.5 $
* @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ Exclusive#"> * @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ Exclusive#">
* XML Canonicalization, Version 1.0</a> * XML Canonicalization, Version 1.0</a>
*/ */
@ -55,7 +61,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
* This Set contains the names (Strings like "xmlns" or "xmlns:foo") of * This Set contains the names (Strings like "xmlns" or "xmlns:foo") of
* the inclusive namespaces. * the inclusive namespaces.
*/ */
TreeSet _inclusiveNSSet = null; TreeSet _inclusiveNSSet = new TreeSet();
static final String XMLNS_URI=Constants.NamespaceSpecNS; static final String XMLNS_URI=Constants.NamespaceSpecNS;
final SortedSet result = new TreeSet(COMPARE); final SortedSet result = new TreeSet(COMPARE);
/** /**
@ -143,10 +149,8 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
for (int i = 0; i < attrsLength; i++) { for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i); Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NNodeValue=N.getNodeValue();
if (!XMLNS_URI.equals(N.getNamespaceURI())) { if (XMLNS_URI!=N.getNamespaceURI()) {
//Not a namespace definition. //Not a namespace definition.
//The Element is output element, add his prefix(if used) to visibyUtilized //The Element is output element, add his prefix(if used) to visibyUtilized
String prefix = N.getPrefix(); String prefix = N.getPrefix();
@ -157,6 +161,8 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
result.add(N); result.add(N);
continue; continue;
} }
String NName=N.getLocalName();
String NNodeValue=N.getNodeValue();
if (ns.addMapping(NName, NNodeValue,N)) { if (ns.addMapping(NName, NNodeValue,N)) {
//New definition check if it is relative. //New definition check if it is relative.
@ -168,17 +174,17 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
} }
} }
String prefix;
if (E.getNamespaceURI() != null) { if (E.getNamespaceURI() != null) {
String prefix = E.getPrefix(); prefix = E.getPrefix();
if ((prefix == null) || (prefix.length() == 0)) { if ((prefix == null) || (prefix.length() == 0)) {
visiblyUtilized.add(XMLNS); prefix=XMLNS;
} else {
visiblyUtilized.add(prefix);
} }
} else { } else {
visiblyUtilized.add(XMLNS); prefix=XMLNS;
} }
visiblyUtilized.add(prefix);
//This can be optimezed by I don't have time //This can be optimezed by I don't have time
Iterator it=visiblyUtilized.iterator(); Iterator it=visiblyUtilized.iterator();
@ -211,12 +217,6 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
/** @inheritDoc */
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet
) throws CanonicalizationException {
return engineCanonicalizeXPathNodeSet(xpathNodeSet,"");
}
/** /**
* @inheritDoc * @inheritDoc
* @param E * @param E
@ -236,21 +236,20 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
//The prefix visibly utilized(in the attribute or in the name) in the element //The prefix visibly utilized(in the attribute or in the name) in the element
Set visiblyUtilized =null; Set visiblyUtilized =null;
//It's the output selected. //It's the output selected.
boolean isOutputElement = isVisible(E); boolean isOutputElement=isVisibleDO(E,ns.getLevel())==1;
if (isOutputElement) { if (isOutputElement) {
visiblyUtilized = (Set) this._inclusiveNSSet.clone(); visiblyUtilized = (Set) this._inclusiveNSSet.clone();
} }
for (int i = 0; i < attrsLength; i++) { for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i); Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NNodeValue=N.getNodeValue();
if ( !isVisible(N) ) {
//The node is not in the nodeset(if there is a nodeset)
continue;
}
if (!XMLNS_URI.equals(N.getNamespaceURI())) {
if (XMLNS_URI!=N.getNamespaceURI()) {
if ( !isVisible(N) ) {
//The node is not in the nodeset(if there is a nodeset)
continue;
}
//Not a namespace definition. //Not a namespace definition.
if (isOutputElement) { if (isOutputElement) {
//The Element is output element, add his prefix(if used) to visibyUtilized //The Element is output element, add his prefix(if used) to visibyUtilized
@ -263,6 +262,25 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
continue; continue;
} }
String NName=N.getLocalName();
if (isOutputElement && !isVisible(N) && NName!=XMLNS) {
ns.removeMappingIfNotRender(NName);
continue;
}
String NNodeValue=N.getNodeValue();
if (!isOutputElement && isVisible(N) && _inclusiveNSSet.contains(NName) && !ns.removeMappingIfRender(NName)) {
Node n=ns.addMappingAndRender(NName,NNodeValue,N);
if (n!=null) {
result.add(n);
if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] = { E.getTagName(), NName, N.getNodeValue() };
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs);
}
}
}
if (ns.addMapping(NName, NNodeValue,N)) { if (ns.addMapping(NName, NNodeValue,N)) {
@ -306,18 +324,20 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
} }
result.add(key); result.add(key);
} }
} else /*if (_circunvented)*/ {
Iterator it=this._inclusiveNSSet.iterator();
while (it.hasNext()) {
String s=(String)it.next();
Attr key=ns.getMappingWithoutRendered(s);
if (key==null) {
continue;
}
result.add(key);
}
} }
return result.iterator(); return result.iterator();
} }
void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException {
if (!input.isNeedsToBeExpanded() || _inclusiveNSSet.isEmpty())
return;
Document doc = null;
if (input.getSubNode() != null) {
doc=XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc=XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
} }

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java
View file

@ -28,6 +28,7 @@ import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/** /**
* Class Canonicalizer20010315ExclWithComments * Class Canonicalizer20010315ExclWithComments
* *
* @version $Revision: 1.5 $
*/ */
public class Canonicalizer20010315ExclWithComments public class Canonicalizer20010315ExclWithComments
extends Canonicalizer20010315Excl { extends Canonicalizer20010315Excl {

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

702
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java
View file

@ -27,9 +27,11 @@ import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.ListIterator; import java.util.ListIterator;
import java.util.Map;
import java.util.Set; import java.util.Set;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
@ -45,7 +47,6 @@ import com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStrea
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.Comment; import org.w3c.dom.Comment;
import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap; import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node; import org.w3c.dom.Node;
@ -57,6 +58,7 @@ import org.xml.sax.SAXException;
* Abstract base class for canonicalization algorithms. * Abstract base class for canonicalization algorithms.
* *
* @author Christian Geuer-Pollmann <geuerp@apache.org> * @author Christian Geuer-Pollmann <geuerp@apache.org>
* @version $Revision: 1.5 $
*/ */
public abstract class CanonicalizerBase extends CanonicalizerSpi { public abstract class CanonicalizerBase extends CanonicalizerSpi {
//Constants to be outputed, In char array form, so //Constants to be outputed, In char array form, so
@ -122,6 +124,18 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
throws CanonicalizationException { throws CanonicalizationException {
return engineCanonicalizeSubTree(rootNode,(Node)null); return engineCanonicalizeSubTree(rootNode,(Node)null);
} }
/**
* Method engineCanonicalizeXPathNodeSet
* @inheritDoc
* @param xpathNodeSet
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet)
throws CanonicalizationException {
this._xpathNodeSet = xpathNodeSet;
return engineCanonicalizeXPathNodeSetInternal(XMLUtils.getOwnerDocument(this._xpathNodeSet));
}
/** /**
* Canonicalizes a Subtree node. * Canonicalizes a Subtree node.
* @param input the root of the subtree to canicalize * @param input the root of the subtree to canicalize
@ -143,15 +157,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return bytes; return bytes;
} else if (input.isNodeSet()) { } else if (input.isNodeSet()) {
nodeFilter=input.getNodeFilters(); nodeFilter=input.getNodeFilters();
Document doc = null;
if (input.getSubNode() != null) { circumventBugIfNeeded(input);
doc=XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc=XMLUtils.getOwnerDocument(input.getNodeSet());
}
if (input.isNeedsToBeExpanded()) {
XMLUtils.circumventBug2650(doc);
}
if (input.getSubNode() != null) { if (input.getSubNode() != null) {
bytes = engineCanonicalizeXPathNodeSetInternal(input.getSubNode()); bytes = engineCanonicalizeXPathNodeSetInternal(input.getSubNode());
@ -173,6 +180,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} }
} }
/** /**
* @param _writer The _writer to set.
*/
public void setWriter(OutputStream _writer) {
this._writer = _writer;
}
/**
* Canonicalizes a Subtree node. * Canonicalizes a Subtree node.
* *
* @param rootNode * @param rootNode
@ -187,11 +201,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
this._excludeNode = excludeNode; this._excludeNode = excludeNode;
try { try {
NameSpaceSymbTable ns=new NameSpaceSymbTable(); NameSpaceSymbTable ns=new NameSpaceSymbTable();
int nodeLevel=NODE_BEFORE_DOCUMENT_ELEMENT;
if (rootNode instanceof Element) { if (rootNode instanceof Element) {
//Fills the nssymbtable with the definitions of the parent of the root subnode //Fills the nssymbtable with the definitions of the parent of the root subnode
getParentNameSpaces((Element)rootNode,ns); getParentNameSpaces((Element)rootNode,ns);
nodeLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
} }
this.canonicalizeSubTree(rootNode,ns,rootNode); this.canonicalizeSubTree(rootNode,ns,rootNode,nodeLevel);
this._writer.close(); this._writer.close();
if (this._writer instanceof ByteArrayOutputStream) { if (this._writer instanceof ByteArrayOutputStream) {
byte []result=((ByteArrayOutputStream)this._writer).toByteArray(); byte []result=((ByteArrayOutputStream)this._writer).toByteArray();
@ -199,6 +215,12 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
((ByteArrayOutputStream)this._writer).reset(); ((ByteArrayOutputStream)this._writer).reset();
} }
return result; return result;
} else if (this._writer instanceof UnsyncByteArrayOutputStream) {
byte []result=((UnsyncByteArrayOutputStream)this._writer).toByteArray();
if (reset) {
((UnsyncByteArrayOutputStream)this._writer).reset();
}
return result;
} }
return null; return null;
@ -219,13 +241,17 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
* @throws CanonicalizationException * @throws CanonicalizationException
* @throws IOException * @throws IOException
*/ */
final void canonicalizeSubTree(Node currentNode, NameSpaceSymbTable ns,Node endnode) final void canonicalizeSubTree(Node currentNode, NameSpaceSymbTable ns,Node endnode,
int documentLevel)
throws CanonicalizationException, IOException { throws CanonicalizationException, IOException {
if (isVisibleInt(currentNode)==-1)
return;
Node sibling=null; Node sibling=null;
Node parentNode=null; Node parentNode=null;
final OutputStream writer=this._writer; final OutputStream writer=this._writer;
final Node excludeNode=this._excludeNode; final Node excludeNode=this._excludeNode;
final boolean includeComments=this._includeComments; final boolean includeComments=this._includeComments;
Map cache=new HashMap();
do { do {
switch (currentNode.getNodeType()) { switch (currentNode.getNodeType()) {
@ -242,18 +268,17 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
case Node.DOCUMENT_FRAGMENT_NODE : case Node.DOCUMENT_FRAGMENT_NODE :
case Node.DOCUMENT_NODE : case Node.DOCUMENT_NODE :
ns.outputNodePush(); ns.outputNodePush();
//currentNode = currentNode.getFirstChild();
sibling= currentNode.getFirstChild(); sibling= currentNode.getFirstChild();
break; break;
case Node.COMMENT_NODE : case Node.COMMENT_NODE :
if (includeComments) { if (includeComments) {
outputCommentToWriter((Comment) currentNode, writer); outputCommentToWriter((Comment) currentNode, writer, documentLevel);
} }
break; break;
case Node.PROCESSING_INSTRUCTION_NODE : case Node.PROCESSING_INSTRUCTION_NODE :
outputPItoWriter((ProcessingInstruction) currentNode, writer); outputPItoWriter((ProcessingInstruction) currentNode, writer, documentLevel);
break; break;
case Node.TEXT_NODE : case Node.TEXT_NODE :
@ -262,6 +287,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break; break;
case Node.ELEMENT_NODE : case Node.ELEMENT_NODE :
documentLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
if (currentNode==excludeNode) { if (currentNode==excludeNode) {
break; break;
} }
@ -270,27 +296,27 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
ns.outputNodePush(); ns.outputNodePush();
writer.write('<'); writer.write('<');
String name=currentElement.getTagName(); String name=currentElement.getTagName();
writeStringToUtf8(name,writer); UtfHelpper.writeByte(name,writer,cache);
Iterator attrs = this.handleAttributesSubtree(currentElement,ns); Iterator attrs = this.handleAttributesSubtree(currentElement,ns);
if (attrs!=null) { if (attrs!=null) {
//we output all Attrs which are available //we output all Attrs which are available
while (attrs.hasNext()) { while (attrs.hasNext()) {
Attr attr = (Attr) attrs.next(); Attr attr = (Attr) attrs.next();
outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer); outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer,cache);
} }
} }
writer.write('>'); writer.write('>');
sibling= currentNode.getFirstChild(); sibling= currentNode.getFirstChild();
if (sibling==null) { if (sibling==null) {
writer.write(_END_TAG); writer.write(_END_TAG);
writeStringToUtf8(name,writer); UtfHelpper.writeStringToUtf8(name,writer);
writer.write('>'); writer.write('>');
//We fineshed with this level, pop to the previous definitions. //We fineshed with this level, pop to the previous definitions.
ns.outputNodePop(); ns.outputNodePop();
if (parentNode != null) { if (parentNode != null) {
sibling= currentNode.getNextSibling(); sibling= currentNode.getNextSibling();
} }
} else { } else {
parentNode=currentElement; parentNode=currentElement;
} }
@ -298,7 +324,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} }
while (sibling==null && parentNode!=null) { while (sibling==null && parentNode!=null) {
writer.write(_END_TAG); writer.write(_END_TAG);
writeStringToUtf8(((Element)parentNode).getTagName(),writer); UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache);
writer.write('>'); writer.write('>');
//We fineshed with this level, pop to the previous definitions. //We fineshed with this level, pop to the previous definitions.
ns.outputNodePop(); ns.outputNodePop();
@ -307,6 +333,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
sibling=parentNode.getNextSibling(); sibling=parentNode.getNextSibling();
parentNode=parentNode.getParentNode(); parentNode=parentNode.getParentNode();
if (!(parentNode instanceof Element)) { if (!(parentNode instanceof Element)) {
documentLevel=NODE_AFTER_DOCUMENT_ELEMENT;
parentNode=null; parentNode=null;
} }
} }
@ -317,47 +344,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} while(true); } while(true);
} }
/**
* Checks whether a Comment or ProcessingInstruction is before or after the
* document element. This is needed for prepending or appending "\n"s.
*
* @param currentNode comment or pi to check
* @return NODE_BEFORE_DOCUMENT_ELEMENT, NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT or NODE_AFTER_DOCUMENT_ELEMENT
* @see #NODE_BEFORE_DOCUMENT_ELEMENT
* @see #NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT
* @see #NODE_AFTER_DOCUMENT_ELEMENT
*/
final static int getPositionRelativeToDocumentElement(Node currentNode) {
if ((currentNode == null) ||
(currentNode.getParentNode().getNodeType() != Node.DOCUMENT_NODE) ) {
return CanonicalizerBase.NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
}
Element documentElement = currentNode.getOwnerDocument().getDocumentElement();
if ( (documentElement == null) || (documentElement == currentNode) ){
return CanonicalizerBase.NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
}
for (Node x = currentNode; x != null; x = x.getNextSibling()) {
if (x == documentElement) {
return CanonicalizerBase.NODE_BEFORE_DOCUMENT_ELEMENT;
}
}
return CanonicalizerBase.NODE_AFTER_DOCUMENT_ELEMENT;
}
/**
* Method engineCanonicalizeXPathNodeSet
* @inheritDoc
* @param xpathNodeSet
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet)
throws CanonicalizationException {
this._xpathNodeSet = xpathNodeSet;
return engineCanonicalizeXPathNodeSetInternal(XMLUtils.getOwnerDocument(this._xpathNodeSet));
}
private byte[] engineCanonicalizeXPathNodeSetInternal(Node doc) private byte[] engineCanonicalizeXPathNodeSetInternal(Node doc)
throws CanonicalizationException { throws CanonicalizationException {
@ -370,6 +358,12 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
((ByteArrayOutputStream)this._writer).reset(); ((ByteArrayOutputStream)this._writer).reset();
} }
return sol; return sol;
} else if (this._writer instanceof UnsyncByteArrayOutputStream) {
byte []result=((UnsyncByteArrayOutputStream)this._writer).toByteArray();
if (reset) {
((UnsyncByteArrayOutputStream)this._writer).reset();
}
return result;
} }
return null; return null;
} catch (UnsupportedEncodingException ex) { } catch (UnsupportedEncodingException ex) {
@ -390,11 +384,17 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
*/ */
final void canonicalizeXPathNodeSet(Node currentNode,Node endnode ) final void canonicalizeXPathNodeSet(Node currentNode,Node endnode )
throws CanonicalizationException, IOException { throws CanonicalizationException, IOException {
boolean currentNodeIsVisible = false; if (isVisibleInt(currentNode)==-1)
NameSpaceSymbTable ns=new NameSpaceSymbTable(); return;
boolean currentNodeIsVisible = false;
NameSpaceSymbTable ns=new NameSpaceSymbTable();
if (currentNode instanceof Element)
getParentNameSpaces((Element)currentNode,ns);
Node sibling=null; Node sibling=null;
Node parentNode=null; Node parentNode=null;
OutputStream writer=this._writer; OutputStream writer=this._writer;
int documentLevel=NODE_BEFORE_DOCUMENT_ELEMENT;
Map cache=new HashMap();
do { do {
switch (currentNode.getNodeType()) { switch (currentNode.getNodeType()) {
@ -416,14 +416,14 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break; break;
case Node.COMMENT_NODE : case Node.COMMENT_NODE :
if (this._includeComments && isVisible(currentNode)) { if (this._includeComments && (isVisibleDO(currentNode,ns.getLevel())==1)) {
outputCommentToWriter((Comment) currentNode, writer); outputCommentToWriter((Comment) currentNode, writer, documentLevel);
} }
break; break;
case Node.PROCESSING_INSTRUCTION_NODE : case Node.PROCESSING_INSTRUCTION_NODE :
if (isVisible(currentNode)) if (isVisible(currentNode))
outputPItoWriter((ProcessingInstruction) currentNode, writer); outputPItoWriter((ProcessingInstruction) currentNode, writer, documentLevel);
break; break;
case Node.TEXT_NODE : case Node.TEXT_NODE :
@ -436,12 +436,6 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
|| (nextSibling.getNodeType() || (nextSibling.getNodeType()
== Node.CDATA_SECTION_NODE)); == Node.CDATA_SECTION_NODE));
nextSibling = nextSibling.getNextSibling()) { nextSibling = nextSibling.getNextSibling()) {
/* The XPath data model allows to select only the first of a
* sequence of mixed text and CDATA nodes. But we must output
* them all, so we must search:
*
* @see http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6329
*/
outputTextToWriter(nextSibling.getNodeValue(), writer); outputTextToWriter(nextSibling.getNodeValue(), writer);
currentNode=nextSibling; currentNode=nextSibling;
sibling=currentNode.getNextSibling(); sibling=currentNode.getNextSibling();
@ -451,15 +445,21 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break; break;
case Node.ELEMENT_NODE : case Node.ELEMENT_NODE :
documentLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
Element currentElement = (Element) currentNode; Element currentElement = (Element) currentNode;
//Add a level to the nssymbtable. So latter can be pop-back. //Add a level to the nssymbtable. So latter can be pop-back.
String name=null; String name=null;
currentNodeIsVisible=isVisible(currentNode); int i=isVisibleDO(currentNode,ns.getLevel());
if (i==-1) {
sibling= currentNode.getNextSibling();
break;
}
currentNodeIsVisible=(i==1);
if (currentNodeIsVisible) { if (currentNodeIsVisible) {
ns.outputNodePush(); ns.outputNodePush();
writer.write('<'); writer.write('<');
name=currentElement.getTagName(); name=currentElement.getTagName();
writeStringToUtf8(name,writer); UtfHelpper.writeByte(name,writer,cache);
} else { } else {
ns.push(); ns.push();
} }
@ -469,7 +469,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
//we output all Attrs which are available //we output all Attrs which are available
while (attrs.hasNext()) { while (attrs.hasNext()) {
Attr attr = (Attr) attrs.next(); Attr attr = (Attr) attrs.next();
outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer); outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer,cache);
} }
} }
if (currentNodeIsVisible) { if (currentNodeIsVisible) {
@ -480,7 +480,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (sibling==null) { if (sibling==null) {
if (currentNodeIsVisible) { if (currentNodeIsVisible) {
writer.write(_END_TAG); writer.write(_END_TAG);
writeStringToUtf8(name,writer); UtfHelpper.writeByte(name,writer,cache);
writer.write('>'); writer.write('>');
//We fineshed with this level, pop to the previous definitions. //We fineshed with this level, pop to the previous definitions.
ns.outputNodePop(); ns.outputNodePop();
@ -498,7 +498,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
while (sibling==null && parentNode!=null) { while (sibling==null && parentNode!=null) {
if (isVisible(parentNode)) { if (isVisible(parentNode)) {
writer.write(_END_TAG); writer.write(_END_TAG);
writeStringToUtf8(((Element)parentNode).getTagName(),writer); UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache);
writer.write('>'); writer.write('>');
//We fineshed with this level, pop to the previous definitions. //We fineshed with this level, pop to the previous definitions.
ns.outputNodePop(); ns.outputNodePop();
@ -511,6 +511,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
parentNode=parentNode.getParentNode(); parentNode=parentNode.getParentNode();
if (!(parentNode instanceof Element)) { if (!(parentNode instanceof Element)) {
parentNode=null; parentNode=null;
documentLevel=NODE_AFTER_DOCUMENT_ELEMENT;
} }
} }
if (sibling==null) if (sibling==null)
@ -519,12 +520,38 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
sibling=currentNode.getNextSibling(); sibling=currentNode.getNextSibling();
} while(true); } while(true);
} }
int isVisibleDO(Node currentNode,int level) {
if (nodeFilter!=null) {
Iterator it=nodeFilter.iterator();
while (it.hasNext()) {
int i=((NodeFilter)it.next()).isNodeIncludeDO(currentNode,level);
if (i!=1)
return i;
}
}
if ((this._xpathNodeSet!=null) && !this._xpathNodeSet.contains(currentNode))
return 0;
return 1;
}
int isVisibleInt(Node currentNode) {
if (nodeFilter!=null) {
Iterator it=nodeFilter.iterator();
while (it.hasNext()) {
int i=((NodeFilter)it.next()).isNodeInclude(currentNode);
if (i!=1)
return i;
}
}
if ((this._xpathNodeSet!=null) && !this._xpathNodeSet.contains(currentNode))
return 0;
return 1;
}
boolean isVisible(Node currentNode) { boolean isVisible(Node currentNode) {
if (nodeFilter!=null) { if (nodeFilter!=null) {
Iterator it=nodeFilter.iterator(); Iterator it=nodeFilter.iterator();
while (it.hasNext()) { while (it.hasNext()) {
if (!((NodeFilter)it.next()).isNodeInclude(currentNode)) if (((NodeFilter)it.next()).isNodeInclude(currentNode)!=1)
return false; return false;
} }
} }
@ -533,19 +560,42 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return true; return true;
} }
void handleParent(Element e,NameSpaceSymbTable ns) {
if (!e.hasAttributes()) {
return;
}
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) {
//Not a namespace definition, ignore.
continue;
}
String NName=N.getLocalName();
String NValue=N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
/** /**
* Adds to ns the definitons from the parent elements of el * Adds to ns the definitons from the parent elements of el
* @param el * @param el
* @param ns * @param ns
*/ */
final static void getParentNameSpaces(Element el,NameSpaceSymbTable ns) { final void getParentNameSpaces(Element el,NameSpaceSymbTable ns) {
List parents=new ArrayList(); List parents=new ArrayList(10);
Node n1=el.getParentNode(); Node n1=el.getParentNode();
if (!(n1 instanceof Element)) { if (!(n1 instanceof Element)) {
return; return;
} }
//Obtain all the parents of the elemnt //Obtain all the parents of the elemnt
Element parent=(Element) el.getParentNode(); Element parent=(Element) n1;
while (parent!=null) { while (parent!=null) {
parents.add(parent); parents.add(parent);
Node n=parent.getParentNode(); Node n=parent.getParentNode();
@ -557,297 +607,15 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
//Visit them in reverse order. //Visit them in reverse order.
ListIterator it=parents.listIterator(parents.size()); ListIterator it=parents.listIterator(parents.size());
while (it.hasPrevious()) { while (it.hasPrevious()) {
Element ele=(Element)it.previous(); Element ele=(Element)it.previous();
if (!ele.hasAttributes()) { handleParent(ele, ns);
continue;
} }
NamedNodeMap attrs = ele.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (!Constants.NamespaceSpecNS.equals(N.getNamespaceURI())) {
//Not a namespace definition, ignore.
continue;
}
String NName=N.getLocalName();
String NValue=N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
Attr nsprefix; Attr nsprefix;
if (((nsprefix=ns.getMappingWithoutRendered("xmlns"))!=null) if (((nsprefix=ns.getMappingWithoutRendered("xmlns"))!=null)
&& "".equals(nsprefix.getValue())) { && "".equals(nsprefix.getValue())) {
ns.addMappingAndRender("xmlns","",nullNode); ns.addMappingAndRender("xmlns","",nullNode);
} }
} }
/**
* Outputs an Attribute to the internal Writer.
*
* The string value of the node is modified by replacing
* <UL>
* <LI>all ampersands (&) with <CODE>&amp;amp;</CODE></LI>
* <LI>all open angle brackets (<) with <CODE>&amp;lt;</CODE></LI>
* <LI>all quotation mark characters with <CODE>&amp;quot;</CODE></LI>
* <LI>and the whitespace characters <CODE>#x9</CODE>, #xA, and #xD, with character
* references. The character references are written in uppercase
* hexadecimal with no leading zeroes (for example, <CODE>#xD</CODE> is represented
* by the character reference <CODE>&amp;#xD;</CODE>)</LI>
* </UL>
*
* @param name
* @param value
* @param writer
* @throws IOException
*/
static final void outputAttrToWriter(final String name, final String value, final OutputStream writer) throws IOException {
writer.write(' ');
writeStringToUtf8(name,writer);
writer.write(equalsStr);
byte []toWrite;
final int length = value.length();
for (int i=0;i < length; i++) {
char c = value.charAt(i);
switch (c) {
case '&' :
toWrite=_AMP_;
//writer.write(_AMP_);
break;
case '<' :
toWrite=_LT_;
//writer.write(_LT_);
break;
case '"' :
toWrite=_QUOT_;
//writer.write(_QUOT_);
break;
case 0x09 : // '\t'
toWrite=__X9_;
//writer.write(__X9_);
break;
case 0x0A : // '\n'
toWrite=__XA_;
//writer.write(__XA_);
break;
case 0x0D : // '\r'
toWrite=__XD_;
//writer.write(__XD_);
break;
default :
writeCharToUtf8(c,writer);
//this._writer.write(c);
continue;
}
writer.write(toWrite);
}
writer.write('\"');
}
final static void writeCharToUtf8(final char c,final OutputStream out) throws IOException{
char ch;
if (/*(c >= 0x0001) &&*/ (c <= 0x007F)) {
out.write(c);
return;
}
int bias;
int write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
final static void writeStringToUtf8(final String str,final OutputStream out) throws IOException{
final int length=str.length();
int i=0;
char c;
while (i<length) {
c=str.charAt(i++);
if (/*(c >= 0x0001) &&*/ (c <= 0x007F)) {
out.write(c);
continue;
}
char ch;
int bias;
int write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
continue;
}
}
/**
* Outputs a PI to the internal Writer.
*
* @param currentPI
* @param writer where to write the things
* @throws IOException
*/
static final void outputPItoWriter(ProcessingInstruction currentPI, OutputStream writer) throws IOException {
final int position = getPositionRelativeToDocumentElement(currentPI);
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_PI);
final String target = currentPI.getTarget();
int length = target.length();
for (int i = 0; i < length; i++) {
char c=target.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
writeCharToUtf8(c,writer);
}
}
final String data = currentPI.getData();
length = data.length();
if (length > 0) {
writer.write(' ');
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
writeCharToUtf8(c,writer);
}
}
}
writer.write(_END_PI);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Method outputCommentToWriter
*
* @param currentComment
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputCommentToWriter(Comment currentComment, OutputStream writer) throws IOException {
final int position = getPositionRelativeToDocumentElement(currentComment);
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_COMM);
final String data = currentComment.getData();
final int length = data.length();
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
writeCharToUtf8(c,writer);
}
}
writer.write(_END_COMM);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Outputs a Text of CDATA section to the internal Writer.
*
* @param text
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputTextToWriter(final String text, final OutputStream writer) throws IOException {
final int length = text.length();
byte []toWrite;
for (int i = 0; i < length; i++) {
char c = text.charAt(i);
switch (c) {
case '&' :
toWrite=_AMP_;
//writer.write(_AMP_);
break;
case '<' :
toWrite=_LT_;
//writer.write(_LT_);
break;
case '>' :
toWrite=_GT_;
//writer.write(_GT_);
break;
case 0xD :
toWrite=__XD_;
//writer.write(__XD_);
break;
default :
writeCharToUtf8(c,writer);
continue;
}
writer.write(toWrite);
}
}
/** /**
* Obtain the attributes to output for this node in XPathNodeSet c14n. * Obtain the attributes to output for this node in XPathNodeSet c14n.
* *
@ -870,13 +638,207 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
abstract Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns) abstract Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns)
throws CanonicalizationException; throws CanonicalizationException;
abstract void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException;
/**
* Outputs an Attribute to the internal Writer.
*
* The string value of the node is modified by replacing
* <UL>
* <LI>all ampersands (&) with <CODE>&amp;amp;</CODE></LI>
* <LI>all open angle brackets (<) with <CODE>&amp;lt;</CODE></LI>
* <LI>all quotation mark characters with <CODE>&amp;quot;</CODE></LI>
* <LI>and the whitespace characters <CODE>#x9</CODE>, #xA, and #xD, with character
* references. The character references are written in uppercase
* hexadecimal with no leading zeroes (for example, <CODE>#xD</CODE> is represented
* by the character reference <CODE>&amp;#xD;</CODE>)</LI>
* </UL>
*
* @param name
* @param value
* @param writer
* @throws IOException
*/
static final void outputAttrToWriter(final String name, final String value, final OutputStream writer,
final Map cache) throws IOException {
writer.write(' ');
UtfHelpper.writeByte(name,writer,cache);
writer.write(equalsStr);
byte []toWrite;
final int length = value.length();
int i=0;
while (i < length) {
char c = value.charAt(i++);
/** switch (c) {
* @param _writer The _writer to set.
*/ case '&' :
public void setWriter(OutputStream _writer) { toWrite=_AMP_;
this._writer = _writer; break;
}
case '<' :
toWrite=_LT_;
break;
case '"' :
toWrite=_QUOT_;
break;
case 0x09 : // '\t'
toWrite=__X9_;
break;
case 0x0A : // '\n'
toWrite=__XA_;
break;
case 0x0D : // '\r'
toWrite=__XD_;
break;
default :
if (c < 0x80 ) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
continue;
}
writer.write(toWrite);
}
writer.write('\"');
}
/**
* Outputs a PI to the internal Writer.
*
* @param currentPI
* @param writer where to write the things
* @throws IOException
*/
static final void outputPItoWriter(ProcessingInstruction currentPI, OutputStream writer,int position) throws IOException {
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_PI);
final String target = currentPI.getTarget();
int length = target.length();
for (int i = 0; i < length; i++) {
char c=target.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
}
}
final String data = currentPI.getData();
length = data.length();
if (length > 0) {
writer.write(' ');
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
}
}
}
writer.write(_END_PI);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Method outputCommentToWriter
*
* @param currentComment
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputCommentToWriter(Comment currentComment, OutputStream writer,int position) throws IOException {
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_COMM);
final String data = currentComment.getData();
final int length = data.length();
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
}
}
writer.write(_END_COMM);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Outputs a Text of CDATA section to the internal Writer.
*
* @param text
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputTextToWriter(final String text, final OutputStream writer) throws IOException {
final int length = text.length();
byte []toWrite;
for (int i = 0; i < length; i++) {
char c = text.charAt(i);
switch (c) {
case '&' :
toWrite=_AMP_;
break;
case '<' :
toWrite=_LT_;
break;
case '>' :
toWrite=_GT_;
break;
case 0xD :
toWrite=__XD_;
break;
default :
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
continue;
}
writer.write(toWrite);
}
}
} }

224
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java
View file

@ -20,16 +20,10 @@
*/ */
package com.sun.org.apache.xml.internal.security.c14n.implementations; package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.lang.reflect.Array;
import java.util.AbstractList;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection; import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
@ -46,21 +40,26 @@ import org.w3c.dom.Node;
public class NameSpaceSymbTable { public class NameSpaceSymbTable {
/**The map betwen prefix-> entry table. */ /**The map betwen prefix-> entry table. */
SymbMap symb = new SymbMap(); SymbMap symb;
/**The level of nameSpaces (for Inclusive visibility).*/ /**The level of nameSpaces (for Inclusive visibility).*/
int nameSpaces=0; int nameSpaces=0;
/**The stacks for removing the definitions when doing pop.*/ /**The stacks for removing the definitions when doing pop.*/
List level = new ArrayList(); List level;
boolean cloned=true; boolean cloned=true;
static final String XMLNS="xmlns"; static final String XMLNS="xmlns";
final static SymbMap initialMap=new SymbMap();
static {
NameSpaceSymbEntry ne=new NameSpaceSymbEntry("",null,true,XMLNS);
ne.lastrendered="";
initialMap.put(XMLNS,ne);
}
/** /**
* Default constractor * Default constractor
**/ **/
public NameSpaceSymbTable() { public NameSpaceSymbTable() {
level = new ArrayList(10);
//Insert the default binding for xmlns. //Insert the default binding for xmlns.
NameSpaceSymbEntry ne=new NameSpaceSymbEntry("",null,true); symb=(SymbMap) initialMap.clone();
ne.lastrendered="";
symb.put(XMLNS,ne);
} }
/** /**
@ -75,8 +74,14 @@ public class NameSpaceSymbTable {
NameSpaceSymbEntry n=(NameSpaceSymbEntry)(it.next()); NameSpaceSymbEntry n=(NameSpaceSymbEntry)(it.next());
//put them rendered? //put them rendered?
if ((!n.rendered) && (n.n!=null)) { if ((!n.rendered) && (n.n!=null)) {
n=(NameSpaceSymbEntry) n.clone();
needsClone();
symb.put(n.prefix,n);
n.lastrendered=n.uri;
n.rendered=true;
result.add(n.n); result.add(n.n);
n.rendered=true;
} }
} }
} }
@ -104,10 +109,6 @@ public class NameSpaceSymbTable {
**/ **/
public void push() { public void push() {
//Put the number of namespace definitions in the stack. //Put the number of namespace definitions in the stack.
/**if (cloned) {
Object ob[]= {symb,cloned ? symb : null};
level.add(ob);
} **/
level.add(null); level.add(null);
cloned=false; cloned=false;
} }
@ -124,7 +125,7 @@ public class NameSpaceSymbTable {
if (size==0) { if (size==0) {
cloned=false; cloned=false;
} else } else
cloned=(level.get(size-1)!=symb); cloned=(level.get(size-1)!=symb);
} else { } else {
cloned=false; cloned=false;
} }
@ -134,8 +135,7 @@ public class NameSpaceSymbTable {
final void needsClone() { final void needsClone() {
if (!cloned) { if (!cloned) {
level.remove(level.size()-1); level.set(level.size()-1,symb);
level.add(symb);
symb=(SymbMap) symb.clone(); symb=(SymbMap) symb.clone();
cloned=true; cloned=true;
} }
@ -200,7 +200,7 @@ public class NameSpaceSymbTable {
return false; return false;
} }
//Creates and entry in the table for this new definition. //Creates and entry in the table for this new definition.
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,false); NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,false,prefix);
needsClone(); needsClone();
symb.put(prefix, ne); symb.put(prefix, ne);
if (ob != null) { if (ob != null) {
@ -238,7 +238,7 @@ public class NameSpaceSymbTable {
return null; return null;
} }
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true); NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true,prefix);
ne.lastrendered=uri; ne.lastrendered=uri;
needsClone(); needsClone();
symb.put(prefix, ne); symb.put(prefix, ne);
@ -251,53 +251,38 @@ public class NameSpaceSymbTable {
} }
return ne.n; return ne.n;
} }
/**
* Adds & gets(if needed) the attribute node that defines the binding for the prefix. public int getLevel() {
* Take on account if the rules of rendering in the inclusive c14n. // TODO Auto-generated method stub
* For inclusive c14n. return level.size();
* @param prefix the prefix to obtain the attribute. }
* @param outputNode the container element is an output element.
* @param uri the Uri of the definition public void removeMapping(String prefix) {
* @param n the attribute that have the definition
* @return null if there is no need to render the prefix. Otherwise the node of
* definition.
**/
public Node addMappingAndRenderXNodeSet(String prefix, String uri,Attr n,boolean outputNode) {
NameSpaceSymbEntry ob = symb.get(prefix); NameSpaceSymbEntry ob = symb.get(prefix);
int visibleNameSpaces=nameSpaces;
if ((ob!=null) && uri.equals(ob.uri)) { if (ob!=null) {
if (!ob.rendered) {
ob=(NameSpaceSymbEntry)ob.clone();
needsClone();
symb.put(prefix,ob);
ob.rendered=true;
ob.level=visibleNameSpaces;
return ob.n;
}
ob=(NameSpaceSymbEntry)ob.clone();
needsClone(); needsClone();
symb.put(prefix,ob); symb.put(prefix,null);
if (outputNode && (((visibleNameSpaces-ob.level)<2) || XMLNS.equals(prefix)) ) { }
ob.level=visibleNameSpaces; }
return null; //Already rendered, just return nulll
}
ob.level=visibleNameSpaces;
return ob.n;
}
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true); public void removeMappingIfNotRender(String prefix) {
ne.level=nameSpaces; NameSpaceSymbEntry ob = symb.get(prefix);
ne.rendered=true;
needsClone();
symb.put(prefix, ne);
if (ob != null) {
ne.lastrendered=ob.lastrendered;
if ((ob.lastrendered!=null)&& (ob.lastrendered.equals(uri))) { if (ob!=null && !ob.rendered) {
ne.rendered=true; needsClone();
} symb.put(prefix,null);
} }
return ne.n; }
public boolean removeMappingIfRender(String prefix) {
NameSpaceSymbEntry ob = symb.get(prefix);
if (ob!=null && ob.rendered) {
needsClone();
symb.put(prefix,null);
}
return false;
} }
} }
@ -305,10 +290,11 @@ public class NameSpaceSymbTable {
* The internal structure of NameSpaceSymbTable. * The internal structure of NameSpaceSymbTable.
**/ **/
class NameSpaceSymbEntry implements Cloneable { class NameSpaceSymbEntry implements Cloneable {
NameSpaceSymbEntry(String name,Attr n,boolean rendered) { NameSpaceSymbEntry(String name,Attr n,boolean rendered,String prefix) {
this.uri=name; this.uri=name;
this.rendered=rendered; this.rendered=rendered;
this.n=n; this.n=n;
this.prefix=prefix;
} }
/** @inheritDoc */ /** @inheritDoc */
public Object clone() { public Object clone() {
@ -320,6 +306,7 @@ class NameSpaceSymbEntry implements Cloneable {
} }
/** The level where the definition was rendered(Only for inclusive) */ /** The level where the definition was rendered(Only for inclusive) */
int level=0; int level=0;
String prefix;
/**The URI that the prefix defines */ /**The URI that the prefix defines */
String uri; String uri;
/**The last output in the URI for this prefix (This for speed reason).*/ /**The last output in the URI for this prefix (This for speed reason).*/
@ -330,53 +317,57 @@ class NameSpaceSymbEntry implements Cloneable {
Attr n; Attr n;
}; };
class SymbMap implements Cloneable{ class SymbMap implements Cloneable {
int free=23; int free=23;
NameSpaceSymbEntry[] entries=new NameSpaceSymbEntry[free]; NameSpaceSymbEntry[] entries;
String[] keys=new String[free]; String[] keys;
SymbMap() {
void put(String key, NameSpaceSymbEntry value) { entries=new NameSpaceSymbEntry[free];
keys=new String[free];
}
void put(String key, NameSpaceSymbEntry value) {
int index = index(key); int index = index(key);
Object oldKey = keys[index]; Object oldKey = keys[index];
keys[index] = key; keys[index] = key;
entries[index] = value; entries[index] = value;
if (oldKey==null || !oldKey.equals(key)) { if (oldKey==null || !oldKey.equals(key)) {
if (--free == 0) { if (--free == 0) {
free=entries.length; free=entries.length;
int newCapacity = free<<2; int newCapacity = free<<2;
rehash(newCapacity); rehash(newCapacity);
} }
} }
} }
List entrySet() { List entrySet() {
List a=new ArrayList(); List a=new ArrayList();
for (int i=0;i<entries.length;i++) { for (int i=0;i<entries.length;i++) {
if ((entries[i]!=null) && !("".equals(entries[i]))) { if ((entries[i]!=null) && !("".equals(entries[i].uri))) {
a.add(entries[i]); a.add(entries[i]);
} }
}
return a;
} }
return a;
}
protected int index(Object obj) {
protected int index(Object obj) {
Object[] set = keys; Object[] set = keys;
int length = set.length; int length = set.length;
//abs of index //abs of index
int index = (obj.hashCode() & 0x7fffffff) % length; int index = (obj.hashCode() & 0x7fffffff) % length;
Object cur = set[index]; Object cur = set[index];
if (cur == null || (cur.equals( obj))) { if (cur == null || (cur.equals( obj))) {
return index; return index;
} }
length=length-1;
do { do {
index=index==length? 0:++index; index=index==length? 0:++index;
cur = set[index]; cur = set[index];
} while (cur != null && (!cur.equals(obj))); } while (cur != null && (!cur.equals(obj)));
return index; return index;
} }
/**
/**
* rehashes the map to the new capacity. * rehashes the map to the new capacity.
* *
* @param newCapacity an <code>int</code> value * @param newCapacity an <code>int</code> value
@ -384,37 +375,38 @@ class SymbMap implements Cloneable{
protected void rehash(int newCapacity) { protected void rehash(int newCapacity) {
int oldCapacity = keys.length; int oldCapacity = keys.length;
String oldKeys[] = keys; String oldKeys[] = keys;
NameSpaceSymbEntry oldVals[] = entries; NameSpaceSymbEntry oldVals[] = entries;
keys = new String[newCapacity]; keys = new String[newCapacity];
entries = new NameSpaceSymbEntry[newCapacity]; entries = new NameSpaceSymbEntry[newCapacity];
for (int i = oldCapacity; i-- > 0;) { for (int i = oldCapacity; i-- > 0;) {
if(oldKeys[i] != null) { if(oldKeys[i] != null) {
String o = oldKeys[i]; String o = oldKeys[i];
int index = index(o); int index = index(o);
keys[index] = o; keys[index] = o;
entries[index] = oldVals[i]; entries[index] = oldVals[i];
} }
} }
} }
NameSpaceSymbEntry get(String key) {
return entries[index(key)];
}
protected Object clone() {
// TODO Auto-generated method stub
try {
SymbMap copy=(SymbMap) super.clone();
copy.entries=new NameSpaceSymbEntry[entries.length];
System.arraycopy(entries,0,copy.entries,0,entries.length);
copy.keys=new String[keys.length];
System.arraycopy(keys,0,copy.keys,0,keys.length);
return copy; NameSpaceSymbEntry get(String key) {
} catch (CloneNotSupportedException e) { return entries[index(key)];
// TODO Auto-generated catch block }
e.printStackTrace();
} protected Object clone() {
return null; try {
SymbMap copy=(SymbMap) super.clone();
copy.entries=new NameSpaceSymbEntry[entries.length];
System.arraycopy(entries,0,copy.entries,0,entries.length);
copy.keys=new String[keys.length];
System.arraycopy(keys,0,copy.keys,0,keys.length);
return copy;
} catch (CloneNotSupportedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} }
return null;
}
} }

