archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-09-22 12:04:39 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

6469266: Integrate Apache XMLSec 1.4.2 into JDK 7

Browse source 
Reviewed-by: valeriep
This commit is contained in:
Sean Mullan 2008-09-22 10:43:17 -04:00
parent 9f7bdd313a
commit c8a68bace6
182 changed files with 9429 additions and 7971 deletions
Download patch file Download diff file Expand all files Collapse all files

90
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
View file

@ -20,12 +20,9 @@
*/
package com.sun.org.apache.xml.internal.security;
import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
@ -51,7 +48,7 @@ import org.w3c.dom.Node;
* done by calling {@link Init#init} which should be done in any static block
* of the files of this library. We ensure that this call is only executed once.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public final class Init {
@ -113,20 +110,19 @@ public final class Init {
dbf.setValidating(false);
DocumentBuilder db = dbf.newDocumentBuilder();
// We don't allow users to override the Apache XML Security
// configuration in the JRE. Users should use the standard security
// provider mechanism instead if implementing their own
// transform or canonicalization algorithms.
// String cfile = System.getProperty("com.sun.org.apache.xml.internal.security.resource.config");
// InputStream is =
// Class.forName("com.sun.org.apache.xml.internal.security.Init")
// .getResourceAsStream(cfile != null ? cfile : "resource/config.xml");
// InputStream is = Class.forName("com.sun.org.apache.xml.internal.security.Init").getResourceAsStream("resource/config.xml");
InputStream is = (InputStream) AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
// String cfile = System.getProperty
// ("com.sun.org.apache.xml.internal.security.resource.config");
return getClass().getResourceAsStream
("resource/config.xml");
// (cfile != null ? cfile : "resource/config.xml");
("resource/config.xml");
}
});
@ -167,7 +163,7 @@ public final class Init {
//
// if (tag.equals("ResourceBundles")){
// XX_configure_i18n_start = System.currentTimeMillis();
// Element resource=(Element)el;
// Element resource=(Element)el;
// /* configure internationalization */
// Attr langAttr = resource.getAttributeNode("defaultLanguageCode");
// Attr countryAttr = resource.getAttributeNode("defaultCountryCode");
@ -202,11 +198,11 @@ public final class Init {
if (currMeth.getDeclaringClass().getName()
.equals(JAVACLASS)) {
log.log(java.util.logging.Level.FINE, currMeth.getDeclaringClass().toString());
log.log(java.util.logging.Level.FINE, currMeth.getDe claringClass().toString());
}
}*/
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + URI + ", "
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + URI + ", "
+ JAVACLASS + ")");
Canonicalizer.register(URI, JAVACLASS);
} catch (ClassNotFoundException e) {
@ -233,9 +229,8 @@ public final class Init {
"JAVACLASS");
try {
Class.forName(JAVACLASS);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transform.register(" + URI + ", " + JAVACLASS
+ ")");
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Transform.register(" + URI + ", " + JAVACLASS + ")");
Transform.register(URI, JAVACLASS);
} catch (ClassNotFoundException e) {
Object exArgs[] = { URI, JAVACLASS };
@ -284,12 +279,11 @@ public final class Init {
//
// if (currMeth.getDeclaringClass().getName()
// .equals(JAVACLASS)) {
// log.log(java.util.logging.Level.FINE, currMeth.getDeclaringClass().toString());
// log.log(java.util.logging.Level.FINE, currMeth.getDe claringClass().toString());
// }
// }
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + URI + ", "
+ JAVACLASS + ")");
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + URI + ", " + JAVACLASS + ")");
SignatureAlgorithm.register(URI, JAVACLASS);
} catch (ClassNotFoundException e) {
Object exArgs[] = { URI, JAVACLASS };
@ -320,13 +314,11 @@ public final class Init {
"DESCRIPTION");
if ((Description != null) && (Description.length() > 0)) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": "
+ Description);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " + Description);
} else {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS
+ ": For unknown purposes");
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": For unknown purposes");
}
try {
ResourceResolver.register(JAVACLASS);
@ -359,13 +351,11 @@ public final class Init {
"DESCRIPTION");
if ((Description != null) && (Description.length() > 0)) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": "
+ Description);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " + Description);
} else {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS
+ ": For unknown purposes");
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": For unknown purposes");
}
KeyResolver.register(JAVACLASS);
@ -376,8 +366,8 @@ public final class Init {
if (tag.equals("PrefixMappings")){
XX_configure_reg_prefixes_start = System.currentTimeMillis();
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:");
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:");
Element[] nl = XMLUtils.selectNodes(el.getFirstChild(), CONF_NS,"PrefixMapping");
@ -386,8 +376,8 @@ public final class Init {
"namespace");
String prefix = nl[i].getAttributeNS(null,
"prefix");
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace);
com.sun.org.apache.xml.internal.security.utils.ElementProxy
.setDefaultPrefix(namespace, prefix);
}
@ -398,19 +388,19 @@ public final class Init {
long XX_init_end = System.currentTimeMillis();
//J-
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XX_init " + ((int)(XX_init_end - XX_init_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_prng " + ((int)(XX_prng_end - XX_prng_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_parsing " + ((int)(XX_parsing_end - XX_parsing_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_i18n " + ((int)(XX_configure_i18n_end- XX_configure_i18n_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_c14n " + ((int)(XX_configure_reg_c14n_end- XX_configure_reg_c14n_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_jcemapper " + ((int)(XX_configure_reg_jcemapper_end- XX_configure_reg_jcemapper_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyInfo " + ((int)(XX_configure_reg_keyInfo_end- XX_configure_reg_keyInfo_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyResolver " + ((int)(XX_configure_reg_keyResolver_end- XX_configure_reg_keyResolver_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_prefixes " + ((int)(XX_configure_reg_prefixes_end- XX_configure_reg_prefixes_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_resourceresolver " + ((int)(XX_configure_reg_resourceresolver_end- XX_configure_reg_resourceresolver_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_sigalgos " + ((int)(XX_configure_reg_sigalgos_end- XX_configure_reg_sigalgos_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_transforms " + ((int)(XX_configure_reg_transforms_end- XX_configure_reg_transforms_start)) + " ms");
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XX_init " + ((int)(XX_init_end - XX_init_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_prng " + ((int)(XX_prng_end - XX_prng_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_parsing " + ((int)(XX_parsing_end - XX_parsing_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_i18n " + ((int)(XX_configure_i18n_end- XX_configure_i18n_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_c14n " + ((int)(XX_configure_reg_c14n_end- XX_configure_reg_c14n_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_jcemapper " + ((int)(XX_configure_reg_jcemapper_end- XX_configure_reg_jcemapper_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyInfo " + ((int)(XX_configure_reg_keyInfo_end- XX_configure_reg_keyInfo_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyResolver " + ((int)(XX_configure_reg_keyResolver_end- XX_configure_reg_keyResolver_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_prefixes " + ((int)(XX_configure_reg_prefixes_end- XX_configure_reg_prefixes_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_resourceresolver " + ((int)(XX_configure_reg_resourceresolver_end- XX_configure_reg_resourceresolver_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_sigalgos " + ((int)(XX_configure_reg_sigalgos_end- XX_configure_reg_sigalgos_start)) + " ms");
log.log(java.util.logging.Level.FINE, " XX_configure_reg_transforms " + ((int)(XX_configure_reg_transforms_end- XX_configure_reg_transforms_start)) + " ms");
}
} catch (Exception e) {
log.log(java.util.logging.Level.SEVERE, "Bad: ", e);

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java
View file

@ -24,7 +24,7 @@ package com.sun.org.apache.xml.internal.security.algorithms;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@ -33,11 +33,7 @@ import org.w3c.dom.Element;
* The Algorithm class which stores the Algorithm URI as a string.
*
*/
public abstract class Algorithm extends ElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Algorithm.class.getName());
public abstract class Algorithm extends SignatureElementProxy {
/**
*
@ -79,7 +75,7 @@ public abstract class Algorithm extends ElementProxy {
*/
protected void setAlgorithmURI(String algorithmURI) {
if ((this._state == MODE_CREATE) && (algorithmURI != null)) {
if ( (algorithmURI != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM,
algorithmURI);
}

17
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
View file

@ -35,7 +35,7 @@ import org.w3c.dom.Element;
/**
* This class maps algorithm identifier URIs to JAVA JCE class names.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class JCEMapper {
@ -45,9 +45,9 @@ public class JCEMapper {
private static Map uriToJCEName = new HashMap();
private static Map uriToJCEName;
private static Map algorithmsMap = new HashMap();
private static Map algorithmsMap;
private static String providerName = null;
/**
@ -63,6 +63,8 @@ public class JCEMapper {
static void loadAlgorithms( Element algorithmsEl) {
Element[] algorithms = XMLUtils.selectNodes(algorithmsEl.getFirstChild(),Init.CONF_NS,"Algorithm");
uriToJCEName = new HashMap( algorithms.length * 2);
algorithmsMap = new HashMap( algorithms.length * 2);
for (int i = 0 ;i < algorithms.length ;i ++) {
Element el = algorithms[i];
String id = el.getAttribute("URI");
@ -70,6 +72,7 @@ public class JCEMapper {
uriToJCEName.put(id, jceName);
algorithmsMap.put(id, new Algorithm(el));
}
}
static Algorithm getAlgorithmMapping(String algoURI) {
@ -84,8 +87,8 @@ public class JCEMapper {
*
*/
public static String translateURItoJCEID(String AlgorithmURI) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI);
String jceName = (String) uriToJCEName.get(AlgorithmURI);
return jceName;
@ -100,8 +103,8 @@ public class JCEMapper {
*
*/
public static String getAlgorithmClassFromURI(String AlgorithmURI) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI);
return ((Algorithm) algorithmsMap.get(AlgorithmURI)).algorithmClass;
}

29
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java
View file

@ -20,10 +20,10 @@
*/
package com.sun.org.apache.xml.internal.security.algorithms;
import java.security.MessageDigest;
import java.security.NoSuchProviderException;
import java.util.HashMap;
import java.util.Map;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
@ -41,11 +41,6 @@ import org.w3c.dom.Document;
*/
public class MessageDigestAlgorithm extends Algorithm {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(
MessageDigestAlgorithm.class.getName());
/** Message Digest - NOT RECOMMENDED MD5*/
public static final String ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5 = Constants.MoreAlgorithmsSpecNS + "md5";
/** Digest - Required SHA1*/
@ -76,6 +71,12 @@ public class MessageDigestAlgorithm extends Algorithm {
this.algorithm = messageDigest;
}
static ThreadLocal instances=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
/**
* Factory method for constructing a message digest algorithm by name.
*
@ -86,8 +87,15 @@ public class MessageDigestAlgorithm extends Algorithm {
*/
public static MessageDigestAlgorithm getInstance(
Document doc, String algorithmURI) throws XMLSignatureException {
MessageDigest md = getDigestInstance(algorithmURI);
return new MessageDigestAlgorithm(doc, md, algorithmURI);
}
String algorithmID = JCEMapper.translateURItoJCEID(algorithmURI);
private static MessageDigest getDigestInstance(String algorithmURI) throws XMLSignatureException {
MessageDigest result=(MessageDigest) ((Map)instances.get()).get(algorithmURI);
if (result!=null)
return result;
String algorithmID = JCEMapper.translateURItoJCEID(algorithmURI);
if (algorithmID == null) {
Object[] exArgs = { algorithmURI };
@ -113,8 +121,9 @@ public class MessageDigestAlgorithm extends Algorithm {
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
return new MessageDigestAlgorithm(doc, md, algorithmURI);
}
((Map)instances.get()).put(algorithmURI, md);
return md;
}
/**
* Returns the actual {@link java.security.MessageDigest} algorithm object

146
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
View file

@ -25,6 +25,7 @@ import java.security.Key;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.HashMap;
import java.util.Map;
import com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
@ -52,9 +53,35 @@ public class SignatureAlgorithm extends Algorithm {
/** All available algorithm classes are registered here */
static HashMap _algorithmHash = null;
static ThreadLocal instancesSigning=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
static ThreadLocal instancesVerify=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
static ThreadLocal keysSigning=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
static ThreadLocal keysVerify=new ThreadLocal() {
protected Object initialValue() {
return new HashMap();
};
};
// boolean isForSigning=false;
/** Field _signatureAlgorithm */
protected SignatureAlgorithmSpi _signatureAlgorithm = null;
private String algorithmURI;
/**
* Constructor SignatureAlgorithm
*
@ -64,18 +91,49 @@ public class SignatureAlgorithm extends Algorithm {
*/
public SignatureAlgorithm(Document doc, String algorithmURI)
throws XMLSecurityException {
super(doc, algorithmURI);
this.algorithmURI = algorithmURI;
}
try {
private void initializeAlgorithm(boolean isForSigning) throws XMLSignatureException {
if (_signatureAlgorithm!=null) {
return;
}
_signatureAlgorithm=isForSigning ? getInstanceForSigning(algorithmURI) : getInstanceForVerify(algorithmURI);
this._signatureAlgorithm
.engineGetContextFromElement(this._constructionElement);
}
private static SignatureAlgorithmSpi getInstanceForSigning(String algorithmURI) throws XMLSignatureException {
SignatureAlgorithmSpi result=(SignatureAlgorithmSpi) ((Map)instancesSigning.get()).get(algorithmURI);
if (result!=null) {
result.reset();
return result;
}
result=buildSigner(algorithmURI, result);
((Map)instancesSigning.get()).put(algorithmURI,result);
return result;
}
private static SignatureAlgorithmSpi getInstanceForVerify(String algorithmURI) throws XMLSignatureException {
SignatureAlgorithmSpi result=(SignatureAlgorithmSpi) ((Map)instancesVerify.get()).get(algorithmURI);
if (result!=null) {
result.reset();
return result;
}
result=buildSigner(algorithmURI, result);
((Map)instancesVerify.get()).put(algorithmURI,result);
return result;
}
private static SignatureAlgorithmSpi buildSigner(String algorithmURI, SignatureAlgorithmSpi result) throws XMLSignatureException {
try {
Class implementingClass =
SignatureAlgorithm.getImplementingClass(algorithmURI);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ implementingClass + "\"");
this._signatureAlgorithm =
(SignatureAlgorithmSpi) implementingClass.newInstance();
result=(SignatureAlgorithmSpi) implementingClass.newInstance();
return result;
} catch (IllegalAccessException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
@ -92,7 +150,7 @@ public class SignatureAlgorithm extends Algorithm {
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex);
}
}
}
/**
* Constructor SignatureAlgorithm
@ -107,7 +165,8 @@ public class SignatureAlgorithm extends Algorithm {
throws XMLSecurityException {
this(doc, algorithmURI);
this.algorithmURI=algorithmURI;
initializeAlgorithm(true);
this._signatureAlgorithm.engineSetHMACOutputLength(HMACOutputLength);
((IntegrityHmac)this._signatureAlgorithm)
.engineAddContextToElement(this._constructionElement);
@ -124,37 +183,7 @@ public class SignatureAlgorithm extends Algorithm {
throws XMLSecurityException {
super(element, BaseURI);
String algorithmURI = this.getURI();
try {
Class implementingClass =
SignatureAlgorithm.getImplementingClass(algorithmURI);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ implementingClass + "\"");
this._signatureAlgorithm =
(SignatureAlgorithmSpi) implementingClass.newInstance();
this._signatureAlgorithm
.engineGetContextFromElement(this._constructionElement);
} catch (IllegalAccessException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex);
} catch (InstantiationException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex);
} catch (NullPointerException ex) {
Object exArgs[] = { algorithmURI, ex.getMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs,
ex);
}
algorithmURI = this.getURI();
}
/**
@ -175,7 +204,12 @@ public class SignatureAlgorithm extends Algorithm {
* @return the result of the {@link java.security.Signature#getAlgorithm} method
*/
public String getJCEAlgorithmString() {
return this._signatureAlgorithm.engineGetJCEAlgorithmString();
try {
return getInstanceForVerify(algorithmURI).engineGetJCEAlgorithmString();
} catch (XMLSignatureException e) {
//Ignore.
return null;
}
}
/**
@ -184,7 +218,11 @@ public class SignatureAlgorithm extends Algorithm {
* @return The Provider of this Signature Alogrithm
*/
public String getJCEProviderName() {
return this._signatureAlgorithm.engineGetJCEProviderName();
try {
return getInstanceForVerify(algorithmURI).engineGetJCEProviderName();
} catch (XMLSignatureException e) {
return null;
}
}
/**
@ -231,7 +269,13 @@ public class SignatureAlgorithm extends Algorithm {
* @throws XMLSignatureException
*/
public void initSign(Key signingKey) throws XMLSignatureException {
this._signatureAlgorithm.engineInitSign(signingKey);
initializeAlgorithm(true);
Map map=(Map)keysSigning.get();
if (map.get(this.algorithmURI)==signingKey) {
return;
}
map.put(this.algorithmURI,signingKey);
this._signatureAlgorithm.engineInitSign(signingKey);
}
/**
@ -244,6 +288,7 @@ public class SignatureAlgorithm extends Algorithm {
*/
public void initSign(Key signingKey, SecureRandom secureRandom)
throws XMLSignatureException {
initializeAlgorithm(true);
this._signatureAlgorithm.engineInitSign(signingKey, secureRandom);
}
@ -258,6 +303,7 @@ public class SignatureAlgorithm extends Algorithm {
public void initSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException {
initializeAlgorithm(true);
this._signatureAlgorithm.engineInitSign(signingKey,
algorithmParameterSpec);
}
@ -282,7 +328,13 @@ public class SignatureAlgorithm extends Algorithm {
* @throws XMLSignatureException
*/
public void initVerify(Key verificationKey) throws XMLSignatureException {
this._signatureAlgorithm.engineInitVerify(verificationKey);
initializeAlgorithm(false);
Map map=(Map)keysVerify.get();
if (map.get(this.algorithmURI)==verificationKey) {
return;
}
map.put(this.algorithmURI,verificationKey);
this._signatureAlgorithm.engineInitVerify(verificationKey);
}
/**
@ -320,7 +372,7 @@ public class SignatureAlgorithm extends Algorithm {
.getLogger(SignatureAlgorithm.class.getName());
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Init() called");
log.log(java.util.logging.Level.FINE, "Init() called");
if (!SignatureAlgorithm._alreadyInitialized) {
SignatureAlgorithm._algorithmHash = new HashMap(10);
@ -340,8 +392,8 @@ public class SignatureAlgorithm extends Algorithm {
throws AlgorithmAlreadyRegisteredException,XMLSignatureException {
{
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
// are we already registered?
Class registeredClassClass =

27
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java
View file

@ -20,27 +20,20 @@
*/
package com.sun.org.apache.xml.internal.security.algorithms;
import java.security.Key;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public abstract class SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureAlgorithmSpi.class.getName());
/**
* Returns the URI representation of <code>Transformation algorithm</code>
*
@ -167,20 +160,6 @@ public abstract class SignatureAlgorithmSpi {
protected abstract void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException;
/** Field _doc */
Document _doc = null;
/**
* Method engineSetDocument
*
* @param doc
*/
protected void engineSetDocument(Document doc) {
this._doc = doc;
}
/** Field _constructionElement */
Element _constructionElement = null;
/**
* Method engineGetContextFromElement
@ -188,7 +167,6 @@ public abstract class SignatureAlgorithmSpi {
* @param element
*/
protected void engineGetContextFromElement(Element element) {
this._constructionElement = element;
}
/**
@ -199,4 +177,7 @@ public abstract class SignatureAlgorithmSpi {
*/
protected abstract void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException;
public void reset() {
}
}

45
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
View file

@ -45,7 +45,7 @@ import org.w3c.dom.Text;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
@ -74,8 +74,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
public IntegrityHmac() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID);
try {
this._macAlgorithm = Mac.getInstance(algorithmID);
@ -99,6 +99,10 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
throw new XMLSignatureException("empty");
}
public void reset() {
_HMACOutputLength=0;
}
/**
* Proxy method for {@link java.security.Signature#verify(byte[])}
* which is executed on the internal {@link java.security.Signature} object.
@ -145,7 +149,20 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
try {
this._macAlgorithm.init(secretKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
// reinstantiate Mac object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
Mac mac = this._macAlgorithm;
try {
this._macAlgorithm = Mac.getInstance
(_macAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous Mac
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Mac:" + e);
}
this._macAlgorithm = mac;
}
throw new XMLSignatureException("empty", ex);
}
}
@ -323,7 +340,7 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
*/
protected String engineGetJCEAlgorithmString() {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()");
log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()");
return this._macAlgorithm.getAlgorithm();
}
@ -397,7 +414,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Class IntegrityHmacSHA1
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class IntegrityHmacSHA1 extends IntegrityHmac {
@ -423,7 +441,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Class IntegrityHmacSHA256
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class IntegrityHmacSHA256 extends IntegrityHmac {
@ -449,7 +468,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Class IntegrityHmacSHA384
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class IntegrityHmacSHA384 extends IntegrityHmac {
@ -475,7 +495,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Class IntegrityHmacSHA512
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class IntegrityHmacSHA512 extends IntegrityHmac {
@ -501,7 +522,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Class IntegrityHmacRIPEMD160
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class IntegrityHmacRIPEMD160 extends IntegrityHmac {
@ -527,7 +549,8 @@ public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
/**
* Class IntegrityHmacMD5
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class IntegrityHmacMD5 extends IntegrityHmac {

551
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
View file

@ -3,7 +3,7 @@
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
* Copyright 1999-2007 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
@ -38,329 +36,344 @@ import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureBaseRSA.class.getName());
java.util.logging.Logger.getLogger
(SignatureBaseRSA.class.getName());
/** @inheritDoc */
public abstract String engineGetURI();
public abstract String engineGetURI();
/** Field algorithm */
private java.security.Signature _signatureAlgorithm = null;
/** Field algorithm */
private java.security.Signature _signatureAlgorithm = null;
/**
* Constructor SignatureRSA
*
* @throws XMLSignatureException
*/
public SignatureBaseRSA() throws XMLSignatureException {
/**
* Constructor SignatureRSA
*
* @throws XMLSignatureException
*/
public SignatureBaseRSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID);
String provider=JCEMapper.getProviderId();
try {
if (provider==null) {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Created SignatureRSA using " + algorithmID);
String provider=JCEMapper.getProviderId();
try {
if (provider==null) {
this._signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
} else {
this._signatureAlgorithm = Signature.getInstance(algorithmID,provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID,
ex.getLocalizedMessage() };
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (NoSuchProviderException ex) {
Object[] exArgs = { algorithmID,
ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (NoSuchProviderException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
}
}
/** @inheritDoc */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
/** @inheritDoc */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
try {
this._signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException {
/** @inheritDoc */
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException {
try {
return this._signatureAlgorithm.verify(signature);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
return this._signatureAlgorithm.verify(signature);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
/** @inheritDoc */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
Signature sig = this._signatureAlgorithm;
try {
this._signatureAlgorithm = Signature.getInstance
(_signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this._signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected byte[] engineSign() throws XMLSignatureException {
/** @inheritDoc */
protected byte[] engineSign() throws XMLSignatureException {
try {
return this._signatureAlgorithm.sign();
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
return this._signatureAlgorithm.sign();
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
/** @inheritDoc */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign
((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey,
secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
/** @inheritDoc */
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte buf[], int offset, int len)
throws XMLSignatureException {
try {
this._signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte input) throws XMLSignatureException {
/** @inheritDoc */
protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
/** @inheritDoc */
protected void engineUpdate(byte buf[], int offset, int len)
throws XMLSignatureException {
/** @inheritDoc */
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException
("algorithms.HMACOutputLengthOnlyForHMAC");
}
try {
this._signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException {
throw new XMLSignatureException(
"algorithms.CannotUseAlgorithmParameterSpecOnRSA");
}
/** @inheritDoc */
protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
/**
* Class SignatureRSASHA1
*
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class SignatureRSASHA1 extends SignatureBaseRSA {
/** @inheritDoc */
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
/**
* Constructor SignatureRSASHA1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA1() throws XMLSignatureException {
super();
}
/** @inheritDoc */
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1;
}
}
/** @inheritDoc */
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException {
throw new XMLSignatureException(
"algorithms.CannotUseAlgorithmParameterSpecOnRSA");
}
/**
* Class SignatureRSASHA256
*
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class SignatureRSASHA256 extends SignatureBaseRSA {
/**
* Class SignatureRSASHA1
*
* @author $Author: raul $
*/
public static class SignatureRSASHA1 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA256
*
* @throws XMLSignatureException
*/
public SignatureRSASHA256() throws XMLSignatureException {
super();
}
/**
* Constructor SignatureRSASHA1
*
* @throws XMLSignatureException
*/
public SignatureRSASHA1() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
}
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1;
}
}
/**
* Class SignatureRSASHA384
*
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class SignatureRSASHA384 extends SignatureBaseRSA {
/**
* Class SignatureRSASHA256
*
* @author $Author: raul $
*/
public static class SignatureRSASHA256 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA384
*
* @throws XMLSignatureException
*/
public SignatureRSASHA384() throws XMLSignatureException {
super();
}
/**
* Constructor SignatureRSASHA256
*
* @throws XMLSignatureException
*/
public SignatureRSASHA256() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384;
}
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
}
}
/**
* Class SignatureRSASHA512
*
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class SignatureRSASHA512 extends SignatureBaseRSA {
/**
* Class SignatureRSASHA384
*
* @author $Author: raul $
*/
public static class SignatureRSASHA384 extends SignatureBaseRSA {
/**
* Constructor SignatureRSASHA512
*
* @throws XMLSignatureException
*/
public SignatureRSASHA512() throws XMLSignatureException {
super();
}
/**
* Constructor SignatureRSASHA384
*
* @throws XMLSignatureException
*/
public SignatureRSASHA384() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
}
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384;
}
}
/**
* Class SignatureRSARIPEMD160
*
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class SignatureRSARIPEMD160 extends SignatureBaseRSA {
/**
* Class SignatureRSASHA512
*
* @author $Author: raul $
*/
public static class SignatureRSASHA512 extends SignatureBaseRSA {
/**
* Constructor SignatureRSARIPEMD160
*
* @throws XMLSignatureException
*/
public SignatureRSARIPEMD160() throws XMLSignatureException {
super();
}
/**
* Constructor SignatureRSASHA512
*
* @throws XMLSignatureException
*/
public SignatureRSASHA512() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160;
}
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
}
}
/**
* Class SignatureRSAMD5
*
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public static class SignatureRSAMD5 extends SignatureBaseRSA {
/**
* Class SignatureRSARIPEMD160
*
* @author $Author: raul $
*/
public static class SignatureRSARIPEMD160 extends SignatureBaseRSA {
/**
* Constructor SignatureRSAMD5
*
* @throws XMLSignatureException
*/
public SignatureRSAMD5() throws XMLSignatureException {
super();
}
/**
* Constructor SignatureRSARIPEMD160
*
* @throws XMLSignatureException
*/
public SignatureRSARIPEMD160() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160;
}
}
/**
* Class SignatureRSAMD5
*
* @author $Author: raul $
*/
public static class SignatureRSAMD5 extends SignatureBaseRSA {
/**
* Constructor SignatureRSAMD5
*
* @throws XMLSignatureException
*/
public SignatureRSAMD5() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5;
}
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5;
}
}
}

563
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
@ -39,342 +37,359 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
import com.sun.org.apache.xml.internal.security.utils.Constants;
/**
*
* @author $Author: vishal $
* @author $Author: mullan $
*/
public class SignatureDSA extends SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureDSA.class.getName());
/** Field _URI */
public static final String _URI = Constants.SignatureSpecNS + "dsa-sha1";
/** Field _URI */
public static final String _URI = Constants.SignatureSpecNS + "dsa-sha1";
/** Field algorithm */
private java.security.Signature _signatureAlgorithm = null;
/** Field algorithm */
private java.security.Signature _signatureAlgorithm = null;
/**
* Method engineGetURI
*
* @inheritDoc
*/
protected String engineGetURI() {
return SignatureDSA._URI;
}
/**
* Method engineGetURI
*
* @inheritDoc
*/
protected String engineGetURI() {
return SignatureDSA._URI;
}
/**
* Constructor SignatureDSA
*
* @throws XMLSignatureException
*/
public SignatureDSA() throws XMLSignatureException {
/**
* Constructor SignatureDSA
*
* @throws XMLSignatureException
*/
public SignatureDSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA._URI);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID);
String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA._URI);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID);
try {
this._signatureAlgorithm = Signature.getInstance(algorithmID);
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID,
ex.getLocalizedMessage() };
String provider = JCEMapper.getProviderId();
try {
if (provider == null) {
this._signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
this._signatureAlgorithm =
Signature.getInstance(algorithmID, provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (java.security.NoSuchProviderException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
}
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
}
/**
* @inheritDoc
*/
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
/**
* @inheritDoc
*/
protected void engineSetParameter(AlgorithmParameterSpec params)
try {
this._signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException {
try {
this._signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature));
/**
* @inheritDoc
*/
protected boolean engineVerify(byte[] signature)
byte[] jcebytes = SignatureDSA.convertXMLDSIGtoASN1(signature);
return this._signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
Signature sig = this._signatureAlgorithm;
try {
this._signatureAlgorithm = Signature.getInstance
(_signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this._signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this._signatureAlgorithm.sign();
return SignatureDSA.convertASN1toXMLDSIG(jcebytes);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
try {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature));
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
byte[] jcebytes = SignatureDSA.convertXMLDSIGtoASN1(signature);
throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
return this._signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this._signatureAlgorithm.sign();
return SignatureDSA.convertASN1toXMLDSIG(jcebytes);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey,
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey,
secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
/**
* @inheritDoc
*/
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
throw new XMLSignatureException
("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineUpdate(byte[] input) throws XMLSignatureException {
/**
* @inheritDoc
*/
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* @inheritDoc
*/
protected void engineUpdate(byte input) throws XMLSignatureException {
/**
* @inheritDoc
*/
protected void engineUpdate(byte buf[], int offset, int len)
throws XMLSignatureException {
try {
this._signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* Method engineGetJCEAlgorithmString
*
* @inheritDoc
*/
protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
/**
* @inheritDoc
*/
protected void engineUpdate(byte buf[], int offset, int len)
throws XMLSignatureException {
/**
* Method engineGetJCEProviderName
*
* @inheritDoc
*/
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
try {
this._signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/**
* Method engineGetJCEAlgorithmString
*
* @inheritDoc
*/
protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
/**
* Method engineGetJCEProviderName
*
* @inheritDoc
*/
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
/**
* Converts an ASN.1 DSA value to a XML Signature DSA Value.
*
* The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
* @return the decode bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
*/
private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
/**
* Converts an ASN.1 DSA value to a XML Signature DSA Value.
*
* The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
* @return the decode bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
*/
private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
throws IOException {
byte rLength = asn1Bytes[3];
int i;
byte rLength = asn1Bytes[3];
int i;
for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--);
for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--);
byte sLength = asn1Bytes[5 + rLength];
int j;
byte sLength = asn1Bytes[5 + rLength];
int j;
for (j = sLength;
for (j = sLength;
(j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--);
if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2)
if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2)
|| (asn1Bytes[2] != 2) || (i > 20)
|| (asn1Bytes[4 + rLength] != 2) || (j > 20)) {
throw new IOException("Invalid ASN.1 format of DSA signature");
}
byte xmldsigBytes[] = new byte[40];
throw new IOException("Invalid ASN.1 format of DSA signature");
}
byte xmldsigBytes[] = new byte[40];
System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i,
System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i,
i);
System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes,
System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes,
40 - j, j);
return xmldsigBytes;
}
return xmldsigBytes;
}
/**
* Converts a XML Signature DSA Value to an ASN.1 DSA value.
*
* The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param xmldsigBytes
* @return the encoded ASN.1 bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
*/
private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[])
/**
* Converts a XML Signature DSA Value to an ASN.1 DSA value.
*
* The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param xmldsigBytes
* @return the encoded ASN.1 bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
*/
private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[])
throws IOException {
if (xmldsigBytes.length != 40) {
throw new IOException("Invalid XMLDSIG format of DSA signature");
}
if (xmldsigBytes.length != 40) {
throw new IOException("Invalid XMLDSIG format of DSA signature");
}
int i;
int i;
for (i = 20; (i > 0) && (xmldsigBytes[20 - i] == 0); i--);
for (i = 20; (i > 0) && (xmldsigBytes[20 - i] == 0); i--);
int j = i;
int j = i;
if (xmldsigBytes[20 - i] < 0) {
if (xmldsigBytes[20 - i] < 0) {
j += 1;
}
}
int k;
int k;
for (k = 20; (k > 0) && (xmldsigBytes[40 - k] == 0); k--);
for (k = 20; (k > 0) && (xmldsigBytes[40 - k] == 0); k--);
int l = k;
int l = k;
if (xmldsigBytes[40 - k] < 0) {
l += 1;
}
if (xmldsigBytes[40 - k] < 0) {
l += 1;
}
byte asn1Bytes[] = new byte[6 + j + l];
byte asn1Bytes[] = new byte[6 + j + l];
asn1Bytes[0] = 48;
asn1Bytes[1] = (byte) (4 + j + l);
asn1Bytes[2] = 2;
asn1Bytes[3] = (byte) j;
asn1Bytes[0] = 48;
asn1Bytes[1] = (byte) (4 + j + l);
asn1Bytes[2] = 2;
asn1Bytes[3] = (byte) j;
System.arraycopy(xmldsigBytes, 20 - i, asn1Bytes, (4 + j) - i, i);
System.arraycopy(xmldsigBytes, 20 - i, asn1Bytes, (4 + j) - i, i);
asn1Bytes[4 + j] = 2;
asn1Bytes[5 + j] = (byte) l;
asn1Bytes[4 + j] = 2;
asn1Bytes[5 + j] = (byte) l;
System.arraycopy(xmldsigBytes, 40 - k, asn1Bytes, (6 + j + l) - k, k);
System.arraycopy(xmldsigBytes, 40 - k, asn1Bytes, (6 + j + l) - k, k);
return asn1Bytes;
}
return asn1Bytes;
}
/**
* Method engineSetHMACOutputLength
*
* @param HMACOutputLength
* @throws XMLSignatureException
*/
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/**
* Method engineSetHMACOutputLength
*
* @param HMACOutputLength
* @throws XMLSignatureException
*/
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException(
"algorithms.HMACOutputLengthOnlyForHMAC");
}
/**
* Method engineInitSign
*
* @param signingKey
* @param algorithmParameterSpec
* @throws XMLSignatureException
*/
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException {
throw new XMLSignatureException(
"algorithms.CannotUseAlgorithmParameterSpecOnDSA");
}
/**
* Method engineInitSign
*
* @param signingKey
* @param algorithmParameterSpec
* @throws XMLSignatureException
*/
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException {
throw new XMLSignatureException(
"algorithms.CannotUseAlgorithmParameterSpecOnDSA");
}
}

384
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java Normal file
View file

@ -0,0 +1,384 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
/**
*
* @author $Author: mullan $
*/
public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureECDSA.class.getName());
/** @inheritDoc */
public abstract String engineGetURI();
/** Field algorithm */
private java.security.Signature _signatureAlgorithm = null;
/**
* Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
*
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param asn1Bytes
* @return the decode bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
throws IOException {
byte rLength = asn1Bytes[3];
int i;
for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--);
byte sLength = asn1Bytes[5 + rLength];
int j;
for (j = sLength;
(j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--);
if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2)
|| (asn1Bytes[2] != 2) || (i > 24)
|| (asn1Bytes[4 + rLength] != 2) || (j > 24)) {
throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
byte xmldsigBytes[] = new byte[48];
System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 24 - i,
i);
System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes,
48 - j, j);
return xmldsigBytes;
}
/**
* Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
*
* The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
* pairs; the XML Signature requires the core BigInteger values.
*
* @param xmldsigBytes
* @return the encoded ASN.1 bytes
*
* @throws IOException
* @see <A HREF="http://www.w3.org/TR/xmldsig-core/#dsa-sha1">6.4.1 DSA</A>
* @see <A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc4050.txt">3.3. ECDSA Signatures</A>
*/
private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[])
throws IOException {
if (xmldsigBytes.length != 48) {
throw new IOException("Invalid XMLDSIG format of ECDSA signature");
}
int i;
for (i = 24; (i > 0) && (xmldsigBytes[24 - i] == 0); i--);
int j = i;
if (xmldsigBytes[24 - i] < 0) {
j += 1;
}
int k;
for (k = 24; (k > 0) && (xmldsigBytes[48 - k] == 0); k--);
int l = k;
if (xmldsigBytes[48 - k] < 0) {
l += 1;
}
byte asn1Bytes[] = new byte[6 + j + l];
asn1Bytes[0] = 48;
asn1Bytes[1] = (byte) (4 + j + l);
asn1Bytes[2] = 2;
asn1Bytes[3] = (byte) j;
System.arraycopy(xmldsigBytes, 24 - i, asn1Bytes, (4 + j) - i, i);
asn1Bytes[4 + j] = 2;
asn1Bytes[5 + j] = (byte) l;
System.arraycopy(xmldsigBytes, 48 - k, asn1Bytes, (6 + j + l) - k, k);
return asn1Bytes;
}
/**
* Constructor SignatureRSA
*
* @throws XMLSignatureException
*/
public SignatureECDSA() throws XMLSignatureException {
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Created SignatureECDSA using " + algorithmID);
String provider=JCEMapper.getProviderId();
try {
if (provider==null) {
this._signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
this._signatureAlgorithm = Signature.getInstance(algorithmID,provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID,
ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
} catch (NoSuchProviderException ex) {
Object[] exArgs = { algorithmID,
ex.getLocalizedMessage() };
throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
}
}
/** @inheritDoc */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
try {
this._signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected boolean engineVerify(byte[] signature)
throws XMLSignatureException {
try {
byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Called ECDSA.verify() on " + Base64.encode(signature));
return this._signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
Signature sig = this._signatureAlgorithm;
try {
this._signatureAlgorithm = Signature.getInstance
(_signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
this._signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected byte[] engineSign() throws XMLSignatureException {
try {
byte jcebytes[] = this._signatureAlgorithm.sign();
return SignatureECDSA.convertASN1toXMLDSIG(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey,
secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
exArgs);
}
try {
this._signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this._signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected void engineUpdate(byte buf[], int offset, int len)
throws XMLSignatureException {
try {
this._signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
protected String engineGetJCEAlgorithmString() {
return this._signatureAlgorithm.getAlgorithm();
}
/** @inheritDoc */
protected String engineGetJCEProviderName() {
return this._signatureAlgorithm.getProvider().getName();
}
/** @inheritDoc */
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/** @inheritDoc */
protected void engineInitSign(
Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
throws XMLSignatureException {
throw new XMLSignatureException(
"algorithms.CannotUseAlgorithmParameterSpecOnRSA");
}
/**
* Class SignatureRSASHA1
*
* @author $Author: mullan $
* @version $Revision: 1.2 $
*/
public static class SignatureECDSASHA1 extends SignatureECDSA {
/**
* Constructor SignatureRSASHA1
*
* @throws XMLSignatureException
*/
public SignatureECDSASHA1() throws XMLSignatureException {
super();
}
/** @inheritDoc */
public String engineGetURI() {
return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1;
}
}
}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

518
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
View file

@ -3,7 +3,7 @@
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
* Copyright 1999-2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.c14n;
import java.io.ByteArrayInputStream;
import java.io.OutputStream;
import java.util.HashMap;
@ -37,318 +35,326 @@ import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
/**
*
*
* @author Christian Geuer-Pollmann
*/
public class Canonicalizer {
//J-
/** The output encoding of canonicalized data */
public static final String ENCODING = "UTF8";
/** The output encoding of canonicalized data */
public static final String ENCODING = "UTF8";
/**
* XPath Expresion for selecting every node and continuos comments joined in only one node
/**
* XPath Expresion for selecting every node and continuous comments joined
* in only one node
*/
public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE = "(.//. | .//@* | .//namespace::*)";
public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE =
"(.//. | .//@* | .//namespace::*)";
/**
/**
* The URL defined in XML-SEC Rec for inclusive c14n <b>without</b> comments.
*/
public static final String ALGO_ID_C14N_OMIT_COMMENTS = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
/**
* The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments.
*/
public static final String ALGO_ID_C14N_WITH_COMMENTS = ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments";
/**
* The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments.
*/
public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = "http://www.w3.org/2001/10/xml-exc-c14n#";
/**
* The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments.
*/
public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments";
public static final String ALGO_ID_C14N_OMIT_COMMENTS =
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
/**
* The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments.
*/
public static final String ALGO_ID_C14N_WITH_COMMENTS =
ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments";
/**
* The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments.
*/
public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS =
"http://www.w3.org/2001/10/xml-exc-c14n#";
/**
* The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments.
*/
public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS =
ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments";
/**
* The URI for inclusive c14n 1.1 <b>without</b> comments.
*/
public static final String ALGO_ID_C14N11_OMIT_COMMENTS =
"http://www.w3.org/2006/12/xml-c14n11";
/**
* The URI for inclusive c14n 1.1 <b>with</b> comments.
*/
public static final String ALGO_ID_C14N11_WITH_COMMENTS =
ALGO_ID_C14N11_OMIT_COMMENTS + "#WithComments";
static boolean _alreadyInitialized = false;
static Map _canonicalizerHash = null;
static boolean _alreadyInitialized = false;
static Map _canonicalizerHash = null;
protected CanonicalizerSpi canonicalizerSpi = null;
//J+
protected CanonicalizerSpi canonicalizerSpi = null;
/**
* Method init
*
*/
public static void init() {
/**
* Method init
*
*/
public static void init() {
if (!Canonicalizer._alreadyInitialized) {
Canonicalizer._canonicalizerHash = new HashMap(10);
Canonicalizer._alreadyInitialized = true;
}
}
if (!Canonicalizer._alreadyInitialized) {
Canonicalizer._canonicalizerHash = new HashMap(10);
Canonicalizer._alreadyInitialized = true;
}
}
/**
* Constructor Canonicalizer
*
* @param algorithmURI
* @throws InvalidCanonicalizerException
*/
private Canonicalizer(String algorithmURI)
/**
* Constructor Canonicalizer
*
* @param algorithmURI
* @throws InvalidCanonicalizerException
*/
private Canonicalizer(String algorithmURI)
throws InvalidCanonicalizerException {
try {
Class implementingClass = getImplementingClass(algorithmURI);
try {
Class implementingClass = getImplementingClass(algorithmURI);
this.canonicalizerSpi =
(CanonicalizerSpi) implementingClass.newInstance();
this.canonicalizerSpi.reset=true;
} catch (Exception e) {
Object exArgs[] = { algorithmURI };
this.canonicalizerSpi =
(CanonicalizerSpi) implementingClass.newInstance();
this.canonicalizerSpi.reset=true;
} catch (Exception e) {
Object exArgs[] = { algorithmURI };
throw new InvalidCanonicalizerException(
"signature.Canonicalizer.UnknownCanonicalizer", exArgs);
}
}
throw new InvalidCanonicalizerException(
"signature.Canonicalizer.UnknownCanonicalizer", exArgs);
}
}
/**
* Method getInstance
*
* @param algorithmURI
* @return a Conicicalizer instance ready for the job
* @throws InvalidCanonicalizerException
*/
public static final Canonicalizer getInstance(String algorithmURI)
/**
* Method getInstance
*
* @param algorithmURI
* @return a Conicicalizer instance ready for the job
* @throws InvalidCanonicalizerException
*/
public static final Canonicalizer getInstance(String algorithmURI)
throws InvalidCanonicalizerException {
Canonicalizer c14nizer = new Canonicalizer(algorithmURI);
Canonicalizer c14nizer = new Canonicalizer(algorithmURI);
return c14nizer;
}
return c14nizer;
}
/**
* Method register
*
* @param algorithmURI
* @param implementingClass
* @throws AlgorithmAlreadyRegisteredException
*/
public static void register(String algorithmURI, String implementingClass)
/**
* Method register
*
* @param algorithmURI
* @param implementingClass
* @throws AlgorithmAlreadyRegisteredException
*/
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException {
// check whether URI is already registered
Class registeredClass = getImplementingClass(algorithmURI);
// check whether URI is already registered
Class registeredClass = getImplementingClass(algorithmURI);
if (registeredClass != null) {
Object exArgs[] = { algorithmURI, registeredClass };
if (registeredClass != null) {
Object exArgs[] = { algorithmURI, registeredClass };
throw new AlgorithmAlreadyRegisteredException(
"algorithm.alreadyRegistered", exArgs);
}
try {
_canonicalizerHash.put(algorithmURI, Class.forName(implementingClass));
} catch (ClassNotFoundException e) {
throw new RuntimeException("c14n class not found");
throw new AlgorithmAlreadyRegisteredException(
"algorithm.alreadyRegistered", exArgs);
}
}
/**
* Method getURI
*
* @return the URI defined for this c14n instance.
*/
public final String getURI() {
return this.canonicalizerSpi.engineGetURI();
}
try {
_canonicalizerHash.put(algorithmURI, Class.forName(implementingClass));
} catch (ClassNotFoundException e) {
throw new RuntimeException("c14n class not found");
}
}
/**
* Method getIncludeComments
*
* @return true if the c14n respect the comments.
*/
public boolean getIncludeComments() {
return this.canonicalizerSpi.engineGetIncludeComments();
}
/**
* Method getURI
*
* @return the URI defined for this c14n instance.
*/
public final String getURI() {
return this.canonicalizerSpi.engineGetURI();
}
/**
* This method tries to canonicalize the given bytes. It's possible to even
* canonicalize non-wellformed sequences if they are well-formed after being
* wrapped with a <CODE>&gt;a&lt;...&gt;/a&lt;</CODE>.
*
* @param inputBytes
* @return the result of the conicalization.
* @throws CanonicalizationException
* @throws java.io.IOException
* @throws javax.xml.parsers.ParserConfigurationException
* @throws org.xml.sax.SAXException
*/
public byte[] canonicalize(byte[] inputBytes)
/**
* Method getIncludeComments
*
* @return true if the c14n respect the comments.
*/
public boolean getIncludeComments() {
return this.canonicalizerSpi.engineGetIncludeComments();
}
/**
* This method tries to canonicalize the given bytes. It's possible to even
* canonicalize non-wellformed sequences if they are well-formed after being
* wrapped with a <CODE>&gt;a&lt;...&gt;/a&lt;</CODE>.
*
* @param inputBytes
* @return the result of the conicalization.
* @throws CanonicalizationException
* @throws java.io.IOException
* @throws javax.xml.parsers.ParserConfigurationException
* @throws org.xml.sax.SAXException
*/
public byte[] canonicalize(byte[] inputBytes)
throws javax.xml.parsers.ParserConfigurationException,
java.io.IOException, org.xml.sax.SAXException,
CanonicalizationException {
ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes);
InputSource in = new InputSource(bais);
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes);
InputSource in = new InputSource(bais);
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setNamespaceAware(true);
dfactory.setNamespaceAware(true);
// needs to validate for ID attribute nomalization
dfactory.setValidating(true);
// needs to validate for ID attribute nomalization
dfactory.setValidating(true);
DocumentBuilder db = dfactory.newDocumentBuilder();
DocumentBuilder db = dfactory.newDocumentBuilder();
/*
* for some of the test vectors from the specification,
* there has to be a validatin parser for ID attributes, default
* attribute values, NMTOKENS, etc.
* Unfortunaltely, the test vectors do use different DTDs or
* even no DTD. So Xerces 1.3.1 fires many warnings about using
* ErrorHandlers.
*
* Text from the spec:
*
* The input octet stream MUST contain a well-formed XML document,
* but the input need not be validated. However, the attribute
* value normalization and entity reference resolution MUST be
* performed in accordance with the behaviors of a validating
* XML processor. As well, nodes for default attributes (declared
* in the ATTLIST with an AttValue but not specified) are created
* in each element. Thus, the declarations in the document type
* declaration are used to help create the canonical form, even
* though the document type declaration is not retained in the
* canonical form.
*
*/
db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils
.IgnoreAllErrorHandler());
/*
* for some of the test vectors from the specification,
* there has to be a validatin parser for ID attributes, default
* attribute values, NMTOKENS, etc.
* Unfortunaltely, the test vectors do use different DTDs or
* even no DTD. So Xerces 1.3.1 fires many warnings about using
* ErrorHandlers.
*
* Text from the spec:
*
* The input octet stream MUST contain a well-formed XML document,
* but the input need not be validated. However, the attribute
* value normalization and entity reference resolution MUST be
* performed in accordance with the behaviors of a validating
* XML processor. As well, nodes for default attributes (declared
* in the ATTLIST with an AttValue but not specified) are created
* in each element. Thus, the declarations in the document type
* declaration are used to help create the canonical form, even
* though the document type declaration is not retained in the
* canonical form.
*
*/
db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils
.IgnoreAllErrorHandler());
Document document = db.parse(in);
byte result[] = this.canonicalizeSubtree(document);
Document document = db.parse(in);
byte result[] = this.canonicalizeSubtree(document);
return result;
}
return result;
}
/**
* Canonicalizes the subtree rooted by <CODE>node</CODE>.
*
* @param node The node to canicalize
* @return the result of the c14n.
*
* @throws CanonicalizationException
*/
public byte[] canonicalizeSubtree(Node node)
/**
* Canonicalizes the subtree rooted by <CODE>node</CODE>.
*
* @param node The node to canicalize
* @return the result of the c14n.
*
* @throws CanonicalizationException
*/
public byte[] canonicalizeSubtree(Node node)
throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeSubTree(node);
}
return this.canonicalizerSpi.engineCanonicalizeSubTree(node);
}
/**
* Canonicalizes the subtree rooted by <CODE>node</CODE>.
*
* @param node
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces)
/**
* Canonicalizes the subtree rooted by <CODE>node</CODE>.
*
* @param node
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces)
throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeSubTree(node,
return this.canonicalizerSpi.engineCanonicalizeSubTree(node,
inclusiveNamespaces);
}
}
/**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* as a list of XPath nodes, not as a list of subtrees.
*
* @param xpathNodeSet
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet)
/**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* as a list of XPath nodes, not as a list of subtrees.
*
* @param xpathNodeSet
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet)
throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
}
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
}
/**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* as a list of XPath nodes, not as a list of subtrees.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(
/**
* Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
* as a list of XPath nodes, not as a list of subtrees.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(
NodeList xpathNodeSet, String inclusiveNamespaces)
throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
inclusiveNamespaces);
}
}
/**
* Canonicalizes an XPath node set.
*
* @param xpathNodeSet
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet)
/**
* Canonicalizes an XPath node set.
*
* @param xpathNodeSet
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet)
throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
}
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
}
/**
* Canonicalizes an XPath node set.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(
Set xpathNodeSet, String inclusiveNamespaces)
throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
inclusiveNamespaces);
}
/**
* Canonicalizes an XPath node set.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return the result of the c14n.
* @throws CanonicalizationException
*/
public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet,
String inclusiveNamespaces) throws CanonicalizationException {
return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
inclusiveNamespaces);
}
/**
* Sets the writter where the cannocalization ends. ByteArrayOutputStream if
* none is setted.
* @param os
*/
public void setWriter(OutputStream os) {
this.canonicalizerSpi.setWriter(os);
}
/**
* Sets the writer where the canonicalization ends. ByteArrayOutputStream
* if none is set.
* @param os
*/
public void setWriter(OutputStream os) {
this.canonicalizerSpi.setWriter(os);
}
/**
* Returns the name of the implementing {@link CanonicalizerSpi} class
*
* @return the name of the implementing {@link CanonicalizerSpi} class
*/
public String getImplementingCanonicalizerClass() {
return this.canonicalizerSpi.getClass().getName();
}
/**
* Returns the name of the implementing {@link CanonicalizerSpi} class
*
* @return the name of the implementing {@link CanonicalizerSpi} class
*/
public String getImplementingCanonicalizerClass() {
return this.canonicalizerSpi.getClass().getName();
}
/**
* Method getImplementingClass
*
* @param URI
* @return the name of the class that implements the give URI
*/
private static Class getImplementingClass(String URI) {
return (Class) _canonicalizerHash.get(URI);
}
/**
* Method getImplementingClass
*
* @param URI
* @return the name of the class that implements the given URI
*/
private static Class getImplementingClass(String URI) {
return (Class) _canonicalizerHash.get(URI);
}
/**
* Set the canonicalizator behaviour to not reset.
*
*/
public void notReset() {
this.canonicalizerSpi.reset=false;
}
/**
* Set the canonicalizer behaviour to not reset.
*/
public void notReset() {
this.canonicalizerSpi.reset = false;
}
}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