155
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java Normal file
View file

@ -0,0 +1,155 @@
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Map;
public class UtfHelpper {
final static void writeByte(final String str,final OutputStream out,Map cache) throws IOException {
byte []result=(byte[]) cache.get(str);
if (result==null) {
result=getStringInUtf8(str);
cache.put(str,result);
}
out.write(result);
}
final static void writeCharToUtf8(final char c,final OutputStream out) throws IOException{
if (c < 0x80) {
out.write(c);
return;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){
//No Surrogates in sun java
out.write(0x3f);
return;
}
int bias;
int write;
char ch;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
final static void writeStringToUtf8(final String str,final OutputStream out) throws IOException{
final int length=str.length();
int i=0;
char c;
while (i<length) {
c=str.charAt(i++);
if (c < 0x80) {
out.write(c);
continue;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){
//No Surrogates in sun java
out.write(0x3f);
continue;
}
char ch;
int bias;
int write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
}
public final static byte[] getStringInUtf8(final String str) {
final int length=str.length();
boolean expanded=false;
byte []result=new byte[length];
int i=0;
int out=0;
char c;
while (i<length) {
c=str.charAt(i++);
if ( c < 0x80 ) {
result[out++]=(byte)c;
continue;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){
//No Surrogates in sun java
result[out++]=0x3f;
continue;
}
if (!expanded) {
byte newResult[]=new byte[3*length];
System.arraycopy(result, 0, newResult, 0, out);
result=newResult;
expanded=true;
}
char ch;
int bias;
byte write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=(byte)0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
result[out++]=write;
write=(byte)0x80;
bias=0x3F;
} else {
write=(byte)0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
result[out++]=write;
result[out++]=(byte)(0x80 | ((c) & 0x3F));/**/
}
if (expanded) {
byte newResult[]=new byte[out];
System.arraycopy(result, 0, newResult, 0, out);
result=newResult;
}
return result;
}
}

619
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
View file

File diff suppressed because it is too large Load diff

116
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java
View file

@ -108,84 +108,78 @@ public class XMLCipherInput {
return null; return null;
} }
/** /**
* Internal method to get bytes in decryption mode * Internal method to get bytes in decryption mode
* @return the decripted bytes * @return the decripted bytes
* @throws XMLEncryptionException * @throws XMLEncryptionException
*/ */
private byte[] getDecryptBytes() throws XMLEncryptionException {
private byte[] getDecryptBytes() throws XMLEncryptionException { String base64EncodedEncryptedOctets = null;
String base64EncodedEncryptedOctets = null;
if (_cipherData.getDataType() == CipherData.REFERENCE_TYPE) { if (_cipherData.getDataType() == CipherData.REFERENCE_TYPE) {
// Fun time! // Fun time!
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData"); logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData");
CipherReference cr = _cipherData.getCipherReference(); CipherReference cr = _cipherData.getCipherReference();
// Need to wrap the uri in an Attribute node so that we can // Need to wrap the uri in an Attribute node so that we can
// Pass to the resource resolvers // Pass to the resource resolvers
Attr uriAttr = cr.getURIAsAttr(); Attr uriAttr = cr.getURIAsAttr();
XMLSignatureInput input = null; XMLSignatureInput input = null;
try { try {
ResourceResolver resolver = ResourceResolver resolver =
ResourceResolver.getInstance(uriAttr, null); ResourceResolver.getInstance(uriAttr, null);
input = resolver.resolve(uriAttr, null); input = resolver.resolve(uriAttr, null);
} catch (ResourceResolverException ex) { } catch (ResourceResolverException ex) {
throw new XMLEncryptionException("empty", ex); throw new XMLEncryptionException("empty", ex);
} }
if (input != null) { if (input != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\""); logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\"");
} } else {
else { logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\"");
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\""); }
}
// Lets see if there are any transforms // Lets see if there are any transforms
Transforms transforms = cr.getTransforms(); Transforms transforms = cr.getTransforms();
if (transforms != null) { if (transforms != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference"); logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference");
try { try {
com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms = com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms =
transforms.getDSTransforms(); transforms.getDSTransforms();
input = dsTransforms.performTransforms(input); input = dsTransforms.performTransforms(input);
} catch (TransformationException ex) { } catch (TransformationException ex) {
throw new XMLEncryptionException("empty", ex); throw new XMLEncryptionException("empty", ex);
}
}
try {
return input.getBytes();
}
catch (IOException ex) {
throw new XMLEncryptionException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLEncryptionException("empty", ex);
}
// retrieve the cipher text
} else if (_cipherData.getDataType() == CipherData.VALUE_TYPE) {
CipherValue cv = _cipherData.getCipherValue();
base64EncodedEncryptedOctets = new String(cv.getValue());
} else {
throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
} }
}
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets); try {
return input.getBytes();
} catch (IOException ex) {
throw new XMLEncryptionException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLEncryptionException("empty", ex);
}
// retrieve the cipher text
} else if (_cipherData.getDataType() == CipherData.VALUE_TYPE) {
base64EncodedEncryptedOctets =
_cipherData.getCipherValue().getValue();
} else {
throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
}
logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
byte[] encryptedBytes = null; byte[] encryptedBytes = null;
try { try {
encryptedBytes = Base64.decode(base64EncodedEncryptedOctets); encryptedBytes = Base64.decode(base64EncodedEncryptedOctets);
} catch (Base64DecodingException bde) { } catch (Base64DecodingException bde) {
throw new XMLEncryptionException("empty", bde); throw new XMLEncryptionException("empty", bde);
} }
return (encryptedBytes); return (encryptedBytes);
}
}
} }

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -28,7 +27,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class ContentHandlerAlreadyRegisteredException public class ContentHandlerAlreadyRegisteredException
extends XMLSecurityException { extends XMLSecurityException {

410
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
View file

@ -25,6 +25,8 @@ package com.sun.org.apache.xml.internal.security.keys;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List; import java.util.List;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
@ -88,15 +90,22 @@ import org.w3c.dom.NodeList;
* The <CODE>containsXXX()</CODE> methods return <I>whether</I> the KeyInfo * The <CODE>containsXXX()</CODE> methods return <I>whether</I> the KeyInfo
* contains the corresponding type. * contains the corresponding type.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class KeyInfo extends SignatureElementProxy { public class KeyInfo extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyInfo.class.getName()); java.util.logging.Logger.getLogger(KeyInfo.class.getName());
List x509Datas=null;
List encryptedKeys=null;
static final List nullList;
static {
List list = new ArrayList();
list.add(null);
nullList = Collections.unmodifiableList(list);
}
/** /**
* Constructor KeyInfo * Constructor KeyInfo
@ -108,7 +117,6 @@ public class KeyInfo extends SignatureElementProxy {
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
} }
/** /**
@ -119,8 +127,8 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public KeyInfo(Element element, String BaseURI) throws XMLSecurityException { public KeyInfo(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI); super(element, BaseURI);
// _storageResolvers.add(null);
} }
@ -131,7 +139,7 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
public void setId(String Id) { public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) { if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id); IdResolver.registerElementById(this._constructionElement, Id);
} }
@ -162,10 +170,8 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
public void add(KeyName keyname) { public void add(KeyName keyname) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(keyname.getElement()); this._constructionElement.appendChild(keyname.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -219,11 +225,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyvalue * @param keyvalue
*/ */
public void add(KeyValue keyvalue) { public void add(KeyValue keyvalue) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(keyvalue.getElement()); this._constructionElement.appendChild(keyvalue.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -241,11 +244,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param mgmtdata * @param mgmtdata
*/ */
public void add(MgmtData mgmtdata) { public void add(MgmtData mgmtdata) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(mgmtdata.getElement()); this._constructionElement.appendChild(mgmtdata.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -254,11 +254,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param pgpdata * @param pgpdata
*/ */
public void add(PGPData pgpdata) { public void add(PGPData pgpdata) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(pgpdata.getElement()); this._constructionElement.appendChild(pgpdata.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -279,11 +276,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param retrievalmethod * @param retrievalmethod
*/ */
public void add(RetrievalMethod retrievalmethod) { public void add(RetrievalMethod retrievalmethod) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(retrievalmethod.getElement()); this._constructionElement.appendChild(retrievalmethod.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -292,11 +286,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param spkidata * @param spkidata
*/ */
public void add(SPKIData spkidata) { public void add(SPKIData spkidata) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(spkidata.getElement()); this._constructionElement.appendChild(spkidata.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -305,11 +296,11 @@ public class KeyInfo extends SignatureElementProxy {
* @param x509data * @param x509data
*/ */
public void add(X509Data x509data) { public void add(X509Data x509data) {
if (x509Datas==null)
if (this._state == MODE_SIGN) { x509Datas=new ArrayList();
x509Datas.add(x509data);
this._constructionElement.appendChild(x509data.getElement()); this._constructionElement.appendChild(x509data.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -321,12 +312,11 @@ public class KeyInfo extends SignatureElementProxy {
public void add(EncryptedKey encryptedKey) public void add(EncryptedKey encryptedKey)
throws XMLEncryptionException { throws XMLEncryptionException {
if (encryptedKeys==null)
if (this._state == MODE_SIGN) { encryptedKeys=new ArrayList();
encryptedKeys.add(encryptedKey);
XMLCipher cipher = XMLCipher.getInstance(); XMLCipher cipher = XMLCipher.getInstance();
this._constructionElement.appendChild(cipher.martial(encryptedKey)); this._constructionElement.appendChild(cipher.martial(encryptedKey));
}
} }
/** /**
@ -335,11 +325,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param element * @param element
*/ */
public void addUnknownElement(Element element) { public void addUnknownElement(Element element) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(element); this._constructionElement.appendChild(element);
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -403,6 +390,9 @@ public class KeyInfo extends SignatureElementProxy {
*@return the number of the X509Data tags *@return the number of the X509Data tags
*/ */
public int lengthX509Data() { public int lengthX509Data() {
if (x509Datas!=null) {
return x509Datas.size();
}
return this.length(Constants.SignatureSpecNS, Constants._TAG_X509DATA); return this.length(Constants.SignatureSpecNS, Constants._TAG_X509DATA);
} }
@ -550,7 +540,9 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public X509Data itemX509Data(int i) throws XMLSecurityException { public X509Data itemX509Data(int i) throws XMLSecurityException {
if (x509Datas!=null) {
return (X509Data) x509Datas.get(i);
}
Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_X509DATA,i); Constants._TAG_X509DATA,i);
@ -569,7 +561,9 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
public EncryptedKey itemEncryptedKey(int i) throws XMLSecurityException { public EncryptedKey itemEncryptedKey(int i) throws XMLSecurityException {
if (encryptedKeys!=null) {
return (EncryptedKey) encryptedKeys.get(i);
}
Element e = Element e =
XMLUtils.selectXencNode(this._constructionElement.getFirstChild(), XMLUtils.selectXencNode(this._constructionElement.getFirstChild(),
EncryptionConstants._TAG_ENCRYPTEDKEY,i); EncryptionConstants._TAG_ENCRYPTEDKEY,i);
@ -707,20 +701,20 @@ public class KeyInfo extends SignatureElementProxy {
PublicKey pk = this.getPublicKeyFromInternalResolvers(); PublicKey pk = this.getPublicKeyFromInternalResolvers();
if (pk != null) { if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers"); log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers");
return pk; return pk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers"); log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers");
pk = this.getPublicKeyFromStaticResolvers(); pk = this.getPublicKeyFromStaticResolvers();
if (pk != null) { if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers"); log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers");
return pk; return pk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers"); log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers");
return null; return null;
} }
@ -732,46 +726,29 @@ public class KeyInfo extends SignatureElementProxy {
* @throws KeyResolverException * @throws KeyResolverException
*/ */
PublicKey getPublicKeyFromStaticResolvers() throws KeyResolverException { PublicKey getPublicKeyFromStaticResolvers() throws KeyResolverException {
int length=KeyResolver.length();
for (int i = 0; i < KeyResolver.length(); i++) { int storageLength=this._storageResolvers.size();
KeyResolver keyResolver = KeyResolver.item(i); Iterator it= KeyResolver.iterator();
for (int i = 0; i < length; i++) {
KeyResolverSpi keyResolver = (KeyResolverSpi) it.next();
Node currentChild=this._constructionElement.getFirstChild(); Node currentChild=this._constructionElement.getFirstChild();
String uri= this.getBaseURI();
while (currentChild!=null) { while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) { for (int k = 0; k < storageLength; k++) {
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
PublicKey pk =
keyResolver.resolvePublicKey((Element) currentChild,
this.getBaseURI(),
storage);
if (pk != null) {
return pk;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage = StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k); (StorageResolver) this._storageResolvers.get(k);
if (keyResolver.canResolve((Element) currentChild, PublicKey pk =
this.getBaseURI(), storage)) { keyResolver.engineLookupAndResolvePublicKey((Element) currentChild,
PublicKey pk = uri,
keyResolver.resolvePublicKey((Element) currentChild,
this.getBaseURI(),
storage); storage);
if (pk != null) { if (pk != null) {
return pk; KeyResolver.hit(it);
} return pk;
} }
} }
}
} }
currentChild=currentChild.getNextSibling(); currentChild=currentChild.getNextSibling();
} }
@ -786,50 +763,27 @@ public class KeyInfo extends SignatureElementProxy {
* @throws KeyResolverException * @throws KeyResolverException
*/ */
PublicKey getPublicKeyFromInternalResolvers() throws KeyResolverException { PublicKey getPublicKeyFromInternalResolvers() throws KeyResolverException {
int length=lengthInternalKeyResolver();
for (int i = 0; i < this.lengthInternalKeyResolver(); i++) { int storageLength=this._storageResolvers.size();
for (int i = 0; i < length; i++) {
KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i); KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i);
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName()); log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
Node currentChild=this._constructionElement.getFirstChild(); Node currentChild=this._constructionElement.getFirstChild();
String uri=this.getBaseURI();
while (currentChild!=null) { while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) { for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
// if we do not have storage resolvers, we verify with null (StorageResolver) this._storageResolvers.get(k);
StorageResolver storage = null; PublicKey pk = keyResolver
.engineLookupAndResolvePublicKey((Element) currentChild, uri, storage);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
PublicKey pk =
keyResolver
.engineResolvePublicKey((Element) currentChild, this
.getBaseURI(), storage);
if (pk != null) { if (pk != null) {
return pk; return pk;
} }
} }
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
PublicKey pk = keyResolver
.engineResolvePublicKey((Element) currentChild, this
.getBaseURI(), storage);
if (pk != null) {
return pk;
}
}
}
}
} }
currentChild=currentChild.getNextSibling(); currentChild=currentChild.getNextSibling();
} }
@ -850,12 +804,12 @@ public class KeyInfo extends SignatureElementProxy {
X509Certificate cert = this.getX509CertificateFromInternalResolvers(); X509Certificate cert = this.getX509CertificateFromInternalResolvers();
if (cert != null) { if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, log.log(java.util.logging.Level.FINE,
"I could find a X509Certificate using the per-KeyInfo key resolvers"); "I could find a X509Certificate using the per-KeyInfo key resolvers");
return cert; return cert;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, log.log(java.util.logging.Level.FINE,
"I couldn't find a X509Certificate using the per-KeyInfo key resolvers"); "I couldn't find a X509Certificate using the per-KeyInfo key resolvers");
@ -863,12 +817,12 @@ public class KeyInfo extends SignatureElementProxy {
cert = this.getX509CertificateFromStaticResolvers(); cert = this.getX509CertificateFromStaticResolvers();
if (cert != null) { if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, log.log(java.util.logging.Level.FINE,
"I could find a X509Certificate using the system-wide key resolvers"); "I could find a X509Certificate using the system-wide key resolvers");
return cert; return cert;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, log.log(java.util.logging.Level.FINE,
"I couldn't find a X509Certificate using the system-wide key resolvers"); "I couldn't find a X509Certificate using the system-wide key resolvers");
@ -885,53 +839,44 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
X509Certificate getX509CertificateFromStaticResolvers() X509Certificate getX509CertificateFromStaticResolvers()
throws KeyResolverException { throws KeyResolverException {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromStaticResolvers() with " log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromStaticResolvers() with "
+ KeyResolver.length() + " resolvers"); + KeyResolver.length() + " resolvers");
String uri=this.getBaseURI();
int length= KeyResolver.length();
int storageLength=this._storageResolvers.size();
Iterator it = KeyResolver.iterator();
for (int i = 0; i <length; i++) {
KeyResolverSpi keyResolver = (KeyResolverSpi) it.next();
X509Certificate cert= applyCurrentResolver(uri, storageLength, keyResolver);
if (cert!=null) {
KeyResolver.hit(it);
return cert;
}
}
return null;
}
for (int i = 0; i < KeyResolver.length(); i++) { private X509Certificate applyCurrentResolver(String uri, int storageLength, KeyResolverSpi keyResolver) throws KeyResolverException {
KeyResolver keyResolver = KeyResolver.item(i); Node currentChild=this._constructionElement.getFirstChild();
Node currentChild=this._constructionElement.getFirstChild(); while (currentChild!=null) {
while (currentChild!=null) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { for (int k = 0; k < storageLength; k++) {
if (this._storageResolvers.size() == 0) { StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
// if we do not have storage resolvers, we verify with null X509Certificate cert = keyResolver
StorageResolver storage = null; .engineLookupResolveX509Certificate((Element) currentChild, uri,
storage);
if (keyResolver.canResolve((Element) currentChild, if (cert != null) {
this.getBaseURI(), storage)) { return cert;
X509Certificate cert =
keyResolver
.resolveX509Certificate((Element) currentChild, this
.getBaseURI(), storage);
if (cert != null) {
return cert;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
X509Certificate cert = keyResolver
.resolveX509Certificate((Element) currentChild, this
.getBaseURI(), storage);
if (cert != null) {
return cert;
}
}
} }
} }
} }
currentChild=currentChild.getNextSibling(); currentChild=currentChild.getNextSibling();
} }
} return null;
return null;
} }
/** /**
@ -942,55 +887,18 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
X509Certificate getX509CertificateFromInternalResolvers() X509Certificate getX509CertificateFromInternalResolvers()
throws KeyResolverException { throws KeyResolverException {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromInternalResolvers() with " log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromInternalResolvers() with "
+ this.lengthInternalKeyResolver() + " resolvers"); + this.lengthInternalKeyResolver() + " resolvers");
String uri=this.getBaseURI();
int storageLength=this._storageResolvers.size();
for (int i = 0; i < this.lengthInternalKeyResolver(); i++) { for (int i = 0; i < this.lengthInternalKeyResolver(); i++) {
KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i); KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i);
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName()); log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
X509Certificate cert= applyCurrentResolver(uri, storageLength, keyResolver);
Node currentChild=this._constructionElement.getFirstChild(); if (cert!=null) {
while (currentChild!=null) { return cert;
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) {
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
X509Certificate cert =
keyResolver.engineResolveX509Certificate(
(Element) currentChild, this.getBaseURI(), storage);
if (cert != null) {
return cert;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
X509Certificate cert =
keyResolver.engineResolveX509Certificate(
(Element) currentChild, this.getBaseURI(),
storage);
if (cert != null) {
return cert;
}
}
}
}
}
currentChild=currentChild.getNextSibling();
} }
} }
@ -1006,21 +914,21 @@ public class KeyInfo extends SignatureElementProxy {
SecretKey sk = this.getSecretKeyFromInternalResolvers(); SecretKey sk = this.getSecretKeyFromInternalResolvers();
if (sk != null) { if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a secret key using the per-KeyInfo key resolvers"); log.log(java.util.logging.Level.FINE, "I could find a secret key using the per-KeyInfo key resolvers");
return sk; return sk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers"); log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers");
sk = this.getSecretKeyFromStaticResolvers(); sk = this.getSecretKeyFromStaticResolvers();
if (sk != null) { if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a secret key using the system-wide key resolvers"); log.log(java.util.logging.Level.FINE, "I could find a secret key using the system-wide key resolvers");
return sk; return sk;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the system-wide key resolvers"); log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the system-wide key resolvers");
return null; return null;
@ -1034,47 +942,29 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
SecretKey getSecretKeyFromStaticResolvers() throws KeyResolverException { SecretKey getSecretKeyFromStaticResolvers() throws KeyResolverException {
final int length=KeyResolver.length();
for (int i = 0; i < KeyResolver.length(); i++) { int storageLength=this._storageResolvers.size();
KeyResolver keyResolver = KeyResolver.item(i); Iterator it = KeyResolver.iterator();
for (int i = 0; i < length; i++) {
KeyResolverSpi keyResolver = (KeyResolverSpi) it.next();
Node currentChild=this._constructionElement.getFirstChild(); Node currentChild=this._constructionElement.getFirstChild();
String uri=this.getBaseURI();
while (currentChild!=null) { while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) { for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
// if we do not have storage resolvers, we verify with null SecretKey sk =
StorageResolver storage = null; keyResolver.engineLookupAndResolveSecretKey((Element) currentChild,
uri,
if (keyResolver.canResolve((Element) currentChild, storage);
this.getBaseURI(), storage)) {
SecretKey sk =
keyResolver.resolveSecretKey((Element) currentChild,
this.getBaseURI(),
storage);
if (sk != null) { if (sk != null) {
return sk; return sk;
} }
} }
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
SecretKey sk =
keyResolver.resolveSecretKey((Element) currentChild,
this.getBaseURI(),
storage);
if (sk != null) {
return sk;
}
}
}
}
} }
currentChild=currentChild.getNextSibling(); currentChild=currentChild.getNextSibling();
} }
@ -1090,51 +980,28 @@ public class KeyInfo extends SignatureElementProxy {
*/ */
SecretKey getSecretKeyFromInternalResolvers() throws KeyResolverException { SecretKey getSecretKeyFromInternalResolvers() throws KeyResolverException {
int storageLength=this._storageResolvers.size();
for (int i = 0; i < this.lengthInternalKeyResolver(); i++) { for (int i = 0; i < this.lengthInternalKeyResolver(); i++) {
KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i); KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i);
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName()); log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
Node currentChild=this._constructionElement.getFirstChild(); Node currentChild=this._constructionElement.getFirstChild();
String uri=this.getBaseURI();
while (currentChild!=null) { while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) { if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) { for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
// if we do not have storage resolvers, we verify with null SecretKey sk = keyResolver
StorageResolver storage = null; .engineLookupAndResolveSecretKey((Element) currentChild, uri, storage);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
SecretKey sk =
keyResolver
.engineResolveSecretKey((Element) currentChild, this
.getBaseURI(), storage);
if (sk != null) { if (sk != null) {
return sk; return sk;
} }
} }
} else { }
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
SecretKey sk = keyResolver
.engineResolveSecretKey((Element) currentChild, this
.getBaseURI(), storage);
if (sk != null) {
return sk;
}
}
}
}
}
currentChild=currentChild.getNextSibling(); currentChild=currentChild.getNextSibling();
} }
} }
@ -1145,7 +1012,7 @@ public class KeyInfo extends SignatureElementProxy {
/** /**
* Stores the individual (per-KeyInfo) {@link KeyResolver}s * Stores the individual (per-KeyInfo) {@link KeyResolver}s
*/ */
List _internalKeyResolvers = new ArrayList(); List _internalKeyResolvers = null;
/** /**
* This method is used to add a custom {@link KeyResolverSpi} to a KeyInfo * This method is used to add a custom {@link KeyResolverSpi} to a KeyInfo
@ -1154,6 +1021,9 @@ public class KeyInfo extends SignatureElementProxy {
* @param realKeyResolver * @param realKeyResolver
*/ */
public void registerInternalKeyResolver(KeyResolverSpi realKeyResolver) { public void registerInternalKeyResolver(KeyResolverSpi realKeyResolver) {
if (_internalKeyResolvers==null) {
_internalKeyResolvers=new ArrayList();
}
this._internalKeyResolvers.add(realKeyResolver); this._internalKeyResolvers.add(realKeyResolver);
} }
@ -1162,6 +1032,8 @@ public class KeyInfo extends SignatureElementProxy {
* @return the length of the key * @return the length of the key
*/ */
int lengthInternalKeyResolver() { int lengthInternalKeyResolver() {
if (_internalKeyResolvers==null)
return 0;
return this._internalKeyResolvers.size(); return this._internalKeyResolvers.size();
} }
@ -1176,7 +1048,7 @@ public class KeyInfo extends SignatureElementProxy {
} }
/** Field _storageResolvers */ /** Field _storageResolvers */
List _storageResolvers = new ArrayList(); List _storageResolvers = nullList;
/** /**
* Method addStorageResolver * Method addStorageResolver
@ -1184,19 +1056,11 @@ public class KeyInfo extends SignatureElementProxy {
* @param storageResolver * @param storageResolver
*/ */
public void addStorageResolver(StorageResolver storageResolver) { public void addStorageResolver(StorageResolver storageResolver) {
if (_storageResolvers == nullList ){
if (storageResolver != null) { _storageResolvers=new ArrayList();
}
this._storageResolvers.add(storageResolver); this._storageResolvers.add(storageResolver);
}
}
/**
* Method getStorageResolvers
*
* @return the internalStorages
*/
List getStorageResolvers() {
return this._storageResolvers;
} }
//J- //J-

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyUtils.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -36,7 +35,7 @@ import com.sun.org.apache.xml.internal.security.keys.content.X509Data;
/** /**
* Utility class for for <CODE>com.sun.org.apache.xml.internal.security.keys</CODE> package. * Utility class for for <CODE>com.sun.org.apache.xml.internal.security.keys</CODE> package.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class KeyUtils { public class KeyUtils {

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -28,7 +27,7 @@ package com.sun.org.apache.xml.internal.security.keys.content;
/** /**
* Empty interface just to identify Elements that can be cildren of ds:KeyInfo. * Empty interface just to identify Elements that can be cildren of ds:KeyInfo.
* *
* @author $Author: blautenb $ * @author $Author: mullan $
*/ */
public interface KeyInfoContent { public interface KeyInfoContent {
} }

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java
View file

@ -20,25 +20,18 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content; package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class KeyName extends SignatureElementProxy implements KeyInfoContent { public class KeyName extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyName.class.getName());
/** /**
* Constructor KeyName * Constructor KeyName
* *

198
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java
View file

@ -20,11 +20,8 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content; package com.sun.org.apache.xml.internal.security.keys.content;
import java.security.PublicKey; import java.security.PublicKey;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.DSAKeyValue; import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.DSAKeyValue;
import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.RSAKeyValue; import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.RSAKeyValue;
@ -34,140 +31,131 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* The KeyValue element contains a single public key that may be useful in * The KeyValue element contains a single public key that may be useful in
* validating the signature. Structured formats for defining DSA (REQUIRED) * validating the signature. Structured formats for defining DSA (REQUIRED)
* and RSA (RECOMMENDED) public keys are defined in Signature Algorithms * and RSA (RECOMMENDED) public keys are defined in Signature Algorithms
* (section 6.4). The KeyValue element may include externally defined public * (section 6.4). The KeyValue element may include externally defined public
* keys values represented as PCDATA or element types from an external namespace. * keys values represented as PCDATA or element types from an external
* namespace.
* *
* @author $Author: vishal $ * @author $Author: mullan $
*/ */
public class KeyValue extends SignatureElementProxy implements KeyInfoContent { public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */ /**
static java.util.logging.Logger log = * Constructor KeyValue
java.util.logging.Logger.getLogger(KeyValue.class.getName()); *
* @param doc
* @param dsaKeyValue
*/
public KeyValue(Document doc, DSAKeyValue dsaKeyValue) {
/** super(doc);
* Constructor KeyValue
*
* @param doc
* @param dsaKeyValue
*/
public KeyValue(Document doc, DSAKeyValue dsaKeyValue) {
super(doc); XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(dsaKeyValue.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
XMLUtils.addReturnToElement(this._constructionElement); /**
this._constructionElement.appendChild(dsaKeyValue.getElement()); * Constructor KeyValue
XMLUtils.addReturnToElement(this._constructionElement); *
} * @param doc
* @param rsaKeyValue
*/
public KeyValue(Document doc, RSAKeyValue rsaKeyValue) {
/** super(doc);
* Constructor KeyValue
*
* @param doc
* @param rsaKeyValue
*/
public KeyValue(Document doc, RSAKeyValue rsaKeyValue) {
super(doc); XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(rsaKeyValue.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
XMLUtils.addReturnToElement(this._constructionElement); /**
this._constructionElement.appendChild(rsaKeyValue.getElement()); * Constructor KeyValue
XMLUtils.addReturnToElement(this._constructionElement); *
} * @param doc
* @param unknownKeyValue
*/
public KeyValue(Document doc, Element unknownKeyValue) {
/** super(doc);
* Constructor KeyValue
*
* @param doc
* @param unknownKeyValue
*/
public KeyValue(Document doc, Element unknownKeyValue) {
super(doc); XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(unknownKeyValue);
XMLUtils.addReturnToElement(this._constructionElement);
}
XMLUtils.addReturnToElement(this._constructionElement); /**
this._constructionElement.appendChild(unknownKeyValue); * Constructor KeyValue
XMLUtils.addReturnToElement(this._constructionElement); *
} * @param doc
* @param pk
*/
public KeyValue(Document doc, PublicKey pk) {
/** super(doc);
* Constructor KeyValue
*
* @param doc
* @param pk
*/
public KeyValue(Document doc, PublicKey pk) {
super(doc); XMLUtils.addReturnToElement(this._constructionElement);
XMLUtils.addReturnToElement(this._constructionElement); if (pk instanceof java.security.interfaces.DSAPublicKey) {
DSAKeyValue dsa = new DSAKeyValue(this._doc, pk);
if (pk instanceof java.security.interfaces.DSAPublicKey) { this._constructionElement.appendChild(dsa.getElement());
DSAKeyValue dsa = new DSAKeyValue(this._doc, pk); XMLUtils.addReturnToElement(this._constructionElement);
} else if (pk instanceof java.security.interfaces.RSAPublicKey) {
RSAKeyValue rsa = new RSAKeyValue(this._doc, pk);
this._constructionElement.appendChild(dsa.getElement()); this._constructionElement.appendChild(rsa.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
} else if (pk instanceof java.security.interfaces.RSAPublicKey) { }
RSAKeyValue rsa = new RSAKeyValue(this._doc, pk); }
this._constructionElement.appendChild(rsa.getElement()); /**
XMLUtils.addReturnToElement(this._constructionElement); * Constructor KeyValue
} *
} * @param element
* @param BaseURI
/** * @throws XMLSecurityException
* Constructor KeyValue */
* public KeyValue(Element element, String BaseURI)
* @param element
* @param BaseURI
* @throws XMLSecurityException
*/
public KeyValue(Element element, String BaseURI)
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, BaseURI);
} }
/** /**
* Method getPublicKey * Method getPublicKey
* *
* @return the public key * @return the public key
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public PublicKey getPublicKey() throws XMLSecurityException { public PublicKey getPublicKey() throws XMLSecurityException {
Element rsa = XMLUtils.selectDsNode
(this._constructionElement.getFirstChild(),
Constants._TAG_RSAKEYVALUE,0);
Element rsa = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), if (rsa != null) {
Constants._TAG_RSAKEYVALUE,0); RSAKeyValue kv = new RSAKeyValue(rsa, this._baseURI);
if (rsa != null) {
RSAKeyValue kv = new RSAKeyValue(rsa,
this._baseURI);
return kv.getPublicKey(); return kv.getPublicKey();
} }
Element dsa = XMLUtils.selectDsNode(this._constructionElement, Element dsa = XMLUtils.selectDsNode
Constants._TAG_DSAKEYVALUE,0); (this._constructionElement.getFirstChild(),
Constants._TAG_DSAKEYVALUE,0);
if (dsa != null) {
DSAKeyValue kv = new DSAKeyValue(dsa,
this._baseURI);
if (dsa != null) {
DSAKeyValue kv = new DSAKeyValue(dsa, this._baseURI);
return kv.getPublicKey(); return kv.getPublicKey();
} }
return null;
}
return null; /** @inheritDoc */
} public String getBaseLocalName() {
return Constants._TAG_KEYVALUE;
/** @inheritDoc */ }
public String getBaseLocalName() {
return Constants._TAG_KEYVALUE;
}
} }

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java
View file

@ -20,25 +20,18 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content; package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class MgmtData extends SignatureElementProxy implements KeyInfoContent { public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(MgmtData.class.getName());
/** /**
* Constructor MgmtData * Constructor MgmtData
* *

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java
View file

@ -20,25 +20,18 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content; package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
* $todo$ Implement * $todo$ Implement
*/ */
public class PGPData extends SignatureElementProxy implements KeyInfoContent { public class PGPData extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(PGPData.class.getName());
/** /**
* Constructor PGPData * Constructor PGPData
* *

11
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java
View file

@ -20,9 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content; package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -33,17 +30,13 @@ import org.w3c.dom.Attr;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class RetrievalMethod extends SignatureElementProxy public class RetrievalMethod extends SignatureElementProxy
implements KeyInfoContent { implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(RetrievalMethod.class.getName());
//J- //J-
/** DSA retrieval */ /** DSA retrieval */
public static final String TYPE_DSA = Constants.SignatureSpecNS + "DSAKeyValue"; public static final String TYPE_DSA = Constants.SignatureSpecNS + "DSAKeyValue";
@ -133,7 +126,7 @@ public class RetrievalMethod extends SignatureElementProxy
try { try {
Element transformsElem = Element transformsElem =
XMLUtils.selectDsNode(this._constructionElement, XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants Constants
._TAG_TRANSFORMS, 0); ._TAG_TRANSFORMS, 0);

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java
View file

@ -20,25 +20,18 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content; package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
* $todo$ implement * $todo$ implement
*/ */
public class SPKIData extends SignatureElementProxy implements KeyInfoContent { public class SPKIData extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SPKIData.class.getName());
/** /**
* Constructor SPKIData * Constructor SPKIData
* *

72
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java
View file

@ -41,7 +41,7 @@ import org.w3c.dom.Node;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class X509Data extends SignatureElementProxy implements KeyInfoContent { public class X509Data extends SignatureElementProxy implements KeyInfoContent {
@ -72,60 +72,17 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, BaseURI);
boolean noElements=true;
Node sibling=this._constructionElement.getFirstChild(); Node sibling=this._constructionElement.getFirstChild();
while (sibling!=null) { while (sibling!=null) {
if (sibling.getNodeType()!=Node.ELEMENT_NODE) { if (sibling.getNodeType()!=Node.ELEMENT_NODE) {
sibling=sibling.getNextSibling(); sibling=sibling.getNextSibling();
continue; continue;
} }
noElements=false; return;
Element currentElem = (Element) sibling;
sibling=sibling.getNextSibling();
String localname = currentElem.getLocalName();
if (currentElem.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
if (localname.equals(Constants._TAG_X509ISSUERSERIAL)) {
XMLX509IssuerSerial is = new XMLX509IssuerSerial(currentElem,
BaseURI);
this.add(is);
} else if (localname.equals(Constants._TAG_X509SKI)) {
XMLX509SKI ski = new XMLX509SKI(currentElem, BaseURI);
this.add(ski);
} else if (localname.equals(Constants._TAG_X509SUBJECTNAME)) {
XMLX509SubjectName sn = new XMLX509SubjectName(currentElem,
BaseURI);
this.add(sn);
} else if (localname.equals(Constants._TAG_X509CERTIFICATE)) {
XMLX509Certificate cert = new XMLX509Certificate(currentElem,
BaseURI);
this.add(cert);
} else if (localname.equals(Constants._TAG_X509CRL)) {
XMLX509CRL crl = new XMLX509CRL(currentElem, BaseURI);
this.add(crl);
} else {
log.log(java.util.logging.Level.WARNING, "Found a " + currentElem.getTagName() + " element in "
+ Constants._TAG_X509DATA);
this.addUnknownElement(currentElem);
}
} else {
log.log(java.util.logging.Level.WARNING, "Found a " + currentElem.getTagName() + " element in "
+ Constants._TAG_X509DATA);
this.addUnknownElement(currentElem);
}
} }
if (noElements) { /* No Elements found */
Object exArgs[] = { "Elements", Constants._TAG_X509DATA }; Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
throw new XMLSecurityException("xml.WrongContent", exArgs);
throw new XMLSecurityException("xml.WrongContent", exArgs);
}
} }
/** /**
@ -169,11 +126,9 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/ */
public void add(XMLX509IssuerSerial xmlX509IssuerSerial) { public void add(XMLX509IssuerSerial xmlX509IssuerSerial) {
if (this._state == MODE_SIGN) {
this._constructionElement this._constructionElement
.appendChild(xmlX509IssuerSerial.getElement()); .appendChild(xmlX509IssuerSerial.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -202,11 +157,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SKI * @param xmlX509SKI
*/ */
public void add(XMLX509SKI xmlX509SKI) { public void add(XMLX509SKI xmlX509SKI) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509SKI.getElement()); this._constructionElement.appendChild(xmlX509SKI.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -233,11 +185,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SubjectName * @param xmlX509SubjectName
*/ */
public void add(XMLX509SubjectName xmlX509SubjectName) { public void add(XMLX509SubjectName xmlX509SubjectName) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509SubjectName.getElement()); this._constructionElement.appendChild(xmlX509SubjectName.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -266,11 +215,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509Certificate * @param xmlX509Certificate
*/ */
public void add(XMLX509Certificate xmlX509Certificate) { public void add(XMLX509Certificate xmlX509Certificate) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509Certificate.getElement()); this._constructionElement.appendChild(xmlX509Certificate.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -288,11 +234,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509CRL * @param xmlX509CRL
*/ */
public void add(XMLX509CRL xmlX509CRL) { public void add(XMLX509CRL xmlX509CRL) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509CRL.getElement()); this._constructionElement.appendChild(xmlX509CRL.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -301,11 +244,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param element * @param element
*/ */
public void addUnknownElement(Element element) { public void addUnknownElement(Element element) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(element); this._constructionElement.appendChild(element);
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -479,7 +419,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* TODO implement * TODO implement
**/ **/
public Element itemUnknownElement(int i) { public Element itemUnknownElement(int i) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:"+i); log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:"+i);
return null; return null;
} }

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content.keyvalues; package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.Key; import java.security.Key;
import java.security.KeyFactory; import java.security.KeyFactory;
@ -39,18 +37,13 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class DSAKeyValue extends SignatureElementProxy public class DSAKeyValue extends SignatureElementProxy
implements KeyValueContent { implements KeyValueContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(DSAKeyValue.class.getName());
/** /**
* Constructor DSAKeyValue * Constructor DSAKeyValue
* *

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -32,7 +31,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
* *
* *
* *
* @author $Author: raul $ * @author $Author: mullan $
* *
*/ */
public interface KeyValueContent { public interface KeyValueContent {

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content.keyvalues; package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.Key; import java.security.Key;
import java.security.KeyFactory; import java.security.KeyFactory;
@ -39,19 +37,13 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class RSAKeyValue extends SignatureElementProxy public class RSAKeyValue extends SignatureElementProxy
implements KeyValueContent { implements KeyValueContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(
RSAKeyValue.class.getName());
/** /**
* Constructor RSAKeyValue * Constructor RSAKeyValue
* *

12
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java
View file

@ -20,30 +20,20 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content.x509; package com.sun.org.apache.xml.internal.security.keys.content.x509;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* * @author $Author: mullan $
*
*
* @author $Author: raul $
* *
*/ */
public class XMLX509CRL extends SignatureElementProxy public class XMLX509CRL extends SignatureElementProxy
implements XMLX509DataContent { implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509CRL.class.getName());
/** /**
* Constructor XMLX509CRL * Constructor XMLX509CRL
* *

39
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content.x509; package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
@ -34,18 +32,13 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class XMLX509Certificate extends SignatureElementProxy public class XMLX509Certificate extends SignatureElementProxy
implements XMLX509DataContent { implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509Certificate.class.getName());
/** Field JCA_CERT_ID */ /** Field JCA_CERT_ID */
public static final String JCA_CERT_ID = "X.509"; public static final String JCA_CERT_ID = "X.509";
@ -146,23 +139,25 @@ public class XMLX509Certificate extends SignatureElementProxy
return null; return null;
} }
/** @inheritDoc */ /** @inheritDoc */
public boolean equals(Object obj) { public boolean equals(Object obj) {
try { if (obj == null) {
if (!obj.getClass().getName().equals(this.getClass().getName())) {
return false; return false;
} }
if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false;
}
XMLX509Certificate other = (XMLX509Certificate) obj;
try {
XMLX509Certificate other = (XMLX509Certificate) obj; /** $todo$ or should be create X509Certificates and use the equals() from the Certs */
return java.security.MessageDigest.isEqual
/** $todo$ or should be create X509Certificates and use the equals() from the Certs */ (other.getCertificateBytes(), this.getCertificateBytes());
return java.security.MessageDigest.isEqual(other.getCertificateBytes(), } catch (XMLSecurityException ex) {
this.getCertificateBytes()); return false;
} catch (XMLSecurityException ex) { }
return false; }
}
}
/** @inheritDoc */ /** @inheritDoc */
public String getBaseLocalName() { public String getBaseLocalName() {

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -28,7 +27,7 @@ package com.sun.org.apache.xml.internal.security.keys.content.x509;
/** /**
* Just used for tagging contents that are allowed inside a ds:X509Data Element. * Just used for tagging contents that are allowed inside a ds:X509Data Element.
* *
* @author $Author: blautenb $ * @author $Author: mullan $
*/ */
public interface XMLX509DataContent { public interface XMLX509DataContent {
} }

225
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content.x509; package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
@ -33,148 +31,139 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class XMLX509IssuerSerial extends SignatureElementProxy public class XMLX509IssuerSerial extends SignatureElementProxy
implements XMLX509DataContent { implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger( java.util.logging.Logger.getLogger(
XMLX509IssuerSerial.class.getName()); XMLX509IssuerSerial.class.getName());
/** /**
* Constructor XMLX509IssuerSerial * Constructor XMLX509IssuerSerial
* *
* @param element * @param element
* @param BaseURI * @param baseURI
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public XMLX509IssuerSerial(Element element, String BaseURI) public XMLX509IssuerSerial(Element element, String baseURI)
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, baseURI);
} }
/** /**
* Constructor XMLX509IssuerSerial * Constructor XMLX509IssuerSerial
* *
* @param doc * @param doc
* @param X509IssuerName * @param x509IssuerName
* @param X509SerialNumber * @param x509SerialNumber
*/ */
public XMLX509IssuerSerial(Document doc, String X509IssuerName, public XMLX509IssuerSerial(Document doc, String x509IssuerName,
BigInteger X509SerialNumber) { BigInteger x509SerialNumber) {
super(doc); super(doc);
XMLUtils.addReturnToElement(this._constructionElement);
addTextElement(x509IssuerName, Constants._TAG_X509ISSUERNAME);
addTextElement(x509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER);
}
XMLUtils.addReturnToElement(this._constructionElement); /**
this.addTextElement(X509IssuerName, Constants._TAG_X509ISSUERNAME); * Constructor XMLX509IssuerSerial
XMLUtils.addReturnToElement(this._constructionElement); *
this.addTextElement(X509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER); * @param doc
} * @param x509IssuerName
* @param x509SerialNumber
*/
public XMLX509IssuerSerial(Document doc, String x509IssuerName,
String x509SerialNumber) {
this(doc, x509IssuerName, new BigInteger(x509SerialNumber));
}
/** /**
* Constructor XMLX509IssuerSerial * Constructor XMLX509IssuerSerial
* *
* @param doc * @param doc
* @param X509IssuerName * @param x509IssuerName
* @param X509SerialNumber * @param x509SerialNumber
*/ */
public XMLX509IssuerSerial(Document doc, String X509IssuerName, public XMLX509IssuerSerial(Document doc, String x509IssuerName,
String X509SerialNumber) { int x509SerialNumber) {
this(doc, X509IssuerName, new BigInteger(X509SerialNumber)); this(doc, x509IssuerName,
} new BigInteger(Integer.toString(x509SerialNumber)));
}
/** /**
* Constructor XMLX509IssuerSerial * Constructor XMLX509IssuerSerial
* *
* @param doc * @param doc
* @param X509IssuerName * @param x509certificate
* @param X509SerialNumber */
*/ public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) {
public XMLX509IssuerSerial(Document doc, String X509IssuerName,
int X509SerialNumber) {
this(doc, X509IssuerName,
new BigInteger(Integer.toString(X509SerialNumber)));
}
/** this(doc,
* Constructor XMLX509IssuerSerial RFC2253Parser.normalize(x509certificate.getIssuerDN().getName()),
* x509certificate.getSerialNumber());
* @param doc }
* @param x509certificate
*/
public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) {
this(doc, /**
RFC2253Parser.normalize(x509certificate.getIssuerDN().getName()), * Method getSerialNumber
x509certificate.getSerialNumber()); *
} * @return the serial number
*/
public BigInteger getSerialNumber() {
/** String text = this.getTextFromChildElement
* Method getSerialNumber (Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS);
* if (log.isLoggable(java.util.logging.Level.FINE))
* log.log(java.util.logging.Level.FINE, "X509SerialNumber text: " + text);
* @return the serial number
*/
public BigInteger getSerialNumber() {
String text = return new BigInteger(text);
this.getTextFromChildElement(Constants._TAG_X509SERIALNUMBER, }
Constants.SignatureSpecNS);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "In dem X509SerialNumber wurde gefunden: " + text);
return new BigInteger(text); /**
} * Method getSerialNumberInteger
*
* @return the serial number as plain int
*/
public int getSerialNumberInteger() {
return this.getSerialNumber().intValue();
}
/** /**
* Method getSerialNumberInteger * Method getIssuerName
* *
* * @return the issuer name
* @return the serial number as plain int */
*/ public String getIssuerName() {
public int getSerialNumberInteger() {
return this.getSerialNumber().intValue();
}
/** return RFC2253Parser
* Method getIssuerName .normalize(this
* .getTextFromChildElement(Constants._TAG_X509ISSUERNAME,
* Constants.SignatureSpecNS));
* @return the issuer name }
*/
public String getIssuerName() {
return RFC2253Parser /** @inheritDoc */
.normalize(this public boolean equals(Object obj) {
.getTextFromChildElement(Constants._TAG_X509ISSUERNAME,
Constants.SignatureSpecNS));
}
/** @inheritDoc */ if (obj == null) {
public boolean equals(Object obj) { return false;
}
if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false;
}
if (!obj.getClass().getName().equals(this.getClass().getName())) { XMLX509IssuerSerial other = (XMLX509IssuerSerial) obj;
return false;
}
XMLX509IssuerSerial other = (XMLX509IssuerSerial) obj; return this.getSerialNumber().equals(other.getSerialNumber())
&& this.getIssuerName().equals(other.getIssuerName());
}
/** @inheritDoc */
if (other.getSerialNumber().equals(this.getSerialNumber()) public String getBaseLocalName() {
&& other.getIssuerName().equals(this.getIssuerName())) { return Constants._TAG_X509ISSUERSERIAL;
return true; }
}
return false;
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_X509ISSUERSERIAL;
}
} }

269
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content.x509; package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.io.IOException; import java.io.IOException;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.InputStream; import java.io.InputStream;
@ -36,192 +34,143 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import sun.security.util.DerValue;
/** /**
* Handles SubjectKeyIdentifier (SKI) for X.509v3. * Handles SubjectKeyIdentifier (SKI) for X.509v3.
* *
* @author $Author: raul $ * @author $Author: mullan $
* @see <A HREF="http://java.sun.com/products/jdk/1.2/docs/api/java/security/cert/X509Extension.html">Interface X509Extension</A> * @see <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/security/cert/X509Extension.html">Interface X509Extension</A>
*/ */
public class XMLX509SKI extends SignatureElementProxy public class XMLX509SKI extends SignatureElementProxy
implements XMLX509DataContent { implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509SKI.class.getName()); java.util.logging.Logger.getLogger(XMLX509SKI.class.getName());
/** /**
* <CODE>SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)</CODE>: * <CODE>SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)</CODE>:
* This extension identifies the public key being certified. It enables * This extension identifies the public key being certified. It enables
* distinct keys used by the same subject to be differentiated * distinct keys used by the same subject to be differentiated
* (e.g., as key updating occurs). * (e.g., as key updating occurs).
* <BR /> * <BR />
* A key identifer shall be unique with respect to all key identifiers * A key identifer shall be unique with respect to all key identifiers
* for the subject with which it is used. This extension is always non-critical. * for the subject with which it is used. This extension is always non-critical.
*/ */
public static final String SKI_OID = "2.5.29.14"; public static final String SKI_OID = "2.5.29.14";
/** /**
* Constructor X509SKI * Constructor X509SKI
* *
* @param doc * @param doc
* @param skiBytes * @param skiBytes
*/ */
public XMLX509SKI(Document doc, byte[] skiBytes) { public XMLX509SKI(Document doc, byte[] skiBytes) {
super(doc);
this.addBase64Text(skiBytes);
}
super(doc); /**
* Constructor XMLX509SKI
this.addBase64Text(skiBytes); *
} * @param doc
* @param x509certificate
/** * @throws XMLSecurityException
* Constructor XMLX509SKI */
* public XMLX509SKI(Document doc, X509Certificate x509certificate)
* @param doc
* @param x509certificate
* @throws XMLSecurityException
*/
public XMLX509SKI(Document doc, X509Certificate x509certificate)
throws XMLSecurityException { throws XMLSecurityException {
super(doc);
this.addBase64Text(XMLX509SKI.getSKIBytesFromCert(x509certificate));
}
super(doc); /**
* Constructor XMLX509SKI
this.addBase64Text(XMLX509SKI.getSKIBytesFromCert(x509certificate)); *
} * @param element
* @param BaseURI
/** * @throws XMLSecurityException
* Constructor XMLX509SKI */
* public XMLX509SKI(Element element, String BaseURI)
* @param element
* @param BaseURI
* @throws XMLSecurityException
*/
public XMLX509SKI(Element element, String BaseURI)
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, BaseURI);
} }
/** /**
* Method getSKIBytes * Method getSKIBytes
* *
* @return the skibytes * @return the skibytes
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public byte[] getSKIBytes() throws XMLSecurityException { public byte[] getSKIBytes() throws XMLSecurityException {
return this.getBytesFromTextChild(); return this.getBytesFromTextChild();
} }
/** /**
* Method getSKIBytesFromCert * Method getSKIBytesFromCert
* *
* @param cert * @param cert
* @return sky bytes from the given certificate * @return ski bytes from the given certificate
* *
* @throws XMLSecurityException * @throws XMLSecurityException
* @see java.security.cert.X509Extension#getExtensionValue(java.lang.String) * @see java.security.cert.X509Extension#getExtensionValue(java.lang.String)
*/ */
public static byte[] getSKIBytesFromCert(X509Certificate cert) public static byte[] getSKIBytesFromCert(X509Certificate cert)
throws XMLSecurityException { throws XMLSecurityException {
try { if (cert.getVersion() < 3) {
/*
* Gets the DER-encoded OCTET string for the extension value (extnValue)
* identified by the passed-in oid String. The oid string is
* represented by a set of positive whole numbers separated by periods.
*/
byte[] derEncodedValue = cert.getExtensionValue(XMLX509SKI.SKI_OID);
if (cert.getVersion() < 3) {
Object exArgs[] = { new Integer(cert.getVersion()) }; Object exArgs[] = { new Integer(cert.getVersion()) };
throw new XMLSecurityException("certificate.noSki.lowVersion", throw new XMLSecurityException("certificate.noSki.lowVersion",
exArgs); exArgs);
} }
byte[] extensionValue = null; /*
* Gets the DER-encoded OCTET string for the extension value
/** * (extnValue) identified by the passed-in oid String. The oid
* Use sun.security.util.DerValue if it is present. * string is represented by a set of positive whole numbers
*/ * separated by periods.
try {
DerValue dervalue = new DerValue(derEncodedValue);
if (dervalue == null) {
throw new XMLSecurityException("certificate.noSki.null");
}
if (dervalue.tag != DerValue.tag_OctetString) {
throw new XMLSecurityException("certificate.noSki.notOctetString");
}
extensionValue = dervalue.getOctetString();
} catch (NoClassDefFoundError e) {
}
/**
* Fall back to org.bouncycastle.asn1.DERInputStream
*/
if (extensionValue == null) {
try {
Class clazz = Class.forName("org.bouncycastle.asn1.DERInputStream");
if (clazz != null) {
Constructor constructor = clazz.getConstructor(new Class[]{InputStream.class});
InputStream is = (InputStream) constructor.newInstance(new Object[]{new ByteArrayInputStream(derEncodedValue)});
Method method = clazz.getMethod("readObject", new Class[]{});
Object obj = method.invoke(is, new Object[]{});
if (obj == null) {
throw new XMLSecurityException("certificate.noSki.null");
}
Class clazz2 = Class.forName("org.bouncycastle.asn1.ASN1OctetString");
if (!clazz2.isInstance(obj)) {
throw new XMLSecurityException("certificate.noSki.notOctetString");
}
Method method2 = clazz2.getMethod("getOctets", new Class[]{});
extensionValue = (byte[]) method2.invoke(obj, new Object[]{});
}
} catch (Throwable t) {
}
}
/**
* Strip away first two bytes from the DerValue (tag and length)
*/
byte abyte0[] = new byte[extensionValue.length - 2];
System.arraycopy(extensionValue, 2, abyte0, 0, abyte0.length);
/*
byte abyte0[] = new byte[derEncodedValue.length - 4];
System.arraycopy(derEncodedValue, 4, abyte0, 0, abyte0.length);
*/ */
if (true) byte[] extensionValue = cert.getExtensionValue(XMLX509SKI.SKI_OID);
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(abyte0)); if (extensionValue == null) {
throw new XMLSecurityException("certificate.noSki.null");
}
return abyte0; /**
} catch (IOException ex) { * Strip away first four bytes from the extensionValue
throw new XMLSecurityException("generic.EmptyMessage", ex); * The first two bytes are the tag and length of the extensionValue
} * OCTET STRING, and the next two bytes are the tag and length of
} * the skid OCTET STRING.
*/
byte skidValue[] = new byte[extensionValue.length - 4];
/** @inheritDoc */ System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);
public boolean equals(Object obj) {
if (!obj.getClass().getName().equals(this.getClass().getName())) { if (log.isLoggable(java.util.logging.Level.FINE)) {
return false; log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue));
} }
XMLX509SKI other = (XMLX509SKI) obj; return skidValue;
}
try { /** @inheritDoc */
return java.security.MessageDigest.isEqual(other.getSKIBytes(), public boolean equals(Object obj) {
if (obj == null) {
return false;
}
if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false;
}
XMLX509SKI other = (XMLX509SKI) obj;
try {
return java.security.MessageDigest.isEqual(other.getSKIBytes(),
this.getSKIBytes()); this.getSKIBytes());
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
return false; return false;
} }
} }
/** @inheritDoc */ /** @inheritDoc */
public String getBaseLocalName() { public String getBaseLocalName() {
return Constants._TAG_X509SKI; return Constants._TAG_X509SKI;
} }
} }

34
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.content.x509; package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
@ -33,15 +31,11 @@ import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class XMLX509SubjectName extends SignatureElementProxy public class XMLX509SubjectName extends SignatureElementProxy
implements XMLX509DataContent { implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509SubjectName.class.getName());
/** /**
* Constructor X509SubjectName * Constructor X509SubjectName
* *
@ -88,23 +82,21 @@ public class XMLX509SubjectName extends SignatureElementProxy
return RFC2253Parser.normalize(this.getTextFromTextChild()); return RFC2253Parser.normalize(this.getTextFromTextChild());
} }
/** @inheritDoc */ /** @inheritDoc */
public boolean equals(Object obj) { public boolean equals(Object obj) {
if (obj == null) {
return false;
}
if (!obj.getClass().getName().equals(this.getClass().getName())) { if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false; return false;
} }
XMLX509SubjectName other = (XMLX509SubjectName) obj; XMLX509SubjectName other = (XMLX509SubjectName) obj;
String otherSubject = other.getSubjectName(); String otherSubject = other.getSubjectName();
String thisSubject = this.getSubjectName(); String thisSubject = this.getSubjectName();
if (otherSubject.equals(thisSubject)) {
return true;
}
return false;
return thisSubject.equals(otherSubject);
} }
/** @inheritDoc */ /** @inheritDoc */

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -29,7 +28,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/** /**
* *
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class InvalidKeyResolverException extends XMLSecurityException { public class InvalidKeyResolverException extends XMLSecurityException {

189
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -26,6 +25,7 @@ package com.sun.org.apache.xml.internal.security.keys.keyresolver;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Iterator;
import java.util.List; import java.util.List;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
@ -39,7 +39,8 @@ import org.w3c.dom.Node;
* KeyResolver is factory class for subclass of KeyResolverSpi that * KeyResolver is factory class for subclass of KeyResolverSpi that
* represent child element of KeyInfo. * represent child element of KeyInfo.
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version %I%, %G%
*/ */
public class KeyResolver { public class KeyResolver {
@ -72,6 +73,7 @@ public class KeyResolver {
InstantiationException { InstantiationException {
this._resolverSpi = this._resolverSpi =
(KeyResolverSpi) Class.forName(className).newInstance(); (KeyResolverSpi) Class.forName(className).newInstance();
this._resolverSpi.setGlobalResolver(true);
} }
/** /**
@ -83,21 +85,17 @@ public class KeyResolver {
return KeyResolver._resolverVector.size(); return KeyResolver._resolverVector.size();
} }
/** public static void hit(Iterator hintI) {
* Method item ResolverIterator hint = (ResolverIterator) hintI;
* int i = hint.i;
* @param i if (i!=1 && hint.res ==_resolverVector) {
* @return the number i resolver registerd List resolverVector=(List)((ArrayList)_resolverVector).clone();
* @throws KeyResolverException Object ob=resolverVector.remove(i-1);
*/ resolverVector.add(0,ob);
public static KeyResolver item(int i) throws KeyResolverException { _resolverVector=resolverVector;
} else {
KeyResolver resolver = (KeyResolver) KeyResolver._resolverVector.get(i); //System.out.println("KeyResolver hitting");
if (resolver==null) { }
throw new KeyResolverException("utils.resolver.noClass");
}
return resolver;
} }
/** /**
@ -106,17 +104,19 @@ public class KeyResolver {
* @param element * @param element
* @param BaseURI * @param BaseURI
* @param storage * @param storage
* @return the instance that happends to implement the thing. * @return The certificate represented by the element.
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public static final KeyResolver getInstance( public static final X509Certificate getX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
for (int i = 0; i < KeyResolver._resolverVector.size(); i++) { // use the old vector to not be hit by updates
List resolverVector = KeyResolver._resolverVector;
for (int i = 0; i < resolverVector.size(); i++) {
KeyResolver resolver= KeyResolver resolver=
(KeyResolver) KeyResolver._resolverVector.get(i); (KeyResolver) resolverVector.get(i);
if (resolver==null) { if (resolver==null) {
Object exArgs[] = { Object exArgs[] = {
@ -127,11 +127,63 @@ public class KeyResolver {
throw new KeyResolverException("utils.resolver.noClass", exArgs); throw new KeyResolverException("utils.resolver.noClass", exArgs);
} }
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass()); log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
if (resolver.canResolve(element, BaseURI, storage)) { X509Certificate cert=resolver.resolveX509Certificate(element, BaseURI, storage);
return resolver; if (cert!=null) {
return cert;
}
}
Object exArgs[] = {
(((element != null) && (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName()
: "null") };
throw new KeyResolverException("utils.resolver.noClass", exArgs);
}
/**
* Method getInstance
*
* @param element
* @param BaseURI
* @param storage
* @return the public key contained in the element
*
* @throws KeyResolverException
*/
public static final PublicKey getPublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
List resolverVector = KeyResolver._resolverVector;
for (int i = 0; i < resolverVector.size(); i++) {
KeyResolver resolver=
(KeyResolver) resolverVector.get(i);
if (resolver==null) {
Object exArgs[] = {
(((element != null)
&& (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName()
: "null") };
throw new KeyResolverException("utils.resolver.noClass", exArgs);
}
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
PublicKey cert=resolver.resolvePublicKey(element, BaseURI, storage);
if (cert!=null) {
if (i!=0 && resolverVector==_resolverVector) {
//update resolver.
resolverVector=(List)((ArrayList)_resolverVector).clone();
Object ob=resolverVector.remove(i);
resolverVector.add(0,ob);
_resolverVector=resolverVector;
}
return cert;
} }
} }
@ -182,34 +234,6 @@ public class KeyResolver {
KeyResolver._resolverVector.add(0, className); KeyResolver._resolverVector.add(0, className);
} }
/*
* Method resolve
*
* @param element
*
* @throws KeyResolverException
*/
/**
* Method resolveStatic
*
* @param element
* @param BaseURI
* @param storage
* @return resolve from the static register an element
*
* @throws KeyResolverException
*/
public static PublicKey resolveStatic(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
KeyResolver myResolver = KeyResolver.getInstance(element, BaseURI,
storage);
return myResolver.resolvePublicKey(element, BaseURI, storage);
}
/** /**
* Method resolve * Method resolve
* *
@ -223,7 +247,7 @@ public class KeyResolver {
public PublicKey resolvePublicKey( public PublicKey resolvePublicKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
return this._resolverSpi.engineResolvePublicKey(element, BaseURI, storage); return this._resolverSpi.engineLookupAndResolvePublicKey(element, BaseURI, storage);
} }
/** /**
@ -239,7 +263,7 @@ public class KeyResolver {
public X509Certificate resolveX509Certificate( public X509Certificate resolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
return this._resolverSpi.engineResolveX509Certificate(element, BaseURI, return this._resolverSpi.engineLookupResolveX509Certificate(element, BaseURI,
storage); storage);
} }
@ -253,7 +277,7 @@ public class KeyResolver {
public SecretKey resolveSecretKey( public SecretKey resolveSecretKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
return this._resolverSpi.engineResolveSecretKey(element, BaseURI, return this._resolverSpi.engineLookupAndResolveSecretKey(element, BaseURI,
storage); storage);
} }
@ -277,14 +301,6 @@ public class KeyResolver {
return this._resolverSpi.engineGetProperty(key); return this._resolverSpi.engineGetProperty(key);
} }
/**
* Method getPropertyKeys
*
* @return the properties key registerd in this resolver
*/
public String[] getPropertyKeys() {
return this._resolverSpi.engineGetPropertyKeys();
}
/** /**
* Method understandsProperty * Method understandsProperty
@ -296,18 +312,6 @@ public class KeyResolver {
return this._resolverSpi.understandsProperty(propertyToTest); return this._resolverSpi.understandsProperty(propertyToTest);
} }
/**
* Method canResolve
*
* @param element
* @param BaseURI
* @param storage
* @return true if can resolve the key in the element
*/
public boolean canResolve(Element element, String BaseURI,
StorageResolver storage) {
return this._resolverSpi.engineCanResolve(element, BaseURI, storage);
}
/** /**
* Method resolverClassName * Method resolverClassName
@ -317,4 +321,37 @@ public class KeyResolver {
public String resolverClassName() { public String resolverClassName() {
return this._resolverSpi.getClass().getName(); return this._resolverSpi.getClass().getName();
} }
static class ResolverIterator implements Iterator {
List res;
Iterator it;
int i;
public ResolverIterator(List list) {
res = list;
it = res.iterator();
}
public boolean hasNext() {
// TODO Auto-generated method stub
return it.hasNext();
}
public Object next() {
i++;
KeyResolver resolver = (KeyResolver) it.next();
if (resolver==null) {
throw new RuntimeException("utils.resolver.noClass");
}
return resolver._resolverSpi;
}
public void remove() {
// TODO Auto-generated method stub
}
};
public static Iterator iterator() {
return new ResolverIterator(_resolverVector);
}
} }

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -31,7 +30,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
* *
* *
* *
* @author $Author: raul $ * @author $Author: mullan $
* *
*/ */
public class KeyResolverException extends XMLSecurityException { public class KeyResolverException extends XMLSecurityException {

169
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
View file

@ -20,17 +20,15 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.keyresolver; package com.sun.org.apache.xml.internal.security.keys.keyresolver;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* This class is abstract class for a child KeyInfo Elemnet. * This class is abstract class for a child KeyInfo Elemnet.
* *
@ -41,14 +39,10 @@ import org.w3c.dom.Element;
* JAVACLASS="MyPackage.MyKeyValueImpl"//gt; * JAVACLASS="MyPackage.MyKeyValueImpl"//gt;
* </PRE> * </PRE>
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public abstract class KeyResolverSpi { public abstract class KeyResolverSpi {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyResolverSpi.class.getName());
/** /**
* This method helps the {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver} to decide whether a * This method helps the {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver} to decide whether a
* {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi} is able to perform the requested action. * {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi} is able to perform the requested action.
@ -56,10 +50,12 @@ public abstract class KeyResolverSpi {
* @param element * @param element
* @param BaseURI * @param BaseURI
* @param storage * @param storage
* @return true if can resolve the key in the element * @return
*/ */
abstract public boolean engineCanResolve(Element element, String BaseURI, public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage); StorageResolver storage) {
throw new UnsupportedOperationException();
}
/** /**
* Method engineResolvePublicKey * Method engineResolvePublicKey
@ -71,9 +67,60 @@ public abstract class KeyResolverSpi {
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
abstract public PublicKey engineResolvePublicKey( public PublicKey engineResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException; throws KeyResolverException {
throw new UnsupportedOperationException();
};
/**
* Method engineResolvePublicKey
*
* @param element
* @param BaseURI
* @param storage
* @return resolved public key from the registered from the element.
*
* @throws KeyResolverException
*/
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
KeyResolverSpi tmp = cloneIfNeeded();
if (!tmp.engineCanResolve(element, BaseURI, storage))
return null;
return tmp.engineResolvePublicKey(element, BaseURI, storage);
}
private KeyResolverSpi cloneIfNeeded() throws KeyResolverException {
KeyResolverSpi tmp=this;
if (globalResolver) {
try {
tmp = (KeyResolverSpi) getClass().newInstance();
} catch (InstantiationException e) {
throw new KeyResolverException("",e);
} catch (IllegalAccessException e) {
throw new KeyResolverException("",e);
}
}
return tmp;
}
/**
* Method engineResolveCertificate
*
* @param element
* @param BaseURI
* @param storage
* @return resolved X509Certificate key from the registered from the elements
*
* @throws KeyResolverException
*/
public X509Certificate engineResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException{
throw new UnsupportedOperationException();
};
/** /**
* Method engineResolveCertificate * Method engineResolveCertificate
@ -85,9 +132,30 @@ public abstract class KeyResolverSpi {
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
abstract public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException; throws KeyResolverException {
KeyResolverSpi tmp = cloneIfNeeded();
if (!tmp.engineCanResolve(element, BaseURI, storage))
return null;
return tmp.engineResolveX509Certificate(element, BaseURI, storage);
}
/**
* Method engineResolveSecretKey
*
* @param element
* @param BaseURI
* @param storage
* @return resolved SecretKey key from the registered from the elements
*
* @throws KeyResolverException
*/
public SecretKey engineResolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException{
throw new UnsupportedOperationException();
};
/** /**
* Method engineResolveSecretKey * Method engineResolveSecretKey
@ -99,12 +167,19 @@ public abstract class KeyResolverSpi {
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
abstract public SecretKey engineResolveSecretKey( public SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException; throws KeyResolverException {
KeyResolverSpi tmp = cloneIfNeeded();
if (!tmp.engineCanResolve(element, BaseURI, storage))
return null;
return tmp.engineResolveSecretKey(element, BaseURI, storage);
}
/** Field _properties */ /** Field _properties */
protected java.util.Map _properties = new java.util.HashMap(10); protected java.util.Map _properties = null;
protected boolean globalResolver=false;
/** /**
* Method engineSetProperty * Method engineSetProperty
@ -113,19 +188,8 @@ public abstract class KeyResolverSpi {
* @param value * @param value
*/ */
public void engineSetProperty(String key, String value) { public void engineSetProperty(String key, String value) {
if (_properties==null)
java.util.Iterator i = this._properties.keySet().iterator(); _properties=new HashMap();
while (i.hasNext()) {
String c = (String) i.next();
if (c.equals(key)) {
key = c;
break;
}
}
this._properties.put(key, value); this._properties.put(key, value);
} }
@ -136,31 +200,12 @@ public abstract class KeyResolverSpi {
* @return obtain the property appointed by key * @return obtain the property appointed by key
*/ */
public String engineGetProperty(String key) { public String engineGetProperty(String key) {
if (_properties==null)
java.util.Iterator i = this._properties.keySet().iterator(); return null;
while (i.hasNext()) {
String c = (String) i.next();
if (c.equals(key)) {
key = c;
break;
}
}
return (String) this._properties.get(key); return (String) this._properties.get(key);
} }
/**
* Method engineGetPropertyKeys
*
* @return the keys of properties known by this resolver
*/
public String[] engineGetPropertyKeys() {
return new String[0];
}
/** /**
* Method understandsProperty * Method understandsProperty
* *
@ -168,17 +213,13 @@ public abstract class KeyResolverSpi {
* @return true if understood the property * @return true if understood the property
*/ */
public boolean understandsProperty(String propertyToTest) { public boolean understandsProperty(String propertyToTest) {
if (_properties==null)
return false;
String[] understood = this.engineGetPropertyKeys(); return this._properties.get(propertyToTest)!=null;
if (understood != null) {
for (int i = 0; i < understood.length; i++) {
if (understood[i].equals(propertyToTest)) {
return true;
}
}
}
return false;
} }
public void setGlobalResolver(boolean globalResolver) {
this.globalResolver = globalResolver;
}
} }

70
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java
View file

@ -37,46 +37,10 @@ import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class DSAKeyValueResolver extends KeyResolverSpi { public class DSAKeyValueResolver extends KeyResolverSpi {
/** Field _dsaKeyElement */
private Element _dsaKeyElement = null;
/** @inheritDoc */
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (element == null) {
return false;
}
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_KEYVALUE);
boolean isDSAKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_DSAKEYVALUE);
if (isKeyValue) {
this._dsaKeyElement =
XMLUtils.selectDsNode(element.getFirstChild(),Constants._TAG_DSAKEYVALUE,0);
if (this._dsaKeyElement != null) {
return true;
}
} else if (isDSAKeyValue) {
// this trick is needed to allow the RetrievalMethodResolver to eat a
// ds:DSAKeyValue directly (without KeyValue)
this._dsaKeyElement = element;
return true;
}
return false;
}
/** /**
* Method engineResolvePublicKey * Method engineResolvePublicKey
* *
@ -85,20 +49,30 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
* @param storage * @param storage
* @return null if no {@link PublicKey} could be obtained * @return null if no {@link PublicKey} could be obtained
*/ */
public PublicKey engineResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
if (element == null) {
return null;
}
Element dsaKeyElement=null;
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_KEYVALUE);
if (isKeyValue) {
dsaKeyElement =
XMLUtils.selectDsNode(element.getFirstChild(),Constants._TAG_DSAKEYVALUE,0);
} else if (XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_DSAKEYVALUE)) {
// this trick is needed to allow the RetrievalMethodResolver to eat a
// ds:DSAKeyValue directly (without KeyValue)
dsaKeyElement = element;
}
if (this._dsaKeyElement == null) { if (dsaKeyElement == null) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI, return null;
storage);
if (!weCanResolve || (this._dsaKeyElement == null)) {
return null;
}
} }
try { try {
DSAKeyValue dsaKeyValue = new DSAKeyValue(this._dsaKeyElement, DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement,
BaseURI); BaseURI);
PublicKey pk = dsaKeyValue.getPublicKey(); PublicKey pk = dsaKeyValue.getPublicKey();
@ -112,13 +86,13 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
/** @inheritDoc */ /** @inheritDoc */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
return null; return null;
} }
/** @inheritDoc */ /** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage){ Element element, String BaseURI, StorageResolver storage){
return null; return null;
} }

69
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java
View file

@ -56,7 +56,6 @@ public class EncryptedKeyResolver extends KeyResolverSpi {
RSAKeyValueResolver.class.getName()); RSAKeyValueResolver.class.getName());
Key _key;
Key _kek; Key _kek;
String _algorithm; String _algorithm;
@ -66,7 +65,6 @@ public class EncryptedKeyResolver extends KeyResolverSpi {
* @param algorithm * @param algorithm
*/ */
public EncryptedKeyResolver(String algorithm) { public EncryptedKeyResolver(String algorithm) {
_key = null;
_kek = null; _kek = null;
_algorithm=algorithm; _algorithm=algorithm;
} }
@ -78,64 +76,49 @@ public class EncryptedKeyResolver extends KeyResolverSpi {
*/ */
public EncryptedKeyResolver(String algorithm, Key kek) { public EncryptedKeyResolver(String algorithm, Key kek) {
_key = null;
_algorithm = algorithm; _algorithm = algorithm;
_kek = kek; _kek = kek;
} }
/**
* Method engineCanResolve
*
* @param element
* @param BaseURI
* @param storage
* @return true if can resolve the key in the element
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName());
if (element == null) {
return false;
}
boolean isEncryptedKey = XMLUtils.elementIsInEncryptionSpace(element,
EncryptionConstants._TAG_ENCRYPTEDKEY);
if (isEncryptedKey) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
try {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, _kek);
EncryptedKey ek = cipher.loadEncryptedKey(element);
_key = cipher.decryptKey(ek, _algorithm);
}
catch (Exception e) {}
}
return (_key != null);
}
/** @inheritDoc */ /** @inheritDoc */
public PublicKey engineResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
return null; return null;
} }
/** @inheritDoc */ /** @inheritDoc */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
return null; return null;
} }
/** @inheritDoc */ /** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
return (SecretKey) _key; SecretKey key=null;
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName());
if (element == null) {
return null;
}
boolean isEncryptedKey = XMLUtils.elementIsInEncryptionSpace(element,
EncryptionConstants._TAG_ENCRYPTEDKEY);
if (isEncryptedKey) {
log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
try {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, _kek);
EncryptedKey ek = cipher.loadEncryptedKey(element);
key = (SecretKey) cipher.decryptKey(ek, _algorithm);
}
catch (Exception e) {}
}
return key;
} }
} }

67
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -38,7 +37,7 @@ import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class RSAKeyValueResolver extends KeyResolverSpi { public class RSAKeyValueResolver extends KeyResolverSpi {
@ -48,75 +47,55 @@ public class RSAKeyValueResolver extends KeyResolverSpi {
RSAKeyValueResolver.class.getName()); RSAKeyValueResolver.class.getName());
/** Field _rsaKeyElement */ /** Field _rsaKeyElement */
private Element _rsaKeyElement = null;
/** @inheritDoc */ /** @inheritDoc */
public boolean engineCanResolve(Element element, String BaseURI, public PublicKey engineLookupAndResolvePublicKey(
StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName()); log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
if (element == null) { if (element == null) {
return false; return null;
} }
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element, boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_KEYVALUE); Constants._TAG_KEYVALUE);
boolean isRSAKeyValue = XMLUtils.elementIsInSignatureSpace(element, Element rsaKeyElement=null;
Constants._TAG_RSAKEYVALUE); if (isKeyValue) {
rsaKeyElement = XMLUtils.selectDsNode(element.getFirstChild(),
if (isKeyValue) { Constants._TAG_RSAKEYVALUE, 0);
this._rsaKeyElement = XMLUtils.selectDsNode(element.getFirstChild(), } else if (XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RSAKEYVALUE, 0); Constants._TAG_RSAKEYVALUE)) {
if (this._rsaKeyElement != null) {
return true;
}
} else if (isRSAKeyValue) {
// this trick is needed to allow the RetrievalMethodResolver to eat a // this trick is needed to allow the RetrievalMethodResolver to eat a
// ds:RSAKeyValue directly (without KeyValue) // ds:RSAKeyValue directly (without KeyValue)
this._rsaKeyElement = element; rsaKeyElement = element;
}
return true;
}
return false; if (rsaKeyElement == null) {
} return null;
/** @inheritDoc */
public PublicKey engineResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) {
if (this._rsaKeyElement == null) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI,
storage);
if (!weCanResolve || (this._rsaKeyElement == null)) {
return null;
}
} }
try { try {
RSAKeyValue rsaKeyValue = new RSAKeyValue(this._rsaKeyElement, RSAKeyValue rsaKeyValue = new RSAKeyValue(rsaKeyElement,
BaseURI); BaseURI);
return rsaKeyValue.getPublicKey(); return rsaKeyValue.getPublicKey();
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
} }
return null; return null;
} }
/** @inheritDoc */ /** @inheritDoc */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
return null; return null;
} }
/** @inheritDoc */ /** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
return null; return null;
} }