152
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -21,17 +20,17 @@
*/
package com.sun.org.apache.xml.internal.security.c14n.helper;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import org.w3c.dom.Attr;
import java.io.Serializable;
import java.util.Comparator;
/**
* Compares two attributes based on the C14n specification.
*
* <UL>
* <LI>Namespace nodes have a lesser document order position than attribute nodes.
* <LI>Namespace nodes have a lesser document order position than attribute
* nodes.
* <LI> An element's namespace nodes are sorted lexicographically by
* local name (the default namespace node, if one exists, has no
* local name and is therefore lexicographically least).
@ -40,104 +39,89 @@ import org.w3c.dom.Attr;
* key (an empty namespace URI is lexicographically least).
* </UL>
*
* $todo$ Should we implement java.util.Comparator and import java.util.Arrays to use Arrays.sort(intarray);
* @author Christian Geuer-Pollmann
*/
public class AttrCompare implements java.util.Comparator {
public class AttrCompare implements Comparator, Serializable {
private final int ATTR0_BEFORE_ATTR1 = -1;
private final int ATTR1_BEFORE_ATTR0 = 1;
private final static long serialVersionUID = -7113259629930576230L;
private final static int ATTR0_BEFORE_ATTR1 = -1;
private final static int ATTR1_BEFORE_ATTR0 = 1;
private final static String XMLNS=Constants.NamespaceSpecNS;
private final static String XMLNS=Constants.NamespaceSpecNS;
/**
* Compares two attributes based on the C14n specification.
*
* <UL>
* <LI>Namespace nodes have a lesser document order position than attribute nodes.
* <LI> An element's namespace nodes are sorted lexicographically by
* local name (the default namespace node, if one exists, has no
* local name and is therefore lexicographically least).
* <LI> An element's attribute nodes are sorted lexicographically with
* namespace URI as the primary key and local name as the secondary
* key (an empty namespace URI is lexicographically least).
* </UL>
*
* @param obj0 casted Attr
* @param obj1 casted Attr
* @return returns a negative integer, zero, or a positive integer as obj0 is less than, equal to, or greater than obj1
*
*/
public int compare(Object obj0, Object obj1) {
/**
* Compares two attributes based on the C14n specification.
*
* <UL>
* <LI>Namespace nodes have a lesser document order position than
* attribute nodes.
* <LI> An element's namespace nodes are sorted lexicographically by
* local name (the default namespace node, if one exists, has no
* local name and is therefore lexicographically least).
* <LI> An element's attribute nodes are sorted lexicographically with
* namespace URI as the primary key and local name as the secondary
* key (an empty namespace URI is lexicographically least).
* </UL>
*
* @param obj0 casted Attr
* @param obj1 casted Attr
* @return returns a negative integer, zero, or a positive integer as
* obj0 is less than, equal to, or greater than obj1
*
*/
public int compare(Object obj0, Object obj1) {
Attr attr0 = (Attr) obj0;
Attr attr1 = (Attr) obj1;
String namespaceURI0 = attr0.getNamespaceURI();
String namespaceURI1 = attr1.getNamespaceURI();
Attr attr0 = (Attr) obj0;
Attr attr1 = (Attr) obj1;
String namespaceURI0 = attr0.getNamespaceURI();
String namespaceURI1 = attr1.getNamespaceURI();
boolean isNamespaceAttr0 =
XMLNS.equals(namespaceURI0);
boolean isNamespaceAttr1 =
XMLNS.equals(namespaceURI1);
boolean isNamespaceAttr0 = XMLNS==namespaceURI0;
boolean isNamespaceAttr1 = XMLNS==namespaceURI1;
if (isNamespaceAttr0) {
if (isNamespaceAttr1) {
if (isNamespaceAttr0) {
if (isNamespaceAttr1) {
// both are namespaces
String localname0 = attr0.getLocalName();
String localname1 = attr1.getLocalName();
// both are namespaces
String localname0 = attr0.getLocalName();
String localname1 = attr1.getLocalName();
if (localname0.equals("xmlns")) {
localname0 = "";
}
if (localname0.equals("xmlns")) {
localname0 = "";
if (localname1.equals("xmlns")) {
localname1 = "";
}
return localname0.compareTo(localname1);
}
// attr0 is a namespace, attr1 is not
return ATTR0_BEFORE_ATTR1;
}
if (localname1.equals("xmlns")) {
localname1 = "";
}
return localname0.compareTo(localname1);
}
// attr0 is a namespace, attr1 is not
return ATTR0_BEFORE_ATTR1;
}
if (isNamespaceAttr1) {
if (isNamespaceAttr1) {
// attr1 is a namespace, attr0 is not
return ATTR1_BEFORE_ATTR0;
}
// none is a namespae
if (namespaceURI0 == null) {
if (namespaceURI1 == null) {
/*
String localName0 = attr0.getLocalName();
String localName1 = attr1.getLocalName();
return localName0.compareTo(localName1);
*/
}
// none is a namespace
if (namespaceURI0 == null) {
if (namespaceURI1 == null) {
String name0 = attr0.getName();
String name1 = attr1.getName();
return name0.compareTo(name1);
}
return ATTR0_BEFORE_ATTR1;
}
return ATTR0_BEFORE_ATTR1;
}
if (namespaceURI1 == null) {
return ATTR1_BEFORE_ATTR0;
}
int a = namespaceURI0.compareTo(namespaceURI1);
if (namespaceURI1 == null) {
return ATTR1_BEFORE_ATTR0;
}
if (a != 0) {
return a;
}
/*
String localName0 = ;
String localName1 =;*/
return (attr0.getLocalName())
.compareTo( attr1.getLocalName());
}
int a = namespaceURI0.compareTo(namespaceURI1);
if (a != 0) {
return a;
}
return (attr0.getLocalName()).compareTo(attr1.getLocalName());
}
}

684
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java Normal file
View file

@ -0,0 +1,684 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import java.util.logging.Logger;
import java.util.logging.Logger;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
/**
* Implements <A HREF="http://www.w3.org/TR/2008/PR-xml-c14n11-20080129/">
* Canonical XML Version 1.1</A>, a W3C Proposed Recommendation from 29
* January 2008.
*
* @author Sean Mullan
* @author Raul Benito
* @version $Revision: 1.2 $
*/
public abstract class Canonicalizer11 extends CanonicalizerBase {
boolean firstCall = true;
final SortedSet result = new TreeSet(COMPARE);
static final String XMLNS_URI = Constants.NamespaceSpecNS;
static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
static Logger log = Logger.getLogger(Canonicalizer11.class.getName());
static class XmlAttrStack {
int currentLevel = 0;
int lastlevel = 0;
XmlsStackElement cur;
static class XmlsStackElement {
int level;
boolean rendered = false;
List nodes = new ArrayList();
};
List levels = new ArrayList();
void push(int level) {
currentLevel = level;
if (currentLevel == -1)
return;
cur = null;
while (lastlevel >= currentLevel) {
levels.remove(levels.size() - 1);
if (levels.size() == 0) {
lastlevel = 0;
return;
}
lastlevel=((XmlsStackElement)levels.get(levels.size()-1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
levels.add(cur);
lastlevel = currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection col) {
if (cur == null) {
cur = new XmlsStackElement();
cur.level = currentLevel;
lastlevel = currentLevel;
levels.add(cur);
}
int size = levels.size() - 2;
boolean parentRendered = false;
XmlsStackElement e = null;
if (size == -1) {
parentRendered = true;
} else {
e = (XmlsStackElement) levels.get(size);
if (e.rendered && e.level+1 == currentLevel)
parentRendered = true;
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered = true;
return;
}
Map loa = new HashMap();
List baseAttrs = new ArrayList();
boolean successiveOmitted = true;
for (;size>=0;size--) {
e = (XmlsStackElement) levels.get(size);
if (e.rendered) {
successiveOmitted = false;
}
Iterator it = e.nodes.iterator();
while (it.hasNext() && successiveOmitted) {
Attr n = (Attr) it.next();
if (n.getLocalName().equals("base")) {
if (!e.rendered) {
baseAttrs.add(n);
}
} else if (!loa.containsKey(n.getName()))
loa.put(n.getName(), n);
}
}
if (!baseAttrs.isEmpty()) {
Iterator it = cur.nodes.iterator();
String base = null;
Attr baseAttr = null;
while (it.hasNext()) {
Attr n = (Attr) it.next();
if (n.getLocalName().equals("base")) {
base = n.getValue();
baseAttr = n;
break;
}
}
it = baseAttrs.iterator();
while (it.hasNext()) {
Attr n = (Attr) it.next();
if (base == null) {
base = n.getValue();
baseAttr = n;
} else {
try {
base = joinURI(n.getValue(), base);
} catch (URISyntaxException ue) {
ue.printStackTrace();
}
}
}
if (base != null && base.length() != 0) {
baseAttr.setValue(base);
col.add(baseAttr);
}
}
cur.rendered = true;
col.addAll(loa.values());
}
};
XmlAttrStack xmlattrStack = new XmlAttrStack();
/**
* Constructor Canonicalizer11
*
* @param includeComments
*/
public Canonicalizer11(boolean includeComments) {
super(includeComments);
}
/**
* Returns the Attr[]s to be outputted for the given element.
* <br>
* The code of this method is a copy of {@link #handleAttributes(Element,
* NameSpaceSymbTable)},
* whereas it takes into account that subtree-c14n is -- well --
* subtree-based.
* So if the element in question isRoot of c14n, it's parent is not in the
* node set, as well as all other ancestors.
*
* @param E
* @param ns
* @return the Attr[]s to be outputted
* @throws CanonicalizationException
*/
Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns)
throws CanonicalizationException {
if (!E.hasAttributes() && !firstCall) {
return null;
}
// result will contain the attrs which have to be outputted
final SortedSet result = this.result;
result.clear();
NamedNodeMap attrs = E.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NUri = N.getNamespaceURI();
if (XMLNS_URI != NUri) {
// It's not a namespace attr node. Add to the result and
// continue.
result.add(N);
continue;
}
String NName = N.getLocalName();
String NValue = N.getValue();
if (XML.equals(NName)
&& XML_LANG_URI.equals(NValue)) {
// The default mapping for xml must not be output.
continue;
}
Node n = ns.addMappingAndRender(NName, NValue, N);
if (n != null) {
// Render the ns definition
result.add(n);
if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] = {E.getTagName(), NName, N.getNodeValue()};
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs);
}
}
}
if (firstCall) {
// It is the first node of the subtree
// Obtain all the namespaces defined in the parents, and added
// to the output.
ns.getUnrenderedNodes(result);
// output the attributes in the xml namespace.
xmlattrStack.getXmlnsAttr(result);
firstCall = false;
}
return result.iterator();
}
/**
* Returns the Attr[]s to be outputted for the given element.
* <br>
* IMPORTANT: This method expects to work on a modified DOM tree, i.e. a
* DOM which has been prepared using
* {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650(
* org.w3c.dom.Document)}.
*
* @param E
* @param ns
* @return the Attr[]s to be outputted
* @throws CanonicalizationException
*/
Iterator handleAttributes(Element E, NameSpaceSymbTable ns)
throws CanonicalizationException {
// result will contain the attrs which have to be output
xmlattrStack.push(ns.getLevel());
boolean isRealVisible = isVisibleDO(E, ns.getLevel()) == 1;
NamedNodeMap attrs = null;
int attrsLength = 0;
if (E.hasAttributes()) {
attrs = E.getAttributes();
attrsLength = attrs.getLength();
}
SortedSet result = this.result;
result.clear();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NUri = N.getNamespaceURI();
if (XMLNS_URI != NUri) {
// A non namespace definition node.
if (XML_LANG_URI == NUri) {
if (N.getLocalName().equals("id")) {
if (isRealVisible) {
// treat xml:id like any other attribute
// (emit it, but don't inherit it)
result.add(N);
}
} else {
xmlattrStack.addXmlnsAttr(N);
}
} else if (isRealVisible) {
// The node is visible add the attribute to the list of
// output attributes.
result.add(N);
}
// keep working
continue;
}
String NName = N.getLocalName();
String NValue = N.getValue();
if ("xml".equals(NName)
&& XML_LANG_URI.equals(NValue)) {
/* except omit namespace node with local name xml, which defines
* the xml prefix, if its string value is
* http://www.w3.org/XML/1998/namespace.
*/
continue;
}
// add the prefix binding to the ns symb table.
// ns.addInclusiveMapping(NName,NValue,N,isRealVisible);
if (isVisible(N)) {
if (!isRealVisible && ns.removeMappingIfRender(NName)) {
continue;
}
// The xpath select this node output it if needed.
// Node n = ns.addMappingAndRenderXNodeSet
// (NName, NValue, N, isRealVisible);
Node n = ns.addMappingAndRender(NName, NValue, N);
if (n != null) {
result.add(n);
if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] =
{ E.getTagName(), NName, N.getNodeValue() };
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs);
}
}
} else {
if (isRealVisible && NName != XMLNS) {
ns.removeMapping(NName);
} else {
ns.addMapping(NName, NValue, N);
}
}
}
if (isRealVisible) {
// The element is visible, handle the xmlns definition
Attr xmlns = E.getAttributeNodeNS(XMLNS_URI, XMLNS);
Node n = null;
if (xmlns == null) {
// No xmlns def just get the already defined.
n = ns.getMapping(XMLNS);
} else if (!isVisible(xmlns)) {
// There is a defn but the xmlns is not selected by the xpath.
// then xmlns=""
n = ns.addMappingAndRender(XMLNS, "", nullNode);
}
// output the xmlns def if needed.
if (n != null) {
result.add(n);
}
// Float all xml:* attributes of the unselected parent elements to
// this one. addXmlAttributes(E,result);
xmlattrStack.getXmlnsAttr(result);
ns.getUnrenderedNodes(result);
}
return result.iterator();
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param xpathNodeSet
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException always
*/
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet,
String inclusiveNamespaces) throws CanonicalizationException {
throw new CanonicalizationException(
"c14n.Canonicalizer.UnsupportedOperation");
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
* @param rootNode
* @param inclusiveNamespaces
* @return none it always fails
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeSubTree(Node rootNode,
String inclusiveNamespaces) throws CanonicalizationException {
throw new CanonicalizationException(
"c14n.Canonicalizer.UnsupportedOperation");
}
void circumventBugIfNeeded(XMLSignatureInput input)
throws CanonicalizationException, ParserConfigurationException,
IOException, SAXException {
if (!input.isNeedsToBeExpanded())
return;
Document doc = null;
if (input.getSubNode() != null) {
doc = XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc = XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
void handleParent(Element e, NameSpaceSymbTable ns) {
if (!e.hasAttributes()) {
return;
}
xmlattrStack.push(-1);
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (Constants.NamespaceSpecNS != N.getNamespaceURI()) {
// Not a namespace definition, ignore.
if (XML_LANG_URI == N.getNamespaceURI()) {
xmlattrStack.addXmlnsAttr(N);
}
continue;
}
String NName = N.getLocalName();
String NValue = N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
private static String joinURI(String baseURI, String relativeURI)
throws URISyntaxException {
String bscheme = null;
String bauthority = null;
String bpath = "";
String bquery = null;
String bfragment = null; // Is this correct?
// pre-parse the baseURI
if (baseURI != null) {
if (baseURI.endsWith("..")) {
baseURI = baseURI + "/";
}
URI base = new URI(baseURI);
bscheme = base.getScheme();
bauthority = base.getAuthority();
bpath = base.getPath();
bquery = base.getQuery();
bfragment = base.getFragment();
}
URI r = new URI(relativeURI);
String rscheme = r.getScheme();
String rauthority = r.getAuthority();
String rpath = r.getPath();
String rquery = r.getQuery();
String rfragment = null;
String tscheme, tauthority, tpath, tquery, tfragment;
if (rscheme != null && rscheme.equals(bscheme)) {
rscheme = null;
}
if (rscheme != null) {
tscheme = rscheme;
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rauthority != null) {
tauthority = rauthority;
tpath = removeDotSegments(rpath);
tquery = rquery;
} else {
if (rpath.length() == 0) {
tpath = bpath;
if (rquery != null) {
tquery = rquery;
} else {
tquery = bquery;
}
} else {
if (rpath.startsWith("/")) {
tpath = removeDotSegments(rpath);
} else {
if (bauthority != null && bpath.length() == 0) {
tpath = "/" + rpath;
} else {
int last = bpath.lastIndexOf('/');
if (last == -1) {
tpath = rpath;
} else {
tpath = bpath.substring(0, last+1) + rpath;
}
}
tpath = removeDotSegments(tpath);
}
tquery = rquery;
}
tauthority = bauthority;
}
tscheme = bscheme;
}
tfragment = rfragment;
return new URI(tscheme, tauthority, tpath, tquery, tfragment).toString();
}
private static String removeDotSegments(String path) {
log.log(java.util.logging.Level.FINE, "STEP OUTPUT BUFFER\t\tINPUT BUFFER");
// 1. The input buffer is initialized with the now-appended path
// components then replace occurrences of "//" in the input buffer
// with "/" until no more occurrences of "//" are in the input buffer.
String input = path;
while (input.indexOf("//") > -1) {
input = input.replaceAll("//", "/");
}
// Initialize the output buffer with the empty string.
StringBuffer output = new StringBuffer();
// If the input buffer starts with a root slash "/" then move this
// character to the output buffer.
if (input.charAt(0) == '/') {
output.append("/");
input = input.substring(1);
}
printStep("1 ", output.toString(), input);
// While the input buffer is not empty, loop as follows
while (input.length() != 0) {
// 2A. If the input buffer begins with a prefix of "./",
// then remove that prefix from the input buffer
// else if the input buffer begins with a prefix of "../", then
// if also the output does not contain the root slash "/" only,
// then move this prefix to the end of the output buffer else
// remove that prefix
if (input.startsWith("./")) {
input = input.substring(2);
printStep("2A", output.toString(), input);
} else if (input.startsWith("../")) {
input = input.substring(3);
if (!output.toString().equals("/")) {
output.append("../");
}
printStep("2A", output.toString(), input);
// 2B. if the input buffer begins with a prefix of "/./" or "/.",
// where "." is a complete path segment, then replace that prefix
// with "/" in the input buffer; otherwise,
} else if (input.startsWith("/./")) {
input = input.substring(2);
printStep("2B", output.toString(), input);
} else if (input.equals("/.")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/.", "/");
printStep("2B", output.toString(), input);
// 2C. if the input buffer begins with a prefix of "/../" or "/..",
// where ".." is a complete path segment, then replace that prefix
// with "/" in the input buffer and if also the output buffer is
// empty, last segment in the output buffer equals "../" or "..",
// where ".." is a complete path segment, then append ".." or "/.."
// for the latter case respectively to the output buffer else
// remove the last segment and its preceding "/" (if any) from the
// output buffer and if hereby the first character in the output
// buffer was removed and it was not the root slash then delete a
// leading slash from the input buffer; otherwise,
} else if (input.startsWith("/../")) {
input = input.substring(3);
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuffer();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
} else if (input.equals("/..")) {
// FIXME: what is complete path segment?
input = input.replaceFirst("/..", "/");
if (output.length() == 0) {
output.append("/");
} else if (output.toString().endsWith("../")) {
output.append("..");
} else if (output.toString().endsWith("..")) {
output.append("/..");
} else {
int index = output.lastIndexOf("/");
if (index == -1) {
output = new StringBuffer();
if (input.charAt(0) == '/') {
input = input.substring(1);
}
} else {
output = output.delete(index, output.length());
}
}
printStep("2C", output.toString(), input);
// 2D. if the input buffer consists only of ".", then remove
// that from the input buffer else if the input buffer consists
// only of ".." and if the output buffer does not contain only
// the root slash "/", then move the ".." to the output buffer
// else delte it.; otherwise,
} else if (input.equals(".")) {
input = "";
printStep("2D", output.toString(), input);
} else if (input.equals("..")) {
if (!output.toString().equals("/"))
output.append("..");
input = "";
printStep("2D", output.toString(), input);
// 2E. move the first path segment (if any) in the input buffer
// to the end of the output buffer, including the initial "/"
// character (if any) and any subsequent characters up to, but not
// including, the next "/" character or the end of the input buffer.
} else {
int end = -1;
int begin = input.indexOf('/');
if (begin == 0) {
end = input.indexOf('/', 1);
} else {
end = begin;
begin = 0;
}
String segment;
if (end == -1) {
segment = input.substring(begin);
input = "";
} else {
segment = input.substring(begin, end);
input = input.substring(end);
}
output.append(segment);
printStep("2E", output.toString(), input);
}
}
// 3. Finally, if the only or last segment of the output buffer is
// "..", where ".." is a complete path segment not followed by a slash
// then append a slash "/". The output buffer is returned as the result
// of remove_dot_segments
if (output.toString().endsWith("..")) {
output.append("/");
printStep("3 ", output.toString(), input);
}
return output.toString();
}
private static void printStep(String step, String output, String input) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, " " + step + ": " + output);
if (output.length() == 0) {
log.log(java.util.logging.Level.FINE, "\t\t\t\t" + input);
} else {
log.log(java.util.logging.Level.FINE, "\t\t\t" + input);
}
}
}
}

41
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java Normal file
View file

@ -0,0 +1,41 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Sean Mullan
*/
public class Canonicalizer11_OmitComments extends Canonicalizer11 {
public Canonicalizer11_OmitComments() {
super(false);
}
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS;
}
public final boolean engineGetIncludeComments() {
return false;
}
}

41
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java Normal file
View file

@ -0,0 +1,41 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* @author Sean Mullan
*/
public class Canonicalizer11_WithComments extends Canonicalizer11 {
public Canonicalizer11_WithComments() {
super(true);
}
public final String engineGetURI() {
return Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS;
}
public final boolean engineGetIncludeComments() {
return true;
}
}

300
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -23,20 +22,30 @@ package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/**
@ -44,13 +53,92 @@ import org.w3c.dom.Node;
* XML Version 1.0</A>, a W3C Recommendation from 15 March 2001.
*
* @author Christian Geuer-Pollmann <geuerp@apache.org>
* @version $Revision: 1.5 $
*/
public abstract class Canonicalizer20010315 extends CanonicalizerBase {
boolean firstCall=true;
final SortedSet result= new TreeSet(COMPARE);
static final String XMLNS_URI=Constants.NamespaceSpecNS;
static final String XML_LANG_URI=Constants.XML_LANG_SPACE_SpecNS;
/**
static class XmlAttrStack {
int currentLevel=0;
int lastlevel=0;
XmlsStackElement cur;
static class XmlsStackElement {
int level;
boolean rendered=false;
List nodes=new ArrayList();
};
List levels=new ArrayList();
void push(int level) {
currentLevel=level;
if (currentLevel==-1)
return;
cur=null;
while (lastlevel>=currentLevel) {
levels.remove(levels.size()-1);
if (levels.size()==0) {
lastlevel=0;
return;
}
lastlevel=((XmlsStackElement)levels.get(levels.size()-1)).level;
}
}
void addXmlnsAttr(Attr n) {
if (cur==null) {
cur=new XmlsStackElement();
cur.level=currentLevel;
levels.add(cur);
lastlevel=currentLevel;
}
cur.nodes.add(n);
}
void getXmlnsAttr(Collection col) {
int size=levels.size()-1;
if (cur==null) {
cur=new XmlsStackElement();
cur.level=currentLevel;
lastlevel=currentLevel;
levels.add(cur);
}
boolean parentRendered=false;
XmlsStackElement e=null;
if (size==-1) {
parentRendered=true;
} else {
e=(XmlsStackElement)levels.get(size);
if (e.rendered && e.level+1==currentLevel)
parentRendered=true;
}
if (parentRendered) {
col.addAll(cur.nodes);
cur.rendered=true;
return;
}
Map loa = new HashMap();
for (;size>=0;size--) {
e=(XmlsStackElement)levels.get(size);
Iterator it=e.nodes.iterator();
while (it.hasNext()) {
Attr n=(Attr)it.next();
if (!loa.containsKey(n.getName()))
loa.put(n.getName(),n);
}
//if (e.rendered)
//break;
};
//cur.nodes.clear();
//cur.nodes.addAll(loa.values());
cur.rendered=true;
col.addAll(loa.values());
}
}
XmlAttrStack xmlattrStack=new XmlAttrStack();
/**
* Constructor Canonicalizer20010315
*
* @param includeComments
@ -86,16 +174,16 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NValue=N.getValue();
String NUri =N.getNamespaceURI();
if (!XMLNS_URI.equals(NUri)) {
if (XMLNS_URI!=NUri) {
//It's not a namespace attr node. Add to the result and continue.
result.add(N);
continue;
}
String NName=N.getLocalName();
String NValue=N.getValue();
if (XML.equals(NName)
&& XML_LANG_URI.equals(NValue)) {
//The default mapping for xml must not be output.
@ -120,64 +208,13 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
//Obtain all the namespaces defined in the parents, and added to the output.
ns.getUnrenderedNodes(result);
//output the attributes in the xml namespace.
addXmlAttributesSubtree(E, result);
firstCall=false;
xmlattrStack.getXmlnsAttr(result);
firstCall=false;
}
return result.iterator();
}
/**
* Float the xml:* attributes of the parent nodes to the root node of c14n
* @param E the root node.
* @param result the xml:* attributes to output.
*/
private void addXmlAttributesSubtree(Element E, SortedSet result) {
// E is in the node-set
Node parent = E.getParentNode();
Map loa = new HashMap();
if ((parent != null) && (parent.getNodeType() == Node.ELEMENT_NODE)) {
// parent element is not in node set
for (Node ancestor = parent;
(ancestor != null)
&& (ancestor.getNodeType() == Node.ELEMENT_NODE);
ancestor = ancestor.getParentNode()) {
Element el=((Element) ancestor);
if (!el.hasAttributes()) {
continue;
}
// for all ancestor elements
NamedNodeMap ancestorAttrs = el.getAttributes();
for (int i = 0; i < ancestorAttrs.getLength(); i++) {
// for all attributes in the ancestor element
Attr currentAncestorAttr = (Attr) ancestorAttrs.item(i);
if (XML_LANG_URI.equals(
currentAncestorAttr.getNamespaceURI())) {
// do we have an xml:* ?
if (!E.hasAttributeNS(
XML_LANG_URI,
currentAncestorAttr.getLocalName())) {
// the xml:* attr is not in E
if (!loa.containsKey(currentAncestorAttr.getName())) {
loa.put(currentAncestorAttr.getName(),
currentAncestorAttr);
}
}
}
}
}
}
result.addAll( loa.values());
}
/**
* Returns the Attr[]s to be outputted for the given element.
* <br>
@ -192,7 +229,8 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
*/
Iterator handleAttributes(Element E, NameSpaceSymbTable ns ) throws CanonicalizationException {
// result will contain the attrs which have to be outputted
boolean isRealVisible=isVisible(E);
xmlattrStack.push(ns.getLevel());
boolean isRealVisible=isVisibleDO(E,ns.getLevel())==1;
NamedNodeMap attrs = null;
int attrsLength = 0;
if (E.hasAttributes()) {
@ -204,16 +242,15 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
SortedSet result = this.result;
result.clear();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NValue=N.getValue();
String NUri =N.getNamespaceURI();
if (!XMLNS_URI.equals(NUri)) {
if (XMLNS_URI!=NUri) {
//A non namespace definition node.
if (isRealVisible){
if (XML_LANG_URI==NUri) {
xmlattrStack.addXmlnsAttr(N);
} else if (isRealVisible){
//The node is visible add the attribute to the list of output attributes.
result.add(N);
}
@ -221,7 +258,8 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
continue;
}
String NName=N.getLocalName();
String NValue=N.getValue();
if ("xml".equals(NName)
&& XML_LANG_URI.equals(NValue)) {
/* except omit namespace node with local name xml, which defines
@ -232,16 +270,26 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
//add the prefix binding to the ns symb table.
//ns.addInclusiveMapping(NName,NValue,N,isRealVisible);
if (isVisible(N)) {
//The xpath select this node output it if needed.
Node n=ns.addMappingAndRenderXNodeSet(NName,NValue,N,isRealVisible);
if (n!=null) {
if (!isRealVisible && ns.removeMappingIfRender(NName)) {
continue;
}
//The xpath select this node output it if needed.
//Node n=ns.addMappingAndRenderXNodeSet(NName,NValue,N,isRealVisible);
Node n=ns.addMappingAndRender(NName,NValue,N);
if (n!=null) {
result.add(n);
if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] = { E.getTagName(), NName, N.getNodeValue() };
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs);
}
}
}
}
} else {
if (isRealVisible && NName!=XMLNS) {
ns.removeMapping(NName);
} else {
ns.addMapping(NName,NValue,N);
}
}
}
if (isRealVisible) {
@ -254,84 +302,21 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
} else if ( !isVisible(xmlns)) {
//There is a definition but the xmlns is not selected by the xpath.
//then xmlns=""
n=ns.addMappingAndRenderXNodeSet(XMLNS,"",nullNode,true);
n=ns.addMappingAndRender(XMLNS,"",nullNode);
}
//output the xmlns def if needed.
if (n!=null) {
result.add(n);
}
//Float all xml:* attributes of the unselected parent elements to this one.
addXmlAttributes(E,result);
//addXmlAttributes(E,result);
xmlattrStack.getXmlnsAttr(result);
ns.getUnrenderedNodes(result);
}
return result.iterator();
}
/**
* Float the xml:* attributes of the unselected parent nodes to the ciurrent node.
* @param E
* @param result
*/
private void addXmlAttributes(Element E, SortedSet result) {
/* The processing of an element node E MUST be modified slightly when an
* XPath node-set is given as input and the element's parent is omitted
* from the node-set. The method for processing the attribute axis of an
* element E in the node-set is enhanced. All element nodes along E's
* ancestor axis are examined for nearest occurrences of attributes in
* the xml namespace, such as xml:lang and xml:space (whether or not they
* are in the node-set). From this list of attributes, remove any that are
* in E's attribute axis (whether or not they are in the node-set). Then,
* lexicographically merge this attribute list with the nodes of E's
* attribute axis that are in the node-set. The result of visiting the
* attribute axis is computed by processing the attribute nodes in this
* merged attribute list.
*/
// E is in the node-set
Node parent = E.getParentNode();
Map loa = new HashMap();
if ((parent != null) && (parent.getNodeType() == Node.ELEMENT_NODE)
&&!isVisible(parent)) {
// parent element is not in node set
for (Node ancestor = parent;
(ancestor != null)
&& (ancestor.getNodeType() == Node.ELEMENT_NODE);
ancestor = ancestor.getParentNode()) {
Element el=((Element) ancestor);
if (!el.hasAttributes()) {
continue;
}
// for all ancestor elements
NamedNodeMap ancestorAttrs =el.getAttributes();
for (int i = 0; i < ancestorAttrs.getLength(); i++) {
// for all attributes in the ancestor element
Attr currentAncestorAttr = (Attr) ancestorAttrs.item(i);
if (XML_LANG_URI.equals(
currentAncestorAttr.getNamespaceURI())) {
// do we have an xml:* ?
if (!E.hasAttributeNS(
XML_LANG_URI,
currentAncestorAttr.getLocalName())) {
// the xml:* attr is not in E
if (!loa.containsKey(currentAncestorAttr.getName())) {
loa.put(currentAncestorAttr.getName(),
currentAncestorAttr);
}
}
}
}
}
}
result.addAll(loa.values());
}
/**
* Always throws a CanonicalizationException because this is inclusive c14n.
*
@ -363,4 +348,43 @@ public abstract class Canonicalizer20010315 extends CanonicalizerBase {
throw new CanonicalizationException(
"c14n.Canonicalizer.UnsupportedOperation");
}
void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException {
if (!input.isNeedsToBeExpanded())
return;
Document doc = null;
if (input.getSubNode() != null) {
doc=XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc=XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
void handleParent(Element e, NameSpaceSymbTable ns) {
if (!e.hasAttributes()) {
return;
}
xmlattrStack.push(-1);
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) {
//Not a namespace definition, ignore.
if (XML_LANG_URI==N.getNamespaceURI()) {
xmlattrStack.addXmlnsAttr(N);
}
continue;
}
String NName=N.getLocalName();
String NValue=N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
}