353
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java
View file

@ -28,7 +28,15 @@ import java.security.PublicKey;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Set;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod; import com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate; import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
@ -44,6 +52,7 @@ import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
import org.w3c.dom.Attr; import org.w3c.dom.Attr;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/** /**
@ -55,7 +64,7 @@ import org.w3c.dom.Node;
* RetrievalMethodResolver cannot handle itself, resolving of the extracted * RetrievalMethodResolver cannot handle itself, resolving of the extracted
* element is delegated back to the KeyResolver mechanism. * element is delegated back to the KeyResolver mechanism.
* *
* @author $Author: raul $ * @author $Author: mullan $ modified by Dave Garcia
*/ */
public class RetrievalMethodResolver extends KeyResolverSpi { public class RetrievalMethodResolver extends KeyResolverSpi {
@ -64,26 +73,6 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
java.util.logging.Logger.getLogger( java.util.logging.Logger.getLogger(
RetrievalMethodResolver.class.getName()); RetrievalMethodResolver.class.getName());
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if
(!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RETRIEVALMETHOD)) {
return false;
}
return true;
}
/** /**
* Method engineResolvePublicKey * Method engineResolvePublicKey
* @inheritDoc * @inheritDoc
@ -92,84 +81,61 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @param storage * @param storage
* *
*/ */
public PublicKey engineResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
{ {
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RETRIEVALMETHOD)) {
return null;
}
try { try {
RetrievalMethod rm = new RetrievalMethod(element, BaseURI); //Create a retrieval method over the given element
Attr uri = rm.getURIAttr(); RetrievalMethod rm = new RetrievalMethod(element, BaseURI);
String type = rm.getType();
// type can be null because it's optional XMLSignatureInput resource=resolveInput(rm,BaseURI);
String type = rm.getType(); if (RetrievalMethod.TYPE_RAWX509.equals(type)) {
Transforms transforms = rm.getTransforms(); //a raw certificate, direct parsing is done!
ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI); X509Certificate cert=getRawCertificate(resource);
if (cert != null) {
if (resRes != null) { return cert.getPublicKey();
XMLSignatureInput resource = resRes.resolve(uri, BaseURI); }
if (true) return null;
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has " };
+ resource.getBytes().length + "bytes"); Element e = obtainRefrenceElement(resource);
return resolveKey(e,BaseURI,storage);
if (transforms != null) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms"); log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
resource = transforms.performTransforms(resource);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has "
+ resource.getBytes().length + "bytes");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI());
}
byte inputBytes[] = resource.getBytes();
if ((type != null) && type.equals(RetrievalMethod.TYPE_RAWX509)) {
// if the resource stores a raw certificate, we have to handle it
CertificateFactory certFact =
CertificateFactory
.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =
(X509Certificate) certFact
.generateCertificate(new ByteArrayInputStream(inputBytes));
if (cert != null) {
return cert.getPublicKey();
}
} else {
// otherwise, we parse the resource, create an Element and delegate
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
Element e = this.getDocFromBytes(inputBytes);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"
+ e.getLocalName() + " Element");
if (e != null) {
KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e),
BaseURI, storage);
if (newKeyResolver != null) {
return newKeyResolver.resolvePublicKey(getFirstElementChild(e), BaseURI,
storage);
}
}
}
}
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
} catch (CertificateException ex) { } catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex); log.log(java.util.logging.Level.FINE, "CertificateException", ex);
} catch (IOException ex) { } catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex); log.log(java.util.logging.Level.FINE, "IOException", ex);
} } catch (ParserConfigurationException e) {
log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e);
} catch (SAXException e) {
log.log(java.util.logging.Level.FINE, "SAXException", e);
}
return null; return null;
} }
static private Element obtainRefrenceElement(XMLSignatureInput resource) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException, KeyResolverException {
Element e;
if (resource.isElement()){
e=(Element) resource.getSubNode();
} else if (resource.isNodeSet()) {
//Retrieved resource is a nodeSet
e=getDocumentElement(resource.getNodeSet());
} else {
//Retrieved resource is an inputStream
byte inputBytes[] = resource.getBytes();
e = getDocFromBytes(inputBytes);
//otherwise, we parse the resource, create an Element and delegate
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
}
return e;
}
/** /**
* Method engineResolveX509Certificate * Method engineResolveX509Certificate
* @inheritDoc * @inheritDoc
@ -178,87 +144,102 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @param storage * @param storage
* *
*/ */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
{ {
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RETRIEVALMETHOD)) {
return null;
}
try { try {
RetrievalMethod rm = new RetrievalMethod(element, BaseURI); RetrievalMethod rm = new RetrievalMethod(element, BaseURI);
Attr uri = rm.getURIAttr(); String type = rm.getType();
Transforms transforms = rm.getTransforms(); XMLSignatureInput resource=resolveInput(rm,BaseURI);
if (true) if (RetrievalMethod.TYPE_RAWX509.equals(type)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Asked to resolve URI " + uri); X509Certificate cert=getRawCertificate(resource);
return cert;
ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI); }
Element e = obtainRefrenceElement(resource);
if (resRes != null) { return resolveCertificate(e,BaseURI,storage);
XMLSignatureInput resource = resRes.resolve(uri, BaseURI);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has "
+ resource.getBytes().length + "bytes");
if (transforms != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms");
resource = transforms.performTransforms(resource);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has "
+ resource.getBytes().length + "bytes");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI());
}
byte inputBytes[] = resource.getBytes();
if ((rm.getType() != null)
&& rm.getType().equals(RetrievalMethod.TYPE_RAWX509)) {
// if the resource stores a raw certificate, we have to handle it
CertificateFactory certFact =
CertificateFactory
.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =
(X509Certificate) certFact
.generateCertificate(new ByteArrayInputStream(inputBytes));
if (cert != null) {
return cert;
}
} else {
// otherwise, we parse the resource, create an Element and delegate
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
Element e = this.getDocFromBytes(inputBytes);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"
+ e.getLocalName() + " Element");
if (e != null) {
KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e),
BaseURI, storage);
if (newKeyResolver != null) {
return newKeyResolver.resolveX509Certificate(getFirstElementChild(e), BaseURI,
storage);
}
}
}
}
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
} catch (CertificateException ex) { } catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex); log.log(java.util.logging.Level.FINE, "CertificateException", ex);
} catch (IOException ex) { } catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex); log.log(java.util.logging.Level.FINE, "IOException", ex);
} } catch (ParserConfigurationException e) {
log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e);
} catch (SAXException e) {
log.log(java.util.logging.Level.FINE, "SAXException", e);
}
return null; return null;
} }
/**
* Retrieves a x509Certificate from the given information
* @param e
* @param BaseURI
* @param storage
* @return
* @throws KeyResolverException
*/
static private X509Certificate resolveCertificate(Element e,String BaseURI,StorageResolver storage) throws KeyResolverException{
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"+ e.getLocalName() + " Element");
//An element has been provided
if (e != null) {
return KeyResolver.getX509Certificate(e,BaseURI, storage);
}
return null;
}
/**
* Retrieves a x509Certificate from the given information
* @param e
* @param BaseURI
* @param storage
* @return
* @throws KeyResolverException
*/
static private PublicKey resolveKey(Element e,String BaseURI,StorageResolver storage) throws KeyResolverException{
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"+ e.getLocalName() + " Element");
//An element has been provided
if (e != null) {
return KeyResolver.getPublicKey(e,BaseURI, storage);
}
return null;
}
static private X509Certificate getRawCertificate(XMLSignatureInput resource) throws CanonicalizationException, IOException, CertificateException{
byte inputBytes[] = resource.getBytes();
// if the resource stores a raw certificate, we have to handle it
CertificateFactory certFact =CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =(X509Certificate) certFact.generateCertificate(new ByteArrayInputStream(inputBytes));
return cert;
}
/**
* Resolves the input from the given retrieval method
* @return
* @throws XMLSecurityException
*/
static private XMLSignatureInput resolveInput(RetrievalMethod rm,String BaseURI) throws XMLSecurityException{
Attr uri = rm.getURIAttr();
//Apply the trnasforms
Transforms transforms = rm.getTransforms();
ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI);
if (resRes != null) {
XMLSignatureInput resource = resRes.resolve(uri, BaseURI);
if (transforms != null) {
log.log(java.util.logging.Level.FINE, "We have Transforms");
resource = transforms.performTransforms(resource);
}
return resource;
}
return null;
}
/** /**
* Parses a byte array and returns the parsed Element. * Parses a byte array and returns the parsed Element.
* *
@ -266,18 +247,13 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @return the Document Element after parsing bytes * @return the Document Element after parsing bytes
* @throws KeyResolverException if something goes wrong * @throws KeyResolverException if something goes wrong
*/ */
Element getDocFromBytes(byte[] bytes) throws KeyResolverException { static Element getDocFromBytes(byte[] bytes) throws KeyResolverException {
try { try {
javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory dbf =javax.xml.parsers.DocumentBuilderFactory.newInstance();
javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true); dbf.setNamespaceAware(true);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
org.w3c.dom.Document doc = org.w3c.dom.Document doc =
db.parse(new java.io.ByteArrayInputStream(bytes)); db.parse(new java.io.ByteArrayInputStream(bytes));
return doc.getDocumentElement(); return doc.getDocumentElement();
} catch (org.xml.sax.SAXException ex) { } catch (org.xml.sax.SAXException ex) {
throw new KeyResolverException("empty", ex); throw new KeyResolverException("empty", ex);
@ -296,16 +272,43 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @param storage * @param storage
* *
*/ */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
{ {
return null; return null;
} }
static Element getFirstElementChild(Element e){
Node n=e.getFirstChild(); static Element getDocumentElement(Set set) {
while (n!=null && n.getNodeType()!=Node.ELEMENT_NODE) { Iterator it=set.iterator();
n=n.getNextSibling(); Element e=null;
} while (it.hasNext()) {
return (Element)n; Node currentNode=(Node)it.next();
if (currentNode instanceof Element) {
e=(Element)currentNode;
break;
}
}
List parents=new ArrayList(10);
//Obtain all the parents of the elemnt
do {
parents.add(e);
Node n=e.getParentNode();
if (!(n instanceof Element )) {
break;
}
e=(Element)n;
} while (e!=null);
//Visit them in reverse order.
ListIterator it2=parents.listIterator(parents.size()-1);
Element ele=null;
while (it2.hasPrevious()) {
ele=(Element)it2.previous();
if (set.contains(ele)) {
return ele;
}
}
return null;
} }
} }

91
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509CertificateResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -41,7 +40,7 @@ import org.w3c.dom.Element;
* Resolves Certificates which are directly contained inside a * Resolves Certificates which are directly contained inside a
* <CODE>ds:X509Certificate</CODE> Element. * <CODE>ds:X509Certificate</CODE> Element.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class X509CertificateResolver extends KeyResolverSpi { public class X509CertificateResolver extends KeyResolverSpi {
@ -49,47 +48,7 @@ public class X509CertificateResolver extends KeyResolverSpi {
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(X509CertificateResolver.class.getName()); java.util.logging.Logger.getLogger(X509CertificateResolver.class.getName());
/** Field _dsaKeyElement */
Element[] _x509CertKeyElements = null;
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
this._x509CertKeyElements = XMLUtils.selectDsNodes(element.getFirstChild(),
Constants._TAG_X509CERTIFICATE);
if ((this._x509CertKeyElements != null)
&& (this._x509CertKeyElements.length > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can");
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/** Field _x509certObject[] */
XMLX509Certificate _x509certObject[] = null;
/** /**
* Method engineResolvePublicKey * Method engineResolvePublicKey
@ -100,11 +59,11 @@ public class X509CertificateResolver extends KeyResolverSpi {
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public PublicKey engineResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element, X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage); BaseURI, storage);
if (cert != null) { if (cert != null) {
@ -123,43 +82,33 @@ public class X509CertificateResolver extends KeyResolverSpi {
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
try { try {
if ((this._x509CertKeyElements == null) Element[] els=XMLUtils.selectDsNodes(element.getFirstChild(),
|| (this._x509CertKeyElements.length == 0)) { Constants._TAG_X509CERTIFICATE);
boolean weCanResolve = this.engineCanResolve(element, BaseURI, if ((els == null) || (els.length == 0)) {
storage); Element el=XMLUtils.selectDsNode(element.getFirstChild(),
Constants._TAG_X509DATA,0);
if (!weCanResolve || (this._x509CertKeyElements == null) if (el!=null) {
|| (this._x509CertKeyElements.length == 0)) { return engineLookupResolveX509Certificate(el, BaseURI, storage);
return null; }
} return null;
} }
this._x509certObject =
new XMLX509Certificate[this._x509CertKeyElements.length];
// populate Object array // populate Object array
for (int i = 0; i < this._x509CertKeyElements.length; i++) { for (int i = 0; i < els.length; i++) {
this._x509certObject[i] = XMLX509Certificate xmlCert=new XMLX509Certificate(els[i], BaseURI);
new XMLX509Certificate(this._x509CertKeyElements[i] X509Certificate cert = xmlCert.getX509Certificate();
, BaseURI); if (cert!=null) {
} return cert;
for (int i = 0; i < this._x509certObject.length; i++) {
X509Certificate cert = this._x509certObject[i].getX509Certificate();
if (cert != null) {
return cert;
} }
} }
return null; return null;
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
throw new KeyResolverException("generic.EmptyMessage", ex); throw new KeyResolverException("generic.EmptyMessage", ex);
} }
@ -173,7 +122,7 @@ public class X509CertificateResolver extends KeyResolverSpi {
* @param storage * @param storage
* *
*/ */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
{ {
return null; return null;

84
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509IssuerSerialResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -39,7 +38,7 @@ import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class X509IssuerSerialResolver extends KeyResolverSpi { public class X509IssuerSerialResolver extends KeyResolverSpi {
@ -48,44 +47,13 @@ public class X509IssuerSerialResolver extends KeyResolverSpi {
java.util.logging.Logger.getLogger( java.util.logging.Logger.getLogger(
X509IssuerSerialResolver.class.getName()); X509IssuerSerialResolver.class.getName());
/** @inheritDoc */
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
X509Data x509data = null;
try {
x509data = new X509Data(element, BaseURI);
} catch (XMLSignatureException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
if (x509data == null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
if (x509data.containsIssuerSerial()) {
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/** @inheritDoc */ /** @inheritDoc */
public PublicKey engineResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element, X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage); BaseURI, storage);
if (cert != null) { if (cert != null) {
@ -96,10 +64,31 @@ public class X509IssuerSerialResolver extends KeyResolverSpi {
} }
/** @inheritDoc */ /** @inheritDoc */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
X509Data x509data = null;
try {
x509data = new X509Data(element, BaseURI);
} catch (XMLSignatureException ex) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
} catch (XMLSecurityException ex) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
if (x509data == null) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
if (!x509data.containsIssuerSerial()) {
return null;
}
try { try {
if (storage == null) { if (storage == null) {
Object exArgs[] = { Constants._TAG_X509ISSUERSERIAL }; Object exArgs[] = { Constants._TAG_X509ISSUERSERIAL };
@ -107,53 +96,52 @@ public class X509IssuerSerialResolver extends KeyResolverSpi {
new KeyResolverException("KeyResolver.needStorageResolver", new KeyResolverException("KeyResolver.needStorageResolver",
exArgs); exArgs);
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex); log.log(java.util.logging.Level.INFO, "", ex);
throw ex; throw ex;
} }
X509Data x509data = new X509Data(element, BaseURI);
int noOfISS = x509data.lengthIssuerSerial(); int noOfISS = x509data.lengthIssuerSerial();
while (storage.hasNext()) { while (storage.hasNext()) {
X509Certificate cert = storage.next(); X509Certificate cert = storage.next();
XMLX509IssuerSerial certSerial = new XMLX509IssuerSerial(element.getOwnerDocument(), cert); XMLX509IssuerSerial certSerial = new XMLX509IssuerSerial(element.getOwnerDocument(), cert);
if (true) { if (log.isLoggable(java.util.logging.Level.FINE)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: " log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: "
+ certSerial.getIssuerName()); + certSerial.getIssuerName());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate Serial: " log.log(java.util.logging.Level.FINE, "Found Certificate Serial: "
+ certSerial.getSerialNumber().toString()); + certSerial.getSerialNumber().toString());
} }
for (int i=0; i<noOfISS; i++) { for (int i=0; i<noOfISS; i++) {
XMLX509IssuerSerial xmliss = x509data.itemIssuerSerial(i); XMLX509IssuerSerial xmliss = x509data.itemIssuerSerial(i);
if (true) { if (log.isLoggable(java.util.logging.Level.FINE)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Element Issuer: " log.log(java.util.logging.Level.FINE, "Found Element Issuer: "
+ xmliss.getIssuerName()); + xmliss.getIssuerName());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Element Serial: " log.log(java.util.logging.Level.FINE, "Found Element Serial: "
+ xmliss.getSerialNumber().toString()); + xmliss.getSerialNumber().toString());
} }
if (certSerial.equals(xmliss)) { if (certSerial.equals(xmliss)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "match !!! "); log.log(java.util.logging.Level.FINE, "match !!! ");
return cert; return cert;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "no match..."); log.log(java.util.logging.Level.FINE, "no match...");
} }
} }
return null; return null;
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
throw new KeyResolverException("generic.EmptyMessage", ex); throw new KeyResolverException("generic.EmptyMessage", ex);
} }
} }
/** @inheritDoc */ /** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) { Element element, String BaseURI, StorageResolver storage) {
return null; return null;
} }

100
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SKIResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -40,7 +39,7 @@ import org.w3c.dom.Element;
/** /**
* *
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class X509SKIResolver extends KeyResolverSpi { public class X509SKIResolver extends KeyResolverSpi {
@ -48,50 +47,6 @@ public class X509SKIResolver extends KeyResolverSpi {
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(X509SKIResolver.class.getName()); java.util.logging.Logger.getLogger(X509SKIResolver.class.getName());
/** Field _x509childNodes */
private Element _x509childNodes[] = null;
/** Field _x509childObject[] */
private XMLX509SKI _x509childObject[] = null;
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
}
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
this._x509childNodes = XMLUtils.selectDsNodes(element,
Constants._TAG_X509SKI);
if ((this._x509childNodes != null)
&& (this._x509childNodes.length > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can");
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/** /**
* Method engineResolvePublicKey * Method engineResolvePublicKey
@ -102,11 +57,11 @@ public class X509SKIResolver extends KeyResolverSpi {
* @return null if no {@link PublicKey} could be obtained * @return null if no {@link PublicKey} could be obtained
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public PublicKey engineResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element, X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage); BaseURI, storage);
if (cert != null) { if (cert != null) {
@ -125,46 +80,55 @@ public class X509SKIResolver extends KeyResolverSpi {
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
}
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA)) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
/** Field _x509childObject[] */
XMLX509SKI x509childObject[] = null;
try { Element x509childNodes[] = null;
if (this._x509childNodes == null) { x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(),
boolean weCanResolve = this.engineCanResolve(element, BaseURI, Constants._TAG_X509SKI);
storage);
if (!weCanResolve || (this._x509childNodes == null)) {
return null;
}
}
if (!((x509childNodes != null)
&& (x509childNodes.length > 0))) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
try {
if (storage == null) { if (storage == null) {
Object exArgs[] = { Constants._TAG_X509SKI }; Object exArgs[] = { Constants._TAG_X509SKI };
KeyResolverException ex = KeyResolverException ex =
new KeyResolverException("KeyResolver.needStorageResolver", new KeyResolverException("KeyResolver.needStorageResolver",
exArgs); exArgs);
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex); log.log(java.util.logging.Level.INFO, "", ex);
throw ex; throw ex;
} }
this._x509childObject = x509childObject = new XMLX509SKI[x509childNodes.length];
new XMLX509SKI[this._x509childNodes.length];
for (int i = 0; i < this._x509childNodes.length; i++) { for (int i = 0; i < x509childNodes.length; i++) {
this._x509childObject[i] = x509childObject[i] =
new XMLX509SKI(this._x509childNodes[i], BaseURI); new XMLX509SKI(x509childNodes[i], BaseURI);
} }
while (storage.hasNext()) { while (storage.hasNext()) {
X509Certificate cert = storage.next(); X509Certificate cert = storage.next();
XMLX509SKI certSKI = new XMLX509SKI(element.getOwnerDocument(), cert); XMLX509SKI certSKI = new XMLX509SKI(element.getOwnerDocument(), cert);
for (int i = 0; i < this._x509childObject.length; i++) { for (int i = 0; i < x509childObject.length; i++) {
if (certSKI.equals(this._x509childObject[i])) { if (certSKI.equals(x509childObject[i])) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Return PublicKey from " log.log(java.util.logging.Level.FINE, "Return PublicKey from "
+ cert.getSubjectDN().getName()); + cert.getSubjectDN().getName());
return cert; return cert;
@ -186,7 +150,7 @@ public class X509SKIResolver extends KeyResolverSpi {
* @param storage * @param storage
* *
*/ */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
{ {
return null; return null;

109
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SubjectNameResolver.java
View file

@ -38,7 +38,7 @@ import org.w3c.dom.Element;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class X509SubjectNameResolver extends KeyResolverSpi { public class X509SubjectNameResolver extends KeyResolverSpi {
@ -47,50 +47,6 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
java.util.logging.Logger.getLogger( java.util.logging.Logger.getLogger(
X509SubjectNameResolver.class.getName()); X509SubjectNameResolver.class.getName());
/** Field _x509childNodes */
private Element[] _x509childNodes = null;
/** Field _x509childObject[] */
private XMLX509SubjectName _x509childObject[] = null;
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA) ) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
this._x509childNodes = XMLUtils.selectDsNodes(element,
Constants._TAG_X509SUBJECTNAME);
if ((this._x509childNodes != null)
&& (this._x509childNodes.length > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can");
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/** /**
* Method engineResolvePublicKey * Method engineResolvePublicKey
@ -101,11 +57,11 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
* @return null if no {@link PublicKey} could be obtained * @return null if no {@link PublicKey} could be obtained
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public PublicKey engineResolvePublicKey( public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element, X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage); BaseURI, storage);
if (cert != null) { if (cert != null) {
@ -124,37 +80,46 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
* *
* @throws KeyResolverException * @throws KeyResolverException
*/ */
public X509Certificate engineResolveX509Certificate( public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException { throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
Element[] x509childNodes = null;
XMLX509SubjectName x509childObject[] = null;
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA) ) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(),
Constants._TAG_X509SUBJECTNAME);
if (!((x509childNodes != null)
&& (x509childNodes.length > 0))) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
try { try {
if (this._x509childNodes == null) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI,
storage);
if (!weCanResolve || (this._x509childNodes == null)) {
return null;
}
}
if (storage == null) { if (storage == null) {
Object exArgs[] = { Constants._TAG_X509SUBJECTNAME }; Object exArgs[] = { Constants._TAG_X509SUBJECTNAME };
KeyResolverException ex = KeyResolverException ex =
new KeyResolverException("KeyResolver.needStorageResolver", new KeyResolverException("KeyResolver.needStorageResolver",
exArgs); exArgs);
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex); log.log(java.util.logging.Level.INFO, "", ex);
throw ex; throw ex;
} }
this._x509childObject = x509childObject =
new XMLX509SubjectName[this._x509childNodes.length]; new XMLX509SubjectName[x509childNodes.length];
for (int i = 0; i < this._x509childNodes.length; i++) { for (int i = 0; i < x509childNodes.length; i++) {
this._x509childObject[i] = x509childObject[i] =
new XMLX509SubjectName(this._x509childNodes[i], new XMLX509SubjectName(x509childNodes[i],
BaseURI); BaseURI);
} }
@ -163,24 +128,24 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
XMLX509SubjectName certSN = XMLX509SubjectName certSN =
new XMLX509SubjectName(element.getOwnerDocument(), cert); new XMLX509SubjectName(element.getOwnerDocument(), cert);
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName()); log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName());
for (int i = 0; i < this._x509childObject.length; i++) { for (int i = 0; i < x509childObject.length; i++) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Element SN: " log.log(java.util.logging.Level.FINE, "Found Element SN: "
+ this._x509childObject[i].getSubjectName()); + x509childObject[i].getSubjectName());
if (certSN.equals(this._x509childObject[i])) { if (certSN.equals(x509childObject[i])) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "match !!! "); log.log(java.util.logging.Level.FINE, "match !!! ");
return cert; return cert;
} }
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "no match..."); log.log(java.util.logging.Level.FINE, "no match...");
} }
} }
return null; return null;
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
throw new KeyResolverException("generic.EmptyMessage", ex); throw new KeyResolverException("generic.EmptyMessage", ex);
} }
@ -194,7 +159,7 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
* @param storage * @param storage
* *
*/ */
public javax.crypto.SecretKey engineResolveSecretKey( public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) Element element, String BaseURI, StorageResolver storage)
{ {
return null; return null;

29
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -21,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.storage; package com.sun.org.apache.xml.internal.security.keys.storage;
import java.security.KeyStore; import java.security.KeyStore;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.ArrayList; import java.util.ArrayList;
@ -36,7 +33,7 @@ import com.sun.org.apache.xml.internal.security.keys.storage.implementations.Sin
/** /**
* This class collects customized resolvers for Certificates. * This class collects customized resolvers for Certificates.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class StorageResolver { public class StorageResolver {
@ -45,7 +42,7 @@ public class StorageResolver {
java.util.logging.Logger.getLogger(StorageResolver.class.getName()); java.util.logging.Logger.getLogger(StorageResolver.class.getName());
/** Field _storageResolvers */ /** Field _storageResolvers */
List _storageResolvers = new ArrayList(); List _storageResolvers = null;
/** Field _iterator */ /** Field _iterator */
Iterator _iterator = null; Iterator _iterator = null;
@ -71,7 +68,8 @@ public class StorageResolver {
* @param resolver * @param resolver
*/ */
public void add(StorageResolverSpi resolver) { public void add(StorageResolverSpi resolver) {
if (_storageResolvers==null)
_storageResolvers=new ArrayList();
this._storageResolvers.add(resolver); this._storageResolvers.add(resolver);
this._iterator = null; this._iterator = null;
@ -126,6 +124,8 @@ public class StorageResolver {
public Iterator getIterator() { public Iterator getIterator() {
if (this._iterator == null) { if (this._iterator == null) {
if (_storageResolvers==null)
_storageResolvers=new ArrayList();
this._iterator = new StorageResolverIterator(this._storageResolvers.iterator()); this._iterator = new StorageResolverIterator(this._storageResolvers.iterator());
} }
@ -140,6 +140,8 @@ public class StorageResolver {
public boolean hasNext() { public boolean hasNext() {
if (this._iterator == null) { if (this._iterator == null) {
if (_storageResolvers==null)
_storageResolvers=new ArrayList();
this._iterator = new StorageResolverIterator(this._storageResolvers.iterator()); this._iterator = new StorageResolverIterator(this._storageResolvers.iterator());
} }
@ -158,15 +160,13 @@ public class StorageResolver {
/** /**
* Class StorageResolverIterator * Class StorageResolverIterator
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
class StorageResolverIterator implements Iterator { static class StorageResolverIterator implements Iterator {
/** Field _resolvers */ /** Field _resolvers */
Iterator _resolvers = null; Iterator _resolvers = null;
/** Field _currentResolver */
int _currentResolver = 0;
/** /**
* Constructor FilesystemIterator * Constructor FilesystemIterator
@ -179,17 +179,16 @@ public class StorageResolver {
/** @inheritDoc */ /** @inheritDoc */
public boolean hasNext() { public boolean hasNext() {
return _resolvers.hasNext(); return _resolvers.hasNext();
} }
/** @inheritDoc */ /** @inheritDoc */
public Object next() { public Object next() {
return _resolvers.next(); return _resolvers.next();
} }
/** /**
* Method remove * Method remove
*
*/ */
public void remove() { public void remove() {
throw new UnsupportedOperationException( throw new UnsupportedOperationException(

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -28,7 +27,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class StorageResolverException extends XMLSecurityException { public class StorageResolverException extends XMLSecurityException {

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -28,7 +27,7 @@ import java.util.Iterator;
/** /**
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public abstract class StorageResolverSpi { public abstract class StorageResolverSpi {

25
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -21,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.storage.implementations; package com.sun.org.apache.xml.internal.security.keys.storage.implementations;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
@ -40,12 +37,11 @@ import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverExce
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi; import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
import com.sun.org.apache.xml.internal.security.utils.Base64; import com.sun.org.apache.xml.internal.security.utils.Base64;
/** /**
* This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s * This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s
* which reside as files in a single directory available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. * which reside as files in a single directory available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi { public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
@ -131,20 +127,20 @@ public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
dn = cert.getSubjectDN().getName(); dn = cert.getSubjectDN().getName();
added = true; added = true;
} catch (FileNotFoundException ex) { } catch (FileNotFoundException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (IOException ex) { } catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (CertificateNotYetValidException ex) { } catch (CertificateNotYetValidException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (CertificateExpiredException ex) { } catch (CertificateExpiredException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (CertificateException ex) { } catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} }
if (added) { if (added) {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Added certificate: " + dn); log.log(java.util.logging.Level.FINE, "Added certificate: " + dn);
} }
} }
} }
@ -157,9 +153,10 @@ public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
/** /**
* Class FilesystemIterator * Class FilesystemIterator
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
class FilesystemIterator implements Iterator { private static class FilesystemIterator implements Iterator {
/** Field _certs */ /** Field _certs */
List _certs = null; List _certs = null;

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -21,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.storage.implementations; package com.sun.org.apache.xml.internal.security.keys.storage.implementations;
import java.security.KeyStore; import java.security.KeyStore;
import java.security.KeyStoreException; import java.security.KeyStoreException;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
@ -37,7 +34,7 @@ import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
* Makes the Certificates from a JAVA {@link KeyStore} object available to the * Makes the Certificates from a JAVA {@link KeyStore} object available to the
* {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. * {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class KeyStoreResolver extends StorageResolverSpi { public class KeyStoreResolver extends StorageResolverSpi {
@ -66,9 +63,10 @@ public class KeyStoreResolver extends StorageResolverSpi {
/** /**
* Class KeyStoreIterator * Class KeyStoreIterator
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
class KeyStoreIterator implements Iterator { static class KeyStoreIterator implements Iterator {
/** Field _keyStore */ /** Field _keyStore */
KeyStore _keyStore = null; KeyStore _keyStore = null;

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -21,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.keys.storage.implementations; package com.sun.org.apache.xml.internal.security.keys.storage.implementations;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.Iterator; import java.util.Iterator;
@ -33,7 +30,7 @@ import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
* This {@link StorageResolverSpi} makes a single {@link X509Certificate} * This {@link StorageResolverSpi} makes a single {@link X509Certificate}
* available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. * available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}.
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public class SingleCertificateResolver extends StorageResolverSpi { public class SingleCertificateResolver extends StorageResolverSpi {
@ -61,9 +58,10 @@ public class SingleCertificateResolver extends StorageResolverSpi {
/** /**
* Class InternalIterator * Class InternalIterator
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
class InternalIterator implements Iterator { static class InternalIterator implements Iterator {
/** Field _alreadyReturned */ /** Field _alreadyReturned */
boolean _alreadyReturned = false; boolean _alreadyReturned = false;

146
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/config.dtd
View file

@ -1,73 +1,73 @@
<?xml version='1.0' encoding='UTF-8' ?> <?xml version='1.0' encoding='UTF-8' ?>
<!ELEMENT Configuration (CanonicalizationMethods , TransformAlgorithms , JCEAlgorithmMappings , Log4J , ResourceBundles , UnitTests , ResourceResolvers , KeyResolvers)> <!ELEMENT Configuration (CanonicalizationMethods , TransformAlgorithms , JCEAlgorithmMappings , Log4J , ResourceBundles , UnitTests , ResourceResolvers , KeyResolvers)>
<!ATTLIST Configuration xmlns CDATA #FIXED 'http://www.xmlsecurity.org/NS/#configuration' <!ATTLIST Configuration xmlns CDATA #FIXED 'http://www.xmlsecurity.org/NS/#configuration'
target CDATA #IMPLIED> target CDATA #IMPLIED>
<!ELEMENT CanonicalizationMethods (CanonicalizationMethod+)> <!ELEMENT CanonicalizationMethods (CanonicalizationMethod+)>
<!ATTLIST CanonicalizationMethods JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.c14n.Canonicalizer' > <!ATTLIST CanonicalizationMethods JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.c14n.Canonicalizer' >
<!ELEMENT CanonicalizationMethod EMPTY> <!ELEMENT CanonicalizationMethod EMPTY>
<!ATTLIST CanonicalizationMethod URI CDATA #REQUIRED <!ATTLIST CanonicalizationMethod URI CDATA #REQUIRED
JAVACLASS CDATA #REQUIRED > JAVACLASS CDATA #REQUIRED >
<!ELEMENT TransformAlgorithms (TransformAlgorithm+)> <!ELEMENT TransformAlgorithms (TransformAlgorithm+)>
<!ATTLIST TransformAlgorithms JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.transforms.Transform' > <!ATTLIST TransformAlgorithms JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.transforms.Transform' >
<!ELEMENT TransformAlgorithm EMPTY> <!ELEMENT TransformAlgorithm EMPTY>
<!ATTLIST TransformAlgorithm URI CDATA #REQUIRED <!ATTLIST TransformAlgorithm URI CDATA #REQUIRED
JAVACLASS CDATA #REQUIRED > JAVACLASS CDATA #REQUIRED >
<!ELEMENT JCEAlgorithmMappings (Providers , Algorithms)> <!ELEMENT JCEAlgorithmMappings (Providers , Algorithms)>
<!ELEMENT Providers (Provider+)> <!ELEMENT Providers (Provider+)>
<!ELEMENT Provider EMPTY> <!ELEMENT Provider EMPTY>
<!ATTLIST Provider Id ID #REQUIRED <!ATTLIST Provider Id ID #REQUIRED
Class CDATA #REQUIRED Class CDATA #REQUIRED
Info CDATA #IMPLIED Info CDATA #IMPLIED
ProviderURL CDATA #IMPLIED > ProviderURL CDATA #IMPLIED >
<!ELEMENT Algorithms (Algorithm+)> <!ELEMENT Algorithms (Algorithm+)>
<!ELEMENT Algorithm (ProviderAlgo+)> <!ELEMENT Algorithm (ProviderAlgo+)>
<!ATTLIST Algorithm URI CDATA #REQUIRED <!ATTLIST Algorithm URI CDATA #REQUIRED
Description CDATA #IMPLIED Description CDATA #IMPLIED
AlgorithmClass CDATA #IMPLIED > AlgorithmClass CDATA #IMPLIED >
<!ELEMENT ProviderAlgo EMPTY> <!ELEMENT ProviderAlgo EMPTY>
<!ATTLIST ProviderAlgo ProviderId IDREF #REQUIRED <!ATTLIST ProviderAlgo ProviderId IDREF #REQUIRED
JCEName CDATA #REQUIRED JCEName CDATA #REQUIRED
JCEAlias CDATA #IMPLIED > JCEAlias CDATA #IMPLIED >
<!ELEMENT Log4J EMPTY> <!ELEMENT Log4J EMPTY>
<!ATTLIST Log4J configFile CDATA 'data/log4j.xml' > <!ATTLIST Log4J configFile CDATA 'data/log4j.xml' >
<!ELEMENT ResourceBundles (ResourceBundle+)> <!ELEMENT ResourceBundles (ResourceBundle+)>
<!ATTLIST ResourceBundles defaultLanguageCode CDATA 'de' <!ATTLIST ResourceBundles defaultLanguageCode CDATA 'de'
defaultCountryCode CDATA 'DE' > defaultCountryCode CDATA 'DE' >
<!ELEMENT ResourceBundle EMPTY> <!ELEMENT ResourceBundle EMPTY>
<!ATTLIST ResourceBundle LanguageCode CDATA #REQUIRED <!ATTLIST ResourceBundle LanguageCode CDATA #REQUIRED
CountryCode CDATA #REQUIRED CountryCode CDATA #REQUIRED
LOCATION CDATA #REQUIRED > LOCATION CDATA #REQUIRED >
<!ELEMENT UnitTests (UnitTest+)> <!ELEMENT UnitTests (UnitTest+)>
<!ATTLIST UnitTests JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.test.AllTests' > <!ATTLIST UnitTests JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.test.AllTests' >
<!ELEMENT ResourceResolvers (Resolver+)> <!ELEMENT ResourceResolvers (Resolver+)>
<!ELEMENT Resolver EMPTY> <!ELEMENT Resolver EMPTY>
<!ATTLIST Resolver JAVACLASS CDATA #REQUIRED <!ATTLIST Resolver JAVACLASS CDATA #REQUIRED
DESCRIPTION CDATA #IMPLIED > DESCRIPTION CDATA #IMPLIED >
<!ELEMENT KeyResolvers (KeyResolver+)> <!ELEMENT KeyResolvers (KeyResolver+)>
<!ATTLIST KeyResolvers JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.keys.KeyResolver' > <!ATTLIST KeyResolvers JAVACLASS CDATA #FIXED 'com.sun.org.apache.xml.internal.security.keys.KeyResolver' >
<!ELEMENT KeyResolver EMPTY> <!ELEMENT KeyResolver EMPTY>
<!ATTLIST KeyResolver URI CDATA #REQUIRED <!ATTLIST KeyResolver URI CDATA #REQUIRED
JAVACLASS CDATA #REQUIRED > JAVACLASS CDATA #REQUIRED >
<!ELEMENT UnitTest (#PCDATA)> <!ELEMENT UnitTest (#PCDATA)>
<!ATTLIST UnitTest JAVACLASS CDATA #REQUIRED > <!ATTLIST UnitTest JAVACLASS CDATA #REQUIRED >