90
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -21,20 +20,26 @@
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/**
* Implements &quot; <A
* HREF="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/">Exclusive XML
@ -47,6 +52,7 @@ import org.w3c.dom.Node;
* <i>THIS </i> implementation is a complete rewrite of the algorithm.
*
* @author Christian Geuer-Pollmann <geuerp@apache.org>
* @version $Revision: 1.5 $
* @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ Exclusive#">
* XML Canonicalization, Version 1.0</a>
*/
@ -55,7 +61,7 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
* This Set contains the names (Strings like "xmlns" or "xmlns:foo") of
* the inclusive namespaces.
*/
TreeSet _inclusiveNSSet = null;
TreeSet _inclusiveNSSet = new TreeSet();
static final String XMLNS_URI=Constants.NamespaceSpecNS;
final SortedSet result = new TreeSet(COMPARE);
/**
@ -143,10 +149,8 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NNodeValue=N.getNodeValue();
if (!XMLNS_URI.equals(N.getNamespaceURI())) {
if (XMLNS_URI!=N.getNamespaceURI()) {
//Not a namespace definition.
//The Element is output element, add his prefix(if used) to visibyUtilized
String prefix = N.getPrefix();
@ -157,6 +161,8 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
result.add(N);
continue;
}
String NName=N.getLocalName();
String NNodeValue=N.getNodeValue();
if (ns.addMapping(NName, NNodeValue,N)) {
//New definition check if it is relative.
@ -168,17 +174,17 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
}
}
String prefix;
if (E.getNamespaceURI() != null) {
String prefix = E.getPrefix();
prefix = E.getPrefix();
if ((prefix == null) || (prefix.length() == 0)) {
visiblyUtilized.add(XMLNS);
} else {
visiblyUtilized.add(prefix);
prefix=XMLNS;
}
} else {
visiblyUtilized.add(XMLNS);
prefix=XMLNS;
}
visiblyUtilized.add(prefix);
//This can be optimezed by I don't have time
Iterator it=visiblyUtilized.iterator();
@ -211,12 +217,6 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
/** @inheritDoc */
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet
) throws CanonicalizationException {
return engineCanonicalizeXPathNodeSet(xpathNodeSet,"");
}
/**
* @inheritDoc
* @param E
@ -236,21 +236,20 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
//The prefix visibly utilized(in the attribute or in the name) in the element
Set visiblyUtilized =null;
//It's the output selected.
boolean isOutputElement = isVisible(E);
boolean isOutputElement=isVisibleDO(E,ns.getLevel())==1;
if (isOutputElement) {
visiblyUtilized = (Set) this._inclusiveNSSet.clone();
}
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
String NName=N.getLocalName();
String NNodeValue=N.getNodeValue();
if ( !isVisible(N) ) {
//The node is not in the nodeset(if there is a nodeset)
continue;
}
if (!XMLNS_URI.equals(N.getNamespaceURI())) {
if (XMLNS_URI!=N.getNamespaceURI()) {
if ( !isVisible(N) ) {
//The node is not in the nodeset(if there is a nodeset)
continue;
}
//Not a namespace definition.
if (isOutputElement) {
//The Element is output element, add his prefix(if used) to visibyUtilized
@ -263,6 +262,25 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
continue;
}
String NName=N.getLocalName();
if (isOutputElement && !isVisible(N) && NName!=XMLNS) {
ns.removeMappingIfNotRender(NName);
continue;
}
String NNodeValue=N.getNodeValue();
if (!isOutputElement && isVisible(N) && _inclusiveNSSet.contains(NName) && !ns.removeMappingIfRender(NName)) {
Node n=ns.addMappingAndRender(NName,NNodeValue,N);
if (n!=null) {
result.add(n);
if (C14nHelper.namespaceIsRelative(N)) {
Object exArgs[] = { E.getTagName(), NName, N.getNodeValue() };
throw new CanonicalizationException(
"c14n.Canonicalizer.RelativeNamespace", exArgs);
}
}
}
if (ns.addMapping(NName, NNodeValue,N)) {
@ -306,18 +324,20 @@ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase {
}
result.add(key);
}
} else /*if (_circunvented)*/ {
Iterator it=this._inclusiveNSSet.iterator();
while (it.hasNext()) {
String s=(String)it.next();
Attr key=ns.getMappingWithoutRendered(s);
if (key==null) {
continue;
}
result.add(key);
}
}
return result.iterator();
}
void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException {
if (!input.isNeedsToBeExpanded() || _inclusiveNSSet.isEmpty())
return;
Document doc = null;
if (input.getSubNode() != null) {
doc=XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc=XMLUtils.getOwnerDocument(input.getNodeSet());
}
XMLUtils.circumventBug2650(doc);
}
}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java
View file

@ -28,6 +28,7 @@ import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
/**
* Class Canonicalizer20010315ExclWithComments
*
* @version $Revision: 1.5 $
*/
public class Canonicalizer20010315ExclWithComments
extends Canonicalizer20010315Excl {

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

702
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java
View file

@ -27,9 +27,11 @@ import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Map;
import java.util.Set;
import javax.xml.parsers.DocumentBuilderFactory;
@ -45,7 +47,6 @@ import com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStrea
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.Comment;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
@ -57,6 +58,7 @@ import org.xml.sax.SAXException;
* Abstract base class for canonicalization algorithms.
*
* @author Christian Geuer-Pollmann <geuerp@apache.org>
* @version $Revision: 1.5 $
*/
public abstract class CanonicalizerBase extends CanonicalizerSpi {
//Constants to be outputed, In char array form, so
@ -122,6 +124,18 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
throws CanonicalizationException {
return engineCanonicalizeSubTree(rootNode,(Node)null);
}
/**
* Method engineCanonicalizeXPathNodeSet
* @inheritDoc
* @param xpathNodeSet
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet)
throws CanonicalizationException {
this._xpathNodeSet = xpathNodeSet;
return engineCanonicalizeXPathNodeSetInternal(XMLUtils.getOwnerDocument(this._xpathNodeSet));
}
/**
* Canonicalizes a Subtree node.
* @param input the root of the subtree to canicalize
@ -143,15 +157,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return bytes;
} else if (input.isNodeSet()) {
nodeFilter=input.getNodeFilters();
Document doc = null;
if (input.getSubNode() != null) {
doc=XMLUtils.getOwnerDocument(input.getSubNode());
} else {
doc=XMLUtils.getOwnerDocument(input.getNodeSet());
}
if (input.isNeedsToBeExpanded()) {
XMLUtils.circumventBug2650(doc);
}
circumventBugIfNeeded(input);
if (input.getSubNode() != null) {
bytes = engineCanonicalizeXPathNodeSetInternal(input.getSubNode());
@ -173,6 +180,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
}
}
/**
* @param _writer The _writer to set.
*/
public void setWriter(OutputStream _writer) {
this._writer = _writer;
}
/**
* Canonicalizes a Subtree node.
*
* @param rootNode
@ -187,11 +201,13 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
this._excludeNode = excludeNode;
try {
NameSpaceSymbTable ns=new NameSpaceSymbTable();
int nodeLevel=NODE_BEFORE_DOCUMENT_ELEMENT;
if (rootNode instanceof Element) {
//Fills the nssymbtable with the definitions of the parent of the root subnode
getParentNameSpaces((Element)rootNode,ns);
nodeLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
}
this.canonicalizeSubTree(rootNode,ns,rootNode);
this.canonicalizeSubTree(rootNode,ns,rootNode,nodeLevel);
this._writer.close();
if (this._writer instanceof ByteArrayOutputStream) {
byte []result=((ByteArrayOutputStream)this._writer).toByteArray();
@ -199,6 +215,12 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
((ByteArrayOutputStream)this._writer).reset();
}
return result;
} else if (this._writer instanceof UnsyncByteArrayOutputStream) {
byte []result=((UnsyncByteArrayOutputStream)this._writer).toByteArray();
if (reset) {
((UnsyncByteArrayOutputStream)this._writer).reset();
}
return result;
}
return null;
@ -219,13 +241,17 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
* @throws CanonicalizationException
* @throws IOException
*/
final void canonicalizeSubTree(Node currentNode, NameSpaceSymbTable ns,Node endnode)
final void canonicalizeSubTree(Node currentNode, NameSpaceSymbTable ns,Node endnode,
int documentLevel)
throws CanonicalizationException, IOException {
if (isVisibleInt(currentNode)==-1)
return;
Node sibling=null;
Node parentNode=null;
final OutputStream writer=this._writer;
final Node excludeNode=this._excludeNode;
final boolean includeComments=this._includeComments;
Map cache=new HashMap();
do {
switch (currentNode.getNodeType()) {
@ -242,18 +268,17 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
case Node.DOCUMENT_FRAGMENT_NODE :
case Node.DOCUMENT_NODE :
ns.outputNodePush();
//currentNode = currentNode.getFirstChild();
sibling= currentNode.getFirstChild();
break;
case Node.COMMENT_NODE :
if (includeComments) {
outputCommentToWriter((Comment) currentNode, writer);
outputCommentToWriter((Comment) currentNode, writer, documentLevel);
}
break;
case Node.PROCESSING_INSTRUCTION_NODE :
outputPItoWriter((ProcessingInstruction) currentNode, writer);
outputPItoWriter((ProcessingInstruction) currentNode, writer, documentLevel);
break;
case Node.TEXT_NODE :
@ -262,6 +287,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break;
case Node.ELEMENT_NODE :
documentLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
if (currentNode==excludeNode) {
break;
}
@ -270,27 +296,27 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
ns.outputNodePush();
writer.write('<');
String name=currentElement.getTagName();
writeStringToUtf8(name,writer);
UtfHelpper.writeByte(name,writer,cache);
Iterator attrs = this.handleAttributesSubtree(currentElement,ns);
if (attrs!=null) {
//we output all Attrs which are available
while (attrs.hasNext()) {
Attr attr = (Attr) attrs.next();
outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer);
outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer,cache);
}
}
writer.write('>');
sibling= currentNode.getFirstChild();
if (sibling==null) {
writer.write(_END_TAG);
writeStringToUtf8(name,writer);
UtfHelpper.writeStringToUtf8(name,writer);
writer.write('>');
//We fineshed with this level, pop to the previous definitions.
ns.outputNodePop();
if (parentNode != null) {
if (parentNode != null) {
sibling= currentNode.getNextSibling();
}
}
} else {
parentNode=currentElement;
}
@ -298,7 +324,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
}
while (sibling==null && parentNode!=null) {
writer.write(_END_TAG);
writeStringToUtf8(((Element)parentNode).getTagName(),writer);
UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache);
writer.write('>');
//We fineshed with this level, pop to the previous definitions.
ns.outputNodePop();
@ -307,6 +333,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
sibling=parentNode.getNextSibling();
parentNode=parentNode.getParentNode();
if (!(parentNode instanceof Element)) {
documentLevel=NODE_AFTER_DOCUMENT_ELEMENT;
parentNode=null;
}
}
@ -317,47 +344,8 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
} while(true);
}
/**
* Checks whether a Comment or ProcessingInstruction is before or after the
* document element. This is needed for prepending or appending "\n"s.
*
* @param currentNode comment or pi to check
* @return NODE_BEFORE_DOCUMENT_ELEMENT, NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT or NODE_AFTER_DOCUMENT_ELEMENT
* @see #NODE_BEFORE_DOCUMENT_ELEMENT
* @see #NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT
* @see #NODE_AFTER_DOCUMENT_ELEMENT
*/
final static int getPositionRelativeToDocumentElement(Node currentNode) {
if ((currentNode == null) ||
(currentNode.getParentNode().getNodeType() != Node.DOCUMENT_NODE) ) {
return CanonicalizerBase.NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
}
Element documentElement = currentNode.getOwnerDocument().getDocumentElement();
if ( (documentElement == null) || (documentElement == currentNode) ){
return CanonicalizerBase.NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
}
for (Node x = currentNode; x != null; x = x.getNextSibling()) {
if (x == documentElement) {
return CanonicalizerBase.NODE_BEFORE_DOCUMENT_ELEMENT;
}
}
return CanonicalizerBase.NODE_AFTER_DOCUMENT_ELEMENT;
}
/**
* Method engineCanonicalizeXPathNodeSet
* @inheritDoc
* @param xpathNodeSet
* @throws CanonicalizationException
*/
public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet)
throws CanonicalizationException {
this._xpathNodeSet = xpathNodeSet;
return engineCanonicalizeXPathNodeSetInternal(XMLUtils.getOwnerDocument(this._xpathNodeSet));
}
private byte[] engineCanonicalizeXPathNodeSetInternal(Node doc)
throws CanonicalizationException {
@ -370,6 +358,12 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
((ByteArrayOutputStream)this._writer).reset();
}
return sol;
} else if (this._writer instanceof UnsyncByteArrayOutputStream) {
byte []result=((UnsyncByteArrayOutputStream)this._writer).toByteArray();
if (reset) {
((UnsyncByteArrayOutputStream)this._writer).reset();
}
return result;
}
return null;
} catch (UnsupportedEncodingException ex) {
@ -390,11 +384,17 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
*/
final void canonicalizeXPathNodeSet(Node currentNode,Node endnode )
throws CanonicalizationException, IOException {
boolean currentNodeIsVisible = false;
NameSpaceSymbTable ns=new NameSpaceSymbTable();
if (isVisibleInt(currentNode)==-1)
return;
boolean currentNodeIsVisible = false;
NameSpaceSymbTable ns=new NameSpaceSymbTable();
if (currentNode instanceof Element)
getParentNameSpaces((Element)currentNode,ns);
Node sibling=null;
Node parentNode=null;
OutputStream writer=this._writer;
int documentLevel=NODE_BEFORE_DOCUMENT_ELEMENT;
Map cache=new HashMap();
do {
switch (currentNode.getNodeType()) {
@ -416,14 +416,14 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break;
case Node.COMMENT_NODE :
if (this._includeComments && isVisible(currentNode)) {
outputCommentToWriter((Comment) currentNode, writer);
if (this._includeComments && (isVisibleDO(currentNode,ns.getLevel())==1)) {
outputCommentToWriter((Comment) currentNode, writer, documentLevel);
}
break;
case Node.PROCESSING_INSTRUCTION_NODE :
if (isVisible(currentNode))
outputPItoWriter((ProcessingInstruction) currentNode, writer);
outputPItoWriter((ProcessingInstruction) currentNode, writer, documentLevel);
break;
case Node.TEXT_NODE :
@ -436,12 +436,6 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
|| (nextSibling.getNodeType()
== Node.CDATA_SECTION_NODE));
nextSibling = nextSibling.getNextSibling()) {
/* The XPath data model allows to select only the first of a
* sequence of mixed text and CDATA nodes. But we must output
* them all, so we must search:
*
* @see http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6329
*/
outputTextToWriter(nextSibling.getNodeValue(), writer);
currentNode=nextSibling;
sibling=currentNode.getNextSibling();
@ -451,15 +445,21 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
break;
case Node.ELEMENT_NODE :
documentLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT;
Element currentElement = (Element) currentNode;
//Add a level to the nssymbtable. So latter can be pop-back.
String name=null;
currentNodeIsVisible=isVisible(currentNode);
int i=isVisibleDO(currentNode,ns.getLevel());
if (i==-1) {
sibling= currentNode.getNextSibling();
break;
}
currentNodeIsVisible=(i==1);
if (currentNodeIsVisible) {
ns.outputNodePush();
writer.write('<');
name=currentElement.getTagName();
writeStringToUtf8(name,writer);
UtfHelpper.writeByte(name,writer,cache);
} else {
ns.push();
}
@ -469,7 +469,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
//we output all Attrs which are available
while (attrs.hasNext()) {
Attr attr = (Attr) attrs.next();
outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer);
outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer,cache);
}
}
if (currentNodeIsVisible) {
@ -480,7 +480,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
if (sibling==null) {
if (currentNodeIsVisible) {
writer.write(_END_TAG);
writeStringToUtf8(name,writer);
UtfHelpper.writeByte(name,writer,cache);
writer.write('>');
//We fineshed with this level, pop to the previous definitions.
ns.outputNodePop();
@ -498,7 +498,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
while (sibling==null && parentNode!=null) {
if (isVisible(parentNode)) {
writer.write(_END_TAG);
writeStringToUtf8(((Element)parentNode).getTagName(),writer);
UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache);
writer.write('>');
//We fineshed with this level, pop to the previous definitions.
ns.outputNodePop();
@ -511,6 +511,7 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
parentNode=parentNode.getParentNode();
if (!(parentNode instanceof Element)) {
parentNode=null;
documentLevel=NODE_AFTER_DOCUMENT_ELEMENT;
}
}
if (sibling==null)
@ -519,12 +520,38 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
sibling=currentNode.getNextSibling();
} while(true);
}
int isVisibleDO(Node currentNode,int level) {
if (nodeFilter!=null) {
Iterator it=nodeFilter.iterator();
while (it.hasNext()) {
int i=((NodeFilter)it.next()).isNodeIncludeDO(currentNode,level);
if (i!=1)
return i;
}
}
if ((this._xpathNodeSet!=null) && !this._xpathNodeSet.contains(currentNode))
return 0;
return 1;
}
int isVisibleInt(Node currentNode) {
if (nodeFilter!=null) {
Iterator it=nodeFilter.iterator();
while (it.hasNext()) {
int i=((NodeFilter)it.next()).isNodeInclude(currentNode);
if (i!=1)
return i;
}
}
if ((this._xpathNodeSet!=null) && !this._xpathNodeSet.contains(currentNode))
return 0;
return 1;
}
boolean isVisible(Node currentNode) {
if (nodeFilter!=null) {
Iterator it=nodeFilter.iterator();
while (it.hasNext()) {
if (!((NodeFilter)it.next()).isNodeInclude(currentNode))
if (((NodeFilter)it.next()).isNodeInclude(currentNode)!=1)
return false;
}
}
@ -533,19 +560,42 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
return true;
}
void handleParent(Element e,NameSpaceSymbTable ns) {
if (!e.hasAttributes()) {
return;
}
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) {
//Not a namespace definition, ignore.
continue;
}
String NName=N.getLocalName();
String NValue=N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
/**
* Adds to ns the definitons from the parent elements of el
* @param el
* @param ns
*/
final static void getParentNameSpaces(Element el,NameSpaceSymbTable ns) {
List parents=new ArrayList();
final void getParentNameSpaces(Element el,NameSpaceSymbTable ns) {
List parents=new ArrayList(10);
Node n1=el.getParentNode();
if (!(n1 instanceof Element)) {
return;
}
//Obtain all the parents of the elemnt
Element parent=(Element) el.getParentNode();
Element parent=(Element) n1;
while (parent!=null) {
parents.add(parent);
Node n=parent.getParentNode();
@ -557,297 +607,15 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
//Visit them in reverse order.
ListIterator it=parents.listIterator(parents.size());
while (it.hasPrevious()) {
Element ele=(Element)it.previous();
if (!ele.hasAttributes()) {
continue;
Element ele=(Element)it.previous();
handleParent(ele, ns);
}
NamedNodeMap attrs = ele.getAttributes();
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
if (!Constants.NamespaceSpecNS.equals(N.getNamespaceURI())) {
//Not a namespace definition, ignore.
continue;
}
String NName=N.getLocalName();
String NValue=N.getNodeValue();
if (XML.equals(NName)
&& Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
continue;
}
ns.addMapping(NName,NValue,N);
}
}
Attr nsprefix;
if (((nsprefix=ns.getMappingWithoutRendered("xmlns"))!=null)
&& "".equals(nsprefix.getValue())) {
ns.addMappingAndRender("xmlns","",nullNode);
}
}
/**
* Outputs an Attribute to the internal Writer.
*
* The string value of the node is modified by replacing
* <UL>
* <LI>all ampersands (&) with <CODE>&amp;amp;</CODE></LI>
* <LI>all open angle brackets (<) with <CODE>&amp;lt;</CODE></LI>
* <LI>all quotation mark characters with <CODE>&amp;quot;</CODE></LI>
* <LI>and the whitespace characters <CODE>#x9</CODE>, #xA, and #xD, with character
* references. The character references are written in uppercase
* hexadecimal with no leading zeroes (for example, <CODE>#xD</CODE> is represented
* by the character reference <CODE>&amp;#xD;</CODE>)</LI>
* </UL>
*
* @param name
* @param value
* @param writer
* @throws IOException
*/
static final void outputAttrToWriter(final String name, final String value, final OutputStream writer) throws IOException {
writer.write(' ');
writeStringToUtf8(name,writer);
writer.write(equalsStr);
byte []toWrite;
final int length = value.length();
for (int i=0;i < length; i++) {
char c = value.charAt(i);
switch (c) {
case '&' :
toWrite=_AMP_;
//writer.write(_AMP_);
break;
case '<' :
toWrite=_LT_;
//writer.write(_LT_);
break;
case '"' :
toWrite=_QUOT_;
//writer.write(_QUOT_);
break;
case 0x09 : // '\t'
toWrite=__X9_;
//writer.write(__X9_);
break;
case 0x0A : // '\n'
toWrite=__XA_;
//writer.write(__XA_);
break;
case 0x0D : // '\r'
toWrite=__XD_;
//writer.write(__XD_);
break;
default :
writeCharToUtf8(c,writer);
//this._writer.write(c);
continue;
}
writer.write(toWrite);
}
writer.write('\"');
}
final static void writeCharToUtf8(final char c,final OutputStream out) throws IOException{
char ch;
if (/*(c >= 0x0001) &&*/ (c <= 0x007F)) {
out.write(c);
return;
}
int bias;
int write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
final static void writeStringToUtf8(final String str,final OutputStream out) throws IOException{
final int length=str.length();
int i=0;
char c;
while (i<length) {
c=str.charAt(i++);
if (/*(c >= 0x0001) &&*/ (c <= 0x007F)) {
out.write(c);
continue;
}
char ch;
int bias;
int write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
continue;
}
}
/**
* Outputs a PI to the internal Writer.
*
* @param currentPI
* @param writer where to write the things
* @throws IOException
*/
static final void outputPItoWriter(ProcessingInstruction currentPI, OutputStream writer) throws IOException {
final int position = getPositionRelativeToDocumentElement(currentPI);
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_PI);
final String target = currentPI.getTarget();
int length = target.length();
for (int i = 0; i < length; i++) {
char c=target.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
writeCharToUtf8(c,writer);
}
}
final String data = currentPI.getData();
length = data.length();
if (length > 0) {
writer.write(' ');
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
writeCharToUtf8(c,writer);
}
}
}
writer.write(_END_PI);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Method outputCommentToWriter
*
* @param currentComment
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputCommentToWriter(Comment currentComment, OutputStream writer) throws IOException {
final int position = getPositionRelativeToDocumentElement(currentComment);
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_COMM);
final String data = currentComment.getData();
final int length = data.length();
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
writeCharToUtf8(c,writer);
}
}
writer.write(_END_COMM);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Outputs a Text of CDATA section to the internal Writer.
*
* @param text
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputTextToWriter(final String text, final OutputStream writer) throws IOException {
final int length = text.length();
byte []toWrite;
for (int i = 0; i < length; i++) {
char c = text.charAt(i);
switch (c) {
case '&' :
toWrite=_AMP_;
//writer.write(_AMP_);
break;
case '<' :
toWrite=_LT_;
//writer.write(_LT_);
break;
case '>' :
toWrite=_GT_;
//writer.write(_GT_);
break;
case 0xD :
toWrite=__XD_;
//writer.write(__XD_);
break;
default :
writeCharToUtf8(c,writer);
continue;
}
writer.write(toWrite);
}
}
/**
* Obtain the attributes to output for this node in XPathNodeSet c14n.
*
@ -870,13 +638,207 @@ public abstract class CanonicalizerBase extends CanonicalizerSpi {
abstract Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns)
throws CanonicalizationException;
abstract void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException;
/**
* Outputs an Attribute to the internal Writer.
*
* The string value of the node is modified by replacing
* <UL>
* <LI>all ampersands (&) with <CODE>&amp;amp;</CODE></LI>
* <LI>all open angle brackets (<) with <CODE>&amp;lt;</CODE></LI>
* <LI>all quotation mark characters with <CODE>&amp;quot;</CODE></LI>
* <LI>and the whitespace characters <CODE>#x9</CODE>, #xA, and #xD, with character
* references. The character references are written in uppercase
* hexadecimal with no leading zeroes (for example, <CODE>#xD</CODE> is represented
* by the character reference <CODE>&amp;#xD;</CODE>)</LI>
* </UL>
*
* @param name
* @param value
* @param writer
* @throws IOException
*/
static final void outputAttrToWriter(final String name, final String value, final OutputStream writer,
final Map cache) throws IOException {
writer.write(' ');
UtfHelpper.writeByte(name,writer,cache);
writer.write(equalsStr);
byte []toWrite;
final int length = value.length();
int i=0;
while (i < length) {
char c = value.charAt(i++);
/**
* @param _writer The _writer to set.
*/
public void setWriter(OutputStream _writer) {
this._writer = _writer;
}
switch (c) {
case '&' :
toWrite=_AMP_;
break;
case '<' :
toWrite=_LT_;
break;
case '"' :
toWrite=_QUOT_;
break;
case 0x09 : // '\t'
toWrite=__X9_;
break;
case 0x0A : // '\n'
toWrite=__XA_;
break;
case 0x0D : // '\r'
toWrite=__XD_;
break;
default :
if (c < 0x80 ) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
continue;
}
writer.write(toWrite);
}
writer.write('\"');
}
/**
* Outputs a PI to the internal Writer.
*
* @param currentPI
* @param writer where to write the things
* @throws IOException
*/
static final void outputPItoWriter(ProcessingInstruction currentPI, OutputStream writer,int position) throws IOException {
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_PI);
final String target = currentPI.getTarget();
int length = target.length();
for (int i = 0; i < length; i++) {
char c=target.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
}
}
final String data = currentPI.getData();
length = data.length();
if (length > 0) {
writer.write(' ');
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
}
}
}
writer.write(_END_PI);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Method outputCommentToWriter
*
* @param currentComment
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputCommentToWriter(Comment currentComment, OutputStream writer,int position) throws IOException {
if (position == NODE_AFTER_DOCUMENT_ELEMENT) {
writer.write('\n');
}
writer.write(_BEGIN_COMM);
final String data = currentComment.getData();
final int length = data.length();
for (int i = 0; i < length; i++) {
char c=data.charAt(i);
if (c==0x0D) {
writer.write(__XD_);
} else {
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
}
}
writer.write(_END_COMM);
if (position == NODE_BEFORE_DOCUMENT_ELEMENT) {
writer.write('\n');
}
}
/**
* Outputs a Text of CDATA section to the internal Writer.
*
* @param text
* @param writer writer where to write the things
* @throws IOException
*/
static final void outputTextToWriter(final String text, final OutputStream writer) throws IOException {
final int length = text.length();
byte []toWrite;
for (int i = 0; i < length; i++) {
char c = text.charAt(i);
switch (c) {
case '&' :
toWrite=_AMP_;
break;
case '<' :
toWrite=_LT_;
break;
case '>' :
toWrite=_GT_;
break;
case 0xD :
toWrite=__XD_;
break;
default :
if (c < 0x80) {
writer.write(c);
} else {
UtfHelpper.writeCharToUtf8(c,writer);
};
continue;
}
writer.write(toWrite);
}
}
}