779
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml
View file

@ -1,380 +1,399 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<!-- <!--
<!DOCTYPE Configuration SYSTEM "config.dtd"> <!DOCTYPE Configuration SYSTEM "config.dtd">
--> -->
<!-- This configuration file is used for configuration of the com.sun.org.apache.xml.internal.security package --> <!-- This configuration file is used for configuration of the com.sun.org.apache.xml.internal.security package -->
<Configuration target="com.sun.org.apache.xml.internal.security" xmlns="http://www.xmlsecurity.org/NS/#configuration"> <Configuration target="com.sun.org.apache.xml.internal.security" xmlns="http://www.xmlsecurity.org/NS/#configuration">
<CanonicalizationMethods> <CanonicalizationMethods>
<CanonicalizationMethod URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" <CanonicalizationMethod URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments" /> JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments" />
<CanonicalizationMethod URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" <CanonicalizationMethod URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments" /> JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments" />
<CanonicalizationMethod URI="http://www.w3.org/2001/10/xml-exc-c14n#" <CanonicalizationMethod URI="http://www.w3.org/2001/10/xml-exc-c14n#"
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments"/> JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments"/>
<CanonicalizationMethod URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" <CanonicalizationMethod URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments"/> JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments"/>
</CanonicalizationMethods> <CanonicalizationMethod URI="http://www.w3.org/2006/12/xml-c14n11"
<TransformAlgorithms> JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments"/>
<!-- Base64 --> <CanonicalizationMethod URI="http://www.w3.org/2006/12/xml-c14n11#WithComments"
<TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#base64" JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments"/>
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformBase64Decode" /> </CanonicalizationMethods>
<!-- c14n omitting comments --> <TransformAlgorithms>
<TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" <!-- Base64 -->
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14N" /> <TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#base64"
<!-- c14n with comments --> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformBase64Decode" />
<TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" <!-- c14n omitting comments -->
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments" /> <TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
<!-- exclusive c14n omitting comments --> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14N" />
<TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#" <!-- c14n with comments -->
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NExclusive" /> <TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
<!-- exclusive c14n with comments --> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments" />
<TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" <!-- c14n 1.1 omitting comments -->
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NExclusiveWithComments" /> <TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14N11" />
<!-- XPath transform --> <!-- c14n 1.1 with comments -->
<TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xpath-19991116" <TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXPath" /> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14N11_WithComments" />
<!-- enveloped signature --> <!-- exclusive c14n omitting comments -->
<TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#enveloped-signature" <TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformEnvelopedSignature" /> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NExclusive" />
<!-- XSLT --> <!-- exclusive c14n with comments -->
<TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xslt-19991116" <TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXSLT" /> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NExclusiveWithComments" />
<!-- XPath version 2 -->
<TransformAlgorithm URI="http://www.w3.org/2002/04/xmldsig-filter2" <!-- XPath transform -->
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXPath2Filter" /> <TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xpath-19991116"
<!-- XPath version 2b --> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXPath" />
<TransformAlgorithm URI="http://www.w3.org/2002/06/xmldsig-filter2" <!-- enveloped signature -->
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXPath2Filter" /> <TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
</TransformAlgorithms> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformEnvelopedSignature" />
<SignatureAlgorithms> <!-- XSLT -->
<SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1" <TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xslt-19991116"
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureDSA" /> JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXSLT" />
<SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1" <!-- XPath version 2 -->
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1" /> <TransformAlgorithm URI="http://www.w3.org/2002/04/xmldsig-filter2"
<SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1" JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXPath2Filter" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1" /> <!-- XPath version 2b -->
<TransformAlgorithm URI="http://www.w3.org/2002/06/xmldsig-filter2"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXPath2Filter" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5" /> </TransformAlgorithms>
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" <SignatureAlgorithms>
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160" /> <SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureDSA" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256" /> <SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384" /> <SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5" /> <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160" /> <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256" /> <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384" /> <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512" />
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512" /> <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"
</SignatureAlgorithms> JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1" />
<JCEAlgorithmMappings>
<Algorithms> <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"
<!-- MessageDigest Algorithms --> JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5" />
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#md5" <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"
Description="MD5 message digest from RFC 1321" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160" />
AlgorithmClass="MessageDigest" <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"
RequirementLevel="NOT RECOMMENDED" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256" />
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"
JCEName="MD5"/> JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#ripemd160" JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512" />
Description="RIPEMD-160 message digest" </SignatureAlgorithms>
AlgorithmClass="MessageDigest" <JCEAlgorithmMappings>
RequirementLevel="OPTIONAL" <Algorithms>
JCEName="RIPEMD160"/> <!-- MessageDigest Algorithms -->
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#md5"
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" Description="MD5 message digest from RFC 1321"
Description="SHA-1 message digest" AlgorithmClass="MessageDigest"
AlgorithmClass="MessageDigest" RequirementLevel="NOT RECOMMENDED"
RequirementLevel="REQUIRED" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="SHA-1"/> JCEName="MD5"/>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha256" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#ripemd160"
Description="SHA-1 message digest with 256 bit" Description="RIPEMD-160 message digest"
AlgorithmClass="MessageDigest" AlgorithmClass="MessageDigest"
RequirementLevel="RECOMMENDED" RequirementLevel="OPTIONAL"
JCEName="SHA-256"/> JCEName="RIPEMD160"/>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#sha384" <Algorithm URI="http://www.w3.org/2000/09/xmldsig#sha1"
Description="SHA message digest with 384 bit" Description="SHA-1 message digest"
AlgorithmClass="MessageDigest" AlgorithmClass="MessageDigest"
RequirementLevel="OPTIONAL" RequirementLevel="REQUIRED"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" JCEName="SHA-1"/>
JCEName="SHA-384"/>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha256"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha512" Description="SHA-1 message digest with 256 bit"
Description="SHA-1 message digest with 512 bit" AlgorithmClass="MessageDigest"
AlgorithmClass="MessageDigest" RequirementLevel="RECOMMENDED"
RequirementLevel="OPTIONAL" JCEName="SHA-256"/>
JCEName="SHA-512"/>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#sha384"
<!-- Signature Algorithms --> Description="SHA message digest with 384 bit"
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1" AlgorithmClass="MessageDigest"
Description="Digital Signature Algorithm with SHA-1 message digest" RequirementLevel="OPTIONAL"
AlgorithmClass="Signature" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
RequirementLevel="REQUIRED" JCEName="SHA-384"/>
JCEName="SHA1withDSA"/>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha512"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" Description="SHA-1 message digest with 512 bit"
Description="RSA Signature with MD5 message digest" AlgorithmClass="MessageDigest"
AlgorithmClass="Signature" RequirementLevel="OPTIONAL"
RequirementLevel="NOT RECOMMENDED" JCEName="SHA-512"/>
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="MD5withRSA"/> <!-- Signature Algorithms -->
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" Description="Digital Signature Algorithm with SHA-1 message digest"
Description="RSA Signature with RIPEMD-160 message digest" AlgorithmClass="Signature"
AlgorithmClass="Signature" RequirementLevel="REQUIRED"
RequirementLevel="OPTIONAL" JCEName="SHA1withDSA"/>
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="RIPEMD160withRSA"/> <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"
Description="RSA Signature with MD5 message digest"
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1" AlgorithmClass="Signature"
Description="RSA Signature with SHA-1 message digest" RequirementLevel="NOT RECOMMENDED"
AlgorithmClass="Signature" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
RequirementLevel="RECOMMENDED" JCEName="MD5withRSA"/>
JCEName="SHA1withRSA"/>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" Description="RSA Signature with RIPEMD-160 message digest"
Description="RSA Signature with SHA-256 message digest" AlgorithmClass="Signature"
AlgorithmClass="Signature" RequirementLevel="OPTIONAL"
RequirementLevel="OPTIONAL" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" JCEName="RIPEMD160withRSA"/>
JCEName="SHA256withRSA"/>
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" Description="RSA Signature with SHA-1 message digest"
Description="RSA Signature with SHA-384 message digest" AlgorithmClass="Signature"
AlgorithmClass="Signature" RequirementLevel="RECOMMENDED"
RequirementLevel="OPTIONAL" JCEName="SHA1withRSA"/>
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="SHA384withRSA"/> <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
Description="RSA Signature with SHA-256 message digest"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" AlgorithmClass="Signature"
Description="RSA Signature with SHA-512 message digest" RequirementLevel="OPTIONAL"
AlgorithmClass="Signature" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
RequirementLevel="OPTIONAL" JCEName="SHA256withRSA"/>
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="SHA512withRSA"/> <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
Description="RSA Signature with SHA-384 message digest"
<!-- MAC Algorithms --> AlgorithmClass="Signature"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5" RequirementLevel="OPTIONAL"
Description="Message Authentication code using MD5" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
AlgorithmClass="Mac" JCEName="SHA384withRSA"/>
RequirementLevel="NOT RECOMMENDED"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
JCEName="HmacMD5"/> Description="RSA Signature with SHA-512 message digest"
AlgorithmClass="Signature"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160" RequirementLevel="OPTIONAL"
Description="Message Authentication code using RIPEMD-160" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
AlgorithmClass="Mac" JCEName="SHA512withRSA"/>
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"
JCEName="HMACRIPEMD160"/> Description="ECDSA Signature with SHA-1 message digest"
AlgorithmClass="Signature"
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1" RequirementLevel="OPTIONAL"
Description="Message Authentication code using SHA1" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
AlgorithmClass="Mac" JCEName="ECDSAwithSHA1"/>
RequirementLevel="REQUIRED"
JCEName="HmacSHA1"/> <!-- MAC Algorithms -->
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" Description="Message Authentication code using MD5"
Description="Message Authentication code using SHA-256" AlgorithmClass="Mac"
AlgorithmClass="Mac" RequirementLevel="NOT RECOMMENDED"
RequirementLevel="OPTIONAL" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" JCEName="HmacMD5"/>
JCEName="HmacSHA256"/>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384" Description="Message Authentication code using RIPEMD-160"
Description="Message Authentication code using SHA-384" AlgorithmClass="Mac"
AlgorithmClass="Mac" RequirementLevel="OPTIONAL"
RequirementLevel="OPTIONAL" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" JCEName="HMACRIPEMD160"/>
JCEName="HmacSHA384"/>
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1"
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512" Description="Message Authentication code using SHA1"
Description="Message Authentication code using SHA-512" AlgorithmClass="Mac"
AlgorithmClass="Mac" RequirementLevel="REQUIRED"
RequirementLevel="OPTIONAL" JCEName="HmacSHA1"/>
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="HmacSHA512"/> <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"
Description="Message Authentication code using SHA-256"
<!-- Block encryption Algorithms --> AlgorithmClass="Mac"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" RequirementLevel="OPTIONAL"
Description="Block encryption using Triple-DES" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
AlgorithmClass="BlockEncryption" JCEName="HmacSHA256"/>
RequirementLevel="REQUIRED"
KeyLength="192" <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"
RequiredKey="DESede" Description="Message Authentication code using SHA-384"
JCEName="DESede/CBC/ISO10126Padding"/> AlgorithmClass="Mac"
RequirementLevel="OPTIONAL"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes128-cbc" SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
Description="Block encryption using AES with a key length of 128 bit" JCEName="HmacSHA384"/>
AlgorithmClass="BlockEncryption"
RequirementLevel="REQUIRED" <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"
KeyLength="128" Description="Message Authentication code using SHA-512"
RequiredKey="AES" AlgorithmClass="Mac"
JCEName="AES/CBC/ISO10126Padding"/> RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes192-cbc" JCEName="HmacSHA512"/>
Description="Block encryption using AES with a key length of 192 bit"
AlgorithmClass="BlockEncryption" <!-- Block encryption Algorithms -->
RequirementLevel="OPTIONAL" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
KeyLength="192" Description="Block encryption using Triple-DES"
RequiredKey="AES" AlgorithmClass="BlockEncryption"
JCEName="AES/CBC/ISO10126Padding"/> RequirementLevel="REQUIRED"
KeyLength="192"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes256-cbc" RequiredKey="DESede"
Description="Block encryption using AES with a key length of 256 bit" JCEName="DESede/CBC/ISO10126Padding"/>
AlgorithmClass="BlockEncryption"
RequirementLevel="REQUIRED" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
KeyLength="256" Description="Block encryption using AES with a key length of 128 bit"
RequiredKey="AES" AlgorithmClass="BlockEncryption"
JCEName="AES/CBC/ISO10126Padding"/> RequirementLevel="REQUIRED"
KeyLength="128"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5" RequiredKey="AES"
Description="Key Transport RSA-v1.5" JCEName="AES/CBC/ISO10126Padding"/>
AlgorithmClass="KeyTransport"
RequirementLevel="REQUIRED" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes192-cbc"
RequiredKey="RSA" Description="Block encryption using AES with a key length of 192 bit"
JCEName="RSA/ECB/PKCS1Padding"/> AlgorithmClass="BlockEncryption"
RequirementLevel="OPTIONAL"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" KeyLength="192"
Description="Key Transport RSA-OAEP" RequiredKey="AES"
AlgorithmClass="KeyTransport" JCEName="AES/CBC/ISO10126Padding"/>
RequirementLevel="REQUIRED"
RequiredKey="RSA" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes256-cbc"
JCEName="RSA/ECB/OAEPWithSHA1AndMGF1Padding"/> Description="Block encryption using AES with a key length of 256 bit"
AlgorithmClass="BlockEncryption"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#dh" RequirementLevel="REQUIRED"
Description="Key Agreement Diffie-Hellman" KeyLength="256"
AlgorithmClass="KeyAgreement" RequiredKey="AES"
RequirementLevel="OPTIONAL"/> JCEName="AES/CBC/ISO10126Padding"/>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-tripledes" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5"
Description="Symmetric Key Wrap using Triple DES" Description="Key Transport RSA-v1.5"
AlgorithmClass="SymmetricKeyWrap" AlgorithmClass="KeyTransport"
RequirementLevel="REQUIRED" RequirementLevel="REQUIRED"
KeyLength="192" RequiredKey="RSA"
RequiredKey="DESede" JCEName="RSA/ECB/PKCS1Padding"/>
JCEName="DESedeWrap"/>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes128" Description="Key Transport RSA-OAEP"
Description="Symmetric Key Wrap using AES with a key length of 128 bit" AlgorithmClass="KeyTransport"
AlgorithmClass="SymmetricKeyWrap" RequirementLevel="REQUIRED"
RequirementLevel="REQUIRED" RequiredKey="RSA"
KeyLength="128" JCEName="RSA/ECB/OAEPWithSHA1AndMGF1Padding"/>
RequiredKey="AES"
JCEName="AESWrap"/> <Algorithm URI="http://www.w3.org/2001/04/xmlenc#dh"
Description="Key Agreement Diffie-Hellman"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes192" AlgorithmClass="KeyAgreement"
Description="Symmetric Key Wrap using AES with a key length of 192 bit" RequirementLevel="OPTIONAL"/>
AlgorithmClass="SymmetricKeyWrap"
RequirementLevel="OPTIONAL" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-tripledes"
KeyLength="192" Description="Symmetric Key Wrap using Triple DES"
RequiredKey="AES" AlgorithmClass="SymmetricKeyWrap"
JCEName="AESWrap"/> RequirementLevel="REQUIRED"
KeyLength="192"
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes256" RequiredKey="DESede"
Description="Symmetric Key Wrap using AES with a key length of 256 bit" JCEName="DESedeWrap"/>
AlgorithmClass="SymmetricKeyWrap"
RequirementLevel="REQUIRED" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes128"
KeyLength="256" Description="Symmetric Key Wrap using AES with a key length of 128 bit"
RequiredKey="AES" AlgorithmClass="SymmetricKeyWrap"
JCEName="AESWrap"/> RequirementLevel="REQUIRED"
KeyLength="128"
</Algorithms> RequiredKey="AES"
</JCEAlgorithmMappings> JCEName="AESWrap"/>
<ResourceBundles defaultLanguageCode="en" defaultCountryCode="US">
<ResourceBundle LanguageCode="en" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes192"
CountryCode="US" Description="Symmetric Key Wrap using AES with a key length of 192 bit"
LOCATION="com.sun.org.apache.xml.internal.security/resource/xmlsecurity_en.properties" /> AlgorithmClass="SymmetricKeyWrap"
<ResourceBundle LanguageCode="de" RequirementLevel="OPTIONAL"
CountryCode="DE" KeyLength="192"
LOCATION="com.sun.org.apache.xml.internal.security/resource/xmlsecurity_de.properties" /> RequiredKey="AES"
</ResourceBundles> JCEName="AESWrap"/>
<ResourceResolvers>
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP" <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes256"
DESCRIPTION="A simple resolver for requests to HTTP space" /> Description="Symmetric Key Wrap using AES with a key length of 256 bit"
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverLocalFilesystem" AlgorithmClass="SymmetricKeyWrap"
DESCRIPTION="A simple resolver for requests to the local file system" /> RequirementLevel="REQUIRED"
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment" KeyLength="256"
DESCRIPTION="A simple resolver for requests of same-document URIs" /> RequiredKey="AES"
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverXPointer" JCEName="AESWrap"/>
DESCRIPTION="A simple resolver for requests of XPointer fragents" />
</ResourceResolvers> </Algorithms>
<!-- <defaultLocale languageCode="en" countryCode="US" /> --> </JCEAlgorithmMappings>
<KeyInfo> <ResourceBundles defaultLanguageCode="en" defaultCountryCode="US">
<ContentHandler LOCALNAME="KeyName" <ResourceBundle LanguageCode="en"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#" CountryCode="US"
JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.KeyName" /> LOCATION="com.sun.org.apache.xml.internal.security/resource/xmlsecurity_en.properties" />
<ContentHandler LOCALNAME="KeyValue" <ResourceBundle LanguageCode="de"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#" CountryCode="DE"
JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.KeyValue" /> LOCATION="com.sun.org.apache.xml.internal.security/resource/xmlsecurity_de.properties" />
<ContentHandler LOCALNAME="RetrievalMethod" </ResourceBundles>
NAMESPACE="http://www.w3.org/2000/09/xmldsig#" <ResourceResolvers>
JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod" /> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP"
<ContentHandler LOCALNAME="X509Data" DESCRIPTION="A simple resolver for requests to HTTP space" />
NAMESPACE="http://www.w3.org/2000/09/xmldsig#" <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverLocalFilesystem"
JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.X509Data" /> DESCRIPTION="A simple resolver for requests to the local file system" />
<ContentHandler LOCALNAME="PGPData" <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#" DESCRIPTION="A simple resolver for requests of same-document URIs" />
JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.PGPData" /> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverXPointer"
<ContentHandler LOCALNAME="SPKIData" DESCRIPTION="A simple resolver for requests of XPointer fragents" />
NAMESPACE="http://www.w3.org/2000/09/xmldsig#" </ResourceResolvers>
JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.SPKIData" /> <!-- <defaultLocale languageCode="en" countryCode="US" /> -->
<ContentHandler LOCALNAME="MgmtData" <KeyInfo>
NAMESPACE="http://www.w3.org/2000/09/xmldsig#" <ContentHandler LOCALNAME="KeyName"
JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.MgmtData" /> NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
</KeyInfo> JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.KeyName" />
<KeyResolver> <ContentHandler LOCALNAME="KeyValue"
<!-- This section contains a list of KeyResolvers that are available in NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
every KeyInfo object --> JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.KeyValue" />
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RSAKeyValueResolver" <ContentHandler LOCALNAME="RetrievalMethod"
DESCRIPTION="Can extract RSA public keys" /> NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.DSAKeyValueResolver" JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod" />
DESCRIPTION="Can extract DSA public keys" /> <ContentHandler LOCALNAME="X509Data"
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509CertificateResolver" NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
DESCRIPTION="Can extract public keys from X509 certificates" /> JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.X509Data" />
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SKIResolver" <ContentHandler LOCALNAME="PGPData"
DESCRIPTION="Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate from the storages" /> NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RetrievalMethodResolver" JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.PGPData" />
DESCRIPTION="Resolves keys and certificates using ResourceResolvers" /> <ContentHandler LOCALNAME="SPKIData"
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SubjectNameResolver" NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
DESCRIPTION="Uses an X509 SubjectName to retrieve a certificate from the storages" /> JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.SPKIData" />
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509IssuerSerialResolver" <ContentHandler LOCALNAME="MgmtData"
DESCRIPTION="Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the storages" /> NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
</KeyResolver> JAVACLASS="com.sun.org.apache.xml.internal.security.keys.content.MgmtData" />
</KeyInfo>
<PrefixMappings> <KeyResolver>
<!-- Many classes create Elements which are in a specific namespace; <!-- This section contains a list of KeyResolvers that are available in
here, the prefixes for these namespaces are defined. But this every KeyInfo object -->
can also be overwritten using the ElementProxy#setDefaultPrefix() <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RSAKeyValueResolver"
method. You can even set all prefixes to "" so that the corresponding DESCRIPTION="Can extract RSA public keys" />
elements are created using the default namespace --> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.DSAKeyValueResolver"
<PrefixMapping namespace="http://www.w3.org/2000/09/xmldsig#" DESCRIPTION="Can extract DSA public keys" />
prefix="ds" /> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509CertificateResolver"
<PrefixMapping namespace="http://www.w3.org/2001/04/xmlenc#" DESCRIPTION="Can extract public keys from X509 certificates" />
prefix="xenc" /> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SKIResolver"
<PrefixMapping namespace="http://www.xmlsecurity.org/experimental#" DESCRIPTION="Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate from the storages" />
prefix="experimental" /> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RetrievalMethodResolver"
<PrefixMapping namespace="http://www.w3.org/2002/04/xmldsig-filter2" DESCRIPTION="Resolves keys and certificates using ResourceResolvers" />
prefix="dsig-xpath-old" /> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SubjectNameResolver"
<PrefixMapping namespace="http://www.w3.org/2002/06/xmldsig-filter2" DESCRIPTION="Uses an X509 SubjectName to retrieve a certificate from the storages" />
prefix="dsig-xpath" /> <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509IssuerSerialResolver"
<PrefixMapping namespace="http://www.w3.org/2001/10/xml-exc-c14n#" DESCRIPTION="Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the storages" />
prefix="ec" /> </KeyResolver>
<PrefixMapping namespace="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"
prefix="xx" /> <PrefixMappings>
</PrefixMappings> <!-- Many classes create Elements which are in a specific namespace;
</Configuration> here, the prefixes for these namespaces are defined. But this
can also be overwritten using the ElementProxy#setDefaultPrefix()
method. You can even set all prefixes to "" so that the corresponding
elements are created using the default namespace -->
<PrefixMapping namespace="http://www.w3.org/2000/09/xmldsig#"
prefix="ds" />
<PrefixMapping namespace="http://www.w3.org/2001/04/xmlenc#"
prefix="xenc" />
<PrefixMapping namespace="http://www.xmlsecurity.org/experimental#"
prefix="experimental" />
<PrefixMapping namespace="http://www.w3.org/2002/04/xmldsig-filter2"
prefix="dsig-xpath-old" />
<PrefixMapping namespace="http://www.w3.org/2002/06/xmldsig-filter2"
prefix="dsig-xpath" />
<PrefixMapping namespace="http://www.w3.org/2001/10/xml-exc-c14n#"
prefix="ec" />
<PrefixMapping namespace="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"
prefix="xx" />
</PrefixMappings>
</Configuration>

694
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/schema/etsi.xsd
View file

@ -1,347 +1,347 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!-- edited with XML Spy v4.3 U (http://www.xmlspy.com) by XMLSpy v4 (Altova) --> <!-- edited with XML Spy v4.3 U (http://www.xmlspy.com) by XMLSpy v4 (Altova) -->
<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.1.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.1.1#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" xsi:schemaLocation="http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd"> <xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.1.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.1.1#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" xsi:schemaLocation="http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd">
<xsd:element name="Any" type="AnyType"/> <xsd:element name="Any" type="AnyType"/>
<xsd:complexType name="AnyType" mixed="true"> <xsd:complexType name="AnyType" mixed="true">
<xsd:sequence> <xsd:sequence>
<xsd:any namespace="##any"/> <xsd:any namespace="##any"/>
</xsd:sequence> </xsd:sequence>
<xsd:anyAttribute namespace="##any"/> <xsd:anyAttribute namespace="##any"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/> <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/>
<xsd:complexType name="ObjectIdentifierType"> <xsd:complexType name="ObjectIdentifierType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="Identifier" type="IdentifierType"/> <xsd:element name="Identifier" type="IdentifierType"/>
<xsd:element name="Description" type="xsd:string" minOccurs="0"/> <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
<xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/> <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="IdentifierType"> <xsd:complexType name="IdentifierType">
<xsd:simpleContent> <xsd:simpleContent>
<xsd:extension base="xsd:anyURI"> <xsd:extension base="xsd:anyURI">
<xsd:attribute name="Qualifier" type="QualifierType" use="optional"/> <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/>
</xsd:extension> </xsd:extension>
</xsd:simpleContent> </xsd:simpleContent>
</xsd:complexType> </xsd:complexType>
<xsd:simpleType name="QualifierType"> <xsd:simpleType name="QualifierType">
<xsd:restriction base="xsd:string"> <xsd:restriction base="xsd:string">
<xsd:enumeration value="OIDAsURI"/> <xsd:enumeration value="OIDAsURI"/>
<xsd:enumeration value="OIDAsURN"/> <xsd:enumeration value="OIDAsURN"/>
</xsd:restriction> </xsd:restriction>
</xsd:simpleType> </xsd:simpleType>
<xsd:complexType name="DocumentationReferencesType"> <xsd:complexType name="DocumentationReferencesType">
<xsd:sequence maxOccurs="unbounded"> <xsd:sequence maxOccurs="unbounded">
<xsd:element name="DocumentationReference" type="xsd:anyURI"/> <xsd:element name="DocumentationReference" type="xsd:anyURI"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/> <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/>
<xsd:complexType name="EncapsulatedPKIDataType"> <xsd:complexType name="EncapsulatedPKIDataType">
<xsd:simpleContent> <xsd:simpleContent>
<xsd:extension base="xsd:base64Binary"> <xsd:extension base="xsd:base64Binary">
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:extension> </xsd:extension>
</xsd:simpleContent> </xsd:simpleContent>
</xsd:complexType> </xsd:complexType>
<xsd:element name="TimeStamp" type="TimeStampType"/> <xsd:element name="TimeStamp" type="TimeStampType"/>
<xsd:complexType name="TimeStampType"> <xsd:complexType name="TimeStampType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="HashDataInfo" type="HashDataInfoType" maxOccurs="unbounded"/> <xsd:element name="HashDataInfo" type="HashDataInfoType" maxOccurs="unbounded"/>
<xsd:choice> <xsd:choice>
<xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/> <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
<xsd:element name="XMLTimeStamp" type="AnyType"/> <xsd:element name="XMLTimeStamp" type="AnyType"/>
</xsd:choice> </xsd:choice>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="HashDataInfoType"> <xsd:complexType name="HashDataInfoType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/> <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="uri" type="xsd:anyURI" use="required"/> <xsd:attribute name="uri" type="xsd:anyURI" use="required"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/> <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
<xsd:complexType name="QualifyingPropertiesType"> <xsd:complexType name="QualifyingPropertiesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/> <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/> <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="Target" type="xsd:anyURI" use="required"/> <xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SignedProperties" type="SignedPropertiesType"/> <xsd:element name="SignedProperties" type="SignedPropertiesType"/>
<xsd:complexType name="SignedPropertiesType"> <xsd:complexType name="SignedPropertiesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/> <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
<xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/> <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType"/> <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType"/>
<xsd:complexType name="UnsignedPropertiesType"> <xsd:complexType name="UnsignedPropertiesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType" minOccurs="0"/> <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType" minOccurs="0"/>
<xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType" minOccurs="0"/> <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/> <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
<xsd:complexType name="SignedSignaturePropertiesType"> <xsd:complexType name="SignedSignaturePropertiesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="SigningTime" type="xsd:dateTime"/> <xsd:element name="SigningTime" type="xsd:dateTime"/>
<xsd:element name="SigningCertificate" type="CertIDListType"/> <xsd:element name="SigningCertificate" type="CertIDListType"/>
<xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/> <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
<xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" minOccurs="0"/> <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" minOccurs="0"/>
<xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/> <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType"/> <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType"/>
<xsd:complexType name="SignedDataObjectPropertiesType"> <xsd:complexType name="SignedDataObjectPropertiesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="DataObjectFormat" type="DataObjectFormatType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="DataObjectFormat" type="DataObjectFormatType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType"/> <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType"/>
<xsd:complexType name="UnsignedSignaturePropertiesType"> <xsd:complexType name="UnsignedSignaturePropertiesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CounterSignature" type="CounterSignatureType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="CounterSignature" type="CounterSignatureType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="SignatureTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="SignatureTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType" minOccurs="0"/> <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType" minOccurs="0"/>
<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType" minOccurs="0"/> <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType" minOccurs="0"/>
<xsd:choice> <xsd:choice>
<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:choice> </xsd:choice>
<xsd:element name="CertificateValues" type="CertificateValuesType" minOccurs="0"/> <xsd:element name="CertificateValues" type="CertificateValuesType" minOccurs="0"/>
<xsd:element name="RevocationValues" type="RevocationValuesType" minOccurs="0"/> <xsd:element name="RevocationValues" type="RevocationValuesType" minOccurs="0"/>
<xsd:element name="ArchiveTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="ArchiveTimeStamp" type="TimeStampType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType"/> <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType"/>
<xsd:complexType name="UnsignedDataObjectPropertiesType"> <xsd:complexType name="UnsignedDataObjectPropertiesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="UnsignedDataObjectProperty" type="AnyType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="UnsignedDataObjectProperty" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="QualifyingPropertiesReference" type="QualifyingPropertiesReferenceType"/> <xsd:element name="QualifyingPropertiesReference" type="QualifyingPropertiesReferenceType"/>
<xsd:complexType name="QualifyingPropertiesReferenceType"> <xsd:complexType name="QualifyingPropertiesReferenceType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/> <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="URI" type="xsd:anyURI" use="required"/> <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SigningTime" type="xsd:dateTime"/> <xsd:element name="SigningTime" type="xsd:dateTime"/>
<xsd:element name="SigningCertificate" type="CertIDListType"/> <xsd:element name="SigningCertificate" type="CertIDListType"/>
<xsd:complexType name="CertIDListType"> <xsd:complexType name="CertIDListType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/> <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="CertIDType"> <xsd:complexType name="CertIDType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CertDigest" type="DigestAlgAndValueType"/> <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
<xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/> <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="DigestAlgAndValueType"> <xsd:complexType name="DigestAlgAndValueType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="DigestMethod" type="ds:DigestMethodType"/> <xsd:element name="DigestMethod" type="ds:DigestMethodType"/>
<xsd:element name="DigestValue" type="ds:DigestValueType"/> <xsd:element name="DigestValue" type="ds:DigestValueType"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/> <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
<xsd:complexType name="SignaturePolicyIdentifierType"> <xsd:complexType name="SignaturePolicyIdentifierType">
<xsd:choice> <xsd:choice>
<xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/> <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/>
<xsd:element name="SignaturePolicyImplied"/> <xsd:element name="SignaturePolicyImplied"/>
</xsd:choice> </xsd:choice>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="SignaturePolicyIdType"> <xsd:complexType name="SignaturePolicyIdType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="SigPolicyId" type="ObjectIdentifierType"/> <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/>
<xsd:element ref="ds:Transforms" minOccurs="0"/> <xsd:element ref="ds:Transforms" minOccurs="0"/>
<xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/> <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/>
<xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/> <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="SigPolicyQualifiersListType"> <xsd:complexType name="SigPolicyQualifiersListType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/> <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SPURI" type="xsd:anyURI"/> <xsd:element name="SPURI" type="xsd:anyURI"/>
<xsd:element name="SPUserNotice" type="SPUserNoticeType"/> <xsd:element name="SPUserNotice" type="SPUserNoticeType"/>
<xsd:complexType name="SPUserNoticeType"> <xsd:complexType name="SPUserNoticeType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/> <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/>
<xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/> <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="NoticeReferenceType"> <xsd:complexType name="NoticeReferenceType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="Organization" type="xsd:string"/> <xsd:element name="Organization" type="xsd:string"/>
<xsd:element name="NoticeNumbers" type="IntegerListType"/> <xsd:element name="NoticeNumbers" type="IntegerListType"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="IntegerListType"> <xsd:complexType name="IntegerListType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="CounterSignature" type="CounterSignatureType"/> <xsd:element name="CounterSignature" type="CounterSignatureType"/>
<xsd:complexType name="CounterSignatureType"> <xsd:complexType name="CounterSignatureType">
<xsd:sequence> <xsd:sequence>
<xsd:element ref="ds:Signature"/> <xsd:element ref="ds:Signature"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="DataObjectFormat" type="DataObjectFormatType"/> <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/>
<xsd:complexType name="DataObjectFormatType"> <xsd:complexType name="DataObjectFormatType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="Description" type="xsd:string" minOccurs="0"/> <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
<xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/> <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/>
<xsd:element name="MimeType" type="xsd:string" minOccurs="0"/> <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/>
<xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/> <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/> <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/> <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/>
<xsd:complexType name="CommitmentTypeIndicationType"> <xsd:complexType name="CommitmentTypeIndicationType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/> <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/>
<xsd:choice> <xsd:choice>
<xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="AllSignedDataObjects"/> <xsd:element name="AllSignedDataObjects"/>
</xsd:choice> </xsd:choice>
<xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/> <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="CommitmentTypeQualifiersListType"> <xsd:complexType name="CommitmentTypeQualifiersListType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/> <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/>
<xsd:complexType name="SignatureProductionPlaceType"> <xsd:complexType name="SignatureProductionPlaceType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="City" type="xsd:string" minOccurs="0"/> <xsd:element name="City" type="xsd:string" minOccurs="0"/>
<xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/> <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
<xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/> <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
<xsd:element name="CountryName" type="xsd:string" minOccurs="0"/> <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SignerRole" type="SignerRoleType"/> <xsd:element name="SignerRole" type="SignerRoleType"/>
<xsd:complexType name="SignerRoleType"> <xsd:complexType name="SignerRoleType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="ClaimedRoles" type="ClaimedRolesListType" minOccurs="0"/> <xsd:element name="ClaimedRoles" type="ClaimedRolesListType" minOccurs="0"/>
<xsd:element name="CertifiedRoles" type="CertifiedRolesListType" minOccurs="0"/> <xsd:element name="CertifiedRoles" type="CertifiedRolesListType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="ClaimedRolesListType"> <xsd:complexType name="ClaimedRolesListType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/> <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="CertifiedRolesListType"> <xsd:complexType name="CertifiedRolesListType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/> <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/>
<xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/> <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/>
<xsd:element name="SignatureTimeStamp" type="TimeStampType"/> <xsd:element name="SignatureTimeStamp" type="TimeStampType"/>
<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/> <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
<xsd:complexType name="CompleteCertificateRefsType"> <xsd:complexType name="CompleteCertificateRefsType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CertRefs" type="CertIDListType"/> <xsd:element name="CertRefs" type="CertIDListType"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/> <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
<xsd:complexType name="CompleteRevocationRefsType"> <xsd:complexType name="CompleteRevocationRefsType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/> <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/>
<xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/> <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/>
<xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/> <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="CRLRefsType"> <xsd:complexType name="CRLRefsType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/> <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="CRLRefType"> <xsd:complexType name="CRLRefType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/> <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/>
<xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/> <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="CRLIdentifierType"> <xsd:complexType name="CRLIdentifierType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="Issuer" type="xsd:string"/> <xsd:element name="Issuer" type="xsd:string"/>
<xsd:element name="IssueTime" type="xsd:dateTime"/> <xsd:element name="IssueTime" type="xsd:dateTime"/>
<xsd:element name="Number" type="xsd:integer" minOccurs="0"/> <xsd:element name="Number" type="xsd:integer" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="OCSPRefsType"> <xsd:complexType name="OCSPRefsType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/> <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="OCSPRefType"> <xsd:complexType name="OCSPRefType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/> <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/>
<xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType" minOccurs="0"/> <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="OCSPIdentifierType"> <xsd:complexType name="OCSPIdentifierType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="ResponderID" type="xsd:string"/> <xsd:element name="ResponderID" type="xsd:string"/>
<xsd:element name="ProducedAt" type="xsd:dateTime"/> <xsd:element name="ProducedAt" type="xsd:dateTime"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="OtherCertStatusRefsType"> <xsd:complexType name="OtherCertStatusRefsType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/> <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/> <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/>
<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/> <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/>
<xsd:element name="CertificateValues" type="CertificateValuesType"/> <xsd:element name="CertificateValues" type="CertificateValuesType"/>
<xsd:complexType name="CertificateValuesType"> <xsd:complexType name="CertificateValuesType">
<xsd:choice minOccurs="0" maxOccurs="unbounded"> <xsd:choice minOccurs="0" maxOccurs="unbounded">
<xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/> <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/>
<xsd:element name="OtherCertificate" type="AnyType"/> <xsd:element name="OtherCertificate" type="AnyType"/>
</xsd:choice> </xsd:choice>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:element name="RevocationValues" type="RevocationValuesType"/> <xsd:element name="RevocationValues" type="RevocationValuesType"/>
<xsd:complexType name="RevocationValuesType"> <xsd:complexType name="RevocationValuesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/> <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/>
<xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/> <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/>
<xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/> <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/>
</xsd:sequence> </xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="CRLValuesType"> <xsd:complexType name="CRLValuesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="OCSPValuesType"> <xsd:complexType name="OCSPValuesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="EncapsulatedOCSPValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> <xsd:element name="EncapsulatedOCSPValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:complexType name="OtherCertStatusValuesType"> <xsd:complexType name="OtherCertStatusValuesType">
<xsd:sequence> <xsd:sequence>
<xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/> <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/>
</xsd:sequence> </xsd:sequence>
</xsd:complexType> </xsd:complexType>
<xsd:element name="ArchiveTimeStamp" type="TimeStampType"/> <xsd:element name="ArchiveTimeStamp" type="TimeStampType"/>
</xsd:schema> </xsd:schema>

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/schema/xmldsig-core-schema.dtd
View file

@ -3,7 +3,7 @@
Joseph Reagle $last changed 20001215$ Joseph Reagle $last changed 20001215$
http://www.w3.org/2000/09/xmldsig# http://www.w3.org/2000/09/xmldsig#
$Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $ $Revision: 1.6 $ on $Date: 2008/07/24 16:15:03 $ by $Author: mullan $
Copyright 2001 The Internet Society and W3C (Massachusetts Institute Copyright 2001 The Internet Society and W3C (Massachusetts Institute
of Technology, Institut National de Recherche en Informatique et en of Technology, Institut National de Recherche en Informatique et en

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/schema/xmldsig-core-schema.xsd
View file

@ -11,7 +11,7 @@
<!-- Schema for XML Signatures <!-- Schema for XML Signatures
http://www.w3.org/2000/09/xmldsig# http://www.w3.org/2000/09/xmldsig#
$Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $ $Revision: 1.6 $ on $Date: 2008/07/24 16:15:03 $ by $Author: mullan $
Copyright 2001 The Internet Society and W3C (Massachusetts Institute Copyright 2001 The Internet Society and W3C (Massachusetts Institute
of Technology, Institut National de Recherche en Informatique et en of Technology, Institut National de Recherche en Informatique et en

246
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/xmlsecurity_en.properties
View file