224
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java
View file

@ -20,16 +20,10 @@
*/
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.lang.reflect.Array;
import java.util.AbstractList;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.w3c.dom.Attr;
@ -46,21 +40,26 @@ import org.w3c.dom.Node;
public class NameSpaceSymbTable {
/**The map betwen prefix-> entry table. */
SymbMap symb = new SymbMap();
SymbMap symb;
/**The level of nameSpaces (for Inclusive visibility).*/
int nameSpaces=0;
/**The stacks for removing the definitions when doing pop.*/
List level = new ArrayList();
List level;
boolean cloned=true;
static final String XMLNS="xmlns";
final static SymbMap initialMap=new SymbMap();
static {
NameSpaceSymbEntry ne=new NameSpaceSymbEntry("",null,true,XMLNS);
ne.lastrendered="";
initialMap.put(XMLNS,ne);
}
/**
* Default constractor
**/
public NameSpaceSymbTable() {
level = new ArrayList(10);
//Insert the default binding for xmlns.
NameSpaceSymbEntry ne=new NameSpaceSymbEntry("",null,true);
ne.lastrendered="";
symb.put(XMLNS,ne);
symb=(SymbMap) initialMap.clone();
}
/**
@ -75,8 +74,14 @@ public class NameSpaceSymbTable {
NameSpaceSymbEntry n=(NameSpaceSymbEntry)(it.next());
//put them rendered?
if ((!n.rendered) && (n.n!=null)) {
n=(NameSpaceSymbEntry) n.clone();
needsClone();
symb.put(n.prefix,n);
n.lastrendered=n.uri;
n.rendered=true;
result.add(n.n);
n.rendered=true;
}
}
}
@ -104,10 +109,6 @@ public class NameSpaceSymbTable {
**/
public void push() {
//Put the number of namespace definitions in the stack.
/**if (cloned) {
Object ob[]= {symb,cloned ? symb : null};
level.add(ob);
} **/
level.add(null);
cloned=false;
}
@ -124,7 +125,7 @@ public class NameSpaceSymbTable {
if (size==0) {
cloned=false;
} else
cloned=(level.get(size-1)!=symb);
cloned=(level.get(size-1)!=symb);
} else {
cloned=false;
}
@ -134,8 +135,7 @@ public class NameSpaceSymbTable {
final void needsClone() {
if (!cloned) {
level.remove(level.size()-1);
level.add(symb);
level.set(level.size()-1,symb);
symb=(SymbMap) symb.clone();
cloned=true;
}
@ -200,7 +200,7 @@ public class NameSpaceSymbTable {
return false;
}
//Creates and entry in the table for this new definition.
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,false);
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,false,prefix);
needsClone();
symb.put(prefix, ne);
if (ob != null) {
@ -238,7 +238,7 @@ public class NameSpaceSymbTable {
return null;
}
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true);
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true,prefix);
ne.lastrendered=uri;
needsClone();
symb.put(prefix, ne);
@ -251,53 +251,38 @@ public class NameSpaceSymbTable {
}
return ne.n;
}
/**
* Adds & gets(if needed) the attribute node that defines the binding for the prefix.
* Take on account if the rules of rendering in the inclusive c14n.
* For inclusive c14n.
* @param prefix the prefix to obtain the attribute.
* @param outputNode the container element is an output element.
* @param uri the Uri of the definition
* @param n the attribute that have the definition
* @return null if there is no need to render the prefix. Otherwise the node of
* definition.
**/
public Node addMappingAndRenderXNodeSet(String prefix, String uri,Attr n,boolean outputNode) {
public int getLevel() {
// TODO Auto-generated method stub
return level.size();
}
public void removeMapping(String prefix) {
NameSpaceSymbEntry ob = symb.get(prefix);
int visibleNameSpaces=nameSpaces;
if ((ob!=null) && uri.equals(ob.uri)) {
if (!ob.rendered) {
ob=(NameSpaceSymbEntry)ob.clone();
needsClone();
symb.put(prefix,ob);
ob.rendered=true;
ob.level=visibleNameSpaces;
return ob.n;
}
ob=(NameSpaceSymbEntry)ob.clone();
if (ob!=null) {
needsClone();
symb.put(prefix,ob);
if (outputNode && (((visibleNameSpaces-ob.level)<2) || XMLNS.equals(prefix)) ) {
ob.level=visibleNameSpaces;
return null; //Already rendered, just return nulll
}
ob.level=visibleNameSpaces;
return ob.n;
}
symb.put(prefix,null);
}
}
NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true);
ne.level=nameSpaces;
ne.rendered=true;
needsClone();
symb.put(prefix, ne);
if (ob != null) {
ne.lastrendered=ob.lastrendered;
public void removeMappingIfNotRender(String prefix) {
NameSpaceSymbEntry ob = symb.get(prefix);
if ((ob.lastrendered!=null)&& (ob.lastrendered.equals(uri))) {
ne.rendered=true;
}
}
return ne.n;
if (ob!=null && !ob.rendered) {
needsClone();
symb.put(prefix,null);
}
}
public boolean removeMappingIfRender(String prefix) {
NameSpaceSymbEntry ob = symb.get(prefix);
if (ob!=null && ob.rendered) {
needsClone();
symb.put(prefix,null);
}
return false;
}
}
@ -305,10 +290,11 @@ public class NameSpaceSymbTable {
* The internal structure of NameSpaceSymbTable.
**/
class NameSpaceSymbEntry implements Cloneable {
NameSpaceSymbEntry(String name,Attr n,boolean rendered) {
NameSpaceSymbEntry(String name,Attr n,boolean rendered,String prefix) {
this.uri=name;
this.rendered=rendered;
this.n=n;
this.prefix=prefix;
}
/** @inheritDoc */
public Object clone() {
@ -320,6 +306,7 @@ class NameSpaceSymbEntry implements Cloneable {
}
/** The level where the definition was rendered(Only for inclusive) */
int level=0;
String prefix;
/**The URI that the prefix defines */
String uri;
/**The last output in the URI for this prefix (This for speed reason).*/
@ -330,53 +317,57 @@ class NameSpaceSymbEntry implements Cloneable {
Attr n;
};
class SymbMap implements Cloneable{
int free=23;
NameSpaceSymbEntry[] entries=new NameSpaceSymbEntry[free];
String[] keys=new String[free];
void put(String key, NameSpaceSymbEntry value) {
class SymbMap implements Cloneable {
int free=23;
NameSpaceSymbEntry[] entries;
String[] keys;
SymbMap() {
entries=new NameSpaceSymbEntry[free];
keys=new String[free];
}
void put(String key, NameSpaceSymbEntry value) {
int index = index(key);
Object oldKey = keys[index];
keys[index] = key;
entries[index] = value;
Object oldKey = keys[index];
keys[index] = key;
entries[index] = value;
if (oldKey==null || !oldKey.equals(key)) {
if (--free == 0) {
free=entries.length;
int newCapacity = free<<2;
rehash(newCapacity);
}
if (--free == 0) {
free=entries.length;
int newCapacity = free<<2;
rehash(newCapacity);
}
}
}
List entrySet() {
List a=new ArrayList();
for (int i=0;i<entries.length;i++) {
if ((entries[i]!=null) && !("".equals(entries[i]))) {
a.add(entries[i]);
}
}
return a;
List a=new ArrayList();
for (int i=0;i<entries.length;i++) {
if ((entries[i]!=null) && !("".equals(entries[i].uri))) {
a.add(entries[i]);
}
}
return a;
}
protected int index(Object obj) {
protected int index(Object obj) {
Object[] set = keys;
int length = set.length;
//abs of index
int length = set.length;
//abs of index
int index = (obj.hashCode() & 0x7fffffff) % length;
Object cur = set[index];
if (cur == null || (cur.equals( obj))) {
return index;
return index;
}
length=length-1;
do {
index=index==length? 0:++index;
cur = set[index];
index=index==length? 0:++index;
cur = set[index];
} while (cur != null && (!cur.equals(obj)));
return index;
}
/**
/**
* rehashes the map to the new capacity.
*
* @param newCapacity an <code>int</code> value
@ -384,37 +375,38 @@ class SymbMap implements Cloneable{
protected void rehash(int newCapacity) {
int oldCapacity = keys.length;
String oldKeys[] = keys;
NameSpaceSymbEntry oldVals[] = entries;
NameSpaceSymbEntry oldVals[] = entries;
keys = new String[newCapacity];
entries = new NameSpaceSymbEntry[newCapacity];
keys = new String[newCapacity];
entries = new NameSpaceSymbEntry[newCapacity];
for (int i = oldCapacity; i-- > 0;) {
if(oldKeys[i] != null) {
String o = oldKeys[i];
int index = index(o);
keys[index] = o;
entries[index] = oldVals[i];
keys[index] = o;
entries[index] = oldVals[i];
}
}
}
NameSpaceSymbEntry get(String key) {
return entries[index(key)];
}
protected Object clone() {
// TODO Auto-generated method stub
try {
SymbMap copy=(SymbMap) super.clone();
copy.entries=new NameSpaceSymbEntry[entries.length];
System.arraycopy(entries,0,copy.entries,0,entries.length);
copy.keys=new String[keys.length];
System.arraycopy(keys,0,copy.keys,0,keys.length);
return copy;
} catch (CloneNotSupportedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
NameSpaceSymbEntry get(String key) {
return entries[index(key)];
}
protected Object clone() {
try {
SymbMap copy=(SymbMap) super.clone();
copy.entries=new NameSpaceSymbEntry[entries.length];
System.arraycopy(entries,0,copy.entries,0,entries.length);
copy.keys=new String[keys.length];
System.arraycopy(keys,0,copy.keys,0,keys.length);
return copy;
} catch (CloneNotSupportedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
}

155
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java Normal file
View file

@ -0,0 +1,155 @@
package com.sun.org.apache.xml.internal.security.c14n.implementations;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Map;
public class UtfHelpper {
final static void writeByte(final String str,final OutputStream out,Map cache) throws IOException {
byte []result=(byte[]) cache.get(str);
if (result==null) {
result=getStringInUtf8(str);
cache.put(str,result);
}
out.write(result);
}
final static void writeCharToUtf8(final char c,final OutputStream out) throws IOException{
if (c < 0x80) {
out.write(c);
return;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){
//No Surrogates in sun java
out.write(0x3f);
return;
}
int bias;
int write;
char ch;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
final static void writeStringToUtf8(final String str,final OutputStream out) throws IOException{
final int length=str.length();
int i=0;
char c;
while (i<length) {
c=str.charAt(i++);
if (c < 0x80) {
out.write(c);
continue;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){
//No Surrogates in sun java
out.write(0x3f);
continue;
}
char ch;
int bias;
int write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
out.write(write);
write=0x80;
bias=0x3F;
} else {
write=0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
out.write(write);
out.write(0x80 | ((c) & 0x3F));
}
}
public final static byte[] getStringInUtf8(final String str) {
final int length=str.length();
boolean expanded=false;
byte []result=new byte[length];
int i=0;
int out=0;
char c;
while (i<length) {
c=str.charAt(i++);
if ( c < 0x80 ) {
result[out++]=(byte)c;
continue;
}
if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){
//No Surrogates in sun java
result[out++]=0x3f;
continue;
}
if (!expanded) {
byte newResult[]=new byte[3*length];
System.arraycopy(result, 0, newResult, 0, out);
result=newResult;
expanded=true;
}
char ch;
int bias;
byte write;
if (c > 0x07FF) {
ch=(char)(c>>>12);
write=(byte)0xE0;
if (ch>0) {
write |= ( ch & 0x0F);
}
result[out++]=write;
write=(byte)0x80;
bias=0x3F;
} else {
write=(byte)0xC0;
bias=0x1F;
}
ch=(char)(c>>>6);
if (ch>0) {
write|= (ch & bias);
}
result[out++]=write;
result[out++]=(byte)(0x80 | ((c) & 0x3F));/**/
}
if (expanded) {
byte newResult[]=new byte[out];
System.arraycopy(result, 0, newResult, 0, out);
result=newResult;
}
return result;
}
}

619
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
View file

File diff suppressed because it is too large Load diff

116
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java
View file

@ -108,84 +108,78 @@ public class XMLCipherInput {
return null;
}
/**
* Internal method to get bytes in decryption mode
/**
* Internal method to get bytes in decryption mode
* @return the decripted bytes
* @throws XMLEncryptionException
*/
*/
private byte[] getDecryptBytes() throws XMLEncryptionException {
private byte[] getDecryptBytes() throws XMLEncryptionException {
String base64EncodedEncryptedOctets = null;
String base64EncodedEncryptedOctets = null;
if (_cipherData.getDataType() == CipherData.REFERENCE_TYPE) {
// Fun time!
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData");
CipherReference cr = _cipherData.getCipherReference();
// Fun time!
logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData");
CipherReference cr = _cipherData.getCipherReference();
// Need to wrap the uri in an Attribute node so that we can
// Pass to the resource resolvers
// Need to wrap the uri in an Attribute node so that we can
// Pass to the resource resolvers
Attr uriAttr = cr.getURIAsAttr();
XMLSignatureInput input = null;
Attr uriAttr = cr.getURIAsAttr();
XMLSignatureInput input = null;
try {
ResourceResolver resolver =
ResourceResolver.getInstance(uriAttr, null);
input = resolver.resolve(uriAttr, null);
} catch (ResourceResolverException ex) {
throw new XMLEncryptionException("empty", ex);
}
try {
ResourceResolver resolver =
ResourceResolver.getInstance(uriAttr, null);
input = resolver.resolve(uriAttr, null);
} catch (ResourceResolverException ex) {
throw new XMLEncryptionException("empty", ex);
}
if (input != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\"");
}
else {
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\"");
}
if (input != null) {
logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\"");
} else {
logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\"");
}
// Lets see if there are any transforms
Transforms transforms = cr.getTransforms();
if (transforms != null) {
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference");
try {
com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms =
transforms.getDSTransforms();
input = dsTransforms.performTransforms(input);
} catch (TransformationException ex) {
throw new XMLEncryptionException("empty", ex);
}
}
try {
return input.getBytes();
}
catch (IOException ex) {
throw new XMLEncryptionException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLEncryptionException("empty", ex);
}
// retrieve the cipher text
} else if (_cipherData.getDataType() == CipherData.VALUE_TYPE) {
CipherValue cv = _cipherData.getCipherValue();
base64EncodedEncryptedOctets = new String(cv.getValue());
} else {
throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
// Lets see if there are any transforms
Transforms transforms = cr.getTransforms();
if (transforms != null) {
logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference");
try {
com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms =
transforms.getDSTransforms();
input = dsTransforms.performTransforms(input);
} catch (TransformationException ex) {
throw new XMLEncryptionException("empty", ex);
}
}
if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
try {
return input.getBytes();
} catch (IOException ex) {
throw new XMLEncryptionException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLEncryptionException("empty", ex);
}
// retrieve the cipher text
} else if (_cipherData.getDataType() == CipherData.VALUE_TYPE) {
base64EncodedEncryptedOctets =
_cipherData.getCipherValue().getValue();
} else {
throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
}
logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
byte[] encryptedBytes = null;
try {
encryptedBytes = Base64.decode(base64EncodedEncryptedOctets);
encryptedBytes = Base64.decode(base64EncodedEncryptedOctets);
} catch (Base64DecodingException bde) {
throw new XMLEncryptionException("empty", bde);
}
return (encryptedBytes);
}
return (encryptedBytes);
}
}

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -28,7 +27,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class ContentHandlerAlreadyRegisteredException
extends XMLSecurityException {

410
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
View file

@ -25,6 +25,8 @@ package com.sun.org.apache.xml.internal.security.keys;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.crypto.SecretKey;
@ -88,15 +90,22 @@ import org.w3c.dom.NodeList;
* The <CODE>containsXXX()</CODE> methods return <I>whether</I> the KeyInfo
* contains the corresponding type.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class KeyInfo extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyInfo.class.getName());
List x509Datas=null;
List encryptedKeys=null;
static final List nullList;
static {
List list = new ArrayList();
list.add(null);
nullList = Collections.unmodifiableList(list);
}
/**
* Constructor KeyInfo
@ -108,7 +117,6 @@ public class KeyInfo extends SignatureElementProxy {
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
@ -119,8 +127,8 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException
*/
public KeyInfo(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
// _storageResolvers.add(null);
}
@ -131,7 +139,7 @@ public class KeyInfo extends SignatureElementProxy {
*/
public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) {
if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}
@ -162,10 +170,8 @@ public class KeyInfo extends SignatureElementProxy {
*/
public void add(KeyName keyname) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(keyname.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -219,11 +225,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param keyvalue
*/
public void add(KeyValue keyvalue) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(keyvalue.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -241,11 +244,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param mgmtdata
*/
public void add(MgmtData mgmtdata) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(mgmtdata.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -254,11 +254,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param pgpdata
*/
public void add(PGPData pgpdata) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(pgpdata.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -279,11 +276,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param retrievalmethod
*/
public void add(RetrievalMethod retrievalmethod) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(retrievalmethod.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -292,11 +286,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param spkidata
*/
public void add(SPKIData spkidata) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(spkidata.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -305,11 +296,11 @@ public class KeyInfo extends SignatureElementProxy {
* @param x509data
*/
public void add(X509Data x509data) {
if (this._state == MODE_SIGN) {
if (x509Datas==null)
x509Datas=new ArrayList();
x509Datas.add(x509data);
this._constructionElement.appendChild(x509data.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -321,12 +312,11 @@ public class KeyInfo extends SignatureElementProxy {
public void add(EncryptedKey encryptedKey)
throws XMLEncryptionException {
if (this._state == MODE_SIGN) {
if (encryptedKeys==null)
encryptedKeys=new ArrayList();
encryptedKeys.add(encryptedKey);
XMLCipher cipher = XMLCipher.getInstance();
this._constructionElement.appendChild(cipher.martial(encryptedKey));
}
}
/**
@ -335,11 +325,8 @@ public class KeyInfo extends SignatureElementProxy {
* @param element
*/
public void addUnknownElement(Element element) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(element);
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -403,6 +390,9 @@ public class KeyInfo extends SignatureElementProxy {
*@return the number of the X509Data tags
*/
public int lengthX509Data() {
if (x509Datas!=null) {
return x509Datas.size();
}
return this.length(Constants.SignatureSpecNS, Constants._TAG_X509DATA);
}
@ -550,7 +540,9 @@ public class KeyInfo extends SignatureElementProxy {
* @throws XMLSecurityException
*/
public X509Data itemX509Data(int i) throws XMLSecurityException {
if (x509Datas!=null) {
return (X509Data) x509Datas.get(i);
}
Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_X509DATA,i);
@ -569,7 +561,9 @@ public class KeyInfo extends SignatureElementProxy {
*/
public EncryptedKey itemEncryptedKey(int i) throws XMLSecurityException {
if (encryptedKeys!=null) {
return (EncryptedKey) encryptedKeys.get(i);
}
Element e =
XMLUtils.selectXencNode(this._constructionElement.getFirstChild(),
EncryptionConstants._TAG_ENCRYPTEDKEY,i);
@ -707,20 +701,20 @@ public class KeyInfo extends SignatureElementProxy {
PublicKey pk = this.getPublicKeyFromInternalResolvers();
if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers");
return pk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers");
pk = this.getPublicKeyFromStaticResolvers();
if (pk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers");
return pk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers");
return null;
}
@ -732,46 +726,29 @@ public class KeyInfo extends SignatureElementProxy {
* @throws KeyResolverException
*/
PublicKey getPublicKeyFromStaticResolvers() throws KeyResolverException {
for (int i = 0; i < KeyResolver.length(); i++) {
KeyResolver keyResolver = KeyResolver.item(i);
int length=KeyResolver.length();
int storageLength=this._storageResolvers.size();
Iterator it= KeyResolver.iterator();
for (int i = 0; i < length; i++) {
KeyResolverSpi keyResolver = (KeyResolverSpi) it.next();
Node currentChild=this._constructionElement.getFirstChild();
String uri= this.getBaseURI();
while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) {
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
PublicKey pk =
keyResolver.resolvePublicKey((Element) currentChild,
this.getBaseURI(),
storage);
if (pk != null) {
return pk;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
PublicKey pk =
keyResolver.resolvePublicKey((Element) currentChild,
this.getBaseURI(),
PublicKey pk =
keyResolver.engineLookupAndResolvePublicKey((Element) currentChild,
uri,
storage);
if (pk != null) {
return pk;
}
if (pk != null) {
KeyResolver.hit(it);
return pk;
}
}
}
}
currentChild=currentChild.getNextSibling();
}
@ -786,50 +763,27 @@ public class KeyInfo extends SignatureElementProxy {
* @throws KeyResolverException
*/
PublicKey getPublicKeyFromInternalResolvers() throws KeyResolverException {
for (int i = 0; i < this.lengthInternalKeyResolver(); i++) {
int length=lengthInternalKeyResolver();
int storageLength=this._storageResolvers.size();
for (int i = 0; i < length; i++) {
KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
Node currentChild=this._constructionElement.getFirstChild();
String uri=this.getBaseURI();
while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) {
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
PublicKey pk =
keyResolver
.engineResolvePublicKey((Element) currentChild, this
.getBaseURI(), storage);
for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
PublicKey pk = keyResolver
.engineLookupAndResolvePublicKey((Element) currentChild, uri, storage);
if (pk != null) {
return pk;
return pk;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
PublicKey pk = keyResolver
.engineResolvePublicKey((Element) currentChild, this
.getBaseURI(), storage);
if (pk != null) {
return pk;
}
}
}
}
}
currentChild=currentChild.getNextSibling();
}
@ -850,12 +804,12 @@ public class KeyInfo extends SignatureElementProxy {
X509Certificate cert = this.getX509CertificateFromInternalResolvers();
if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE,
log.log(java.util.logging.Level.FINE,
"I could find a X509Certificate using the per-KeyInfo key resolvers");
return cert;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE,
log.log(java.util.logging.Level.FINE,
"I couldn't find a X509Certificate using the per-KeyInfo key resolvers");
@ -863,12 +817,12 @@ public class KeyInfo extends SignatureElementProxy {
cert = this.getX509CertificateFromStaticResolvers();
if (cert != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE,
log.log(java.util.logging.Level.FINE,
"I could find a X509Certificate using the system-wide key resolvers");
return cert;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE,
log.log(java.util.logging.Level.FINE,
"I couldn't find a X509Certificate using the system-wide key resolvers");
@ -885,53 +839,44 @@ public class KeyInfo extends SignatureElementProxy {
*/
X509Certificate getX509CertificateFromStaticResolvers()
throws KeyResolverException {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromStaticResolvers() with "
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromStaticResolvers() with "
+ KeyResolver.length() + " resolvers");
String uri=this.getBaseURI();
int length= KeyResolver.length();
int storageLength=this._storageResolvers.size();
Iterator it = KeyResolver.iterator();
for (int i = 0; i <length; i++) {
KeyResolverSpi keyResolver = (KeyResolverSpi) it.next();
X509Certificate cert= applyCurrentResolver(uri, storageLength, keyResolver);
if (cert!=null) {
KeyResolver.hit(it);
return cert;
}
}
return null;
}
for (int i = 0; i < KeyResolver.length(); i++) {
KeyResolver keyResolver = KeyResolver.item(i);
Node currentChild=this._constructionElement.getFirstChild();
while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) {
private X509Certificate applyCurrentResolver(String uri, int storageLength, KeyResolverSpi keyResolver) throws KeyResolverException {
Node currentChild=this._constructionElement.getFirstChild();
while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
X509Certificate cert = keyResolver
.engineLookupResolveX509Certificate((Element) currentChild, uri,
storage);
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
X509Certificate cert =
keyResolver
.resolveX509Certificate((Element) currentChild, this
.getBaseURI(), storage);
if (cert != null) {
return cert;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
X509Certificate cert = keyResolver
.resolveX509Certificate((Element) currentChild, this
.getBaseURI(), storage);
if (cert != null) {
return cert;
}
}
if (cert != null) {
return cert;
}
}
}
currentChild=currentChild.getNextSibling();
}
}
return null;
return null;
}
/**
@ -942,55 +887,18 @@ public class KeyInfo extends SignatureElementProxy {
*/
X509Certificate getX509CertificateFromInternalResolvers()
throws KeyResolverException {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromInternalResolvers() with "
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromInternalResolvers() with "
+ this.lengthInternalKeyResolver() + " resolvers");
String uri=this.getBaseURI();
int storageLength=this._storageResolvers.size();
for (int i = 0; i < this.lengthInternalKeyResolver(); i++) {
KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
Node currentChild=this._constructionElement.getFirstChild();
while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) {
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
X509Certificate cert =
keyResolver.engineResolveX509Certificate(
(Element) currentChild, this.getBaseURI(), storage);
if (cert != null) {
return cert;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
X509Certificate cert =
keyResolver.engineResolveX509Certificate(
(Element) currentChild, this.getBaseURI(),
storage);
if (cert != null) {
return cert;
}
}
}
}
}
currentChild=currentChild.getNextSibling();
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
X509Certificate cert= applyCurrentResolver(uri, storageLength, keyResolver);
if (cert!=null) {
return cert;
}
}
@ -1006,21 +914,21 @@ public class KeyInfo extends SignatureElementProxy {
SecretKey sk = this.getSecretKeyFromInternalResolvers();
if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a secret key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a secret key using the per-KeyInfo key resolvers");
return sk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the per-KeyInfo key resolvers");
sk = this.getSecretKeyFromStaticResolvers();
if (sk != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a secret key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I could find a secret key using the system-wide key resolvers");
return sk;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the system-wide key resolvers");
log.log(java.util.logging.Level.FINE, "I couldn't find a secret key using the system-wide key resolvers");
return null;
@ -1034,47 +942,29 @@ public class KeyInfo extends SignatureElementProxy {
*/
SecretKey getSecretKeyFromStaticResolvers() throws KeyResolverException {
for (int i = 0; i < KeyResolver.length(); i++) {
KeyResolver keyResolver = KeyResolver.item(i);
final int length=KeyResolver.length();
int storageLength=this._storageResolvers.size();
Iterator it = KeyResolver.iterator();
for (int i = 0; i < length; i++) {
KeyResolverSpi keyResolver = (KeyResolverSpi) it.next();
Node currentChild=this._constructionElement.getFirstChild();
String uri=this.getBaseURI();
while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) {
for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
SecretKey sk =
keyResolver.resolveSecretKey((Element) currentChild,
this.getBaseURI(),
storage);
SecretKey sk =
keyResolver.engineLookupAndResolveSecretKey((Element) currentChild,
uri,
storage);
if (sk != null) {
return sk;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.canResolve((Element) currentChild,
this.getBaseURI(), storage)) {
SecretKey sk =
keyResolver.resolveSecretKey((Element) currentChild,
this.getBaseURI(),
storage);
if (sk != null) {
return sk;
}
}
}
}
}
currentChild=currentChild.getNextSibling();
}
@ -1090,51 +980,28 @@ public class KeyInfo extends SignatureElementProxy {
*/
SecretKey getSecretKeyFromInternalResolvers() throws KeyResolverException {
int storageLength=this._storageResolvers.size();
for (int i = 0; i < this.lengthInternalKeyResolver(); i++) {
KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName());
Node currentChild=this._constructionElement.getFirstChild();
String uri=this.getBaseURI();
while (currentChild!=null) {
if (currentChild.getNodeType() == Node.ELEMENT_NODE) {
if (this._storageResolvers.size() == 0) {
for (int k = 0; k < storageLength; k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
// if we do not have storage resolvers, we verify with null
StorageResolver storage = null;
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
SecretKey sk =
keyResolver
.engineResolveSecretKey((Element) currentChild, this
.getBaseURI(), storage);
SecretKey sk = keyResolver
.engineLookupAndResolveSecretKey((Element) currentChild, uri, storage);
if (sk != null) {
return sk;
}
}
} else {
for (int k = 0; k < this._storageResolvers.size(); k++) {
StorageResolver storage =
(StorageResolver) this._storageResolvers.get(k);
if (keyResolver.engineCanResolve((Element) currentChild,
this.getBaseURI(),
storage)) {
SecretKey sk = keyResolver
.engineResolveSecretKey((Element) currentChild, this
.getBaseURI(), storage);
if (sk != null) {
return sk;
}
}
}
}
}
}
}
currentChild=currentChild.getNextSibling();
}
}
@ -1145,7 +1012,7 @@ public class KeyInfo extends SignatureElementProxy {
/**
* Stores the individual (per-KeyInfo) {@link KeyResolver}s
*/
List _internalKeyResolvers = new ArrayList();
List _internalKeyResolvers = null;
/**
* This method is used to add a custom {@link KeyResolverSpi} to a KeyInfo
@ -1154,6 +1021,9 @@ public class KeyInfo extends SignatureElementProxy {
* @param realKeyResolver
*/
public void registerInternalKeyResolver(KeyResolverSpi realKeyResolver) {
if (_internalKeyResolvers==null) {
_internalKeyResolvers=new ArrayList();
}
this._internalKeyResolvers.add(realKeyResolver);
}
@ -1162,6 +1032,8 @@ public class KeyInfo extends SignatureElementProxy {
* @return the length of the key
*/
int lengthInternalKeyResolver() {
if (_internalKeyResolvers==null)
return 0;
return this._internalKeyResolvers.size();
}
@ -1176,7 +1048,7 @@ public class KeyInfo extends SignatureElementProxy {
}
/** Field _storageResolvers */
List _storageResolvers = new ArrayList();
List _storageResolvers = nullList;
/**
* Method addStorageResolver
@ -1184,19 +1056,11 @@ public class KeyInfo extends SignatureElementProxy {
* @param storageResolver
*/
public void addStorageResolver(StorageResolver storageResolver) {
if (storageResolver != null) {
if (_storageResolvers == nullList ){
_storageResolvers=new ArrayList();
}
this._storageResolvers.add(storageResolver);
}
}
/**
* Method getStorageResolvers
*
* @return the internalStorages
*/
List getStorageResolvers() {
return this._storageResolvers;
}
//J-