@ -1,123 +1,123 @@
algorithm.alreadyRegistered = URI {0} already assigned to class {1} algorithm.alreadyRegistered = URI {0} already assigned to class {1}
algorithm.classDoesNotExist = Cannot register URI {0} to class {1} because this class does not exist in CLASSPATH algorithm.classDoesNotExist = Cannot register URI {0} to class {1} because this class does not exist in CLASSPATH
algorithm.ClassDoesNotExist = Class {0} does not exist algorithm.ClassDoesNotExist = Class {0} does not exist
algorithm.extendsWrongClass = Cannot register URI {0} to class {1} because it does not extend {2} algorithm.extendsWrongClass = Cannot register URI {0} to class {1} because it does not extend {2}
algorithms.CannotUseAlgorithmParameterSpecOnDSA = Sorry, but you cannot use a AlgorithmParameterSpec object for creating DSA signatures. algorithms.CannotUseAlgorithmParameterSpecOnDSA = Sorry, but you cannot use a AlgorithmParameterSpec object for creating DSA signatures.
algorithms.CannotUseAlgorithmParameterSpecOnRSA = Sorry, but you cannot use a AlgorithmParameterSpec object for creating RSA signatures. algorithms.CannotUseAlgorithmParameterSpecOnRSA = Sorry, but you cannot use a AlgorithmParameterSpec object for creating RSA signatures.
algorithms.CannotUseSecureRandomOnMAC = Sorry, but you cannot use a SecureRandom object for creating MACs. algorithms.CannotUseSecureRandomOnMAC = Sorry, but you cannot use a SecureRandom object for creating MACs.
algorithms.HMACOutputLengthOnlyForHMAC = A HMACOutputLength can only be specified for HMAC integrity algorithms algorithms.HMACOutputLengthOnlyForHMAC = A HMACOutputLength can only be specified for HMAC integrity algorithms
algorithms.NoSuchAlgorithm = The requested algorithm {0} does not exist. Original Message was: {1} algorithms.NoSuchAlgorithm = The requested algorithm {0} does not exist. Original Message was: {1}
algorithms.NoSuchMap = The algorithm URI "{0}" could not be mapped to a JCE algorithm algorithms.NoSuchMap = The algorithm URI "{0}" could not be mapped to a JCE algorithm
algorithms.NoSuchProvider = The specified Provider {0} does not exist. Original Message was: {1} algorithms.NoSuchProvider = The specified Provider {0} does not exist. Original Message was: {1}
algorithms.operationOnlyVerification = A public key can only used for verification of a signature. algorithms.operationOnlyVerification = A public key can only used for verification of a signature.
algorithms.WrongKeyForThisOperation = Sorry, you supplied the wrong key type for this operation! You supplied a {0} but a {1} is needed. algorithms.WrongKeyForThisOperation = Sorry, you supplied the wrong key type for this operation! You supplied a {0} but a {1} is needed.
attributeValueIllegal = The attribute {0} has value {1} but must be {2} attributeValueIllegal = The attribute {0} has value {1} but must be {2}
c14n.Canonicalizer.Exception = Exception during Canonicalization: Original Message was {0} c14n.Canonicalizer.Exception = Exception during Canonicalization: Original Message was {0}
c14n.Canonicalizer.IllegalNode = Illegal node type {0}, node name was {1} c14n.Canonicalizer.IllegalNode = Illegal node type {0}, node name was {1}
c14n.Canonicalizer.NoSuchCanonicalizer = No canonicalizer found with URI {0} c14n.Canonicalizer.NoSuchCanonicalizer = No canonicalizer found with URI {0}
c14n.Canonicalizer.ParserConfigurationException = ParserConfigurationException during Canonicalization: Original Message was {0} c14n.Canonicalizer.ParserConfigurationException = ParserConfigurationException during Canonicalization: Original Message was {0}
c14n.Canonicalizer.RelativeNamespace = Element {0} has a relative namespace: {1}="{2}" c14n.Canonicalizer.RelativeNamespace = Element {0} has a relative namespace: {1}="{2}"
c14n.Canonicalizer.SAXException = SAXException during Canonicalization: Original Message was {0} c14n.Canonicalizer.SAXException = SAXException during Canonicalization: Original Message was {0}
c14n.Canonicalizer.TraversalNotSupported = This DOM document does not support Traversal {0} c14n.Canonicalizer.TraversalNotSupported = This DOM document does not support Traversal {0}
c14n.Canonicalizer.UnsupportedEncoding = Unsupported encoding {0} c14n.Canonicalizer.UnsupportedEncoding = Unsupported encoding {0}
c14n.Canonicalizer.UnsupportedOperation = This canonicalizer does not support this operation c14n.Canonicalizer.UnsupportedOperation = This canonicalizer does not support this operation
c14n.XMLUtils.circumventBug2650forgotten = The tree has not been prepared for canonicalization using XMLUtils#circumventBug2650(Document) c14n.XMLUtils.circumventBug2650forgotten = The tree has not been prepared for canonicalization using XMLUtils#circumventBug2650(Document)
certificate.noSki.lowVersion = Certificate cannot contain a SubjectKeyIdentifier because it is only X509v{0} certificate.noSki.lowVersion = Certificate cannot contain a SubjectKeyIdentifier because it is only X509v{0}
certificate.noSki.notOctetString = Certificates SubjectKeyIdentifier is not a OctetString certificate.noSki.notOctetString = Certificates SubjectKeyIdentifier is not a OctetString
certificate.noSki.null = Certificate does not contain a SubjectKeyIdentifier certificate.noSki.null = Certificate does not contain a SubjectKeyIdentifier
defaultNamespaceCannotBeSetHere = Default namespace cannot be set here defaultNamespaceCannotBeSetHere = Default namespace cannot be set here
ElementProxy.nullElement = Cannot create an ElementProxy from a null argument ElementProxy.nullElement = Cannot create an ElementProxy from a null argument
empty = {0} empty = {0}
encryption.algorithmCannotBeUsedForEncryptedData = encryption.algorithmCannotBeUsedForEncryptedData {0} encryption.algorithmCannotBeUsedForEncryptedData = encryption.algorithmCannotBeUsedForEncryptedData {0}
encryption.algorithmCannotEatInitParams = encryption.algorithmCannotEatInitParams encryption.algorithmCannotEatInitParams = encryption.algorithmCannotEatInitParams
encryption.algorithmCannotEncryptDecrypt = encryption.algorithmCannotEncryptDecrypt encryption.algorithmCannotEncryptDecrypt = encryption.algorithmCannotEncryptDecrypt
encryption.algorithmCannotWrapUnWrap = encryption.algorithmCannotWrapUnWrap encryption.algorithmCannotWrapUnWrap = encryption.algorithmCannotWrapUnWrap
encryption.ExplicitKeySizeMismatch = The xenc:KeySize element requests a key size of {0} bit but the algorithm implements {1} bit encryption.ExplicitKeySizeMismatch = The xenc:KeySize element requests a key size of {0} bit but the algorithm implements {1} bit
encryption.nonceLongerThanDecryptedPlaintext = The given nonce is longer than the available plaintext. I Cannot strip away this. encryption.nonceLongerThanDecryptedPlaintext = The given nonce is longer than the available plaintext. I Cannot strip away this.
encryption.RSAOAEP.dataHashWrong = data hash wrong encryption.RSAOAEP.dataHashWrong = data hash wrong
encryption.RSAOAEP.dataStartWrong = data wrong start {0} encryption.RSAOAEP.dataStartWrong = data wrong start {0}
encryption.RSAOAEP.dataTooShort = data too short encryption.RSAOAEP.dataTooShort = data too short
encryption.RSAPKCS15.blockTruncated = block truncated encryption.RSAPKCS15.blockTruncated = block truncated
encryption.RSAPKCS15.noDataInBlock = no data in block encryption.RSAPKCS15.noDataInBlock = no data in block
encryption.RSAPKCS15.unknownBlockType = unknown block type encryption.RSAPKCS15.unknownBlockType = unknown block type
encryption.nokey = No Key Encryption Key loaded and cannot determine using key resolvers encryption.nokey = No Key Encryption Key loaded and cannot determine using key resolvers
endorsed.jdk1.4.0 = Since it seems that nobody reads our installation notes, we must do it in the exception messages. Hope you read them. You did NOT use the endorsed mechanism from JDK 1.4 properly; look at <http://xml.apache.org/security/Java/installation.html> how to solve this problem. endorsed.jdk1.4.0 = Since it seems that nobody reads our installation notes, we must do it in the exception messages. Hope you read them. You did NOT use the endorsed mechanism from JDK 1.4 properly; look at <http://xml.apache.org/security/Java/installation.html> how to solve this problem.
errorMessages.InvalidDigestValueException = INVALID signature -- check reference resolution. errorMessages.InvalidDigestValueException = INVALID signature -- check reference resolution.
errorMessages.InvalidSignatureValueException = INVALID signature -- core validation failed. errorMessages.InvalidSignatureValueException = INVALID signature -- core validation failed.
errorMessages.IOException = Other file I/O and similar exceptions. errorMessages.IOException = Other file I/O and similar exceptions.
errorMessages.MissingKeyFailureException = Cannot verify because of missing public key. Provide it via addResource and try again. errorMessages.MissingKeyFailureException = Cannot verify because of missing public key. Provide it via addResource and try again.
errorMessages.MissingResourceFailureException = Cannot verify because of unresolved references. Provide it via addResource and try again. errorMessages.MissingResourceFailureException = Cannot verify because of unresolved references. Provide it via addResource and try again.
errorMessages.NoSuchAlgorithmException = Unknown Algorithm {0} errorMessages.NoSuchAlgorithmException = Unknown Algorithm {0}
errorMessages.NotYetImplementedException = Functionality not yet there. errorMessages.NotYetImplementedException = Functionality not yet there.
errorMessages.XMLSignatureException = Verification failed for some other reason. errorMessages.XMLSignatureException = Verification failed for some other reason.
decoding.divisible.four = It should be divisible by four decoding.divisible.four = It should be divisible by four
decoding.general = Error while decoding decoding.general = Error while decoding
FileKeyStorageImpl.addToDefaultFromRemoteNotImplemented = Method addToDefaultFromRemote() not yet implemented. FileKeyStorageImpl.addToDefaultFromRemoteNotImplemented = Method addToDefaultFromRemote() not yet implemented.
FileKeyStorageImpl.NoCert.Context = Not found such a X509Certificate including context {0} FileKeyStorageImpl.NoCert.Context = Not found such a X509Certificate including context {0}
FileKeyStorageImpl.NoCert.IssNameSerNo = Not found such a X509Certificate with IssuerName {0} and serial number {1} FileKeyStorageImpl.NoCert.IssNameSerNo = Not found such a X509Certificate with IssuerName {0} and serial number {1}
FileKeyStorageImpl.NoCert.SubjName = Not found such a X509Certificate including SubjectName {0} FileKeyStorageImpl.NoCert.SubjName = Not found such a X509Certificate including SubjectName {0}
generic.dontHaveConstructionElement = I do not have a construction Element generic.dontHaveConstructionElement = I do not have a construction Element
generic.EmptyMessage = {0} generic.EmptyMessage = {0}
generic.NotYetImplemented = {0} Not YET implemented ;-(( generic.NotYetImplemented = {0} Not YET implemented ;-((
java.security.InvalidKeyException = Invalid key java.security.InvalidKeyException = Invalid key
java.security.NoSuchProviderException = Unknown or unsupported provider java.security.NoSuchProviderException = Unknown or unsupported provider
java.security.UnknownKeyType = Unknown or unsupported key type {0} java.security.UnknownKeyType = Unknown or unsupported key type {0}
KeyInfo.needKeyResolver = More than one keyResovler have to be registered KeyInfo.needKeyResolver = More than one keyResovler have to be registered
KeyInfo.nokey = Cannot get key from {0} KeyInfo.nokey = Cannot get key from {0}
KeyInfo.noKey = Cannot get the public key KeyInfo.noKey = Cannot get the public key
KeyInfo.wrongNumberOfObject = Need {0} keyObjects KeyInfo.wrongNumberOfObject = Need {0} keyObjects
KeyInfo.wrongUse = This object was made for getting {0} KeyInfo.wrongUse = This object was made for getting {0}
keyResolver.alreadyRegistered = {1} class has already been registered for {0} keyResolver.alreadyRegistered = {1} class has already been registered for {0}
KeyResolver.needStorageResolver = Need a StorageResolver to retrieve a Certificate from a {0} KeyResolver.needStorageResolver = Need a StorageResolver to retrieve a Certificate from a {0}
KeyResoverSpiImpl.cannotGetCert = Cannot get the Certificate that include or in {1} in implement class {0} KeyResoverSpiImpl.cannotGetCert = Cannot get the Certificate that include or in {1} in implement class {0}
KeyResoverSpiImpl.elementGeneration = Cannot make {1} element in implement class {0} KeyResoverSpiImpl.elementGeneration = Cannot make {1} element in implement class {0}
KeyResoverSpiImpl.getPoublicKey = Cannot get the public key from implement class {0} KeyResoverSpiImpl.getPoublicKey = Cannot get the public key from implement class {0}
KeyResoverSpiImpl.InvalidElement = Cannot set (2) Element in implement class {0} KeyResoverSpiImpl.InvalidElement = Cannot set (2) Element in implement class {0}
KeyResoverSpiImpl.keyStore = KeyStorage error in implement class {0} KeyResoverSpiImpl.keyStore = KeyStorage error in implement class {0}
KeyResoverSpiImpl.need.Element = {1} type of Element is needed in implement class {0} KeyResoverSpiImpl.need.Element = {1} type of Element is needed in implement class {0}
KeyResoverSpiImpl.wrongCRLElement = Cannot make CRL from {1} in implement class {0} KeyResoverSpiImpl.wrongCRLElement = Cannot make CRL from {1} in implement class {0}
KeyResoverSpiImpl.wrongKeyObject = Need {1} type of KeyObject for generation Element in implement class{0} KeyResoverSpiImpl.wrongKeyObject = Need {1} type of KeyObject for generation Element in implement class{0}
KeyResoverSpiImpl.wrongNumberOfObject = Need {1} keyObject in implement class {0} KeyResoverSpiImpl.wrongNumberOfObject = Need {1} keyObject in implement class {0}
KeyStore.alreadyRegistered = {0} Class has already been registered for {1} KeyStore.alreadyRegistered = {0} Class has already been registered for {1}
KeyStore.register = {1} type class register error in class {0} KeyStore.register = {1} type class register error in class {0}
KeyStore.registerStore.register = Registeration error for type {0} KeyStore.registerStore.register = Registeration error for type {0}
KeyValue.IllegalArgument = Cannot create a {0} from {1} KeyValue.IllegalArgument = Cannot create a {0} from {1}
namespacePrefixAlreadyUsedByOtherURI = Namespace prefix {0} already used by other URI {1} namespacePrefixAlreadyUsedByOtherURI = Namespace prefix {0} already used by other URI {1}
notYetInitialized = The module {0} is not yet initialized notYetInitialized = The module {0} is not yet initialized
prefix.AlreadyAssigned = You want to assign {0} as prefix for namespace {1} but it is already assigned for {2} prefix.AlreadyAssigned = You want to assign {0} as prefix for namespace {1} but it is already assigned for {2}
signature.Canonicalizer.UnknownCanonicalizer = Unknown canonicalizer. No handler installed for URI {0} signature.Canonicalizer.UnknownCanonicalizer = Unknown canonicalizer. No handler installed for URI {0}
signature.DSA.invalidFormat = Invalid ASN.1 encoding of the DSA signature signature.DSA.invalidFormat = Invalid ASN.1 encoding of the DSA signature
signature.Generation.signBeforeGetValue = You have to XMLSignature.sign(java.security.PrivateKey) first signature.Generation.signBeforeGetValue = You have to XMLSignature.sign(java.security.PrivateKey) first
signature.signaturePropertyHasNoTarget = The Target attribute of the SignatureProperty must be set signature.signaturePropertyHasNoTarget = The Target attribute of the SignatureProperty must be set
signature.Transform.ErrorDuringTransform = A {1} was thrown during the {0} transform signature.Transform.ErrorDuringTransform = A {1} was thrown during the {0} transform
signature.Transform.NotYetImplemented = Transform {0} not yet implemented signature.Transform.NotYetImplemented = Transform {0} not yet implemented
signature.Transform.NullPointerTransform = Null pointer as URI. Programming bug? signature.Transform.NullPointerTransform = Null pointer as URI. Programming bug?
signature.Transform.UnknownTransform = Unknown transformation. No handler installed for URI {0} signature.Transform.UnknownTransform = Unknown transformation. No handler installed for URI {0}
signature.Transform.node = Current Node: {0} signature.Transform.node = Current Node: {0}
signature.Transform.nodeAndType = Current Node: {0}, type: {1} signature.Transform.nodeAndType = Current Node: {0}, type: {1}
signature.Util.BignumNonPositive = bigInteger.signum() must be positive signature.Util.BignumNonPositive = bigInteger.signum() must be positive
signature.Util.NonTextNode = Not a text node signature.Util.NonTextNode = Not a text node
signature.Util.TooManyChilds = Too many childs of Type {0} in {1} signature.Util.TooManyChilds = Too many childs of Type {0} in {1}
signature.Verification.certificateError = Certificate error signature.Verification.certificateError = Certificate error
signature.Verification.IndexOutOfBounds = Index {0} illegal. We only have {1} References signature.Verification.IndexOutOfBounds = Index {0} illegal. We only have {1} References
signature.Verification.internalError = Internal error signature.Verification.internalError = Internal error
signature.Verification.InvalidDigestOrReference = Invalid digest of reference {0} signature.Verification.InvalidDigestOrReference = Invalid digest of reference {0}
signature.Verification.keyStore = KeyStore error signature.Verification.keyStore = KeyStore error
signature.Verification.MissingID = Cannot resolve element with ID {0} signature.Verification.MissingID = Cannot resolve element with ID {0}
signature.Verification.MissingResources = Cannot resolve external resource {0} signature.Verification.MissingResources = Cannot resolve external resource {0}
signature.Verification.NoSignatureElement = Input document contains no {0} Element in namespace {1} signature.Verification.NoSignatureElement = Input document contains no {0} Element in namespace {1}
signature.Verification.Reference.NoInput = The Reference for URI {0} has no XMLSignatureInput signature.Verification.Reference.NoInput = The Reference for URI {0} has no XMLSignatureInput
signature.Verification.SignatureError = Signature error signature.Verification.SignatureError = Signature error
signature.XMLSignatureInput.MissingConstuctor = Cannot construct a XMLSignatureInput from class {0} signature.XMLSignatureInput.MissingConstuctor = Cannot construct a XMLSignatureInput from class {0}
signature.XMLSignatureInput.SerializeDOM = Input initialized with DOM Element. Use Canonicalization to serialize it signature.XMLSignatureInput.SerializeDOM = Input initialized with DOM Element. Use Canonicalization to serialize it
signature.XMLSignatureInput.nodesetReference = Unable to convert to nodeset the reference signature.XMLSignatureInput.nodesetReference = Unable to convert to nodeset the reference
transform.Init.IllegalContextArgument = Invalid context argument of class {0}. Must be String, org.w3c.dom.NodeList or java.io.InputStream. transform.Init.IllegalContextArgument = Invalid context argument of class {0}. Must be String, org.w3c.dom.NodeList or java.io.InputStream.
transform.init.NotInitialized = transform.init.NotInitialized =
transform.init.wrongURI = Initialized with wrong URI. How could this happen? We implement {0} but {1} was used during initialization transform.init.wrongURI = Initialized with wrong URI. How could this happen? We implement {0} but {1} was used during initialization
utils.Base64.IllegalBitlength = Illegal byte length; Data to be decoded must be a multiple of 4 utils.Base64.IllegalBitlength = Illegal byte length; Data to be decoded must be a multiple of 4
Base64Decoding = Error while decoding Base64Decoding = Error while decoding
utils.resolver.noClass = Could not find a resolver for URI {0} and Base {1} utils.resolver.noClass = Could not find a resolver for URI {0} and Base {1}
xml.WrongContent = Cannot find {0} in {1} xml.WrongContent = Cannot find {0} in {1}
xml.WrongElement = Cannot create a {0} from a {1} element xml.WrongElement = Cannot create a {0} from a {1} element
xpath.funcHere.documentsDiffer = The XPath is not in the same document as the context node xpath.funcHere.documentsDiffer = The XPath is not in the same document as the context node
xpath.funcHere.noXPathContext = Try to evaluate an XPath which uses the here() function but XPath is not inside an ds:XPath Element. XPath was : {0} xpath.funcHere.noXPathContext = Try to evaluate an XPath which uses the here() function but XPath is not inside an ds:XPath Element. XPath was : {0}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/InvalidDigestValueException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/InvalidSignatureValueException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

52
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Manifest.java
View file

@ -68,14 +68,11 @@ public class Manifest extends SignatureElementProxy {
/** Field verificationResults[] */ /** Field verificationResults[] */
private boolean verificationResults[] = null; private boolean verificationResults[] = null;
/** Field _signedContents */
List _signedContents = new ArrayList();
/** Field _resolverProperties */ /** Field _resolverProperties */
HashMap _resolverProperties = new HashMap(10); HashMap _resolverProperties = null;
/** Field _perManifestResolvers */ /** Field _perManifestResolvers */
List _perManifestResolvers = new ArrayList(); List _perManifestResolvers = null;
/** /**
* Consturts {@link Manifest} * Consturts {@link Manifest}
@ -144,8 +141,6 @@ public class Manifest extends SignatureElementProxy {
String BaseURI, String referenceURI, Transforms transforms, String digestURI, String ReferenceId, String ReferenceType) String BaseURI, String referenceURI, Transforms transforms, String digestURI, String ReferenceId, String ReferenceType)
throws XMLSignatureException { throws XMLSignatureException {
if (this._state == MODE_SIGN) {
// the this._doc is handed implicitly by the this.getOwnerDocument() // the this._doc is handed implicitly by the this.getOwnerDocument()
Reference ref = new Reference(this._doc, BaseURI, referenceURI, this, Reference ref = new Reference(this._doc, BaseURI, referenceURI, this,
transforms, digestURI); transforms, digestURI);
@ -164,7 +159,6 @@ public class Manifest extends SignatureElementProxy {
// add the Element of the Reference object to the Manifest/SignedInfo // add the Element of the Reference object to the Manifest/SignedInfo
this._constructionElement.appendChild(ref.getElement()); this._constructionElement.appendChild(ref.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
} }
/** /**
@ -178,7 +172,6 @@ public class Manifest extends SignatureElementProxy {
public void generateDigestValues() public void generateDigestValues()
throws XMLSignatureException, ReferenceNotInitializedException { throws XMLSignatureException, ReferenceNotInitializedException {
if (this._state == MODE_SIGN) {
for (int i = 0; i < this.getLength(); i++) { for (int i = 0; i < this.getLength(); i++) {
// update the cached Reference object, the Element content is automatically updated // update the cached Reference object, the Element content is automatically updated
@ -186,7 +179,6 @@ public class Manifest extends SignatureElementProxy {
currentRef.generateDigestValue(); currentRef.generateDigestValue();
} }
}
} }
/** /**
@ -208,11 +200,6 @@ public class Manifest extends SignatureElementProxy {
*/ */
public Reference item(int i) throws XMLSecurityException { public Reference item(int i) throws XMLSecurityException {
if (this._state == MODE_SIGN) {
// we already have real objects
return (Reference) this._references.get(i);
}
if (this._references.get(i) == null) { if (this._references.get(i) == null) {
// not yet constructed, so _we_ have to // not yet constructed, so _we_ have to
@ -232,7 +219,7 @@ public class Manifest extends SignatureElementProxy {
*/ */
public void setId(String Id) { public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) { if (Id != null) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id); IdResolver.registerElementById(this._constructionElement, Id);
} }
@ -294,9 +281,9 @@ public class Manifest extends SignatureElementProxy {
XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(), XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(),
Constants._TAG_REFERENCE); Constants._TAG_REFERENCE);
} }
if (true) { if (log.isLoggable(java.util.logging.Level.FINE)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "verify " +_referencesEl.length + " References"); log.log(java.util.logging.Level.FINE, "verify " +_referencesEl.length + " References");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I am " + (followManifests log.log(java.util.logging.Level.FINE, "I am " + (followManifests
? "" ? ""
: "not") + " requested to follow nested Manifests"); : "not") + " requested to follow nested Manifests");
} }
@ -325,13 +312,13 @@ public class Manifest extends SignatureElementProxy {
if (!currentRefVerified) { if (!currentRefVerified) {
verify = false; verify = false;
} }
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The Reference has Type " + currentRef.getType()); log.log(java.util.logging.Level.FINE, "The Reference has Type " + currentRef.getType());
// was verification successful till now and do we want to verify the Manifest? // was verification successful till now and do we want to verify the Manifest?
if (verify && followManifests if (verify && followManifests
&& currentRef.typeIsReferenceToManifest()) { && currentRef.typeIsReferenceToManifest()) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have to follow a nested Manifest"); log.log(java.util.logging.Level.FINE, "We have to follow a nested Manifest");
try { try {
XMLSignatureInput signedManifestNodes = XMLSignatureInput signedManifestNodes =
@ -381,7 +368,7 @@ public class Manifest extends SignatureElementProxy {
log.log(java.util.logging.Level.WARNING, "The nested Manifest was invalid (bad)"); log.log(java.util.logging.Level.WARNING, "The nested Manifest was invalid (bad)");
} else { } else {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The nested Manifest was valid (good)"); log.log(java.util.logging.Level.FINE, "The nested Manifest was valid (good)");
} }
} catch (IOException ex) { } catch (IOException ex) {
throw new ReferenceNotInitializedException("empty", ex); throw new ReferenceNotInitializedException("empty", ex);
@ -458,9 +445,13 @@ public class Manifest extends SignatureElementProxy {
*/ */
public void addResourceResolver(ResourceResolver resolver) { public void addResourceResolver(ResourceResolver resolver) {
if (resolver != null) { if (resolver == null) {
this._perManifestResolvers.add(resolver); return;
} }
if (_perManifestResolvers==null)
_perManifestResolvers = new ArrayList();
this._perManifestResolvers.add(resolver);
} }
/** /**
@ -470,9 +461,13 @@ public class Manifest extends SignatureElementProxy {
*/ */
public void addResourceResolver(ResourceResolverSpi resolverSpi) { public void addResourceResolver(ResourceResolverSpi resolverSpi) {
if (resolverSpi != null) { if (resolverSpi == null) {
this._perManifestResolvers.add(new ResourceResolver(resolverSpi)); return;
} }
if (_perManifestResolvers==null)
_perManifestResolvers = new ArrayList();
this._perManifestResolvers.add(new ResourceResolver(resolverSpi));
} }
/** /**
@ -483,6 +478,9 @@ public class Manifest extends SignatureElementProxy {
* @param value the value * @param value the value
*/ */
public void setResolverProperty(String key, String value) { public void setResolverProperty(String key, String value) {
if (_resolverProperties==null) {
_resolverProperties=new HashMap(10);
}
this._resolverProperties.put(key, value); this._resolverProperties.put(key, value);
} }

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/MissingResourceFailureException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

19
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/NodeFilter.java
View file

@ -31,8 +31,23 @@ public interface NodeFilter {
/** /**
* Tells if a node must be outputed in c14n. * Tells if a node must be outputed in c14n.
* @param n * @param n
* @return true if node must be outputed, false otherwise. * @return 1 if the node should be outputed.
* 0 if node must not be outputed,
* -1 if the node and all it's child must not be output.
*
*/ */
public boolean isNodeInclude(Node n); public int isNodeInclude(Node n);
/**
* Tells if a node must be outputed in a c14n.
* The caller must assured that this method is always call
* in document order. The implementations can use this
* restriction to optimize the transformation.
* @param n
* @param level the relative level in the tree
* @return 1 if the node should be outputed.
* 0 if node must not be outputed,
* -1 if the node and all it's child must not be output.
*/
public int isNodeIncludeDO(Node n, int level);
} }

21
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ObjectContainer.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.signature; package com.sun.org.apache.xml.internal.security.signature;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.IdResolver; import com.sun.org.apache.xml.internal.security.utils.IdResolver;
@ -35,16 +33,11 @@ import org.w3c.dom.Node;
* Handles <code>&lt;ds:Object&gt;</code> elements * Handles <code>&lt;ds:Object&gt;</code> elements
* <code>Object<code> {@link Element} supply facility which can contain any kind data * <code>Object<code> {@link Element} supply facility which can contain any kind data
* *
*
* @author Christian Geuer-Pollmann * @author Christian Geuer-Pollmann
* $todo$ if we remove childen, the boolean values are not updated * $todo$ if we remove childen, the boolean values are not updated
*/ */
public class ObjectContainer extends SignatureElementProxy { public class ObjectContainer extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(ObjectContainer.class.getName());
/** /**
* Constructs {@link ObjectContainer} * Constructs {@link ObjectContainer}
* *
@ -75,7 +68,7 @@ public class ObjectContainer extends SignatureElementProxy {
*/ */
public void setId(String Id) { public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) { if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id); IdResolver.registerElementById(this._constructionElement, Id);
} }
@ -97,7 +90,7 @@ public class ObjectContainer extends SignatureElementProxy {
*/ */
public void setMimeType(String MimeType) { public void setMimeType(String MimeType) {
if ((this._state == MODE_SIGN) && (MimeType != null)) { if ( (MimeType != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_MIMETYPE, this._constructionElement.setAttributeNS(null, Constants._ATT_MIMETYPE,
MimeType); MimeType);
} }
@ -119,7 +112,7 @@ public class ObjectContainer extends SignatureElementProxy {
*/ */
public void setEncoding(String Encoding) { public void setEncoding(String Encoding) {
if ((this._state == MODE_SIGN) && (Encoding != null)) { if ((Encoding != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ENCODING, this._constructionElement.setAttributeNS(null, Constants._ATT_ENCODING,
Encoding); Encoding);
} }
@ -135,18 +128,16 @@ public class ObjectContainer extends SignatureElementProxy {
} }
/** /**
* Adds childe Node * Adds child Node
* *
* @param node childe Node * @param node child Node
* @return the new node in the tree. * @return the new node in the tree.
*/ */
public Node appendChild(Node node) { public Node appendChild(Node node) {
Node result = null; Node result = null;
if (this._state == MODE_SIGN) { result = this._constructionElement.appendChild(node);
result = this._constructionElement.appendChild(node);
}
return result; return result;
} }

129
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -25,6 +24,8 @@ package com.sun.org.apache.xml.internal.security.signature;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashSet; import java.util.HashSet;
import java.util.Set; import java.util.Set;
@ -102,6 +103,32 @@ import org.w3c.dom.Text;
*/ */
public class Reference extends SignatureElementProxy { public class Reference extends SignatureElementProxy {
/**
* Look up useC14N11 system property. If true, an explicit C14N11 transform
* will be added if necessary when generating the signature. See section
* 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info.
*/
private static boolean useC14N11 =
AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
public Boolean run() {
return Boolean.getBoolean
("com.sun.org.apache.xml.internal.security.useC14N11");
}
});
/*
static {
try {
useC14N11 = Boolean.getBoolean("com.sun.org.apache.xml.internal.security.useC14N11");
} catch (Exception e) {
// ignore exceptions
}
}
*/
/** Field CacheSignedNodes */
public final static boolean CacheSignedNodes = false;
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Reference.class.getName()); java.util.logging.Logger.getLogger(Reference.class.getName());
@ -118,6 +145,12 @@ public class Reference extends SignatureElementProxy {
XMLSignatureInput _transformsOutput; XMLSignatureInput _transformsOutput;
//J+ //J+
private Transforms transforms;
private Element digestMethodElem;
private Element digestValueElement;
/** /**
* Constructor Reference * Constructor Reference
* *
@ -148,6 +181,7 @@ public class Reference extends SignatureElementProxy {
// this._manifest.appendChild(this._doc.createTextNode("\n")); // this._manifest.appendChild(this._doc.createTextNode("\n"));
if (transforms != null) { if (transforms != null) {
this.transforms=transforms;
this._constructionElement.appendChild(transforms.getElement()); this._constructionElement.appendChild(transforms.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
} }
@ -156,11 +190,12 @@ public class Reference extends SignatureElementProxy {
MessageDigestAlgorithm.getInstance(this._doc, MessageDigestAlgorithm.getInstance(this._doc,
messageDigestAlgorithm); messageDigestAlgorithm);
this._constructionElement.appendChild(mda.getElement()); digestMethodElem=mda.getElement();
this._constructionElement.appendChild(digestMethodElem);
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
} }
{ {
Element digestValueElement = digestValueElement =
XMLUtils.createElementInSignatureSpace(this._doc, XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_DIGESTVALUE); Constants._TAG_DIGESTVALUE);
@ -182,7 +217,15 @@ public class Reference extends SignatureElementProxy {
throws XMLSecurityException { throws XMLSecurityException {
super(element, BaseURI); super(element, BaseURI);
this._baseURI=BaseURI;
Element el=XMLUtils.getNextElement(element.getFirstChild());
if (Constants._TAG_TRANSFORMS.equals(el.getLocalName()) &&
Constants.SignatureSpecNS.equals(el.getNamespaceURI())) {
transforms = new Transforms(el,this._baseURI);
el=XMLUtils.getNextElement(el.getNextSibling());
}
digestMethodElem = el;
digestValueElement =XMLUtils.getNextElement(digestMethodElem.getNextSibling());;
this._manifest = manifest; this._manifest = manifest;
} }
@ -197,9 +240,6 @@ public class Reference extends SignatureElementProxy {
public MessageDigestAlgorithm getMessageDigestAlgorithm() public MessageDigestAlgorithm getMessageDigestAlgorithm()
throws XMLSignatureException { throws XMLSignatureException {
Element digestMethodElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_DIGESTMETHOD,0);
if (digestMethodElem == null) { if (digestMethodElem == null) {
return null; return null;
} }
@ -221,7 +261,7 @@ public class Reference extends SignatureElementProxy {
*/ */
public void setURI(String URI) { public void setURI(String URI) {
if ((this._state == MODE_SIGN) && (URI != null)) { if ( URI != null) {
this._constructionElement.setAttributeNS(null, Constants._ATT_URI, this._constructionElement.setAttributeNS(null, Constants._ATT_URI,
URI); URI);
} }
@ -243,7 +283,7 @@ public class Reference extends SignatureElementProxy {
*/ */
public void setId(String Id) { public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) { if ( Id != null ) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id); IdResolver.registerElementById(this._constructionElement, Id);
} }
@ -265,7 +305,7 @@ public class Reference extends SignatureElementProxy {
*/ */
public void setType(String Type) { public void setType(String Type) {
if ((this._state == MODE_SIGN) && (Type != null)) { if (Type != null) {
this._constructionElement.setAttributeNS(null, Constants._ATT_TYPE, this._constructionElement.setAttributeNS(null, Constants._ATT_TYPE,
Type); Type);
} }
@ -291,8 +331,7 @@ public class Reference extends SignatureElementProxy {
*/ */
public boolean typeIsReferenceToObject() { public boolean typeIsReferenceToObject() {
if ((this.getType() != null) if (Reference.OBJECT_URI.equals(this.getType())) {
&& this.getType().equals(Reference.OBJECT_URI)) {
return true; return true;
} }
@ -309,8 +348,7 @@ public class Reference extends SignatureElementProxy {
*/ */
public boolean typeIsReferenceToManifest() { public boolean typeIsReferenceToManifest() {
if ((this.getType() != null) if (Reference.MANIFEST_URI.equals(this.getType())) {
&& this.getType().equals(Reference.MANIFEST_URI)) {
return true; return true;
} }
@ -324,10 +362,6 @@ public class Reference extends SignatureElementProxy {
*/ */
private void setDigestValueElement(byte[] digestValue) private void setDigestValueElement(byte[] digestValue)
{ {
if (this._state == MODE_SIGN) {
Element digestValueElement =XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_DIGESTVALUE,0);
Node n=digestValueElement.getFirstChild(); Node n=digestValueElement.getFirstChild();
while (n!=null) { while (n!=null) {
digestValueElement.removeChild(n); digestValueElement.removeChild(n);
@ -338,7 +372,6 @@ public class Reference extends SignatureElementProxy {
Text t = this._doc.createTextNode(base64codedValue); Text t = this._doc.createTextNode(base64codedValue);
digestValueElement.appendChild(t); digestValueElement.appendChild(t);
}
} }
/** /**
@ -349,11 +382,7 @@ public class Reference extends SignatureElementProxy {
*/ */
public void generateDigestValue() public void generateDigestValue()
throws XMLSignatureException, ReferenceNotInitializedException { throws XMLSignatureException, ReferenceNotInitializedException {
this.setDigestValueElement(this.calculateDigest(false));
if (this._state == MODE_SIGN) {
this.setDigestValueElement(this.calculateDigest());
}
} }
/** /**
@ -608,9 +637,12 @@ public class Reference extends SignatureElementProxy {
* but only preserve the octets, the memory footprint is dramatically * but only preserve the octets, the memory footprint is dramatically
* reduced. * reduced.
*/ */
if (!Reference.CacheSignedNodes) {
this._transformsOutput = output; this._transformsOutput = output;//new XMLSignatureInput(output.getBytes());
//this._transformsOutput.setSourceURI(output.getSourceURI());
}
return output; return output;
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
throw new ReferenceNotInitializedException("empty", ex); throw new ReferenceNotInitializedException("empty", ex);
@ -630,16 +662,7 @@ public class Reference extends SignatureElementProxy {
throws XMLSignatureException, InvalidTransformException, throws XMLSignatureException, InvalidTransformException,
TransformationException, XMLSecurityException { TransformationException, XMLSecurityException {
Element transformsElement = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), return transforms;
Constants._TAG_TRANSFORMS,0);
if (transformsElement != null) {
Transforms transforms = new Transforms(transformsElement,
this._baseURI);
return transforms;
}
return null;
} }
/** /**
@ -667,13 +690,14 @@ public class Reference extends SignatureElementProxy {
/** /**
* Method resolverResult * Method calculateDigest
* *
* @param validating true if validating the reference
* @return reference Calculate the digest of this reference. * @return reference Calculate the digest of this reference.
* @throws ReferenceNotInitializedException * @throws ReferenceNotInitializedException
* @throws XMLSignatureException * @throws XMLSignatureException
*/ */
private byte[] calculateDigest() private byte[] calculateDigest(boolean validating)
throws ReferenceNotInitializedException, XMLSignatureException { throws ReferenceNotInitializedException, XMLSignatureException {
try { try {
@ -684,7 +708,20 @@ public class Reference extends SignatureElementProxy {
DigesterOutputStream diOs=new DigesterOutputStream(mda); DigesterOutputStream diOs=new DigesterOutputStream(mda);
OutputStream os=new UnsyncBufferedOutputStream(diOs); OutputStream os=new UnsyncBufferedOutputStream(diOs);
XMLSignatureInput output=this.dereferenceURIandPerformTransforms(os); XMLSignatureInput output=this.dereferenceURIandPerformTransforms(os);
output.updateOutputStream(os); // if signing and c14n11 property == true explicitly add
// C14N11 transform if needed
if (this.useC14N11 && !validating &&
!output.isOutputStreamSet() && !output.isOctetStream()) {
if (transforms == null) {
transforms = new Transforms(this._doc);
this._constructionElement.insertBefore
(transforms.getElement(), digestMethodElem);
}
transforms.addTransform(Transforms.TRANSFORM_C14N11_OMIT_COMMENTS);
output.updateOutputStream(os, true);
} else {
output.updateOutputStream(os);
}
os.flush(); os.flush();
//this.getReferencedBytes(diOs); //this.getReferencedBytes(diOs);
//mda.update(data); //mda.update(data);
@ -694,7 +731,7 @@ public class Reference extends SignatureElementProxy {
throw new ReferenceNotInitializedException("empty", ex); throw new ReferenceNotInitializedException("empty", ex);
} catch (IOException ex) { } catch (IOException ex) {
throw new ReferenceNotInitializedException("empty", ex); throw new ReferenceNotInitializedException("empty", ex);
} }
} }
/** /**
@ -702,12 +739,10 @@ public class Reference extends SignatureElementProxy {
* *
* @return the digest value. * @return the digest value.
* @throws Base64DecodingException if Reference contains no proper base64 encoded data. * @throws Base64DecodingException if Reference contains no proper base64 encoded data.
* @throws XMLSecurityException if the Reference does not contain a DigestValue element * @throws XMLSecurityException if the Reference does not contain a DigestValue element
*/ */
public byte[] getDigestValue() throws Base64DecodingException, XMLSecurityException { public byte[] getDigestValue() throws Base64DecodingException, XMLSecurityException {
Element digestValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild() if (digestValueElement == null) {
,Constants._TAG_DIGESTVALUE,0);
if (digestValueElem == null) {
// The required element is not in the XML! // The required element is not in the XML!
Object[] exArgs ={ Constants._TAG_DIGESTVALUE, Object[] exArgs ={ Constants._TAG_DIGESTVALUE,
Constants.SignatureSpecNS }; Constants.SignatureSpecNS };
@ -715,7 +750,7 @@ public class Reference extends SignatureElementProxy {
"signature.Verification.NoSignatureElement", "signature.Verification.NoSignatureElement",
exArgs); exArgs);
} }
byte[] elemDig = Base64.decode(digestValueElem); byte[] elemDig = Base64.decode(digestValueElement);
return elemDig; return elemDig;
} }
@ -731,13 +766,15 @@ public class Reference extends SignatureElementProxy {
throws ReferenceNotInitializedException, XMLSecurityException { throws ReferenceNotInitializedException, XMLSecurityException {
byte[] elemDig = this.getDigestValue(); byte[] elemDig = this.getDigestValue();
byte[] calcDig = this.calculateDigest(); byte[] calcDig = this.calculateDigest(true);
boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig); boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);
if (!equal) { if (!equal) {
log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\""); log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
} else { } else {
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "Verification successful for URI \"" + this.getURI() + "\""); log.log(java.util.logging.Level.INFO, "Verification successful for URI \"" + this.getURI() + "\"");
} }
return equal; return equal;