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyUtils.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -36,7 +35,7 @@ import com.sun.org.apache.xml.internal.security.keys.content.X509Data;
/**
* Utility class for for <CODE>com.sun.org.apache.xml.internal.security.keys</CODE> package.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class KeyUtils {

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -28,7 +27,7 @@ package com.sun.org.apache.xml.internal.security.keys.content;
/**
* Empty interface just to identify Elements that can be cildren of ds:KeyInfo.
*
* @author $Author: blautenb $
* @author $Author: mullan $
*/
public interface KeyInfoContent {
}

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java
View file

@ -20,25 +20,18 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class KeyName extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyName.class.getName());
/**
* Constructor KeyName
*

198
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java
View file

@ -20,11 +20,8 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content;
import java.security.PublicKey;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.DSAKeyValue;
import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.RSAKeyValue;
@ -34,140 +31,131 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* The KeyValue element contains a single public key that may be useful in
* validating the signature. Structured formats for defining DSA (REQUIRED)
* and RSA (RECOMMENDED) public keys are defined in Signature Algorithms
* (section 6.4). The KeyValue element may include externally defined public
* keys values represented as PCDATA or element types from an external namespace.
* keys values represented as PCDATA or element types from an external
* namespace.
*
* @author $Author: vishal $
* @author $Author: mullan $
*/
public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyValue.class.getName());
/**
* Constructor KeyValue
*
* @param doc
* @param dsaKeyValue
*/
public KeyValue(Document doc, DSAKeyValue dsaKeyValue) {
/**
* Constructor KeyValue
*
* @param doc
* @param dsaKeyValue
*/
public KeyValue(Document doc, DSAKeyValue dsaKeyValue) {
super(doc);
super(doc);
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(dsaKeyValue.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(dsaKeyValue.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
* Constructor KeyValue
*
* @param doc
* @param rsaKeyValue
*/
public KeyValue(Document doc, RSAKeyValue rsaKeyValue) {
/**
* Constructor KeyValue
*
* @param doc
* @param rsaKeyValue
*/
public KeyValue(Document doc, RSAKeyValue rsaKeyValue) {
super(doc);
super(doc);
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(rsaKeyValue.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(rsaKeyValue.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
* Constructor KeyValue
*
* @param doc
* @param unknownKeyValue
*/
public KeyValue(Document doc, Element unknownKeyValue) {
/**
* Constructor KeyValue
*
* @param doc
* @param unknownKeyValue
*/
public KeyValue(Document doc, Element unknownKeyValue) {
super(doc);
super(doc);
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(unknownKeyValue);
XMLUtils.addReturnToElement(this._constructionElement);
}
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(unknownKeyValue);
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
* Constructor KeyValue
*
* @param doc
* @param pk
*/
public KeyValue(Document doc, PublicKey pk) {
/**
* Constructor KeyValue
*
* @param doc
* @param pk
*/
public KeyValue(Document doc, PublicKey pk) {
super(doc);
super(doc);
XMLUtils.addReturnToElement(this._constructionElement);
XMLUtils.addReturnToElement(this._constructionElement);
if (pk instanceof java.security.interfaces.DSAPublicKey) {
DSAKeyValue dsa = new DSAKeyValue(this._doc, pk);
if (pk instanceof java.security.interfaces.DSAPublicKey) {
DSAKeyValue dsa = new DSAKeyValue(this._doc, pk);
this._constructionElement.appendChild(dsa.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
} else if (pk instanceof java.security.interfaces.RSAPublicKey) {
RSAKeyValue rsa = new RSAKeyValue(this._doc, pk);
this._constructionElement.appendChild(dsa.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
} else if (pk instanceof java.security.interfaces.RSAPublicKey) {
RSAKeyValue rsa = new RSAKeyValue(this._doc, pk);
this._constructionElement.appendChild(rsa.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
this._constructionElement.appendChild(rsa.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
* Constructor KeyValue
*
* @param element
* @param BaseURI
* @throws XMLSecurityException
*/
public KeyValue(Element element, String BaseURI)
/**
* Constructor KeyValue
*
* @param element
* @param BaseURI
* @throws XMLSecurityException
*/
public KeyValue(Element element, String BaseURI)
throws XMLSecurityException {
super(element, BaseURI);
}
super(element, BaseURI);
}
/**
* Method getPublicKey
*
* @return the public key
* @throws XMLSecurityException
*/
public PublicKey getPublicKey() throws XMLSecurityException {
/**
* Method getPublicKey
*
* @return the public key
* @throws XMLSecurityException
*/
public PublicKey getPublicKey() throws XMLSecurityException {
Element rsa = XMLUtils.selectDsNode
(this._constructionElement.getFirstChild(),
Constants._TAG_RSAKEYVALUE,0);
Element rsa = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_RSAKEYVALUE,0);
if (rsa != null) {
RSAKeyValue kv = new RSAKeyValue(rsa,
this._baseURI);
if (rsa != null) {
RSAKeyValue kv = new RSAKeyValue(rsa, this._baseURI);
return kv.getPublicKey();
}
}
Element dsa = XMLUtils.selectDsNode(this._constructionElement,
Constants._TAG_DSAKEYVALUE,0);
if (dsa != null) {
DSAKeyValue kv = new DSAKeyValue(dsa,
this._baseURI);
Element dsa = XMLUtils.selectDsNode
(this._constructionElement.getFirstChild(),
Constants._TAG_DSAKEYVALUE,0);
if (dsa != null) {
DSAKeyValue kv = new DSAKeyValue(dsa, this._baseURI);
return kv.getPublicKey();
}
}
return null;
}
return null;
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_KEYVALUE;
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_KEYVALUE;
}
}

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java
View file

@ -20,25 +20,18 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(MgmtData.class.getName());
/**
* Constructor MgmtData
*

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java
View file

@ -20,25 +20,18 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
* $todo$ Implement
*/
public class PGPData extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(PGPData.class.getName());
/**
* Constructor PGPData
*

11
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java
View file

@ -20,9 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -33,17 +30,13 @@ import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class RetrievalMethod extends SignatureElementProxy
implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(RetrievalMethod.class.getName());
//J-
/** DSA retrieval */
public static final String TYPE_DSA = Constants.SignatureSpecNS + "DSAKeyValue";
@ -133,7 +126,7 @@ public class RetrievalMethod extends SignatureElementProxy
try {
Element transformsElem =
XMLUtils.selectDsNode(this._constructionElement,
XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants
._TAG_TRANSFORMS, 0);

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java
View file

@ -20,25 +20,18 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
* $todo$ implement
*/
public class SPKIData extends SignatureElementProxy implements KeyInfoContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SPKIData.class.getName());
/**
* Constructor SPKIData
*

72
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java
View file

@ -41,7 +41,7 @@ import org.w3c.dom.Node;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class X509Data extends SignatureElementProxy implements KeyInfoContent {
@ -72,60 +72,17 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
throws XMLSecurityException {
super(element, BaseURI);
boolean noElements=true;
Node sibling=this._constructionElement.getFirstChild();
while (sibling!=null) {
if (sibling.getNodeType()!=Node.ELEMENT_NODE) {
sibling=sibling.getNextSibling();
continue;
}
noElements=false;
Element currentElem = (Element) sibling;
sibling=sibling.getNextSibling();
String localname = currentElem.getLocalName();
if (currentElem.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
if (localname.equals(Constants._TAG_X509ISSUERSERIAL)) {
XMLX509IssuerSerial is = new XMLX509IssuerSerial(currentElem,
BaseURI);
this.add(is);
} else if (localname.equals(Constants._TAG_X509SKI)) {
XMLX509SKI ski = new XMLX509SKI(currentElem, BaseURI);
this.add(ski);
} else if (localname.equals(Constants._TAG_X509SUBJECTNAME)) {
XMLX509SubjectName sn = new XMLX509SubjectName(currentElem,
BaseURI);
this.add(sn);
} else if (localname.equals(Constants._TAG_X509CERTIFICATE)) {
XMLX509Certificate cert = new XMLX509Certificate(currentElem,
BaseURI);
this.add(cert);
} else if (localname.equals(Constants._TAG_X509CRL)) {
XMLX509CRL crl = new XMLX509CRL(currentElem, BaseURI);
this.add(crl);
} else {
log.log(java.util.logging.Level.WARNING, "Found a " + currentElem.getTagName() + " element in "
+ Constants._TAG_X509DATA);
this.addUnknownElement(currentElem);
}
} else {
log.log(java.util.logging.Level.WARNING, "Found a " + currentElem.getTagName() + " element in "
+ Constants._TAG_X509DATA);
this.addUnknownElement(currentElem);
}
return;
}
if (noElements) {
Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
throw new XMLSecurityException("xml.WrongContent", exArgs);
}
/* No Elements found */
Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
throw new XMLSecurityException("xml.WrongContent", exArgs);
}
/**
@ -169,11 +126,9 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
*/
public void add(XMLX509IssuerSerial xmlX509IssuerSerial) {
if (this._state == MODE_SIGN) {
this._constructionElement
.appendChild(xmlX509IssuerSerial.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -202,11 +157,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SKI
*/
public void add(XMLX509SKI xmlX509SKI) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509SKI.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -233,11 +185,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509SubjectName
*/
public void add(XMLX509SubjectName xmlX509SubjectName) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509SubjectName.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -266,11 +215,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509Certificate
*/
public void add(XMLX509Certificate xmlX509Certificate) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509Certificate.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -288,11 +234,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param xmlX509CRL
*/
public void add(XMLX509CRL xmlX509CRL) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(xmlX509CRL.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -301,11 +244,8 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* @param element
*/
public void addUnknownElement(Element element) {
if (this._state == MODE_SIGN) {
this._constructionElement.appendChild(element);
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -479,7 +419,7 @@ public class X509Data extends SignatureElementProxy implements KeyInfoContent {
* TODO implement
**/
public Element itemUnknownElement(int i) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:"+i);
log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:"+i);
return null;
}

9
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
@ -39,18 +37,13 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class DSAKeyValue extends SignatureElementProxy
implements KeyValueContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(DSAKeyValue.class.getName());
/**
* Constructor DSAKeyValue
*

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -32,7 +31,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
*
*
*
* @author $Author: raul $
* @author $Author: mullan $
*
*/
public interface KeyValueContent {

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
@ -39,19 +37,13 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class RSAKeyValue extends SignatureElementProxy
implements KeyValueContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(
RSAKeyValue.class.getName());
/**
* Constructor RSAKeyValue
*

12
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java
View file

@ -20,30 +20,20 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
*
*
*
* @author $Author: raul $
* @author $Author: mullan $
*
*/
public class XMLX509CRL extends SignatureElementProxy
implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509CRL.class.getName());
/**
* Constructor XMLX509CRL
*

39
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.io.ByteArrayInputStream;
import java.security.PublicKey;
import java.security.cert.CertificateException;
@ -34,18 +32,13 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class XMLX509Certificate extends SignatureElementProxy
implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509Certificate.class.getName());
/** Field JCA_CERT_ID */
public static final String JCA_CERT_ID = "X.509";
@ -146,23 +139,25 @@ public class XMLX509Certificate extends SignatureElementProxy
return null;
}
/** @inheritDoc */
public boolean equals(Object obj) {
/** @inheritDoc */
public boolean equals(Object obj) {
try {
if (!obj.getClass().getName().equals(this.getClass().getName())) {
if (obj == null) {
return false;
}
}
if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false;
}
XMLX509Certificate other = (XMLX509Certificate) obj;
try {
XMLX509Certificate other = (XMLX509Certificate) obj;
/** $todo$ or should be create X509Certificates and use the equals() from the Certs */
return java.security.MessageDigest.isEqual(other.getCertificateBytes(),
this.getCertificateBytes());
} catch (XMLSecurityException ex) {
return false;
}
}
/** $todo$ or should be create X509Certificates and use the equals() from the Certs */
return java.security.MessageDigest.isEqual
(other.getCertificateBytes(), this.getCertificateBytes());
} catch (XMLSecurityException ex) {
return false;
}
}
/** @inheritDoc */
public String getBaseLocalName() {

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -28,7 +27,7 @@ package com.sun.org.apache.xml.internal.security.keys.content.x509;
/**
* Just used for tagging contents that are allowed inside a ds:X509Data Element.
*
* @author $Author: blautenb $
* @author $Author: mullan $
*/
public interface XMLX509DataContent {
}

225
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
@ -33,148 +31,139 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class XMLX509IssuerSerial extends SignatureElementProxy
implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(
XMLX509IssuerSerial.class.getName());
/**
* Constructor XMLX509IssuerSerial
*
* @param element
* @param BaseURI
* @throws XMLSecurityException
*/
public XMLX509IssuerSerial(Element element, String BaseURI)
/**
* Constructor XMLX509IssuerSerial
*
* @param element
* @param baseURI
* @throws XMLSecurityException
*/
public XMLX509IssuerSerial(Element element, String baseURI)
throws XMLSecurityException {
super(element, BaseURI);
}
super(element, baseURI);
}
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param X509IssuerName
* @param X509SerialNumber
*/
public XMLX509IssuerSerial(Document doc, String X509IssuerName,
BigInteger X509SerialNumber) {
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param x509IssuerName
* @param x509SerialNumber
*/
public XMLX509IssuerSerial(Document doc, String x509IssuerName,
BigInteger x509SerialNumber) {
super(doc);
super(doc);
XMLUtils.addReturnToElement(this._constructionElement);
addTextElement(x509IssuerName, Constants._TAG_X509ISSUERNAME);
addTextElement(x509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER);
}
XMLUtils.addReturnToElement(this._constructionElement);
this.addTextElement(X509IssuerName, Constants._TAG_X509ISSUERNAME);
XMLUtils.addReturnToElement(this._constructionElement);
this.addTextElement(X509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER);
}
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param x509IssuerName
* @param x509SerialNumber
*/
public XMLX509IssuerSerial(Document doc, String x509IssuerName,
String x509SerialNumber) {
this(doc, x509IssuerName, new BigInteger(x509SerialNumber));
}
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param X509IssuerName
* @param X509SerialNumber
*/
public XMLX509IssuerSerial(Document doc, String X509IssuerName,
String X509SerialNumber) {
this(doc, X509IssuerName, new BigInteger(X509SerialNumber));
}
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param x509IssuerName
* @param x509SerialNumber
*/
public XMLX509IssuerSerial(Document doc, String x509IssuerName,
int x509SerialNumber) {
this(doc, x509IssuerName,
new BigInteger(Integer.toString(x509SerialNumber)));
}
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param X509IssuerName
* @param X509SerialNumber
*/
public XMLX509IssuerSerial(Document doc, String X509IssuerName,
int X509SerialNumber) {
this(doc, X509IssuerName,
new BigInteger(Integer.toString(X509SerialNumber)));
}
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param x509certificate
*/
public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) {
/**
* Constructor XMLX509IssuerSerial
*
* @param doc
* @param x509certificate
*/
public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) {
this(doc,
RFC2253Parser.normalize(x509certificate.getIssuerDN().getName()),
x509certificate.getSerialNumber());
}
this(doc,
RFC2253Parser.normalize(x509certificate.getIssuerDN().getName()),
x509certificate.getSerialNumber());
}
/**
* Method getSerialNumber
*
* @return the serial number
*/
public BigInteger getSerialNumber() {
/**
* Method getSerialNumber
*
*
* @return the serial number
*/
public BigInteger getSerialNumber() {
String text = this.getTextFromChildElement
(Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "X509SerialNumber text: " + text);
String text =
this.getTextFromChildElement(Constants._TAG_X509SERIALNUMBER,
Constants.SignatureSpecNS);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "In dem X509SerialNumber wurde gefunden: " + text);
return new BigInteger(text);
}
return new BigInteger(text);
}
/**
* Method getSerialNumberInteger
*
* @return the serial number as plain int
*/
public int getSerialNumberInteger() {
return this.getSerialNumber().intValue();
}
/**
* Method getSerialNumberInteger
*
*
* @return the serial number as plain int
*/
public int getSerialNumberInteger() {
return this.getSerialNumber().intValue();
}
/**
* Method getIssuerName
*
* @return the issuer name
*/
public String getIssuerName() {
/**
* Method getIssuerName
*
*
* @return the issuer name
*/
public String getIssuerName() {
return RFC2253Parser
.normalize(this
.getTextFromChildElement(Constants._TAG_X509ISSUERNAME,
Constants.SignatureSpecNS));
}
return RFC2253Parser
.normalize(this
.getTextFromChildElement(Constants._TAG_X509ISSUERNAME,
Constants.SignatureSpecNS));
}
/** @inheritDoc */
public boolean equals(Object obj) {
/** @inheritDoc */
public boolean equals(Object obj) {
if (obj == null) {
return false;
}
if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false;
}
if (!obj.getClass().getName().equals(this.getClass().getName())) {
return false;
}
XMLX509IssuerSerial other = (XMLX509IssuerSerial) obj;
XMLX509IssuerSerial other = (XMLX509IssuerSerial) obj;
return this.getSerialNumber().equals(other.getSerialNumber())
&& this.getIssuerName().equals(other.getIssuerName());
}
if (other.getSerialNumber().equals(this.getSerialNumber())
&& other.getIssuerName().equals(this.getIssuerName())) {
return true;
}
return false;
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_X509ISSUERSERIAL;
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_X509ISSUERSERIAL;
}
}

269
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.io.IOException;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
@ -36,192 +34,143 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import sun.security.util.DerValue;
/**
* Handles SubjectKeyIdentifier (SKI) for X.509v3.
*
* @author $Author: raul $
* @see <A HREF="http://java.sun.com/products/jdk/1.2/docs/api/java/security/cert/X509Extension.html">Interface X509Extension</A>
* @author $Author: mullan $
* @see <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/security/cert/X509Extension.html">Interface X509Extension</A>
*/
public class XMLX509SKI extends SignatureElementProxy
implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509SKI.class.getName());
/**
* <CODE>SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)</CODE>:
* This extension identifies the public key being certified. It enables
* distinct keys used by the same subject to be differentiated
* (e.g., as key updating occurs).
* <BR />
* A key identifer shall be unique with respect to all key identifiers
* for the subject with which it is used. This extension is always non-critical.
*/
public static final String SKI_OID = "2.5.29.14";
/**
* <CODE>SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14)</CODE>:
* This extension identifies the public key being certified. It enables
* distinct keys used by the same subject to be differentiated
* (e.g., as key updating occurs).
* <BR />
* A key identifer shall be unique with respect to all key identifiers
* for the subject with which it is used. This extension is always non-critical.
*/
public static final String SKI_OID = "2.5.29.14";
/**
* Constructor X509SKI
*
* @param doc
* @param skiBytes
*/
public XMLX509SKI(Document doc, byte[] skiBytes) {
/**
* Constructor X509SKI
*
* @param doc
* @param skiBytes
*/
public XMLX509SKI(Document doc, byte[] skiBytes) {
super(doc);
this.addBase64Text(skiBytes);
}
super(doc);
this.addBase64Text(skiBytes);
}
/**
* Constructor XMLX509SKI
*
* @param doc
* @param x509certificate
* @throws XMLSecurityException
*/
public XMLX509SKI(Document doc, X509Certificate x509certificate)
/**
* Constructor XMLX509SKI
*
* @param doc
* @param x509certificate
* @throws XMLSecurityException
*/
public XMLX509SKI(Document doc, X509Certificate x509certificate)
throws XMLSecurityException {
super(doc);
this.addBase64Text(XMLX509SKI.getSKIBytesFromCert(x509certificate));
}
super(doc);
this.addBase64Text(XMLX509SKI.getSKIBytesFromCert(x509certificate));
}
/**
* Constructor XMLX509SKI
*
* @param element
* @param BaseURI
* @throws XMLSecurityException
*/
public XMLX509SKI(Element element, String BaseURI)
/**
* Constructor XMLX509SKI
*
* @param element
* @param BaseURI
* @throws XMLSecurityException
*/
public XMLX509SKI(Element element, String BaseURI)
throws XMLSecurityException {
super(element, BaseURI);
}
super(element, BaseURI);
}
/**
* Method getSKIBytes
*
* @return the skibytes
* @throws XMLSecurityException
*/
public byte[] getSKIBytes() throws XMLSecurityException {
return this.getBytesFromTextChild();
}
/**
* Method getSKIBytes
*
* @return the skibytes
* @throws XMLSecurityException
*/
public byte[] getSKIBytes() throws XMLSecurityException {
return this.getBytesFromTextChild();
}
/**
* Method getSKIBytesFromCert
*
* @param cert
* @return sky bytes from the given certificate
*
* @throws XMLSecurityException
* @see java.security.cert.X509Extension#getExtensionValue(java.lang.String)
*/
public static byte[] getSKIBytesFromCert(X509Certificate cert)
throws XMLSecurityException {
/**
* Method getSKIBytesFromCert
*
* @param cert
* @return ski bytes from the given certificate
*
* @throws XMLSecurityException
* @see java.security.cert.X509Extension#getExtensionValue(java.lang.String)
*/
public static byte[] getSKIBytesFromCert(X509Certificate cert)
throws XMLSecurityException {
try {
/*
* Gets the DER-encoded OCTET string for the extension value (extnValue)
* identified by the passed-in oid String. The oid string is
* represented by a set of positive whole numbers separated by periods.
*/
byte[] derEncodedValue = cert.getExtensionValue(XMLX509SKI.SKI_OID);
if (cert.getVersion() < 3) {
if (cert.getVersion() < 3) {
Object exArgs[] = { new Integer(cert.getVersion()) };
throw new XMLSecurityException("certificate.noSki.lowVersion",
exArgs);
}
}
byte[] extensionValue = null;
/**
* Use sun.security.util.DerValue if it is present.
*/
try {
DerValue dervalue = new DerValue(derEncodedValue);
if (dervalue == null) {
throw new XMLSecurityException("certificate.noSki.null");
}
if (dervalue.tag != DerValue.tag_OctetString) {
throw new XMLSecurityException("certificate.noSki.notOctetString");
}
extensionValue = dervalue.getOctetString();
} catch (NoClassDefFoundError e) {
}
/**
* Fall back to org.bouncycastle.asn1.DERInputStream
*/
if (extensionValue == null) {
try {
Class clazz = Class.forName("org.bouncycastle.asn1.DERInputStream");
if (clazz != null) {
Constructor constructor = clazz.getConstructor(new Class[]{InputStream.class});
InputStream is = (InputStream) constructor.newInstance(new Object[]{new ByteArrayInputStream(derEncodedValue)});
Method method = clazz.getMethod("readObject", new Class[]{});
Object obj = method.invoke(is, new Object[]{});
if (obj == null) {
throw new XMLSecurityException("certificate.noSki.null");
}
Class clazz2 = Class.forName("org.bouncycastle.asn1.ASN1OctetString");
if (!clazz2.isInstance(obj)) {
throw new XMLSecurityException("certificate.noSki.notOctetString");
}
Method method2 = clazz2.getMethod("getOctets", new Class[]{});
extensionValue = (byte[]) method2.invoke(obj, new Object[]{});
}
} catch (Throwable t) {
}
}
/**
* Strip away first two bytes from the DerValue (tag and length)
*/
byte abyte0[] = new byte[extensionValue.length - 2];
System.arraycopy(extensionValue, 2, abyte0, 0, abyte0.length);
/*
byte abyte0[] = new byte[derEncodedValue.length - 4];
System.arraycopy(derEncodedValue, 4, abyte0, 0, abyte0.length);
/*
* Gets the DER-encoded OCTET string for the extension value
* (extnValue) identified by the passed-in oid String. The oid
* string is represented by a set of positive whole numbers
* separated by periods.
*/
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(abyte0));
byte[] extensionValue = cert.getExtensionValue(XMLX509SKI.SKI_OID);
if (extensionValue == null) {
throw new XMLSecurityException("certificate.noSki.null");
}
return abyte0;
} catch (IOException ex) {
throw new XMLSecurityException("generic.EmptyMessage", ex);
}
}
/**
* Strip away first four bytes from the extensionValue
* The first two bytes are the tag and length of the extensionValue
* OCTET STRING, and the next two bytes are the tag and length of
* the skid OCTET STRING.
*/
byte skidValue[] = new byte[extensionValue.length - 4];
/** @inheritDoc */
public boolean equals(Object obj) {
System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);
if (!obj.getClass().getName().equals(this.getClass().getName())) {
return false;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue));
}
XMLX509SKI other = (XMLX509SKI) obj;
return skidValue;
}
try {
return java.security.MessageDigest.isEqual(other.getSKIBytes(),
/** @inheritDoc */
public boolean equals(Object obj) {
if (obj == null) {
return false;
}
if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false;
}
XMLX509SKI other = (XMLX509SKI) obj;
try {
return java.security.MessageDigest.isEqual(other.getSKIBytes(),
this.getSKIBytes());
} catch (XMLSecurityException ex) {
return false;
}
}
} catch (XMLSecurityException ex) {
return false;
}
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_X509SKI;
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_X509SKI;
}
}

34
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
import java.security.cert.X509Certificate;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
@ -33,15 +31,11 @@ import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class XMLX509SubjectName extends SignatureElementProxy
implements XMLX509DataContent {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509SubjectName.class.getName());
/**
* Constructor X509SubjectName
*
@ -88,23 +82,21 @@ public class XMLX509SubjectName extends SignatureElementProxy
return RFC2253Parser.normalize(this.getTextFromTextChild());
}
/** @inheritDoc */
public boolean equals(Object obj) {
/** @inheritDoc */
public boolean equals(Object obj) {
if (obj == null) {
return false;
}
if (!obj.getClass().getName().equals(this.getClass().getName())) {
return false;
}
if (!this.getClass().getName().equals(obj.getClass().getName())) {
return false;
}
XMLX509SubjectName other = (XMLX509SubjectName) obj;
String otherSubject = other.getSubjectName();
String thisSubject = this.getSubjectName();
if (otherSubject.equals(thisSubject)) {
return true;
}
return false;
XMLX509SubjectName other = (XMLX509SubjectName) obj;
String otherSubject = other.getSubjectName();
String thisSubject = this.getSubjectName();
return thisSubject.equals(otherSubject);
}
/** @inheritDoc */

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -29,7 +28,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/**
*
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class InvalidKeyResolverException extends XMLSecurityException {

189
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -26,6 +25,7 @@ package com.sun.org.apache.xml.internal.security.keys.keyresolver;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.crypto.SecretKey;
@ -39,7 +39,8 @@ import org.w3c.dom.Node;
* KeyResolver is factory class for subclass of KeyResolverSpi that
* represent child element of KeyInfo.
*
* @author $Author: raul $
* @author $Author: mullan $
* @version %I%, %G%
*/
public class KeyResolver {
@ -72,6 +73,7 @@ public class KeyResolver {
InstantiationException {
this._resolverSpi =
(KeyResolverSpi) Class.forName(className).newInstance();
this._resolverSpi.setGlobalResolver(true);
}
/**
@ -83,21 +85,17 @@ public class KeyResolver {
return KeyResolver._resolverVector.size();
}
/**
* Method item
*
* @param i
* @return the number i resolver registerd
* @throws KeyResolverException
*/
public static KeyResolver item(int i) throws KeyResolverException {
KeyResolver resolver = (KeyResolver) KeyResolver._resolverVector.get(i);
if (resolver==null) {
throw new KeyResolverException("utils.resolver.noClass");
}
return resolver;
public static void hit(Iterator hintI) {
ResolverIterator hint = (ResolverIterator) hintI;
int i = hint.i;
if (i!=1 && hint.res ==_resolverVector) {
List resolverVector=(List)((ArrayList)_resolverVector).clone();
Object ob=resolverVector.remove(i-1);
resolverVector.add(0,ob);
_resolverVector=resolverVector;
} else {
//System.out.println("KeyResolver hitting");
}
}
/**
@ -106,17 +104,19 @@ public class KeyResolver {
* @param element
* @param BaseURI
* @param storage
* @return the instance that happends to implement the thing.
* @return The certificate represented by the element.
*
* @throws KeyResolverException
*/
public static final KeyResolver getInstance(
public static final X509Certificate getX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
for (int i = 0; i < KeyResolver._resolverVector.size(); i++) {
// use the old vector to not be hit by updates
List resolverVector = KeyResolver._resolverVector;
for (int i = 0; i < resolverVector.size(); i++) {
KeyResolver resolver=
(KeyResolver) KeyResolver._resolverVector.get(i);
(KeyResolver) resolverVector.get(i);
if (resolver==null) {
Object exArgs[] = {
@ -127,11 +127,63 @@ public class KeyResolver {
throw new KeyResolverException("utils.resolver.noClass", exArgs);
}
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
if (resolver.canResolve(element, BaseURI, storage)) {
return resolver;
X509Certificate cert=resolver.resolveX509Certificate(element, BaseURI, storage);
if (cert!=null) {
return cert;
}
}
Object exArgs[] = {
(((element != null) && (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName()
: "null") };
throw new KeyResolverException("utils.resolver.noClass", exArgs);
}
/**
* Method getInstance
*
* @param element
* @param BaseURI
* @param storage
* @return the public key contained in the element
*
* @throws KeyResolverException
*/
public static final PublicKey getPublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
List resolverVector = KeyResolver._resolverVector;
for (int i = 0; i < resolverVector.size(); i++) {
KeyResolver resolver=
(KeyResolver) resolverVector.get(i);
if (resolver==null) {
Object exArgs[] = {
(((element != null)
&& (element.getNodeType() == Node.ELEMENT_NODE))
? element.getTagName()
: "null") };
throw new KeyResolverException("utils.resolver.noClass", exArgs);
}
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
PublicKey cert=resolver.resolvePublicKey(element, BaseURI, storage);
if (cert!=null) {
if (i!=0 && resolverVector==_resolverVector) {
//update resolver.
resolverVector=(List)((ArrayList)_resolverVector).clone();
Object ob=resolverVector.remove(i);
resolverVector.add(0,ob);
_resolverVector=resolverVector;
}
return cert;
}
}
@ -182,34 +234,6 @@ public class KeyResolver {
KeyResolver._resolverVector.add(0, className);
}
/*
* Method resolve
*
* @param element
*
* @throws KeyResolverException
*/
/**
* Method resolveStatic
*
* @param element
* @param BaseURI
* @param storage
* @return resolve from the static register an element
*
* @throws KeyResolverException
*/
public static PublicKey resolveStatic(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
KeyResolver myResolver = KeyResolver.getInstance(element, BaseURI,
storage);
return myResolver.resolvePublicKey(element, BaseURI, storage);
}
/**
* Method resolve
*
@ -223,7 +247,7 @@ public class KeyResolver {
public PublicKey resolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
return this._resolverSpi.engineResolvePublicKey(element, BaseURI, storage);
return this._resolverSpi.engineLookupAndResolvePublicKey(element, BaseURI, storage);
}
/**
@ -239,7 +263,7 @@ public class KeyResolver {
public X509Certificate resolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
return this._resolverSpi.engineResolveX509Certificate(element, BaseURI,
return this._resolverSpi.engineLookupResolveX509Certificate(element, BaseURI,
storage);
}
@ -253,7 +277,7 @@ public class KeyResolver {
public SecretKey resolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
return this._resolverSpi.engineResolveSecretKey(element, BaseURI,
return this._resolverSpi.engineLookupAndResolveSecretKey(element, BaseURI,
storage);
}
@ -277,14 +301,6 @@ public class KeyResolver {
return this._resolverSpi.engineGetProperty(key);
}
/**
* Method getPropertyKeys
*
* @return the properties key registerd in this resolver
*/
public String[] getPropertyKeys() {
return this._resolverSpi.engineGetPropertyKeys();
}
/**
* Method understandsProperty
@ -296,18 +312,6 @@ public class KeyResolver {
return this._resolverSpi.understandsProperty(propertyToTest);
}
/**
* Method canResolve
*
* @param element
* @param BaseURI
* @param storage
* @return true if can resolve the key in the element
*/
public boolean canResolve(Element element, String BaseURI,
StorageResolver storage) {
return this._resolverSpi.engineCanResolve(element, BaseURI, storage);
}
/**
* Method resolverClassName
@ -317,4 +321,37 @@ public class KeyResolver {
public String resolverClassName() {
return this._resolverSpi.getClass().getName();
}
static class ResolverIterator implements Iterator {
List res;
Iterator it;
int i;
public ResolverIterator(List list) {
res = list;
it = res.iterator();
}
public boolean hasNext() {
// TODO Auto-generated method stub
return it.hasNext();
}
public Object next() {
i++;
KeyResolver resolver = (KeyResolver) it.next();
if (resolver==null) {
throw new RuntimeException("utils.resolver.noClass");
}
return resolver._resolverSpi;
}
public void remove() {
// TODO Auto-generated method stub
}
};
public static Iterator iterator() {
return new ResolverIterator(_resolverVector);
}
}

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -31,7 +30,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
*
*
*
* @author $Author: raul $
* @author $Author: mullan $
*
*/
public class KeyResolverException extends XMLSecurityException {

169
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
View file

@ -20,17 +20,15 @@
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.crypto.SecretKey;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import org.w3c.dom.Element;
/**
* This class is abstract class for a child KeyInfo Elemnet.
*
@ -41,14 +39,10 @@ import org.w3c.dom.Element;
* JAVACLASS="MyPackage.MyKeyValueImpl"//gt;
* </PRE>
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public abstract class KeyResolverSpi {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyResolverSpi.class.getName());
/**
* This method helps the {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver} to decide whether a
* {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi} is able to perform the requested action.
@ -56,10 +50,12 @@ public abstract class KeyResolverSpi {
* @param element
* @param BaseURI
* @param storage
* @return true if can resolve the key in the element
* @return
*/
abstract public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage);
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
throw new UnsupportedOperationException();
}
/**
* Method engineResolvePublicKey
@ -71,9 +67,60 @@ public abstract class KeyResolverSpi {
*
* @throws KeyResolverException
*/
abstract public PublicKey engineResolvePublicKey(
public PublicKey engineResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException;
throws KeyResolverException {
throw new UnsupportedOperationException();
};
/**
* Method engineResolvePublicKey
*
* @param element
* @param BaseURI
* @param storage
* @return resolved public key from the registered from the element.
*
* @throws KeyResolverException
*/
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
KeyResolverSpi tmp = cloneIfNeeded();
if (!tmp.engineCanResolve(element, BaseURI, storage))
return null;
return tmp.engineResolvePublicKey(element, BaseURI, storage);
}
private KeyResolverSpi cloneIfNeeded() throws KeyResolverException {
KeyResolverSpi tmp=this;
if (globalResolver) {
try {
tmp = (KeyResolverSpi) getClass().newInstance();
} catch (InstantiationException e) {
throw new KeyResolverException("",e);
} catch (IllegalAccessException e) {
throw new KeyResolverException("",e);
}
}
return tmp;
}
/**
* Method engineResolveCertificate
*
* @param element
* @param BaseURI
* @param storage
* @return resolved X509Certificate key from the registered from the elements
*
* @throws KeyResolverException
*/
public X509Certificate engineResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException{
throw new UnsupportedOperationException();
};
/**
* Method engineResolveCertificate
@ -85,9 +132,30 @@ public abstract class KeyResolverSpi {
*
* @throws KeyResolverException
*/
abstract public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException;
throws KeyResolverException {
KeyResolverSpi tmp = cloneIfNeeded();
if (!tmp.engineCanResolve(element, BaseURI, storage))
return null;
return tmp.engineResolveX509Certificate(element, BaseURI, storage);
}
/**
* Method engineResolveSecretKey
*
* @param element
* @param BaseURI
* @param storage
* @return resolved SecretKey key from the registered from the elements
*
* @throws KeyResolverException
*/
public SecretKey engineResolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException{
throw new UnsupportedOperationException();
};
/**
* Method engineResolveSecretKey
@ -99,12 +167,19 @@ public abstract class KeyResolverSpi {
*
* @throws KeyResolverException
*/
abstract public SecretKey engineResolveSecretKey(
public SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException;
throws KeyResolverException {
KeyResolverSpi tmp = cloneIfNeeded();
if (!tmp.engineCanResolve(element, BaseURI, storage))
return null;
return tmp.engineResolveSecretKey(element, BaseURI, storage);
}
/** Field _properties */
protected java.util.Map _properties = new java.util.HashMap(10);
protected java.util.Map _properties = null;
protected boolean globalResolver=false;
/**
* Method engineSetProperty
@ -113,19 +188,8 @@ public abstract class KeyResolverSpi {
* @param value
*/
public void engineSetProperty(String key, String value) {
java.util.Iterator i = this._properties.keySet().iterator();
while (i.hasNext()) {
String c = (String) i.next();
if (c.equals(key)) {
key = c;
break;
}
}
if (_properties==null)
_properties=new HashMap();
this._properties.put(key, value);
}
@ -136,31 +200,12 @@ public abstract class KeyResolverSpi {
* @return obtain the property appointed by key
*/
public String engineGetProperty(String key) {
java.util.Iterator i = this._properties.keySet().iterator();
while (i.hasNext()) {
String c = (String) i.next();
if (c.equals(key)) {
key = c;
break;
}
}
if (_properties==null)
return null;
return (String) this._properties.get(key);
}
/**
* Method engineGetPropertyKeys
*
* @return the keys of properties known by this resolver
*/
public String[] engineGetPropertyKeys() {
return new String[0];
}
/**
* Method understandsProperty
*
@ -168,17 +213,13 @@ public abstract class KeyResolverSpi {
* @return true if understood the property
*/
public boolean understandsProperty(String propertyToTest) {
if (_properties==null)
return false;
String[] understood = this.engineGetPropertyKeys();
if (understood != null) {
for (int i = 0; i < understood.length; i++) {
if (understood[i].equals(propertyToTest)) {
return true;
}
}
}
return false;
return this._properties.get(propertyToTest)!=null;
}
public void setGlobalResolver(boolean globalResolver) {
this.globalResolver = globalResolver;
}
}

70
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java
View file

@ -37,46 +37,10 @@ import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class DSAKeyValueResolver extends KeyResolverSpi {
/** Field _dsaKeyElement */
private Element _dsaKeyElement = null;
/** @inheritDoc */
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (element == null) {
return false;
}
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_KEYVALUE);
boolean isDSAKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_DSAKEYVALUE);
if (isKeyValue) {
this._dsaKeyElement =
XMLUtils.selectDsNode(element.getFirstChild(),Constants._TAG_DSAKEYVALUE,0);
if (this._dsaKeyElement != null) {
return true;
}
} else if (isDSAKeyValue) {
// this trick is needed to allow the RetrievalMethodResolver to eat a
// ds:DSAKeyValue directly (without KeyValue)
this._dsaKeyElement = element;
return true;
}
return false;
}
/**
* Method engineResolvePublicKey
*
@ -85,20 +49,30 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
* @param storage
* @return null if no {@link PublicKey} could be obtained
*/
public PublicKey engineResolvePublicKey(
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) {
if (element == null) {
return null;
}
Element dsaKeyElement=null;
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_KEYVALUE);
if (isKeyValue) {
dsaKeyElement =
XMLUtils.selectDsNode(element.getFirstChild(),Constants._TAG_DSAKEYVALUE,0);
} else if (XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_DSAKEYVALUE)) {
// this trick is needed to allow the RetrievalMethodResolver to eat a
// ds:DSAKeyValue directly (without KeyValue)
dsaKeyElement = element;
}
if (this._dsaKeyElement == null) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI,
storage);
if (!weCanResolve || (this._dsaKeyElement == null)) {
return null;
}
if (dsaKeyElement == null) {
return null;
}
try {
DSAKeyValue dsaKeyValue = new DSAKeyValue(this._dsaKeyElement,
DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement,
BaseURI);
PublicKey pk = dsaKeyValue.getPublicKey();
@ -112,13 +86,13 @@ public class DSAKeyValueResolver extends KeyResolverSpi {
/** @inheritDoc */
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) {
return null;
}
/** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage){
return null;
}

69
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java
View file

@ -56,7 +56,6 @@ public class EncryptedKeyResolver extends KeyResolverSpi {
RSAKeyValueResolver.class.getName());
Key _key;
Key _kek;
String _algorithm;
@ -66,7 +65,6 @@ public class EncryptedKeyResolver extends KeyResolverSpi {
* @param algorithm
*/
public EncryptedKeyResolver(String algorithm) {
_key = null;
_kek = null;
_algorithm=algorithm;
}
@ -78,64 +76,49 @@ public class EncryptedKeyResolver extends KeyResolverSpi {
*/
public EncryptedKeyResolver(String algorithm, Key kek) {
_key = null;
_algorithm = algorithm;
_kek = kek;
}
/**
* Method engineCanResolve
*
* @param element
* @param BaseURI
* @param storage
* @return true if can resolve the key in the element
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName());
if (element == null) {
return false;
}
boolean isEncryptedKey = XMLUtils.elementIsInEncryptionSpace(element,
EncryptionConstants._TAG_ENCRYPTEDKEY);
if (isEncryptedKey) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
try {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, _kek);
EncryptedKey ek = cipher.loadEncryptedKey(element);
_key = cipher.decryptKey(ek, _algorithm);
}
catch (Exception e) {}
}
return (_key != null);
}
/** @inheritDoc */
public PublicKey engineResolvePublicKey(
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) {
return null;
}
/** @inheritDoc */
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) {
return null;
}
/** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) {
return (SecretKey) _key;
SecretKey key=null;
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName());
if (element == null) {
return null;
}
boolean isEncryptedKey = XMLUtils.elementIsInEncryptionSpace(element,
EncryptionConstants._TAG_ENCRYPTEDKEY);
if (isEncryptedKey) {
log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
try {
XMLCipher cipher = XMLCipher.getInstance();
cipher.init(XMLCipher.UNWRAP_MODE, _kek);
EncryptedKey ek = cipher.loadEncryptedKey(element);
key = (SecretKey) cipher.decryptKey(ek, _algorithm);
}
catch (Exception e) {}
}
return key;
}
}

67
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -38,7 +37,7 @@ import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class RSAKeyValueResolver extends KeyResolverSpi {
@ -48,75 +47,55 @@ public class RSAKeyValueResolver extends KeyResolverSpi {
RSAKeyValueResolver.class.getName());
/** Field _rsaKeyElement */
private Element _rsaKeyElement = null;
/** @inheritDoc */
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
if (element == null) {
return false;
return null;
}
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_KEYVALUE);
boolean isRSAKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RSAKEYVALUE);
if (isKeyValue) {
this._rsaKeyElement = XMLUtils.selectDsNode(element.getFirstChild(),
Constants._TAG_RSAKEYVALUE, 0);
if (this._rsaKeyElement != null) {
return true;
}
} else if (isRSAKeyValue) {
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_KEYVALUE);
Element rsaKeyElement=null;
if (isKeyValue) {
rsaKeyElement = XMLUtils.selectDsNode(element.getFirstChild(),
Constants._TAG_RSAKEYVALUE, 0);
} else if (XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RSAKEYVALUE)) {
// this trick is needed to allow the RetrievalMethodResolver to eat a
// ds:RSAKeyValue directly (without KeyValue)
this._rsaKeyElement = element;
rsaKeyElement = element;
}
return true;
}
return false;
}
/** @inheritDoc */
public PublicKey engineResolvePublicKey(
Element element, String BaseURI, StorageResolver storage) {
if (this._rsaKeyElement == null) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI,
storage);
if (!weCanResolve || (this._rsaKeyElement == null)) {
return null;
}
if (rsaKeyElement == null) {
return null;
}
try {
RSAKeyValue rsaKeyValue = new RSAKeyValue(this._rsaKeyElement,
RSAKeyValue rsaKeyValue = new RSAKeyValue(rsaKeyElement,
BaseURI);
return rsaKeyValue.getPublicKey();
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
}
return null;
}
/** @inheritDoc */
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage) {
return null;
}
/** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) {
return null;
}

353
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java
View file

@ -28,7 +28,15 @@ import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Set;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
@ -44,6 +52,7 @@ import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/**
@ -55,7 +64,7 @@ import org.w3c.dom.Node;
* RetrievalMethodResolver cannot handle itself, resolving of the extracted
* element is delegated back to the KeyResolver mechanism.
*
* @author $Author: raul $
* @author $Author: mullan $ modified by Dave Garcia
*/
public class RetrievalMethodResolver extends KeyResolverSpi {
@ -64,26 +73,6 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
java.util.logging.Logger.getLogger(
RetrievalMethodResolver.class.getName());
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if
(!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RETRIEVALMETHOD)) {
return false;
}
return true;
}
/**
* Method engineResolvePublicKey
* @inheritDoc
@ -92,84 +81,61 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @param storage
*
*/
public PublicKey engineResolvePublicKey(
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
{
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RETRIEVALMETHOD)) {
return null;
}
try {
RetrievalMethod rm = new RetrievalMethod(element, BaseURI);
Attr uri = rm.getURIAttr();
// type can be null because it's optional
String type = rm.getType();
Transforms transforms = rm.getTransforms();
ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI);
if (resRes != null) {
XMLSignatureInput resource = resRes.resolve(uri, BaseURI);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has "
+ resource.getBytes().length + "bytes");
if (transforms != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms");
resource = transforms.performTransforms(resource);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has "
+ resource.getBytes().length + "bytes");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI());
}
byte inputBytes[] = resource.getBytes();
if ((type != null) && type.equals(RetrievalMethod.TYPE_RAWX509)) {
// if the resource stores a raw certificate, we have to handle it
CertificateFactory certFact =
CertificateFactory
.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =
(X509Certificate) certFact
.generateCertificate(new ByteArrayInputStream(inputBytes));
if (cert != null) {
return cert.getPublicKey();
}
} else {
// otherwise, we parse the resource, create an Element and delegate
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
Element e = this.getDocFromBytes(inputBytes);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"
+ e.getLocalName() + " Element");
if (e != null) {
KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e),
BaseURI, storage);
if (newKeyResolver != null) {
return newKeyResolver.resolvePublicKey(getFirstElementChild(e), BaseURI,
storage);
}
}
}
}
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
//Create a retrieval method over the given element
RetrievalMethod rm = new RetrievalMethod(element, BaseURI);
String type = rm.getType();
XMLSignatureInput resource=resolveInput(rm,BaseURI);
if (RetrievalMethod.TYPE_RAWX509.equals(type)) {
//a raw certificate, direct parsing is done!
X509Certificate cert=getRawCertificate(resource);
if (cert != null) {
return cert.getPublicKey();
}
return null;
};
Element e = obtainRefrenceElement(resource);
return resolveKey(e,BaseURI,storage);
} catch (XMLSecurityException ex) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
} catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex);
log.log(java.util.logging.Level.FINE, "CertificateException", ex);
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex);
}
log.log(java.util.logging.Level.FINE, "IOException", ex);
} catch (ParserConfigurationException e) {
log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e);
} catch (SAXException e) {
log.log(java.util.logging.Level.FINE, "SAXException", e);
}
return null;
}
static private Element obtainRefrenceElement(XMLSignatureInput resource) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException, KeyResolverException {
Element e;
if (resource.isElement()){
e=(Element) resource.getSubNode();
} else if (resource.isNodeSet()) {
//Retrieved resource is a nodeSet
e=getDocumentElement(resource.getNodeSet());
} else {
//Retrieved resource is an inputStream
byte inputBytes[] = resource.getBytes();
e = getDocFromBytes(inputBytes);
//otherwise, we parse the resource, create an Element and delegate
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
}
return e;
}
/**
* Method engineResolveX509Certificate
* @inheritDoc
@ -178,87 +144,102 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @param storage
*
*/
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
{
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_RETRIEVALMETHOD)) {
return null;
}
try {
try {
RetrievalMethod rm = new RetrievalMethod(element, BaseURI);
Attr uri = rm.getURIAttr();
Transforms transforms = rm.getTransforms();
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Asked to resolve URI " + uri);
ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI);
if (resRes != null) {
XMLSignatureInput resource = resRes.resolve(uri, BaseURI);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has "
+ resource.getBytes().length + "bytes");
if (transforms != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms");
resource = transforms.performTransforms(resource);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has "
+ resource.getBytes().length + "bytes");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI());
}
byte inputBytes[] = resource.getBytes();
if ((rm.getType() != null)
&& rm.getType().equals(RetrievalMethod.TYPE_RAWX509)) {
// if the resource stores a raw certificate, we have to handle it
CertificateFactory certFact =
CertificateFactory
.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =
(X509Certificate) certFact
.generateCertificate(new ByteArrayInputStream(inputBytes));
if (cert != null) {
return cert;
}
} else {
// otherwise, we parse the resource, create an Element and delegate
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
Element e = this.getDocFromBytes(inputBytes);
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"
+ e.getLocalName() + " Element");
if (e != null) {
KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e),
BaseURI, storage);
if (newKeyResolver != null) {
return newKeyResolver.resolveX509Certificate(getFirstElementChild(e), BaseURI,
storage);
}
}
}
}
String type = rm.getType();
XMLSignatureInput resource=resolveInput(rm,BaseURI);
if (RetrievalMethod.TYPE_RAWX509.equals(type)) {
X509Certificate cert=getRawCertificate(resource);
return cert;
}
Element e = obtainRefrenceElement(resource);
return resolveCertificate(e,BaseURI,storage);
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
} catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex);
log.log(java.util.logging.Level.FINE, "CertificateException", ex);
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex);
}
log.log(java.util.logging.Level.FINE, "IOException", ex);
} catch (ParserConfigurationException e) {
log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e);
} catch (SAXException e) {
log.log(java.util.logging.Level.FINE, "SAXException", e);
}
return null;
}
/**
* Retrieves a x509Certificate from the given information
* @param e
* @param BaseURI
* @param storage
* @return
* @throws KeyResolverException
*/
static private X509Certificate resolveCertificate(Element e,String BaseURI,StorageResolver storage) throws KeyResolverException{
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"+ e.getLocalName() + " Element");
//An element has been provided
if (e != null) {
return KeyResolver.getX509Certificate(e,BaseURI, storage);
}
return null;
}
/**
* Retrieves a x509Certificate from the given information
* @param e
* @param BaseURI
* @param storage
* @return
* @throws KeyResolverException
*/
static private PublicKey resolveKey(Element e,String BaseURI,StorageResolver storage) throws KeyResolverException{
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"+ e.getLocalName() + " Element");
//An element has been provided
if (e != null) {
return KeyResolver.getPublicKey(e,BaseURI, storage);
}
return null;
}
static private X509Certificate getRawCertificate(XMLSignatureInput resource) throws CanonicalizationException, IOException, CertificateException{
byte inputBytes[] = resource.getBytes();
// if the resource stores a raw certificate, we have to handle it
CertificateFactory certFact =CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =(X509Certificate) certFact.generateCertificate(new ByteArrayInputStream(inputBytes));
return cert;
}
/**
* Resolves the input from the given retrieval method
* @return
* @throws XMLSecurityException
*/
static private XMLSignatureInput resolveInput(RetrievalMethod rm,String BaseURI) throws XMLSecurityException{
Attr uri = rm.getURIAttr();
//Apply the trnasforms
Transforms transforms = rm.getTransforms();
ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI);
if (resRes != null) {
XMLSignatureInput resource = resRes.resolve(uri, BaseURI);
if (transforms != null) {
log.log(java.util.logging.Level.FINE, "We have Transforms");
resource = transforms.performTransforms(resource);
}
return resource;
}
return null;
}
/**
* Parses a byte array and returns the parsed Element.
*
@ -266,18 +247,13 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @return the Document Element after parsing bytes
* @throws KeyResolverException if something goes wrong
*/
Element getDocFromBytes(byte[] bytes) throws KeyResolverException {
static Element getDocFromBytes(byte[] bytes) throws KeyResolverException {
try {
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
javax.xml.parsers.DocumentBuilderFactory dbf =javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
org.w3c.dom.Document doc =
db.parse(new java.io.ByteArrayInputStream(bytes));
return doc.getDocumentElement();
} catch (org.xml.sax.SAXException ex) {
throw new KeyResolverException("empty", ex);
@ -296,16 +272,43 @@ public class RetrievalMethodResolver extends KeyResolverSpi {
* @param storage
*
*/
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
{
return null;
}
static Element getFirstElementChild(Element e){
Node n=e.getFirstChild();
while (n!=null && n.getNodeType()!=Node.ELEMENT_NODE) {
n=n.getNextSibling();
}
return (Element)n;
static Element getDocumentElement(Set set) {
Iterator it=set.iterator();
Element e=null;
while (it.hasNext()) {
Node currentNode=(Node)it.next();
if (currentNode instanceof Element) {
e=(Element)currentNode;
break;
}
}
List parents=new ArrayList(10);
//Obtain all the parents of the elemnt
do {
parents.add(e);
Node n=e.getParentNode();
if (!(n instanceof Element )) {
break;
}
e=(Element)n;
} while (e!=null);
//Visit them in reverse order.
ListIterator it2=parents.listIterator(parents.size()-1);
Element ele=null;
while (it2.hasPrevious()) {
ele=(Element)it2.previous();
if (set.contains(ele)) {
return ele;
}
}
return null;
}
}