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ReferenceNotInitializedException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

8
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperties.java
View file

@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.signature; package com.sun.org.apache.xml.internal.security.signature;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.IdResolver; import com.sun.org.apache.xml.internal.security.utils.IdResolver;
@ -42,10 +40,6 @@ import org.w3c.dom.Element;
*/ */
public class SignatureProperties extends SignatureElementProxy { public class SignatureProperties extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureProperties.class.getName());
/** /**
* Constructor SignatureProperties * Constructor SignatureProperties
* *
@ -115,7 +109,7 @@ public class SignatureProperties extends SignatureElementProxy {
*/ */
public void setId(String Id) { public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) { if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id); IdResolver.registerElementById(this._constructionElement, Id);
} }

11
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperty.java
View file

@ -30,18 +30,13 @@ import org.w3c.dom.Node;
/** /**
* Handles <code>&lt;ds:SignatureProperty&gt;</code> elements * Handles <code>&lt;ds:SignatureProperty&gt;</code> elements
* Addittional information item concerning the generation of the signature(s) can * Additional information item concerning the generation of the signature(s) can
* be placed in this Element * be placed in this Element
* *
* @author Christian Geuer-Pollmann * @author Christian Geuer-Pollmann
*/ */
public class SignatureProperty extends SignatureElementProxy { public class SignatureProperty extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(
SignatureProperty.class.getName());
/** /**
* Constructs{@link SignatureProperty} using specified <code>Target</code> attribute * Constructs{@link SignatureProperty} using specified <code>Target</code> attribute
* *
@ -85,7 +80,7 @@ public class SignatureProperty extends SignatureElementProxy {
*/ */
public void setId(String Id) { public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) { if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id); IdResolver.registerElementById(this._constructionElement, Id);
} }
@ -107,7 +102,7 @@ public class SignatureProperty extends SignatureElementProxy {
*/ */
public void setTarget(String Target) { public void setTarget(String Target) {
if ((this._state == MODE_SIGN) && (Target != null)) { if ((Target != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_TARGET, Target); this._constructionElement.setAttributeNS(null, Constants._ATT_TARGET, Target);
} }
} }

293
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignedInfo.java
View file

@ -20,12 +20,9 @@
*/ */
package com.sun.org.apache.xml.internal.security.signature; package com.sun.org.apache.xml.internal.security.signature;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.ParserConfigurationException;
@ -43,165 +40,174 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
/** /**
* Handles <code>&lt;ds:SignedInfo&gt;</code> elements * Handles <code>&lt;ds:SignedInfo&gt;</code> elements
* This <code>SignedInfo<code> element includes the canonicalization algorithm, * This <code>SignedInfo<code> element includes the canonicalization algorithm,
* a signature algorithm, and one or more references * a signature algorithm, and one or more references.
*
* @author Christian Geuer-Pollmann * @author Christian Geuer-Pollmann
*/ */
public class SignedInfo extends Manifest { public class SignedInfo extends Manifest {
/** Field _signatureAlgorithm */ /** Field _signatureAlgorithm */
private SignatureAlgorithm _signatureAlgorithm = null; private SignatureAlgorithm _signatureAlgorithm = null;
/** Field _c14nizedBytes */ /** Field _c14nizedBytes */
private byte[] _c14nizedBytes = null; private byte[] _c14nizedBytes = null;
/** private Element c14nMethod;
* Overwrites {@link Manifest#addDocument} because it creates another Element. private Element signatureMethod;
*
* @param doc the {@link Document} in which <code>XMLsignature</code> will be placed
* @throws XMLSecurityException
*/
public SignedInfo(Document doc) throws XMLSecurityException {
this(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA, Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
}
/** /**
* Constructs {@link SignedInfo} using given Canoicaliztion algorithm and Signature algorithm * Overwrites {@link Manifest#addDocument} because it creates another
* * Element.
* @param doc <code>SignedInfo</code> is placed in this document *
* @param CanonicalizationMethodURI URI representation of the Canonicalization method * @param doc the {@link Document} in which <code>XMLsignature</code> will
* @param SignatureMethodURI URI representation of the Digest and Signature algorithm * be placed
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public SignedInfo( public SignedInfo(Document doc) throws XMLSecurityException {
Document doc, String SignatureMethodURI, String CanonicalizationMethodURI) this(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA,
Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
}
/**
* Constructs {@link SignedInfo} using given Canonicalization algorithm and
* Signature algorithm.
*
* @param doc <code>SignedInfo</code> is placed in this document
* @param signatureMethodURI URI representation of the Digest and
* Signature algorithm
* @param canonicalizationMethodURI URI representation of the
* Canonicalization method
* @throws XMLSecurityException
*/
public SignedInfo(Document doc, String signatureMethodURI,
String canonicalizationMethodURI)
throws XMLSecurityException { throws XMLSecurityException {
this(doc, SignatureMethodURI, 0, CanonicalizationMethodURI); this(doc, signatureMethodURI, 0, canonicalizationMethodURI);
} }
/** /**
* Constructor SignedInfo * Constructor SignedInfo
* *
* @param doc * @param doc <code>SignedInfo</code> is placed in this document
* @param CanonicalizationMethodURI * @param signatureMethodURI URI representation of the Digest and
* @param SignatureMethodURI * Signature algorithm
* @param HMACOutputLength * @param hMACOutputLength
* @throws XMLSecurityException * @param canonicalizationMethodURI URI representation of the
*/ * Canonicalization method
public SignedInfo( * @throws XMLSecurityException
Document doc, String SignatureMethodURI, int HMACOutputLength, String CanonicalizationMethodURI) */
public SignedInfo(Document doc, String signatureMethodURI,
int hMACOutputLength, String canonicalizationMethodURI)
throws XMLSecurityException { throws XMLSecurityException {
super(doc); super(doc);
// XMLUtils.addReturnToElement(this._constructionElement); c14nMethod = XMLUtils.createElementInSignatureSpace(this._doc,
{
Element canonElem = XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_CANONICALIZATIONMETHOD); Constants._TAG_CANONICALIZATIONMETHOD);
canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, c14nMethod.setAttributeNS(null, Constants._ATT_ALGORITHM,
CanonicalizationMethodURI); canonicalizationMethodURI);
this._constructionElement.appendChild(canonElem); this._constructionElement.appendChild(c14nMethod);
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
}
{ if (hMACOutputLength > 0) {
if (HMACOutputLength > 0) {
this._signatureAlgorithm = new SignatureAlgorithm(this._doc, this._signatureAlgorithm = new SignatureAlgorithm(this._doc,
SignatureMethodURI, HMACOutputLength); signatureMethodURI, hMACOutputLength);
} else { } else {
this._signatureAlgorithm = new SignatureAlgorithm(this._doc, this._signatureAlgorithm = new SignatureAlgorithm(this._doc,
SignatureMethodURI); signatureMethodURI);
} }
this._constructionElement signatureMethod = this._signatureAlgorithm.getElement();
.appendChild(this._signatureAlgorithm.getElement()); this._constructionElement.appendChild(signatureMethod);
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
} }
}
/** /**
* @param doc * @param doc
* @param SignatureMethodElem * @param signatureMethodElem
* @param CanonicalizationMethodElem * @param canonicalizationMethodElem
* @throws XMLSecurityException * @throws XMLSecurityException
*/ */
public SignedInfo( public SignedInfo(Document doc, Element signatureMethodElem,
Document doc, Element SignatureMethodElem, Element CanonicalizationMethodElem) Element canonicalizationMethodElem) throws XMLSecurityException {
throws XMLSecurityException {
super(doc); super(doc);
// Check this?
this.c14nMethod = canonicalizationMethodElem;
this._constructionElement.appendChild(c14nMethod);
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(CanonicalizationMethodElem); this._signatureAlgorithm =
XMLUtils.addReturnToElement(this._constructionElement); new SignatureAlgorithm(signatureMethodElem, null);
this._signatureAlgorithm = new SignatureAlgorithm(SignatureMethodElem, null); signatureMethod = this._signatureAlgorithm.getElement();
this._constructionElement.appendChild(signatureMethod);
this._constructionElement XMLUtils.addReturnToElement(this._constructionElement);
.appendChild(this._signatureAlgorithm.getElement()); }
XMLUtils.addReturnToElement(this._constructionElement);
}
/** /**
* Build a {@link SignedInfo} from an {@link Element} * Build a {@link SignedInfo} from an {@link Element}
* *
* @param element <code>SignedInfo</code> * @param element <code>SignedInfo</code>
* @param BaseURI the URI of the resource where the XML instance was stored * @param baseURI the URI of the resource where the XML instance was stored
* @throws XMLSecurityException * @throws XMLSecurityException
* @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0033.html">Question</A> * @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0033.html">Question</A>
* @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html">Answer</A> * @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html">Answer</A>
*/ */
public SignedInfo(Element element, String BaseURI) public SignedInfo(Element element, String baseURI)
throws XMLSecurityException { throws XMLSecurityException {
// Parse the Reference children and Id attribute in the Manifest // Parse the Reference children and Id attribute in the Manifest
super(element, BaseURI); super(element, baseURI);
/* canonicalize ds:SignedInfo, reparse it into a new document /* canonicalize ds:SignedInfo, reparse it into a new document
* and replace the original not-canonicalized ds:SignedInfo by * and replace the original not-canonicalized ds:SignedInfo by
* the re-parsed canonicalized one. * the re-parsed canonicalized one.
*/ */
String c14nMethodURI=this.getCanonicalizationMethodURI(); c14nMethod = XMLUtils.getNextElement(element.getFirstChild());
if (!(c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315") || String c14nMethodURI = this.getCanonicalizationMethodURI();
c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments") || if (!(c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS) ||
c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") || c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS) ||
c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) { c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS) ||
//The c14n is not a secure one and can rewrite the URIs or like that reparse the SignedInfo to be sure c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS))) {
try { // the c14n is not a secure one and can rewrite the URIs or like
Canonicalizer c14nizer = // that reparse the SignedInfo to be sure
Canonicalizer.getInstance(this.getCanonicalizationMethodURI()); try {
Canonicalizer c14nizer =
Canonicalizer.getInstance(this.getCanonicalizationMethodURI());
this._c14nizedBytes = this._c14nizedBytes =
c14nizer.canonicalizeSubtree(this._constructionElement); c14nizer.canonicalizeSubtree(this._constructionElement);
javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance(); javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
org.w3c.dom.Document newdoc =
db.parse(new ByteArrayInputStream(this._c14nizedBytes));
Node imported =
this._doc.importNode(newdoc.getDocumentElement(), true);
dbf.setNamespaceAware(true); this._constructionElement.getParentNode().replaceChild(imported,
this._constructionElement);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); this._constructionElement = (Element) imported;
org.w3c.dom.Document newdoc = } catch (ParserConfigurationException ex) {
db.parse(new ByteArrayInputStream(this._c14nizedBytes)); throw new XMLSecurityException("empty", ex);
Node imported = this._doc.importNode(newdoc.getDocumentElement(), } catch (IOException ex) {
true); throw new XMLSecurityException("empty", ex);
} catch (SAXException ex) {
this._constructionElement.getParentNode().replaceChild(imported, throw new XMLSecurityException("empty", ex);
this._constructionElement); }
}
this._constructionElement = (Element) imported; signatureMethod = XMLUtils.getNextElement(c14nMethod.getNextSibling());
} catch (ParserConfigurationException ex) { this._signatureAlgorithm =
throw new XMLSecurityException("empty", ex); new SignatureAlgorithm(signatureMethod, this.getBaseURI());
} catch (IOException ex) { }
throw new XMLSecurityException("empty", ex);
} catch (SAXException ex) {
throw new XMLSecurityException("empty", ex);
}
}
this._signatureAlgorithm =
new SignatureAlgorithm(this.getSignatureMethodElement(),
this.getBaseURI());
}
/** /**
* Tests core validation process * Tests core validation process
@ -294,12 +300,8 @@ public class SignedInfo extends Manifest {
*/ */
public String getCanonicalizationMethodURI() { public String getCanonicalizationMethodURI() {
Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_CANONICALIZATIONMETHOD,0); return c14nMethod.getAttributeNS(null, Constants._ATT_ALGORITHM);
if (el==null) {
return null;
}
return el.getAttributeNS(null, Constants._ATT_ALGORITHM);
} }
/** /**
@ -324,8 +326,7 @@ public class SignedInfo extends Manifest {
* *
*/ */
public Element getSignatureMethodElement() { public Element getSignatureMethodElement() {
return XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), return signatureMethod;
Constants._TAG_SIGNATUREMETHOD,0);
} }
/** /**
@ -343,6 +344,9 @@ public class SignedInfo extends Manifest {
.getJCEAlgorithmString()); .getJCEAlgorithmString());
} }
protected SignatureAlgorithm getSignatureAlgorithm() {
return _signatureAlgorithm;
}
/** /**
* Method getBaseLocalName * Method getBaseLocalName
* @inheritDoc * @inheritDoc
@ -354,21 +358,16 @@ public class SignedInfo extends Manifest {
public String getInclusiveNamespaces() { public String getInclusiveNamespaces() {
Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_CANONICALIZATIONMETHOD,0);
if (el==null) {
return null;
}
String c14nMethodURI = el.getAttributeNS(null, Constants._ATT_ALGORITHM);
String c14nMethodURI = c14nMethod.getAttributeNS(null, Constants._ATT_ALGORITHM);
if(!(c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") || if(!(c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") ||
c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) { c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) {
return null; return null;
} }
Element inclusiveElement = XMLUtils.selectNode( Element inclusiveElement = XMLUtils.getNextElement(
el.getFirstChild(),InclusiveNamespaces.ExclusiveCanonicalizationNamespace, c14nMethod.getFirstChild());
InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);
if(inclusiveElement != null) if(inclusiveElement != null)
{ {

168
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java
View file

@ -75,7 +75,7 @@ import org.w3c.dom.Text;
* <li>sign and checkSignatureValue methods are used to sign and validate the * <li>sign and checkSignatureValue methods are used to sign and validate the
* signature. </li></ul> * signature. </li></ul>
* *
* @author $Author: raul $ * @author $Author: mullan $
*/ */
public final class XMLSignature extends SignatureElementProxy { public final class XMLSignature extends SignatureElementProxy {
@ -115,6 +115,10 @@ public final class XMLSignature extends SignatureElementProxy {
public static final String ALGO_ID_MAC_HMAC_SHA384 = Constants.MoreAlgorithmsSpecNS + "hmac-sha384"; public static final String ALGO_ID_MAC_HMAC_SHA384 = Constants.MoreAlgorithmsSpecNS + "hmac-sha384";
/** HMAC - Optional HMAC-SHA512 */ /** HMAC - Optional HMAC-SHA512 */
public static final String ALGO_ID_MAC_HMAC_SHA512 = Constants.MoreAlgorithmsSpecNS + "hmac-sha512"; public static final String ALGO_ID_MAC_HMAC_SHA512 = Constants.MoreAlgorithmsSpecNS + "hmac-sha512";
/**Signature - Optional ECDSAwithSHA1 */
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1";
//J+ //J+
/** ds:Signature.ds:SignedInfo element */ /** ds:Signature.ds:SignedInfo element */
@ -130,6 +134,8 @@ public final class XMLSignature extends SignatureElementProxy {
*/ */
private boolean _followManifestsDuringValidation = false; private boolean _followManifestsDuringValidation = false;
private Element signatureValueElement;
/** /**
* This creates a new <CODE>ds:Signature</CODE> Element and adds an empty * This creates a new <CODE>ds:Signature</CODE> Element and adds an empty
* <CODE>ds:SignedInfo</CODE>. * <CODE>ds:SignedInfo</CODE>.
@ -195,6 +201,15 @@ public final class XMLSignature extends SignatureElementProxy {
super(doc); super(doc);
String xmlnsDsPrefix =
getDefaultPrefixBindings(Constants.SignatureSpecNS);
if (xmlnsDsPrefix == null) {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS);
} else {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, xmlnsDsPrefix, Constants.SignatureSpecNS);
}
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
this._baseURI = BaseURI; this._baseURI = BaseURI;
@ -206,7 +221,7 @@ public final class XMLSignature extends SignatureElementProxy {
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
// create an empty SignatureValue; this is filled by setSignatureValueElement // create an empty SignatureValue; this is filled by setSignatureValueElement
Element signatureValueElement = signatureValueElement =
XMLUtils.createElementInSignatureSpace(this._doc, XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_SIGNATUREVALUE); Constants._TAG_SIGNATUREVALUE);
@ -227,6 +242,15 @@ public final class XMLSignature extends SignatureElementProxy {
super(doc); super(doc);
String xmlnsDsPrefix =
getDefaultPrefixBindings(Constants.SignatureSpecNS);
if (xmlnsDsPrefix == null) {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS);
} else {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, xmlnsDsPrefix, Constants.SignatureSpecNS);
}
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
this._baseURI = BaseURI; this._baseURI = BaseURI;
@ -236,7 +260,7 @@ public final class XMLSignature extends SignatureElementProxy {
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
// create an empty SignatureValue; this is filled by setSignatureValueElement // create an empty SignatureValue; this is filled by setSignatureValueElement
Element signatureValueElement = signatureValueElement =
XMLUtils.createElementInSignatureSpace(this._doc, XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_SIGNATUREVALUE); Constants._TAG_SIGNATUREVALUE);
@ -259,8 +283,8 @@ public final class XMLSignature extends SignatureElementProxy {
super(element, BaseURI); super(element, BaseURI);
// check out SignedInfo child // check out SignedInfo child
Element signedInfoElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), Element signedInfoElem = XMLUtils.getNextElement(element.getFirstChild());// XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_SIGNEDINFO,0); //Constants._TAG_SIGNEDINFO,0);
// check to see if it is there // check to see if it is there
if (signedInfoElem == null) { if (signedInfoElem == null) {
@ -274,8 +298,8 @@ public final class XMLSignature extends SignatureElementProxy {
this._signedInfo = new SignedInfo(signedInfoElem, BaseURI); this._signedInfo = new SignedInfo(signedInfoElem, BaseURI);
// check out SignatureValue child // check out SignatureValue child
Element signatureValueElement = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), this.signatureValueElement =XMLUtils.getNextElement(signedInfoElem.getNextSibling()); //XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_SIGNATUREVALUE,0); // Constants._TAG_SIGNATUREVALUE,0);
// check to see if it exists // check to see if it exists
if (signatureValueElement == null) { if (signatureValueElement == null) {
@ -286,11 +310,12 @@ public final class XMLSignature extends SignatureElementProxy {
} }
// <element ref="ds:KeyInfo" minOccurs="0"/> // <element ref="ds:KeyInfo" minOccurs="0"/>
Element keyInfoElem =XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), Element keyInfoElem = XMLUtils.getNextElement(signatureValueElement.getNextSibling());//XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_KEYINFO,0); // Constants._TAG_KEYINFO,0);
// If it exists use it, but it's not mandatory // If it exists use it, but it's not mandatory
if (keyInfoElem != null) { if ((keyInfoElem != null) && (keyInfoElem.getNamespaceURI().equals(Constants.SignatureSpecNS) &&
keyInfoElem.getLocalName().equals(Constants._TAG_KEYINFO)) ) {
this._keyInfo = new KeyInfo(keyInfoElem, BaseURI); this._keyInfo = new KeyInfo(keyInfoElem, BaseURI);
} }
} }
@ -302,7 +327,7 @@ public final class XMLSignature extends SignatureElementProxy {
*/ */
public void setId(String Id) { public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) { if ( (Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id); IdResolver.registerElementById(this._constructionElement, Id);
} }
@ -336,9 +361,7 @@ public final class XMLSignature extends SignatureElementProxy {
public byte[] getSignatureValue() throws XMLSignatureException { public byte[] getSignatureValue() throws XMLSignatureException {
try { try {
Element signatureValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), byte[] signatureValue = Base64.decode(signatureValueElement);
Constants._TAG_SIGNATUREVALUE,0);
byte[] signatureValue = Base64.decode(signatureValueElem);
return signatureValue; return signatureValue;
} catch (Base64DecodingException ex) { } catch (Base64DecodingException ex) {
@ -346,33 +369,28 @@ public final class XMLSignature extends SignatureElementProxy {
} }
} }
/** /**
* Base64 encodes and sets the bytes as the content of the SignatureValue * Base64 encodes and sets the bytes as the content of the SignatureValue
* Node. * Node.
* *
* @param bytes bytes to be used by SignatureValue before Base64 encoding * @param bytes bytes to be used by SignatureValue before Base64 encoding
*/ */
private void setSignatureValueElement(byte[] bytes) private void setSignatureValueElement(byte[] bytes) {
{
if (this._state == MODE_SIGN) { while (signatureValueElement.hasChildNodes()) {
Element signatureValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), signatureValueElement.removeChild
Constants._TAG_SIGNATUREVALUE,0); (signatureValueElement.getFirstChild());
while (signatureValueElem.hasChildNodes()) { }
signatureValueElem.removeChild(signatureValueElem.getFirstChild());
}
String base64codedValue = Base64.encode(bytes); String base64codedValue = Base64.encode(bytes);
if (base64codedValue.length() > 76) { if (base64codedValue.length() > 76 && !XMLUtils.ignoreLineBreaks()) {
base64codedValue = "\n" + base64codedValue + "\n"; base64codedValue = "\n" + base64codedValue + "\n";
} }
Text t = this._doc.createTextNode(base64codedValue); Text t = this._doc.createTextNode(base64codedValue);
signatureValueElement.appendChild(t);
signatureValueElem.appendChild(t); }
}
}
/** /**
* Returns the KeyInfo child. If we are in signing mode and the KeyInfo * Returns the KeyInfo child. If we are in signing mode and the KeyInfo
@ -385,7 +403,7 @@ public final class XMLSignature extends SignatureElementProxy {
public KeyInfo getKeyInfo() { public KeyInfo getKeyInfo() {
// check to see if we are signing and if we have to create a keyinfo // check to see if we are signing and if we have to create a keyinfo
if ((this._state == MODE_SIGN) && (this._keyInfo == null)) { if ( (this._keyInfo == null)) {
// create the KeyInfo // create the KeyInfo
this._keyInfo = new KeyInfo(this._doc); this._keyInfo = new KeyInfo(this._doc);
@ -401,8 +419,7 @@ public final class XMLSignature extends SignatureElementProxy {
// add it before the object // add it before the object
this._constructionElement.insertBefore(keyInfoElement, this._constructionElement.insertBefore(keyInfoElement,
firstObject); firstObject);
this._constructionElement XMLUtils.addReturnBeforeChild(this._constructionElement, firstObject);
.insertBefore(this._doc.createTextNode("\n"), firstObject);
} else { } else {
// add it as the last element to the signature // add it as the last element to the signature
@ -425,17 +442,17 @@ public final class XMLSignature extends SignatureElementProxy {
public void appendObject(ObjectContainer object) public void appendObject(ObjectContainer object)
throws XMLSignatureException { throws XMLSignatureException {
try { //try {
if (this._state != MODE_SIGN) { //if (this._state != MODE_SIGN) {
throw new XMLSignatureException( // throw new XMLSignatureException(
"signature.operationOnlyBeforeSign"); // "signature.operationOnlyBeforeSign");
} //}
this._constructionElement.appendChild(object.getElement()); this._constructionElement.appendChild(object.getElement());
XMLUtils.addReturnToElement(this._constructionElement); XMLUtils.addReturnToElement(this._constructionElement);
} catch (XMLSecurityException ex) { //} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex); // throw new XMLSignatureException("empty", ex);
} //}
} }
/** /**
@ -481,23 +498,13 @@ public final class XMLSignature extends SignatureElementProxy {
} }
try { try {
if (this._state == MODE_SIGN) { // if (this._state == MODE_SIGN) {
// XMLUtils.indentSignature(this._constructionElement, " ", 0);
// get the SignatureMethodElement
Element signatureMethodElement =
this._signedInfo.getSignatureMethodElement();
//Create a SignatureAlgorithm object //Create a SignatureAlgorithm object
SignatureAlgorithm sa = SignedInfo si = this.getSignedInfo();
new SignatureAlgorithm(signatureMethodElement, SignatureAlgorithm sa = si.getSignatureAlgorithm();
this.getBaseURI());
// initialize SignatureAlgorithm for signing // initialize SignatureAlgorithm for signing
sa.initSign(signingKey); sa.initSign(signingKey);
SignedInfo si = this.getSignedInfo();
// generate digest values for all References in this SignedInfo // generate digest values for all References in this SignedInfo
si.generateDigestValues(); si.generateDigestValues();
OutputStream so=new UnsyncBufferedOutputStream(new SignerOutputStream(sa)); OutputStream so=new UnsyncBufferedOutputStream(new SignerOutputStream(sa));
@ -513,7 +520,7 @@ public final class XMLSignature extends SignatureElementProxy {
// set them on the SignateValue element // set them on the SignateValue element
this.setSignatureValueElement(jcebytes); this.setSignatureValueElement(jcebytes);
} //}
} catch (CanonicalizationException ex) { } catch (CanonicalizationException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException("empty", ex);
} catch (InvalidCanonicalizerException ex) { } catch (InvalidCanonicalizerException ex) {
@ -584,50 +591,45 @@ public final class XMLSignature extends SignatureElementProxy {
throw new XMLSignatureException("empty", exArgs); throw new XMLSignatureException("empty", exArgs);
} }
// all references inside the signedinfo need to be dereferenced and // all references inside the signedinfo need to be dereferenced and
// digested again to see if the outcome matches the stored value in the // digested again to see if the outcome matches the stored value in the
// SignedInfo. // SignedInfo.
// If _followManifestsDuringValidation is true it will do the same for // If _followManifestsDuringValidation is true it will do the same for
// References inside a Manifest. // References inside a Manifest.
try { try {
if (!this.getSignedInfo() SignedInfo si=this.getSignedInfo();
.verify(this._followManifestsDuringValidation)) {
return false;
}
//create a SignatureAlgorithms from the SignatureMethod inside //create a SignatureAlgorithms from the SignatureMethod inside
//SignedInfo. This is used to validate the signature. //SignedInfo. This is used to validate the signature.
SignatureAlgorithm sa = SignatureAlgorithm sa =si.getSignatureAlgorithm();
new SignatureAlgorithm(this.getSignedInfo() if (log.isLoggable(java.util.logging.Level.FINE)) {
.getSignatureMethodElement(), this.getBaseURI()); log.log(java.util.logging.Level.FINE, "SignatureMethodURI = " + sa.getAlgorithmURI());
if (true) { log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "SignatureMethodURI = " + sa.getAlgorithmURI()); log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString()); log.log(java.util.logging.Level.FINE, "PublicKey = " + pk);
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "PublicKey = " + pk);
} }
sa.initVerify(pk); sa.initVerify(pk);
// Get the canonicalized (normalized) SignedInfo // Get the canonicalized (normalized) SignedInfo
SignerOutputStream so=new SignerOutputStream(sa); SignerOutputStream so=new SignerOutputStream(sa);
OutputStream bos=new UnsyncBufferedOutputStream(so); OutputStream bos=new UnsyncBufferedOutputStream(so);
this._signedInfo.signInOctectStream(bos); si.signInOctectStream(bos);
try { try {
bos.close(); bos.close();
} catch (IOException e) { } catch (IOException e) {
//Imposible //Imposible
} }
//retrieve the byte[] from the stored signature //retrieve the byte[] from the stored signature
byte sigBytes[] = this.getSignatureValue(); byte sigBytes[] = this.getSignatureValue();
//Have SignatureAlgorithm sign the input bytes and compare them to the //Have SignatureAlgorithm sign the input bytes and compare them to the
//bytes that were stored in the signature. //bytes that were stored in the signature.
boolean verify = sa.verify(sigBytes); if (!sa.verify(sigBytes)) {
log.log(java.util.logging.Level.WARNING, "Signature verification failed.");
return false;
}
return verify; return si.verify(this._followManifestsDuringValidation);
} catch (XMLSecurityException ex) { } catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex); throw new XMLSignatureException("empty", ex);
} }

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

873
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java
View file

File diff suppressed because it is too large Load diff

27
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java
View file

@ -39,7 +39,8 @@ import org.w3c.dom.ProcessingInstruction;
/** /**
* Class XMLSignatureInputDebugger * Class XMLSignatureInputDebugger
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.3 $
*/ */
public class XMLSignatureInputDebugger { public class XMLSignatureInputDebugger {
@ -599,23 +600,23 @@ public class XMLSignatureInputDebugger {
length = data.length(); length = data.length();
if ((data != null) && (length > 0)) { if (length > 0) {
this._writer.write(" "); this._writer.write(" ");
for (int i = 0; i < length; i++) { for (int i = 0; i < length; i++) {
char c = data.charAt(i); char c = data.charAt(i);
switch (c) { switch (c) {
case 0x0D: case 0x0D:
this._writer.write("&amp;#xD;"); this._writer.write("&amp;#xD;");
break; break;
default: default:
this._writer.write(c); this._writer.write(c);
break; break;
}
} }
}
} }
this._writer.write("?&gt;"); this._writer.write("?&gt;");

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/InvalidTransformException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

555
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
View file

@ -20,14 +20,11 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms; package com.sun.org.apache.xml.internal.security.transforms;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import java.util.HashMap;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
import java.util.HashMap;
import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
@ -38,17 +35,17 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.HelperNodeList; import com.sun.org.apache.xml.internal.security.utils.HelperNodeList;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NodeList; import org.w3c.dom.NodeList;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
/** /**
* Implements the behaviour of the <code>ds:Transform</code> element. * Implements the behaviour of the <code>ds:Transform</code> element.
* *
* This <code>Transform</code>(Factory) class role as the Factory and Proxy of * This <code>Transform</code>(Factory) class acts as the Factory and Proxy of
* implemanting class that have the functionality of <a * the implementing class that supports the functionality of <a
* href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>a Transform * href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>a Transform
* algorithm</a>. * algorithm</a>.
* Implements the Factory and Proxy pattern for ds:Transform algorithms. * Implements the Factory and Proxy pattern for ds:Transform algorithms.
@ -60,326 +57,314 @@ import org.xml.sax.SAXException;
*/ */
public final class Transform extends SignatureElementProxy { public final class Transform extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Transform.class.getName()); java.util.logging.Logger.getLogger(Transform.class.getName());
/** Field _alreadyInitialized */ /** Field _alreadyInitialized */
static boolean _alreadyInitialized = false; private static boolean alreadyInitialized = false;
/** All available Transform classes are registered here */ /** All available Transform classes are registered here */
static HashMap _transformHash = null; private static HashMap transformClassHash = null;
/** Field transformSpi */ private static HashMap transformSpiHash = new HashMap();
protected TransformSpi transformSpi = null;
/** private TransformSpi transformSpi = null;
* Constructs {@link Transform}
*
* @param doc the {@link Document} in which <code>Transform</code> will be placed
* @param algorithmURI URI representation of
* <code>Transform algorithm</code> will be specified as parameter of
* {@link #getInstance(Document, String)}, when generate. </br>
* @param contextNodes the child node list of <code>Transform</code> element
* @throws InvalidTransformException
*/
public Transform(Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
super(doc); /**
* Constructs {@link Transform}
*
* @param doc the {@link Document} in which <code>Transform</code> will be
* placed
* @param algorithmURI URI representation of
* <code>Transform algorithm</code> which will be specified as parameter of
* {@link #getInstance(Document, String)}, when generated. </br>
* @param contextNodes the child node list of <code>Transform</code> element
* @throws InvalidTransformException
*/
public Transform(Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
try { super(doc);
this._constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM,
algorithmURI);
Class implementingClass = this._constructionElement.setAttributeNS
Transform.getImplementingClass(algorithmURI); (null, Constants._ATT_ALGORITHM, algorithmURI);
if(implementingClass == null) { transformSpi = getTransformSpi(algorithmURI);
if (transformSpi == null) {
Object exArgs[] = { algorithmURI }; Object exArgs[] = { algorithmURI };
throw new InvalidTransformException( throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs); "signature.Transform.UnknownTransform", exArgs);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ implementingClass + "\"");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The NodeList is " + contextNodes);
}
// create the custom Transform object
this.transformSpi =
(TransformSpi) implementingClass.newInstance();
this.transformSpi.setTransform(this);
// give it to the current document
if (contextNodes != null) {
/*
while (contextNodes.getLength() > 0) {
this._constructionElement.appendChild(contextNodes.item(0));
}
*/
for (int i = 0; i < contextNodes.getLength(); i++) {
this._constructionElement.appendChild(contextNodes.item(i).cloneNode(true));
}
}
} catch (IllegalAccessException ex) {
Object exArgs[] = { algorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
} catch (InstantiationException ex) {
Object exArgs[] = { algorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
}
}
/**
* This constructor can only be called from the {@link Transforms} object, so
* it's protected.
*
* @param element <code>ds:Transform</code> element
* @param BaseURI the URI of the resource where the XML instance was stored
* @throws InvalidTransformException
* @throws TransformationException
* @throws XMLSecurityException
*/
public Transform(Element element, String BaseURI)
throws InvalidTransformException, TransformationException,
XMLSecurityException {
super(element, BaseURI);
// retrieve Algorithm Attribute from ds:Transform
String AlgorithmURI = element.getAttributeNS(null, Constants._ATT_ALGORITHM);
if ((AlgorithmURI == null) || (AlgorithmURI.length() == 0)) {
Object exArgs[] = { Constants._ATT_ALGORITHM,
Constants._TAG_TRANSFORM };
throw new TransformationException("xml.WrongContent", exArgs);
}
try {
Class implementingClass = (Class) _transformHash.get(AlgorithmURI);
this.transformSpi =
(TransformSpi) implementingClass.newInstance();
this.transformSpi.setTransform(this);
} catch (IllegalAccessException e) {
Object exArgs[] = { AlgorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
} catch (InstantiationException e) {
Object exArgs[] = { AlgorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
} catch (NullPointerException e) {
Object exArgs[] = { AlgorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
} }
}
/** if (log.isLoggable(java.util.logging.Level.FINE)) {
* Generates a Transform object that implements the specified <code>Transform algorithm</code> URI. log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
* + transformSpi.getClass() + "\"");
* @param algorithmURI <code>Transform algorithm</code> URI representation, such as specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a> log.log(java.util.logging.Level.FINE, "The NodeList is " + contextNodes);
* @param doc the proxy {@link Document} }
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static final Transform getInstance(
Document doc, String algorithmURI) throws InvalidTransformException {
return Transform.getInstance(doc, algorithmURI, (NodeList) null);
}
/** // give it to the current document
* Generates a Transform object that implements the specified <code>Transform algorithm</code> URI. if (contextNodes != null) {
* for (int i = 0; i < contextNodes.getLength(); i++) {
* @param algorithmURI <code>Transform algorithm</code> URI representation, such as specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a> this._constructionElement.appendChild
* @param contextChild the child element of <code>Transform</code> element (contextNodes.item(i).cloneNode(true));
* @param doc the proxy {@link Document} }
* @return <code>{@link Transform}</code> object }
* @throws InvalidTransformException }
*/
public static final Transform getInstance(
Document doc, String algorithmURI, Element contextChild)
throws InvalidTransformException {
HelperNodeList contextNodes = new HelperNodeList(); /**
* This constructor can only be called from the {@link Transforms} object,
* so it's protected.
*
* @param element <code>ds:Transform</code> element
* @param BaseURI the URI of the resource where the XML instance was stored
* @throws InvalidTransformException
* @throws TransformationException
* @throws XMLSecurityException
*/
public Transform(Element element, String BaseURI)
throws InvalidTransformException, TransformationException,
XMLSecurityException {
contextNodes.appendChild(doc.createTextNode("\n")); super(element, BaseURI);
contextNodes.appendChild(contextChild);
contextNodes.appendChild(doc.createTextNode("\n"));
return Transform.getInstance(doc, algorithmURI, contextNodes); // retrieve Algorithm Attribute from ds:Transform
} String algorithmURI = element.getAttributeNS(null, Constants._ATT_ALGORITHM);
/** if (algorithmURI == null || algorithmURI.length() == 0) {
* Generates a Transform object that implements the specified <code>Transform algorithm</code> URI. Object exArgs[] = { Constants._ATT_ALGORITHM,
* Constants._TAG_TRANSFORM };
* @param algorithmURI <code>Transform algorithm</code> URI form, such as specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a> throw new TransformationException("xml.WrongContent", exArgs);
* @param contextNodes the child node list of <code>Transform</code> element }
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static final Transform getInstance(
Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
return new Transform(doc, algorithmURI, contextNodes);
}
/** transformSpi = getTransformSpi(algorithmURI);
* Initalizes for this {@link Transform} if (transformSpi == null) {
* Object exArgs[] = { algorithmURI };
*/ throw new InvalidTransformException(
public static void init() { "signature.Transform.UnknownTransform", exArgs);
}
}
if (!_alreadyInitialized) { /**
_transformHash = new HashMap(10); * Generates a Transform object that implements the specified
_alreadyInitialized = true; * <code>Transform algorithm</code> URI.
} *
} * @param algorithmURI <code>Transform algorithm</code> URI representation,
* such as specified in
* <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a>
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static Transform getInstance(
Document doc, String algorithmURI) throws InvalidTransformException {
return getInstance(doc, algorithmURI, (NodeList) null);
}
/** /**
* Registers implementing class of the Transform algorithm with algorithmURI * Generates a Transform object that implements the specified
* * <code>Transform algorithm</code> URI.
* @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code> *
* will be specified as parameter of {@link #getInstance(Document, String)}, when generate. </br> * @param algorithmURI <code>Transform algorithm</code> URI representation,
* @param implementingClass <code>implementingClass</code> the implementing class of {@link TransformSpi} * such as specified in
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered * <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a>
*/ * @param contextChild the child element of <code>Transform</code> element
public static void register(String algorithmURI, String implementingClass) * @param doc the proxy {@link Document}
throws AlgorithmAlreadyRegisteredException { * @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static Transform getInstance(
Document doc, String algorithmURI, Element contextChild)
throws InvalidTransformException {
{ HelperNodeList contextNodes = new HelperNodeList();
// are we already registered? XMLUtils.addReturnToElement(doc, contextNodes);
Class registeredClass = Transform.getImplementingClass(algorithmURI); contextNodes.appendChild(contextChild);
XMLUtils.addReturnToElement(doc, contextNodes);
if ((registeredClass != null) ) { return getInstance(doc, algorithmURI, contextNodes);
}
/**
* Generates a Transform object that implements the specified
* <code>Transform algorithm</code> URI.
*
* @param algorithmURI <code>Transform algorithm</code> URI form, such as
* specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>
* Transform algorithm </a>
* @param contextNodes the child node list of <code>Transform</code> element
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static Transform getInstance(
Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
return new Transform(doc, algorithmURI, contextNodes);
}
/**
* Initalizes for this {@link Transform}.
*/
public static void init() {
if (!alreadyInitialized) {
transformClassHash = new HashMap(10);
alreadyInitialized = true;
}
}
/**
* Registers implementing class of the Transform algorithm with algorithmURI
*
* @param algorithmURI algorithmURI URI representation of
* <code>Transform algorithm</code> will be specified as parameter of
* {@link #getInstance(Document, String)}, when generate. </br>
* @param implementingClass <code>implementingClass</code> the implementing
* class of {@link TransformSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI
* is already registered
*/
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException {
// are we already registered?
Class registeredClass = getImplementingClass(algorithmURI);
if ((registeredClass != null) ) {
Object exArgs[] = { algorithmURI, registeredClass }; Object exArgs[] = { algorithmURI, registeredClass };
throw new AlgorithmAlreadyRegisteredException( throw new AlgorithmAlreadyRegisteredException(
"algorithm.alreadyRegistered", exArgs); "algorithm.alreadyRegistered", exArgs);
} }
ClassLoader cl = (ClassLoader) AccessController.doPrivileged( ClassLoader cl = (ClassLoader) AccessController.doPrivileged(
new PrivilegedAction() { new PrivilegedAction() {
public Object run() { public Object run() {
return Thread.currentThread().getContextClassLoader(); return Thread.currentThread().getContextClassLoader();
} }
}); });
try { try {
Transform._transformHash.put transformClassHash.put
(algorithmURI, Class.forName(implementingClass, true, cl)); (algorithmURI, Class.forName(implementingClass, true, cl));
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
// TODO Auto-generated catch block throw new RuntimeException(e);
e.printStackTrace(); }
} }
}
}
/** /**
* Returns the URI representation of Transformation algorithm * Returns the URI representation of Transformation algorithm
* *
* @return the URI representation of Transformation algorithm * @return the URI representation of Transformation algorithm
*/ */
public final String getURI() { public String getURI() {
return this._constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM); return this._constructionElement.getAttributeNS
} (null, Constants._ATT_ALGORITHM);
}
/** /**
* Transforms the input, and generats {@link XMLSignatureInput} as output. * Transforms the input, and generates {@link XMLSignatureInput} as output.
* @param input input {@link XMLSignatureInput} which can supplied Octect Stream and NodeSet as Input of Transformation *
* * @param input input {@link XMLSignatureInput} which can supplied Octet
* @return the {@link XMLSignatureInput} class as the result of transformation * Stream and NodeSet as Input of Transformation
* @throws CanonicalizationException * @return the {@link XMLSignatureInput} class as the result of
* @throws IOException * transformation
* @throws InvalidCanonicalizerException * @throws CanonicalizationException
* @throws TransformationException * @throws IOException
*/ * @throws InvalidCanonicalizerException
public XMLSignatureInput performTransform(XMLSignatureInput input) * @throws TransformationException
throws IOException, CanonicalizationException, */
InvalidCanonicalizerException, TransformationException { public XMLSignatureInput performTransform(XMLSignatureInput input)
throws IOException, CanonicalizationException,
InvalidCanonicalizerException, TransformationException {
XMLSignatureInput result = null; XMLSignatureInput result = null;
try { try {
result = transformSpi.enginePerformTransform(input); result = transformSpi.enginePerformTransform(input, this);
} catch (ParserConfigurationException ex) { } catch (ParserConfigurationException ex) {
Object exArgs[] = { this.getURI(), "ParserConfigurationException" }; Object exArgs[] = { this.getURI(), "ParserConfigurationException" };
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
} catch (SAXException ex) {
Object exArgs[] = { this.getURI(), "SAXException" };
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
}
throw new CanonicalizationException( return result;
"signature.Transform.ErrorDuringTransform", exArgs, ex); }
} catch (SAXException ex) {
Object exArgs[] = { this.getURI(), "SAXException" };
throw new CanonicalizationException( /**
"signature.Transform.ErrorDuringTransform", exArgs, ex); * Transforms the input, and generates {@link XMLSignatureInput} as output.
} *
* @param input input {@link XMLSignatureInput} which can supplied Octet
* Stream and NodeSet as Input of Transformation
* @param os where to output the result of the last transformation
* @return the {@link XMLSignatureInput} class as the result of
* transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws TransformationException
*/
public XMLSignatureInput performTransform(XMLSignatureInput input,
OutputStream os) throws IOException, CanonicalizationException,
InvalidCanonicalizerException, TransformationException {
return result; XMLSignatureInput result = null;
}
/** try {
* Transforms the input, and generats {@link XMLSignatureInput} as output. result = transformSpi.enginePerformTransform(input, os, this);
* @param input input {@link XMLSignatureInput} which can supplied Octect Stream and NodeSet as Input of Transformation } catch (ParserConfigurationException ex) {
* @param os where to output the result of the last transformation Object exArgs[] = { this.getURI(), "ParserConfigurationException" };
* throw new CanonicalizationException(
* @return the {@link XMLSignatureInput} class as the result of transformation "signature.Transform.ErrorDuringTransform", exArgs, ex);
* @throws CanonicalizationException } catch (SAXException ex) {
* @throws IOException Object exArgs[] = { this.getURI(), "SAXException" };
* @throws InvalidCanonicalizerException throw new CanonicalizationException(
* @throws TransformationException "signature.Transform.ErrorDuringTransform", exArgs, ex);
*/ }
public XMLSignatureInput performTransform(XMLSignatureInput input, OutputStream os)
throws IOException, CanonicalizationException,
InvalidCanonicalizerException, TransformationException {
XMLSignatureInput result = null; return result;
}
try { /**
result = transformSpi.enginePerformTransform(input,os); * Method getImplementingClass
} catch (ParserConfigurationException ex) { *
Object exArgs[] = { this.getURI(), "ParserConfigurationException" }; * @param URI
* @return The name of the class implementing the URI.
*/
private static Class getImplementingClass(String URI) {
return (Class) transformClassHash.get(URI);
}
throw new CanonicalizationException( private static TransformSpi getTransformSpi(String URI)
"signature.Transform.ErrorDuringTransform", exArgs, ex); throws InvalidTransformException {
} catch (SAXException ex) { try {
Object exArgs[] = { this.getURI(), "SAXException" }; Object value = transformSpiHash.get(URI);
if (value != null) {
throw new CanonicalizationException( return (TransformSpi) value;
"signature.Transform.ErrorDuringTransform", exArgs, ex);
} }
Class cl = (Class) transformClassHash.get(URI);
if (cl != null) {
TransformSpi tr = (TransformSpi) cl.newInstance();
transformSpiHash.put(URI, tr);
return tr;
}
} catch (InstantiationException ex) {
Object exArgs[] = { URI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
} catch (IllegalAccessException ex) {
Object exArgs[] = { URI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
}
return null;
}
return result; /** @inheritDoc */
} public String getBaseLocalName() {
return Constants._TAG_TRANSFORM;
/** }
* Method getImplementingClass
*
* @param URI
* @return The name of the class implementing the URI.
*/
private static Class getImplementingClass(String URI) {
return (Class)Transform._transformHash.get(URI);
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_TRANSFORM;
}
} }

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformParam.java
View file

@ -23,7 +23,7 @@ package com.sun.org.apache.xml.internal.security.transforms;
/** /**
* *
* @author $Author: blautenb $ * @author $Author: mullan $
*/ */
public interface TransformParam { public interface TransformParam {

159
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -21,11 +20,8 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms; package com.sun.org.apache.xml.internal.security.transforms;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
@ -33,68 +29,109 @@ import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerExcepti
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
/** /**
* Base class which all Transform algorithms extend. The common methods that * Base class which all Transform algorithms extend. The common methods that
* have to be overridden are the {@link #enginePerformTransform(XMLSignatureInput)} method. * have to be overridden are the
* {@link #enginePerformTransform(XMLSignatureInput, Transform)} method.
* *
* @author Christian Geuer-Pollmann * @author Christian Geuer-Pollmann
*/ */
public abstract class TransformSpi { public abstract class TransformSpi {
/**
* For API compatibility not thread safe.
* @deprecated
*/
protected Transform _transformObject = null;
/**
* Set the transform object.
* Depeprecated For API compatibility.
* @param transform the Transform
* @deprecated
*/
protected void setTransform(Transform transform) {
this._transformObject = transform;
}
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
*
* @param input {@link XMLSignatureInput} as the input of transformation
* @param os where to output this transformation.
* @param _transformObject the Transform
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(
XMLSignatureInput input, OutputStream os, Transform _transformObject)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException {
return enginePerformTransform(input, _transformObject);
}
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
* In order to be compatible with preexisting Transform implementations,
* by default this implementation invokes the deprecated, thread-unsafe
* methods. Subclasses should override this with a thread-safe
* implementation.
*
* @param input {@link XMLSignatureInput} as the input of transformation
* @param _transformObject the Transform
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(
XMLSignatureInput input, Transform _transformObject)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException {
//Default implementation overide with a much better
try {
TransformSpi tmp = (TransformSpi) getClass().newInstance();
tmp.setTransform(_transformObject);
return tmp.enginePerformTransform(input);
} catch (InstantiationException e) {
throw new TransformationException("",e);
} catch (IllegalAccessException e) {
throw new TransformationException("",e);
}
}
/** {@link java.util.logging} logging facility */ /**
static java.util.logging.Logger log = * The mega method which MUST be implemented by the Transformation Algorithm.
java.util.logging.Logger.getLogger(TransformSpi.class.getName()); * @deprecated
* @param input {@link XMLSignatureInput} as the input of transformation
protected Transform _transformObject = null; * @return {@link XMLSignatureInput} as the result of transformation
protected void setTransform(Transform transform) { * @throws CanonicalizationException
this._transformObject = transform; * @throws IOException
} * @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
/** * @throws SAXException
* The mega method which MUST be implemented by the Transformation Algorithm. * @throws TransformationException
* */
* @param input {@link XMLSignatureInput} as the input of transformation protected XMLSignatureInput enginePerformTransform(
* @param os where to output this transformation. XMLSignatureInput input)
* @return {@link XMLSignatureInput} as the result of transformation throws IOException,
* @throws CanonicalizationException CanonicalizationException, InvalidCanonicalizerException,
* @throws IOException TransformationException, ParserConfigurationException,
* @throws InvalidCanonicalizerException SAXException {
* @throws ParserConfigurationException throw new UnsupportedOperationException();
* @throws SAXException }
* @throws TransformationException /**
*/ * Returns the URI representation of <code>Transformation algorithm</code>
protected XMLSignatureInput enginePerformTransform( *
XMLSignatureInput input, OutputStream os) * @return the URI representation of <code>Transformation algorithm</code>
throws IOException, */
CanonicalizationException, InvalidCanonicalizerException, protected abstract String engineGetURI();
TransformationException, ParserConfigurationException,
SAXException {
return enginePerformTransform(input);
}
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
*
* @param input {@link XMLSignatureInput} as the input of transformation
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected abstract XMLSignatureInput enginePerformTransform(
XMLSignatureInput input)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException;
/**
* Returns the URI representation of <code>Transformation algorithm</code>
*
* @return the URI representation of <code>Transformation algorithm</code>
*/
protected abstract String engineGetURI();
} }

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformationException.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *

461
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transforms.java
View file

@ -3,7 +3,7 @@
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2008 The Apache Software Foundation.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,8 +20,6 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms; package com.sun.org.apache.xml.internal.security.transforms;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
@ -39,11 +37,13 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.NodeList; import org.w3c.dom.NodeList;
/** /**
* Holder of the {@link com.sun.org.apache.xml.internal.security.transforms.Transform} steps to be performed on the data. * Holder of the {@link com.sun.org.apache.xml.internal.security.transforms.Transform} steps to
* The input to the first Transform is the result of dereferencing the <code>URI</code> attribute of the <code>Reference</code> element. * be performed on the data.
* The output from the last Transform is the input for the <code>DigestMethod algorithm</code> * The input to the first Transform is the result of dereferencing the
* <code>URI</code> attribute of the <code>Reference</code> element.
* The output from the last Transform is the input for the
* <code>DigestMethod algorithm</code>
* *
* @author Christian Geuer-Pollmann * @author Christian Geuer-Pollmann
* @see Transform * @see Transform
@ -51,252 +51,273 @@ import org.w3c.dom.NodeList;
*/ */
public class Transforms extends SignatureElementProxy { public class Transforms extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */ /** {@link java.util.logging} logging facility */
static java.util.logging.Logger log = static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Transforms.class.getName()); java.util.logging.Logger.getLogger(Transforms.class.getName());
//J- /** Canonicalization - Required Canonical XML (omits comments) */
/** Canonicalization - Required Canonical XML (omits comments) */ public static final String TRANSFORM_C14N_OMIT_COMMENTS
public static final String TRANSFORM_C14N_OMIT_COMMENTS = Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS; = Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
/** Canonicalization - Recommended Canonical XML with Comments */ /** Canonicalization - Recommended Canonical XML with Comments */
public static final String TRANSFORM_C14N_WITH_COMMENTS = Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS; public static final String TRANSFORM_C14N_WITH_COMMENTS
/** Canonicalization - Required Exclusive Canonicalization (omits comments) */ = Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS; /** Canonicalization - Required Canonical XML 1.1 (omits comments) */
/** Canonicalization - Recommended Exclusive Canonicalization with Comments */ public static final String TRANSFORM_C14N11_OMIT_COMMENTS
public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS = Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS; = Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS;
/** Transform - Optional XSLT */ /** Canonicalization - Recommended Canonical XML 1.1 with Comments */
public static final String TRANSFORM_XSLT = "http://www.w3.org/TR/1999/REC-xslt-19991116"; public static final String TRANSFORM_C14N11_WITH_COMMENTS
/** Transform - Required base64 decoding */ = Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS;
public static final String TRANSFORM_BASE64_DECODE = Constants.SignatureSpecNS + "base64"; /** Canonicalization - Required Exclusive Canonicalization (omits comments) */
/** Transform - Recommended XPath */ public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS
public static final String TRANSFORM_XPATH = "http://www.w3.org/TR/1999/REC-xpath-19991116"; = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
/** Transform - Required Enveloped Signature */ /** Canonicalization - Recommended Exclusive Canonicalization with Comments */
public static final String TRANSFORM_ENVELOPED_SIGNATURE = Constants.SignatureSpecNS + "enveloped-signature"; public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS
/** Transform - XPointer */ = Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
public static final String TRANSFORM_XPOINTER = "http://www.w3.org/TR/2001/WD-xptr-20010108"; /** Transform - Optional XSLT */
/** Transform - XPath Filter v2.0 */ public static final String TRANSFORM_XSLT
public static final String TRANSFORM_XPATH2FILTER04 = "http://www.w3.org/2002/04/xmldsig-filter2"; = "http://www.w3.org/TR/1999/REC-xslt-19991116";
/** Transform - XPath Filter */ /** Transform - Required base64 decoding */
public static final String TRANSFORM_XPATH2FILTER = "http://www.w3.org/2002/06/xmldsig-filter2"; public static final String TRANSFORM_BASE64_DECODE
/** Transform - XPath Filter CHGP private*/ = Constants.SignatureSpecNS + "base64";
public static final String TRANSFORM_XPATHFILTERCHGP = "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"; /** Transform - Recommended XPath */
//J+ public static final String TRANSFORM_XPATH
Element []transforms; = "http://www.w3.org/TR/1999/REC-xpath-19991116";
/** /** Transform - Required Enveloped Signature */
* Consturcts {@link Transforms} public static final String TRANSFORM_ENVELOPED_SIGNATURE
* = Constants.SignatureSpecNS + "enveloped-signature";
* @param doc the {@link Document} in which <code>XMLsignature</code> will be placed /** Transform - XPointer */
*/ public static final String TRANSFORM_XPOINTER
public Transforms(Document doc) { = "http://www.w3.org/TR/2001/WD-xptr-20010108";
/** Transform - XPath Filter v2.0 */
public static final String TRANSFORM_XPATH2FILTER04
= "http://www.w3.org/2002/04/xmldsig-filter2";
/** Transform - XPath Filter */
public static final String TRANSFORM_XPATH2FILTER
= "http://www.w3.org/2002/06/xmldsig-filter2";
/** Transform - XPath Filter CHGP private */
public static final String TRANSFORM_XPATHFILTERCHGP
= "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter";
super(doc); Element []transforms;
XMLUtils.addReturnToElement(this._constructionElement); protected Transforms() { };
}
/** /**
* Consturcts {@link Transforms} from {@link Element} which is <code>Transforms</code> Element * Constructs {@link Transforms}.
* *
* @param element is <code>Transforms</code> element * @param doc the {@link Document} in which <code>XMLSignature</code> will
* @param BaseURI the URI where the XML instance was stored * be placed
* @throws DOMException */
* @throws InvalidTransformException public Transforms(Document doc) {
* @throws TransformationException super(doc);
* @throws XMLSecurityException XMLUtils.addReturnToElement(this._constructionElement);
* @throws XMLSignatureException }
*/
public Transforms(Element element, String BaseURI) /**
* Constructs {@link Transforms} from {@link Element} which is
* <code>Transforms</code> Element
*
* @param element is <code>Transforms</code> element
* @param BaseURI the URI where the XML instance was stored
* @throws DOMException
* @throws InvalidTransformException
* @throws TransformationException
* @throws XMLSecurityException
* @throws XMLSignatureException
*/
public Transforms(Element element, String BaseURI)
throws DOMException, XMLSignatureException, throws DOMException, XMLSignatureException,
InvalidTransformException, TransformationException, InvalidTransformException, TransformationException,
XMLSecurityException { XMLSecurityException {
super(element, BaseURI); super(element, BaseURI);
int numberOfTransformElems = this.getLength(); int numberOfTransformElems = this.getLength();
if (numberOfTransformElems == 0) { if (numberOfTransformElems == 0) {
// At least ont Transform element must be present. Bad. // At least one Transform element must be present. Bad.
Object exArgs[] = { Constants._TAG_TRANSFORM, Object exArgs[] = { Constants._TAG_TRANSFORM,
Constants._TAG_TRANSFORMS }; Constants._TAG_TRANSFORMS };
throw new TransformationException("xml.WrongContent", exArgs); throw new TransformationException("xml.WrongContent", exArgs);
} }
} }
/** /**
* Adds the <code>Transform</code> with the specified <code>Transform algorithm URI</code> * Adds the <code>Transform</code> with the specified <code>Transform
* * algorithm URI</code>
* @param transformURI the URI form of transform that indicates which transformation is applied to data *
* @throws TransformationException * @param transformURI the URI form of transform that indicates which
*/ * transformation is applied to data
public void addTransform(String transformURI) * @throws TransformationException
*/
public void addTransform(String transformURI)
throws TransformationException { throws TransformationException {
try { try {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")"); log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")");
Transform transform = Transform.getInstance(this._doc, transformURI); Transform transform =
Transform.getInstance(this._doc, transformURI);
this.addTransform(transform); this.addTransform(transform);
} catch (InvalidTransformException ex) { } catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex); throw new TransformationException("empty", ex);
} }
} }
/** /**
* Adds the <code>Transform</code> with the specified <code>Transform algorithm URI</code> * Adds the <code>Transform</code> with the specified <code>Transform
* * algorithm URI</code>
* @param transformURI the URI form of transform that indicates which transformation is applied to data *
* @param contextElement * @param transformURI the URI form of transform that indicates which
* @throws TransformationException * transformation is applied to data
* @see Transform#getInstance(Document doc, String algorithmURI, Element childElement) * @param contextElement
*/ * @throws TransformationException
public void addTransform(String transformURI, Element contextElement) * @see Transform#getInstance(Document doc, String algorithmURI, Element childElement)
*/
public void addTransform(String transformURI, Element contextElement)
throws TransformationException { throws TransformationException {
try { try {
if (true) if (log.isLoggable(java.util.logging.Level.FINE))
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")"); log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")");
Transform transform = Transform.getInstance(this._doc, transformURI, Transform transform =
contextElement); Transform.getInstance(this._doc, transformURI, contextElement);
this.addTransform(transform); this.addTransform(transform);
} catch (InvalidTransformException ex) { } catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex); throw new TransformationException("empty", ex);
} }
} }
/** /**
* Adds the <code>Transform</code> with the specified <code>Transform algorithm URI</code> * Adds the <code>Transform</code> with the specified <code>Transform
* * algorithm URI</code>.
* @param transformURI the URI form of transform that indicates which transformation is applied to data *
* @param contextNodes * @param transformURI the URI form of transform that indicates which
* @throws TransformationException * transformation is applied to data
* @see Transform#getInstance(Document doc, String algorithmURI, NodeList contextNodes) * @param contextNodes
*/ * @throws TransformationException
public void addTransform(String transformURI, NodeList contextNodes) * @see Transform#getInstance(Document doc, String algorithmURI, NodeList contextNodes)
*/
public void addTransform(String transformURI, NodeList contextNodes)
throws TransformationException { throws TransformationException {
try { try {
Transform transform = Transform.getInstance(this._doc, transformURI, Transform transform =
contextNodes); Transform.getInstance(this._doc, transformURI, contextNodes);
this.addTransform(transform);
} catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex);
}
}
this.addTransform(transform); /**
} catch (InvalidTransformException ex) { * Adds a user-provided Transform step.
throw new TransformationException("empty", ex); *
} * @param transform {@link Transform} object
} */
private void addTransform(Transform transform) {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transform.getURI() + ")");
/** Element transformElement = transform.getElement();
* Adds a user-provided Transform step.
*
* @param transform {@link Transform} object
*/
private void addTransform(Transform transform) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transform.getURI() + ")");
Element transformElement = transform.getElement(); this._constructionElement.appendChild(transformElement);
XMLUtils.addReturnToElement(this._constructionElement);
}
this._constructionElement.appendChild(transformElement); /**
XMLUtils.addReturnToElement(this._constructionElement); * Applies all included <code>Transform</code>s to xmlSignatureInput and
} * returns the result of these transformations.
*
/** * @param xmlSignatureInput the input for the <code>Transform</code>s
* Applies all included <code>Transform</code>s to xmlSignatureInput and returns the result of these transformations. * @return the result of the <code>Transforms</code>
* * @throws TransformationException
* @param xmlSignatureInput the input for the <code>Transform</code>s */
* @return the result of the <code>Transforms</code>
* @throws TransformationException
*/
public XMLSignatureInput performTransforms(
XMLSignatureInput xmlSignatureInput) throws TransformationException {
return performTransforms(xmlSignatureInput,null);
}
/**
* Applies all included <code>Transform</code>s to xmlSignatureInput and returns the result of these transformations.
*
* @param xmlSignatureInput the input for the <code>Transform</code>s
* @param os where to output the last transformation.
* @return the result of the <code>Transforms</code>
* @throws TransformationException
*/
public XMLSignatureInput performTransforms( public XMLSignatureInput performTransforms(
XMLSignatureInput xmlSignatureInput,OutputStream os) throws TransformationException { XMLSignatureInput xmlSignatureInput) throws TransformationException {
return performTransforms(xmlSignatureInput, null);
}
try { /**
int last=this.getLength()-1; * Applies all included <code>Transform</code>s to xmlSignatureInput and
for (int i = 0; i < last; i++) { * returns the result of these transformations.
Transform t = this.item(i); *
if (true) { * @param xmlSignatureInput the input for the <code>Transform</code>s
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Preform the (" + i + ")th " + t.getURI() + " transform"); * @param os where to output the last transformation.
} * @return the result of the <code>Transforms</code>
xmlSignatureInput = t.performTransform(xmlSignatureInput); * @throws TransformationException
} */
if (last>=0) { public XMLSignatureInput performTransforms(
Transform t = this.item(last); XMLSignatureInput xmlSignatureInput, OutputStream os)
xmlSignatureInput = t.performTransform(xmlSignatureInput, os); throws TransformationException {
}
try {
return xmlSignatureInput; int last=this.getLength()-1;
} catch (IOException ex) { for (int i = 0; i < last; i++) {
throw new TransformationException("empty", ex); Transform t = this.item(i);
// } catch (ParserConfigurationException ex) { throw new TransformationException("empty", ex); if (log.isLoggable(java.util.logging.Level.FINE)) {
// } catch (SAXException ex) { throw new TransformationException("empty", ex); log.log(java.util.logging.Level.FINE, "Perform the (" + i + ")th " + t.getURI()
} catch (CanonicalizationException ex) { + " transform");
throw new TransformationException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
throw new TransformationException("empty", ex);
}
}
/**
* Return the nonnegative number of transformations.
*
* @return the number of transformations
*/
public int getLength()
{
/*Element nscontext = XMLUtils.createDSctx(this._doc, "ds",
Constants.SignatureSpecNS);
NodeList transformElems =
XPathAPI.selectNodeList(this._constructionElement,
"./ds:Transform", nscontext);
return transformElems.getLength();*/
if (transforms==null) {
transforms=XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(),
"Transform");
}
return transforms.length;
}
/**
* Return the <it>i</it><sup>th</sup> <code>{@link Transform}</code>.
* Valid <code>i</code> values are 0 to <code>{@link #getLength}-1</code>.
*
* @param i index of {@link Transform} to return
* @return the <it>i</it><sup>th</sup> transforms
* @throws TransformationException
*/
public Transform item(int i) throws TransformationException {
try {
if (transforms==null) {
transforms=XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(),
"Transform");
}
return new Transform(transforms[i], this._baseURI);
} catch (XMLSecurityException ex) {
throw new TransformationException("empty", ex);
} }
} xmlSignatureInput = t.performTransform(xmlSignatureInput);
}
if (last>=0) {
Transform t = this.item(last);
xmlSignatureInput = t.performTransform(xmlSignatureInput, os);
}
/** @inheritDoc */ return xmlSignatureInput;
public String getBaseLocalName() { } catch (IOException ex) {
return Constants._TAG_TRANSFORMS; throw new TransformationException("empty", ex);
} } catch (CanonicalizationException ex) {
throw new TransformationException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
throw new TransformationException("empty", ex);
}
}
/**
* Return the nonnegative number of transformations.
*
* @return the number of transformations
*/
public int getLength()
{
if (transforms == null) {
transforms = XMLUtils.selectDsNodes
(this._constructionElement.getFirstChild(), "Transform");
}
return transforms.length;
}
/**
* Return the <it>i</it><sup>th</sup> <code>{@link Transform}</code>.
* Valid <code>i</code> values are 0 to <code>{@link #getLength}-1</code>.
*
* @param i index of {@link Transform} to return
* @return the <it>i</it><sup>th</sup> Transform
* @throws TransformationException
*/
public Transform item(int i) throws TransformationException {
try {
if (transforms == null) {
transforms = XMLUtils.selectDsNodes
(this._constructionElement.getFirstChild(), "Transform");
}
return new Transform(transforms[i], this._baseURI);
} catch (XMLSecurityException ex) {
throw new TransformationException("empty", ex);
}
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_TRANSFORMS;
}
} }

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java
View file

@ -62,7 +62,7 @@ import org.w3c.dom.Node;
* -scott * -scott
* </PRE> * </PRE>
* *
* @author $Author: raul $ * @author $Author: mullan $
* @see com.sun.org.apache.xml.internal.security.transforms.implementations.FuncHere * @see com.sun.org.apache.xml.internal.security.transforms.implementations.FuncHere
* @see com.sun.org.apache.xml.internal.security.utils.XPathFuncHereAPI * @see com.sun.org.apache.xml.internal.security.utils.XPathFuncHereAPI
* @see <A HREF="http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html#function-here">XML Signature - The here() function</A> * @see <A HREF="http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html#function-here">XML Signature - The here() function</A>

13
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java
View file

@ -2,7 +2,6 @@
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
*/ */
/* /*
* Copyright 1999-2004 The Apache Software Foundation. * Copyright 1999-2004 The Apache Software Foundation.
* *
@ -33,6 +32,7 @@ import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException; import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -43,7 +43,6 @@ import org.w3c.dom.Node;
import org.w3c.dom.Text; import org.w3c.dom.Text;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
/** /**
* Implements the <CODE>http://www.w3.org/2000/09/xmldsig#base64</CODE> decoding * Implements the <CODE>http://www.w3.org/2000/09/xmldsig#base64</CODE> decoding
* transform. * transform.
@ -95,13 +94,15 @@ public class TransformBase64Decode extends TransformSpi {
* @throws IOException * @throws IOException
* @throws TransformationException * @throws TransformationException
*/ */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws IOException, CanonicalizationException, throws IOException, CanonicalizationException,
TransformationException { TransformationException {
return enginePerformTransform(input,null); return enginePerformTransform(input, null, _transformObject);
} }
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,
OutputStream os) OutputStream os, Transform _transformObject)
throws IOException, CanonicalizationException, throws IOException, CanonicalizationException,
TransformationException { TransformationException {
try { try {
@ -116,7 +117,7 @@ public class TransformBase64Decode extends TransformSpi {
byte[] decodedBytes = Base64.decode(sb.toString()); byte[] decodedBytes = Base64.decode(sb.toString());
return new XMLSignatureInput(decodedBytes); return new XMLSignatureInput(decodedBytes);
} }
Base64.decode(sb.toString().getBytes(),os); Base64.decode(sb.toString(),os);
XMLSignatureInput output=new XMLSignatureInput((byte[])null); XMLSignatureInput output=new XMLSignatureInput((byte[])null);
output.setOutputStream(os); output.setOutputStream(os);
return output; return output;

13
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N.java
View file

@ -20,17 +20,15 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms.implementations; package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream; import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments; import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/** /**
* Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315</CODE> * Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315</CODE>
* transform. * transform.
@ -54,18 +52,19 @@ public class TransformC14N extends TransformSpi {
/** /**
* @inheritDoc * @inheritDoc
*/ */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws CanonicalizationException { throws CanonicalizationException {
return enginePerformTransform(input,null); return enginePerformTransform(input, null, _transformObject);
} }
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException { throws CanonicalizationException {
Canonicalizer20010315OmitComments c14n = new Canonicalizer20010315OmitComments(); Canonicalizer20010315OmitComments c14n = new Canonicalizer20010315OmitComments();
if (os!=null) { if (os!=null) {
c14n.setWriter(os); c14n.setWriter(os);
} }
byte[] result = null; byte[] result = null;
input.setNeedsToBeExpanded(true);
result=c14n.engineCanonicalize(input); result=c14n.engineCanonicalize(input);
XMLSignatureInput output=new XMLSignatureInput(result); XMLSignatureInput output=new XMLSignatureInput(result);
if (os!=null) { if (os!=null) {

65
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11.java Normal file
View file

@ -0,0 +1,65 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/**
* Implements the <CODE>http://www.w3.org/2006/12/xml-c14n11</CODE>
* (C14N 1.1) transform.
*
* @author Sean Mullan
*/
public class TransformC14N11 extends TransformSpi {
protected String engineGetURI() {
return Transforms.TRANSFORM_C14N11_OMIT_COMMENTS;
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform transform)
throws CanonicalizationException {
return enginePerformTransform(input, null, transform);
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, OutputStream os, Transform transform)
throws CanonicalizationException {
Canonicalizer11_OmitComments c14n = new Canonicalizer11_OmitComments();
if (os != null) {
c14n.setWriter(os);
}
byte[] result = null;
result = c14n.engineCanonicalize(input);
XMLSignatureInput output = new XMLSignatureInput(result);
if (os != null) {
output.setOutputStream(os);
}
return output;
}
}

67
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11_WithComments.java Normal file
View file

@ -0,0 +1,67 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/**
* Implements the <CODE>http://www.w3.org/2006/12/xml-c14n-11#WithComments</CODE>
* (C14N 1.1 With Comments) transform.
*
* @author Sean Mullan
*/
public class TransformC14N11_WithComments extends TransformSpi {
protected String engineGetURI() {
return Transforms.TRANSFORM_C14N11_WITH_COMMENTS;
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform transform)
throws CanonicalizationException {
return enginePerformTransform(input, null, transform);
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, OutputStream os, Transform transform)
throws CanonicalizationException {
Canonicalizer11_WithComments c14n = new Canonicalizer11_WithComments();
if (os != null) {
c14n.setWriter(os);
}
byte[] result = null;
result = c14n.engineCanonicalize(input);
XMLSignatureInput output = new XMLSignatureInput(result);
if (os != null) {
output.setOutputStream(os);
}
return output;
}
}

23
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusive.java
View file

@ -20,25 +20,24 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms.implementations; package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream; import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments; import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces; import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* Class TransformC14NExclusive * Class TransformC14NExclusive
* *
* @author $Author: raul $ * @author $Author: mullan $
* @version $Revision: 1.5 $
*/ */
public class TransformC14NExclusive extends TransformSpi { public class TransformC14NExclusive extends TransformSpi {
@ -46,7 +45,6 @@ public class TransformC14NExclusive extends TransformSpi {
public static final String implementedTransformURI = public static final String implementedTransformURI =
Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS; Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS;
/** /**
* Method engineGetURI * Method engineGetURI
* *
@ -63,27 +61,29 @@ public class TransformC14NExclusive extends TransformSpi {
* @return the transformed of the input * @return the transformed of the input
* @throws CanonicalizationException * @throws CanonicalizationException
*/ */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws CanonicalizationException { throws CanonicalizationException {
return enginePerformTransform(input,null); return enginePerformTransform(input, null, _transformObject);
} }
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException { throws CanonicalizationException {
try { try {
String inclusiveNamespaces = null; String inclusiveNamespaces = null;
if (this._transformObject if (_transformObject
.length(InclusiveNamespaces .length(InclusiveNamespaces
.ExclusiveCanonicalizationNamespace, InclusiveNamespaces .ExclusiveCanonicalizationNamespace, InclusiveNamespaces
._TAG_EC_INCLUSIVENAMESPACES) == 1) { ._TAG_EC_INCLUSIVENAMESPACES) == 1) {
Element inclusiveElement = Element inclusiveElement =
XMLUtils.selectNode( XMLUtils.selectNode(
this._transformObject.getElement().getFirstChild(), _transformObject.getElement().getFirstChild(),
InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0); InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);
inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement, inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement,
this._transformObject.getBaseURI()).getInclusiveNamespaces(); _transformObject.getBaseURI()).getInclusiveNamespaces();
} }
Canonicalizer20010315ExclOmitComments c14n = Canonicalizer20010315ExclOmitComments c14n =
@ -92,7 +92,6 @@ public class TransformC14NExclusive extends TransformSpi {
c14n.setWriter(os); c14n.setWriter(os);
} }
byte []result; byte []result;
input.setNeedsToBeExpanded(true);
result =c14n.engineCanonicalize(input, inclusiveNamespaces); result =c14n.engineCanonicalize(input, inclusiveNamespaces);
XMLSignatureInput output=new XMLSignatureInput(result); XMLSignatureInput output=new XMLSignatureInput(result);

20
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusiveWithComments.java
View file

@ -20,21 +20,19 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms.implementations; package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream; import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments; import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces; import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</CODE> * Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</CODE>
* transform. * transform.
@ -47,7 +45,6 @@ public class TransformC14NExclusiveWithComments extends TransformSpi {
public static final String implementedTransformURI = public static final String implementedTransformURI =
Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS; Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS;
/** /**
* Method engineGetURI * Method engineGetURI
*@inheritDoc *@inheritDoc
@ -60,27 +57,29 @@ public class TransformC14NExclusiveWithComments extends TransformSpi {
/** /**
* @inheritDoc * @inheritDoc
*/ */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws CanonicalizationException { throws CanonicalizationException {
return enginePerformTransform(input,null); return enginePerformTransform(input, null, _transformObject);
} }
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException { throws CanonicalizationException {
try { try {
String inclusiveNamespaces = null; String inclusiveNamespaces = null;
if (this._transformObject if (_transformObject
.length(InclusiveNamespaces .length(InclusiveNamespaces
.ExclusiveCanonicalizationNamespace, InclusiveNamespaces .ExclusiveCanonicalizationNamespace, InclusiveNamespaces
._TAG_EC_INCLUSIVENAMESPACES) == 1) { ._TAG_EC_INCLUSIVENAMESPACES) == 1) {
Element inclusiveElement = Element inclusiveElement =
XMLUtils.selectNode( XMLUtils.selectNode(
this._transformObject.getElement().getFirstChild(), _transformObject.getElement().getFirstChild(),
InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0); InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);
inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement, inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement,
this._transformObject.getBaseURI()).getInclusiveNamespaces(); _transformObject.getBaseURI()).getInclusiveNamespaces();
} }
Canonicalizer20010315ExclWithComments c14n = Canonicalizer20010315ExclWithComments c14n =
@ -88,7 +87,6 @@ public class TransformC14NExclusiveWithComments extends TransformSpi {
if (os!=null) { if (os!=null) {
c14n.setWriter( os); c14n.setWriter( os);
} }
input.setNeedsToBeExpanded(true);
byte []result; byte []result;
result =c14n.engineCanonicalize(input, inclusiveNamespaces); result =c14n.engineCanonicalize(input, inclusiveNamespaces);
XMLSignatureInput output=new XMLSignatureInput(result); XMLSignatureInput output=new XMLSignatureInput(result);

17
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NWithComments.java
View file

@ -20,17 +20,15 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms.implementations; package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream; import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments; import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/** /**
* Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</CODE> * Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</CODE>
* transform. * transform.
@ -43,18 +41,20 @@ public class TransformC14NWithComments extends TransformSpi {
public static final String implementedTransformURI = public static final String implementedTransformURI =
Transforms.TRANSFORM_C14N_WITH_COMMENTS; Transforms.TRANSFORM_C14N_WITH_COMMENTS;
/** @inheritDoc */ /** @inheritDoc */
protected String engineGetURI() { protected String engineGetURI() {
return implementedTransformURI; return implementedTransformURI;
} }
/** @inheritDoc */ /** @inheritDoc */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) protected XMLSignatureInput enginePerformTransform
throws CanonicalizationException { (XMLSignatureInput input, Transform _transformObject)
return enginePerformTransform(input,null); throws CanonicalizationException {
return enginePerformTransform(input, null, _transformObject);
} }
/** @inheritDoc */ /** @inheritDoc */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os) protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException { throws CanonicalizationException {
Canonicalizer20010315WithComments c14n = new Canonicalizer20010315WithComments(); Canonicalizer20010315WithComments c14n = new Canonicalizer20010315WithComments();
@ -63,7 +63,6 @@ public class TransformC14NWithComments extends TransformSpi {
} }
byte[] result = null; byte[] result = null;
input.setNeedsToBeExpanded(true);
result=c14n.engineCanonicalize(input); result=c14n.engineCanonicalize(input);
XMLSignatureInput output=new XMLSignatureInput(result); XMLSignatureInput output=new XMLSignatureInput(result);
if (os!=null) { if (os!=null) {

41
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformEnvelopedSignature.java
View file

@ -20,10 +20,9 @@
*/ */
package com.sun.org.apache.xml.internal.security.transforms.implementations; package com.sun.org.apache.xml.internal.security.transforms.implementations;
import com.sun.org.apache.xml.internal.security.signature.NodeFilter; import com.sun.org.apache.xml.internal.security.signature.NodeFilter;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException; import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms; import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -32,7 +31,6 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element; import org.w3c.dom.Element;
import org.w3c.dom.Node; import org.w3c.dom.Node;
/** /**
* Implements the <CODE>http://www.w3.org/2000/09/xmldsig#enveloped-signature</CODE> * Implements the <CODE>http://www.w3.org/2000/09/xmldsig#enveloped-signature</CODE>
* transform. * transform.
@ -57,7 +55,7 @@ public class TransformEnvelopedSignature extends TransformSpi {
/** /**
* @inheritDoc * @inheritDoc
*/ */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject)
throws TransformationException { throws TransformationException {
@ -74,14 +72,7 @@ public class TransformEnvelopedSignature extends TransformSpi {
* (including comments) in the node-set representing the octet stream. * (including comments) in the node-set representing the octet stream.
*/ */
/* Node signatureElement = _transformObject.getElement();
if (input.isOctetStream()) {
input.setNodesetXPath(Canonicalizer.XPATH_C14N_WITH_COMMENTS);
}
*/
Element transformElement = this._transformObject.getElement();
Node signatureElement = transformElement;
signatureElement = searchSignatureElement(signatureElement); signatureElement = searchSignatureElement(signatureElement);
@ -124,18 +115,24 @@ public class TransformEnvelopedSignature extends TransformSpi {
} }
return signatureElement; return signatureElement;
} }
class EnvelopedNodeFilter implements NodeFilter { static class EnvelopedNodeFilter implements NodeFilter {
Node exclude; Node exclude;
EnvelopedNodeFilter(Node n) { EnvelopedNodeFilter(Node n) {
exclude=n; exclude=n;
}
public int isNodeIncludeDO(Node n, int level) {
if ((n==exclude))
return -1;
return 1;
}
/**
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
*/
public int isNodeInclude(Node n) {
if ((n==exclude) || XMLUtils.isDescendantOrSelf(exclude,n))
return -1;
return 1;
//return !XMLUtils.isDescendantOrSelf(exclude,n);
} }
/**
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
*/
public boolean isNodeInclude(Node n) {
// TODO Optimize me.
return !XMLUtils.isDescendantOrSelf(exclude,n);
}
} }
} }

Some files were not shown because too many files have changed in this diff Show more