91
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509CertificateResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -41,7 +40,7 @@ import org.w3c.dom.Element;
* Resolves Certificates which are directly contained inside a
* <CODE>ds:X509Certificate</CODE> Element.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class X509CertificateResolver extends KeyResolverSpi {
@ -49,47 +48,7 @@ public class X509CertificateResolver extends KeyResolverSpi {
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(X509CertificateResolver.class.getName());
/** Field _dsaKeyElement */
Element[] _x509CertKeyElements = null;
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
this._x509CertKeyElements = XMLUtils.selectDsNodes(element.getFirstChild(),
Constants._TAG_X509CERTIFICATE);
if ((this._x509CertKeyElements != null)
&& (this._x509CertKeyElements.length > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can");
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/** Field _x509certObject[] */
XMLX509Certificate _x509certObject[] = null;
/**
* Method engineResolvePublicKey
@ -100,11 +59,11 @@ public class X509CertificateResolver extends KeyResolverSpi {
*
* @throws KeyResolverException
*/
public PublicKey engineResolvePublicKey(
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element,
X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage);
if (cert != null) {
@ -123,43 +82,33 @@ public class X509CertificateResolver extends KeyResolverSpi {
*
* @throws KeyResolverException
*/
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
try {
if ((this._x509CertKeyElements == null)
|| (this._x509CertKeyElements.length == 0)) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI,
storage);
if (!weCanResolve || (this._x509CertKeyElements == null)
|| (this._x509CertKeyElements.length == 0)) {
return null;
}
Element[] els=XMLUtils.selectDsNodes(element.getFirstChild(),
Constants._TAG_X509CERTIFICATE);
if ((els == null) || (els.length == 0)) {
Element el=XMLUtils.selectDsNode(element.getFirstChild(),
Constants._TAG_X509DATA,0);
if (el!=null) {
return engineLookupResolveX509Certificate(el, BaseURI, storage);
}
return null;
}
this._x509certObject =
new XMLX509Certificate[this._x509CertKeyElements.length];
// populate Object array
for (int i = 0; i < this._x509CertKeyElements.length; i++) {
this._x509certObject[i] =
new XMLX509Certificate(this._x509CertKeyElements[i]
, BaseURI);
}
for (int i = 0; i < this._x509certObject.length; i++) {
X509Certificate cert = this._x509certObject[i].getX509Certificate();
if (cert != null) {
return cert;
for (int i = 0; i < els.length; i++) {
XMLX509Certificate xmlCert=new XMLX509Certificate(els[i], BaseURI);
X509Certificate cert = xmlCert.getX509Certificate();
if (cert!=null) {
return cert;
}
}
return null;
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
throw new KeyResolverException("generic.EmptyMessage", ex);
}
@ -173,7 +122,7 @@ public class X509CertificateResolver extends KeyResolverSpi {
* @param storage
*
*/
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
{
return null;

84
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509IssuerSerialResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -39,7 +38,7 @@ import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class X509IssuerSerialResolver extends KeyResolverSpi {
@ -48,44 +47,13 @@ public class X509IssuerSerialResolver extends KeyResolverSpi {
java.util.logging.Logger.getLogger(
X509IssuerSerialResolver.class.getName());
/** @inheritDoc */
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
X509Data x509data = null;
try {
x509data = new X509Data(element, BaseURI);
} catch (XMLSignatureException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
if (x509data == null) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
if (x509data.containsIssuerSerial()) {
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/** @inheritDoc */
public PublicKey engineResolvePublicKey(
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element,
X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage);
if (cert != null) {
@ -96,10 +64,31 @@ public class X509IssuerSerialResolver extends KeyResolverSpi {
}
/** @inheritDoc */
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
X509Data x509data = null;
try {
x509data = new X509Data(element, BaseURI);
} catch (XMLSignatureException ex) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
} catch (XMLSecurityException ex) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
if (x509data == null) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
if (!x509data.containsIssuerSerial()) {
return null;
}
try {
if (storage == null) {
Object exArgs[] = { Constants._TAG_X509ISSUERSERIAL };
@ -107,53 +96,52 @@ public class X509IssuerSerialResolver extends KeyResolverSpi {
new KeyResolverException("KeyResolver.needStorageResolver",
exArgs);
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex);
log.log(java.util.logging.Level.INFO, "", ex);
throw ex;
}
X509Data x509data = new X509Data(element, BaseURI);
int noOfISS = x509data.lengthIssuerSerial();
while (storage.hasNext()) {
X509Certificate cert = storage.next();
XMLX509IssuerSerial certSerial = new XMLX509IssuerSerial(element.getOwnerDocument(), cert);
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: "
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: "
+ certSerial.getIssuerName());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate Serial: "
log.log(java.util.logging.Level.FINE, "Found Certificate Serial: "
+ certSerial.getSerialNumber().toString());
}
for (int i=0; i<noOfISS; i++) {
XMLX509IssuerSerial xmliss = x509data.itemIssuerSerial(i);
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Element Issuer: "
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Found Element Issuer: "
+ xmliss.getIssuerName());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Element Serial: "
log.log(java.util.logging.Level.FINE, "Found Element Serial: "
+ xmliss.getSerialNumber().toString());
}
if (certSerial.equals(xmliss)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "match !!! ");
log.log(java.util.logging.Level.FINE, "match !!! ");
return cert;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "no match...");
log.log(java.util.logging.Level.FINE, "no match...");
}
}
return null;
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
throw new KeyResolverException("generic.EmptyMessage", ex);
}
}
/** @inheritDoc */
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage) {
return null;
}

100
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SKIResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -40,7 +39,7 @@ import org.w3c.dom.Element;
/**
*
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class X509SKIResolver extends KeyResolverSpi {
@ -48,50 +47,6 @@ public class X509SKIResolver extends KeyResolverSpi {
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(X509SKIResolver.class.getName());
/** Field _x509childNodes */
private Element _x509childNodes[] = null;
/** Field _x509childObject[] */
private XMLX509SKI _x509childObject[] = null;
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
}
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
this._x509childNodes = XMLUtils.selectDsNodes(element,
Constants._TAG_X509SKI);
if ((this._x509childNodes != null)
&& (this._x509childNodes.length > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can");
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/**
* Method engineResolvePublicKey
@ -102,11 +57,11 @@ public class X509SKIResolver extends KeyResolverSpi {
* @return null if no {@link PublicKey} could be obtained
* @throws KeyResolverException
*/
public PublicKey engineResolvePublicKey(
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element,
X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage);
if (cert != null) {
@ -125,46 +80,55 @@ public class X509SKIResolver extends KeyResolverSpi {
*
* @throws KeyResolverException
*/
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
}
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA)) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
/** Field _x509childObject[] */
XMLX509SKI x509childObject[] = null;
try {
if (this._x509childNodes == null) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI,
storage);
if (!weCanResolve || (this._x509childNodes == null)) {
return null;
}
}
Element x509childNodes[] = null;
x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(),
Constants._TAG_X509SKI);
if (!((x509childNodes != null)
&& (x509childNodes.length > 0))) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
try {
if (storage == null) {
Object exArgs[] = { Constants._TAG_X509SKI };
KeyResolverException ex =
new KeyResolverException("KeyResolver.needStorageResolver",
exArgs);
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex);
log.log(java.util.logging.Level.INFO, "", ex);
throw ex;
}
this._x509childObject =
new XMLX509SKI[this._x509childNodes.length];
x509childObject = new XMLX509SKI[x509childNodes.length];
for (int i = 0; i < this._x509childNodes.length; i++) {
this._x509childObject[i] =
new XMLX509SKI(this._x509childNodes[i], BaseURI);
for (int i = 0; i < x509childNodes.length; i++) {
x509childObject[i] =
new XMLX509SKI(x509childNodes[i], BaseURI);
}
while (storage.hasNext()) {
X509Certificate cert = storage.next();
XMLX509SKI certSKI = new XMLX509SKI(element.getOwnerDocument(), cert);
for (int i = 0; i < this._x509childObject.length; i++) {
if (certSKI.equals(this._x509childObject[i])) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Return PublicKey from "
for (int i = 0; i < x509childObject.length; i++) {
if (certSKI.equals(x509childObject[i])) {
log.log(java.util.logging.Level.FINE, "Return PublicKey from "
+ cert.getSubjectDN().getName());
return cert;
@ -186,7 +150,7 @@ public class X509SKIResolver extends KeyResolverSpi {
* @param storage
*
*/
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
{
return null;

109
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SubjectNameResolver.java
View file

@ -38,7 +38,7 @@ import org.w3c.dom.Element;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class X509SubjectNameResolver extends KeyResolverSpi {
@ -47,50 +47,6 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
java.util.logging.Logger.getLogger(
X509SubjectNameResolver.class.getName());
/** Field _x509childNodes */
private Element[] _x509childNodes = null;
/** Field _x509childObject[] */
private XMLX509SubjectName _x509childObject[] = null;
/**
* Method engineCanResolve
* @inheritDoc
* @param element
* @param BaseURI
* @param storage
*
*/
public boolean engineCanResolve(Element element, String BaseURI,
StorageResolver storage) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA) ) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
this._x509childNodes = XMLUtils.selectDsNodes(element,
Constants._TAG_X509SUBJECTNAME);
if ((this._x509childNodes != null)
&& (this._x509childNodes.length > 0)) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can");
return true;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't");
return false;
}
/**
* Method engineResolvePublicKey
@ -101,11 +57,11 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
* @return null if no {@link PublicKey} could be obtained
* @throws KeyResolverException
*/
public PublicKey engineResolvePublicKey(
public PublicKey engineLookupAndResolvePublicKey(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
X509Certificate cert = this.engineResolveX509Certificate(element,
X509Certificate cert = this.engineLookupResolveX509Certificate(element,
BaseURI, storage);
if (cert != null) {
@ -124,37 +80,46 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
*
* @throws KeyResolverException
*/
public X509Certificate engineResolveX509Certificate(
public X509Certificate engineLookupResolveX509Certificate(
Element element, String BaseURI, StorageResolver storage)
throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
Element[] x509childNodes = null;
XMLX509SubjectName x509childObject[] = null;
if (!XMLUtils.elementIsInSignatureSpace(element,
Constants._TAG_X509DATA) ) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(),
Constants._TAG_X509SUBJECTNAME);
if (!((x509childNodes != null)
&& (x509childNodes.length > 0))) {
log.log(java.util.logging.Level.FINE, "I can't");
return null;
}
try {
if (this._x509childNodes == null) {
boolean weCanResolve = this.engineCanResolve(element, BaseURI,
storage);
if (!weCanResolve || (this._x509childNodes == null)) {
return null;
}
}
if (storage == null) {
Object exArgs[] = { Constants._TAG_X509SUBJECTNAME };
KeyResolverException ex =
new KeyResolverException("KeyResolver.needStorageResolver",
exArgs);
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex);
log.log(java.util.logging.Level.INFO, "", ex);
throw ex;
}
this._x509childObject =
new XMLX509SubjectName[this._x509childNodes.length];
x509childObject =
new XMLX509SubjectName[x509childNodes.length];
for (int i = 0; i < this._x509childNodes.length; i++) {
this._x509childObject[i] =
new XMLX509SubjectName(this._x509childNodes[i],
for (int i = 0; i < x509childNodes.length; i++) {
x509childObject[i] =
new XMLX509SubjectName(x509childNodes[i],
BaseURI);
}
@ -163,24 +128,24 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
XMLX509SubjectName certSN =
new XMLX509SubjectName(element.getOwnerDocument(), cert);
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName());
log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName());
for (int i = 0; i < this._x509childObject.length; i++) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Element SN: "
+ this._x509childObject[i].getSubjectName());
for (int i = 0; i < x509childObject.length; i++) {
log.log(java.util.logging.Level.FINE, "Found Element SN: "
+ x509childObject[i].getSubjectName());
if (certSN.equals(this._x509childObject[i])) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "match !!! ");
if (certSN.equals(x509childObject[i])) {
log.log(java.util.logging.Level.FINE, "match !!! ");
return cert;
}
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "no match...");
log.log(java.util.logging.Level.FINE, "no match...");
}
}
return null;
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
throw new KeyResolverException("generic.EmptyMessage", ex);
}
@ -194,7 +159,7 @@ public class X509SubjectNameResolver extends KeyResolverSpi {
* @param storage
*
*/
public javax.crypto.SecretKey engineResolveSecretKey(
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
Element element, String BaseURI, StorageResolver storage)
{
return null;

29
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -21,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.storage;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@ -36,7 +33,7 @@ import com.sun.org.apache.xml.internal.security.keys.storage.implementations.Sin
/**
* This class collects customized resolvers for Certificates.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class StorageResolver {
@ -45,7 +42,7 @@ public class StorageResolver {
java.util.logging.Logger.getLogger(StorageResolver.class.getName());
/** Field _storageResolvers */
List _storageResolvers = new ArrayList();
List _storageResolvers = null;
/** Field _iterator */
Iterator _iterator = null;
@ -71,7 +68,8 @@ public class StorageResolver {
* @param resolver
*/
public void add(StorageResolverSpi resolver) {
if (_storageResolvers==null)
_storageResolvers=new ArrayList();
this._storageResolvers.add(resolver);
this._iterator = null;
@ -126,6 +124,8 @@ public class StorageResolver {
public Iterator getIterator() {
if (this._iterator == null) {
if (_storageResolvers==null)
_storageResolvers=new ArrayList();
this._iterator = new StorageResolverIterator(this._storageResolvers.iterator());
}
@ -140,6 +140,8 @@ public class StorageResolver {
public boolean hasNext() {
if (this._iterator == null) {
if (_storageResolvers==null)
_storageResolvers=new ArrayList();
this._iterator = new StorageResolverIterator(this._storageResolvers.iterator());
}
@ -158,15 +160,13 @@ public class StorageResolver {
/**
* Class StorageResolverIterator
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
class StorageResolverIterator implements Iterator {
static class StorageResolverIterator implements Iterator {
/** Field _resolvers */
Iterator _resolvers = null;
/** Field _currentResolver */
int _currentResolver = 0;
Iterator _resolvers = null;
/**
* Constructor FilesystemIterator
@ -179,17 +179,16 @@ public class StorageResolver {
/** @inheritDoc */
public boolean hasNext() {
return _resolvers.hasNext();
return _resolvers.hasNext();
}
/** @inheritDoc */
public Object next() {
return _resolvers.next();
return _resolvers.next();
}
/**
* Method remove
*
*/
public void remove() {
throw new UnsupportedOperationException(

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -28,7 +27,7 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class StorageResolverException extends XMLSecurityException {

3
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -28,7 +27,7 @@ import java.util.Iterator;
/**
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public abstract class StorageResolverSpi {

25
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -21,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.storage.implementations;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
@ -40,12 +37,11 @@ import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverExce
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
import com.sun.org.apache.xml.internal.security.utils.Base64;
/**
* This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s
* which reside as files in a single directory available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
@ -131,20 +127,20 @@ public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
dn = cert.getSubjectDN().getName();
added = true;
} catch (FileNotFoundException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (CertificateNotYetValidException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (CertificateExpiredException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
} catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
}
if (added) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Added certificate: " + dn);
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Added certificate: " + dn);
}
}
}
@ -157,9 +153,10 @@ public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
/**
* Class FilesystemIterator
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
class FilesystemIterator implements Iterator {
private static class FilesystemIterator implements Iterator {
/** Field _certs */
List _certs = null;

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -21,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.storage.implementations;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
@ -37,7 +34,7 @@ import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
* Makes the Certificates from a JAVA {@link KeyStore} object available to the
* {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class KeyStoreResolver extends StorageResolverSpi {
@ -66,9 +63,10 @@ public class KeyStoreResolver extends StorageResolverSpi {
/**
* Class KeyStoreIterator
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
class KeyStoreIterator implements Iterator {
static class KeyStoreIterator implements Iterator {
/** Field _keyStore */
KeyStore _keyStore = null;

10
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -21,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.keys.storage.implementations;
import java.security.cert.X509Certificate;
import java.util.Iterator;
@ -33,7 +30,7 @@ import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
* This {@link StorageResolverSpi} makes a single {@link X509Certificate}
* available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}.
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public class SingleCertificateResolver extends StorageResolverSpi {
@ -61,9 +58,10 @@ public class SingleCertificateResolver extends StorageResolverSpi {
/**
* Class InternalIterator
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
class InternalIterator implements Iterator {
static class InternalIterator implements Iterator {
/** Field _alreadyReturned */
boolean _alreadyReturned = false;

19
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml
View file

@ -14,6 +14,10 @@
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments"/>
<CanonicalizationMethod URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments"/>
<CanonicalizationMethod URI="http://www.w3.org/2006/12/xml-c14n11"
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments"/>
<CanonicalizationMethod URI="http://www.w3.org/2006/12/xml-c14n11#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments"/>
</CanonicalizationMethods>
<TransformAlgorithms>
<!-- Base64 -->
@ -25,6 +29,12 @@
<!-- c14n with comments -->
<TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments" />
<!-- c14n 1.1 omitting comments -->
<TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14N11" />
<!-- c14n 1.1 with comments -->
<TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11#WithComments"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14N11_WithComments" />
<!-- exclusive c14n omitting comments -->
<TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#"
JAVACLASS="com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NExclusive" />
@ -66,6 +76,8 @@
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"
JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5" />
@ -167,6 +179,13 @@
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="SHA512withRSA"/>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"
Description="ECDSA Signature with SHA-1 message digest"
AlgorithmClass="Signature"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"
JCEName="ECDSAwithSHA1"/>
<!-- MAC Algorithms -->
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"
Description="Message Authentication code using MD5"

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/schema/xmldsig-core-schema.dtd
View file

@ -3,7 +3,7 @@
Joseph Reagle $last changed 20001215$
http://www.w3.org/2000/09/xmldsig#
$Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
$Revision: 1.6 $ on $Date: 2008/07/24 16:15:03 $ by $Author: mullan $
Copyright 2001 The Internet Society and W3C (Massachusetts Institute
of Technology, Institut National de Recherche en Informatique et en

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/schema/xmldsig-core-schema.xsd
View file

@ -11,7 +11,7 @@
<!-- Schema for XML Signatures
http://www.w3.org/2000/09/xmldsig#
$Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
$Revision: 1.6 $ on $Date: 2008/07/24 16:15:03 $ by $Author: mullan $
Copyright 2001 The Internet Society and W3C (Massachusetts Institute
of Technology, Institut National de Recherche en Informatique et en

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/InvalidDigestValueException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/InvalidSignatureValueException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

52
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Manifest.java
View file

@ -68,14 +68,11 @@ public class Manifest extends SignatureElementProxy {
/** Field verificationResults[] */
private boolean verificationResults[] = null;
/** Field _signedContents */
List _signedContents = new ArrayList();
/** Field _resolverProperties */
HashMap _resolverProperties = new HashMap(10);
HashMap _resolverProperties = null;
/** Field _perManifestResolvers */
List _perManifestResolvers = new ArrayList();
List _perManifestResolvers = null;
/**
* Consturts {@link Manifest}
@ -144,8 +141,6 @@ public class Manifest extends SignatureElementProxy {
String BaseURI, String referenceURI, Transforms transforms, String digestURI, String ReferenceId, String ReferenceType)
throws XMLSignatureException {
if (this._state == MODE_SIGN) {
// the this._doc is handed implicitly by the this.getOwnerDocument()
Reference ref = new Reference(this._doc, BaseURI, referenceURI, this,
transforms, digestURI);
@ -164,7 +159,6 @@ public class Manifest extends SignatureElementProxy {
// add the Element of the Reference object to the Manifest/SignedInfo
this._constructionElement.appendChild(ref.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
/**
@ -178,7 +172,6 @@ public class Manifest extends SignatureElementProxy {
public void generateDigestValues()
throws XMLSignatureException, ReferenceNotInitializedException {
if (this._state == MODE_SIGN) {
for (int i = 0; i < this.getLength(); i++) {
// update the cached Reference object, the Element content is automatically updated
@ -186,7 +179,6 @@ public class Manifest extends SignatureElementProxy {
currentRef.generateDigestValue();
}
}
}
/**
@ -208,11 +200,6 @@ public class Manifest extends SignatureElementProxy {
*/
public Reference item(int i) throws XMLSecurityException {
if (this._state == MODE_SIGN) {
// we already have real objects
return (Reference) this._references.get(i);
}
if (this._references.get(i) == null) {
// not yet constructed, so _we_ have to
@ -232,7 +219,7 @@ public class Manifest extends SignatureElementProxy {
*/
public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) {
if (Id != null) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}
@ -294,9 +281,9 @@ public class Manifest extends SignatureElementProxy {
XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(),
Constants._TAG_REFERENCE);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "verify " +_referencesEl.length + " References");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I am " + (followManifests
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "verify " +_referencesEl.length + " References");
log.log(java.util.logging.Level.FINE, "I am " + (followManifests
? ""
: "not") + " requested to follow nested Manifests");
}
@ -325,13 +312,13 @@ public class Manifest extends SignatureElementProxy {
if (!currentRefVerified) {
verify = false;
}
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The Reference has Type " + currentRef.getType());
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "The Reference has Type " + currentRef.getType());
// was verification successful till now and do we want to verify the Manifest?
if (verify && followManifests
&& currentRef.typeIsReferenceToManifest()) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have to follow a nested Manifest");
log.log(java.util.logging.Level.FINE, "We have to follow a nested Manifest");
try {
XMLSignatureInput signedManifestNodes =
@ -381,7 +368,7 @@ public class Manifest extends SignatureElementProxy {
log.log(java.util.logging.Level.WARNING, "The nested Manifest was invalid (bad)");
} else {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The nested Manifest was valid (good)");
log.log(java.util.logging.Level.FINE, "The nested Manifest was valid (good)");
}
} catch (IOException ex) {
throw new ReferenceNotInitializedException("empty", ex);
@ -458,9 +445,13 @@ public class Manifest extends SignatureElementProxy {
*/
public void addResourceResolver(ResourceResolver resolver) {
if (resolver != null) {
this._perManifestResolvers.add(resolver);
if (resolver == null) {
return;
}
if (_perManifestResolvers==null)
_perManifestResolvers = new ArrayList();
this._perManifestResolvers.add(resolver);
}
/**
@ -470,9 +461,13 @@ public class Manifest extends SignatureElementProxy {
*/
public void addResourceResolver(ResourceResolverSpi resolverSpi) {
if (resolverSpi != null) {
this._perManifestResolvers.add(new ResourceResolver(resolverSpi));
if (resolverSpi == null) {
return;
}
if (_perManifestResolvers==null)
_perManifestResolvers = new ArrayList();
this._perManifestResolvers.add(new ResourceResolver(resolverSpi));
}
/**
@ -483,6 +478,9 @@ public class Manifest extends SignatureElementProxy {
* @param value the value
*/
public void setResolverProperty(String key, String value) {
if (_resolverProperties==null) {
_resolverProperties=new HashMap(10);
}
this._resolverProperties.put(key, value);
}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/MissingResourceFailureException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

19
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/NodeFilter.java
View file

@ -31,8 +31,23 @@ public interface NodeFilter {
/**
* Tells if a node must be outputed in c14n.
* @param n
* @return true if node must be outputed, false otherwise.
* @return 1 if the node should be outputed.
* 0 if node must not be outputed,
* -1 if the node and all it's child must not be output.
*
*/
public boolean isNodeInclude(Node n);
public int isNodeInclude(Node n);
/**
* Tells if a node must be outputed in a c14n.
* The caller must assured that this method is always call
* in document order. The implementations can use this
* restriction to optimize the transformation.
* @param n
* @param level the relative level in the tree
* @return 1 if the node should be outputed.
* 0 if node must not be outputed,
* -1 if the node and all it's child must not be output.
*/
public int isNodeIncludeDO(Node n, int level);
}

21
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ObjectContainer.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.signature;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.IdResolver;
@ -35,16 +33,11 @@ import org.w3c.dom.Node;
* Handles <code>&lt;ds:Object&gt;</code> elements
* <code>Object<code> {@link Element} supply facility which can contain any kind data
*
*
* @author Christian Geuer-Pollmann
* $todo$ if we remove childen, the boolean values are not updated
*/
public class ObjectContainer extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(ObjectContainer.class.getName());
/**
* Constructs {@link ObjectContainer}
*
@ -75,7 +68,7 @@ public class ObjectContainer extends SignatureElementProxy {
*/
public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) {
if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}
@ -97,7 +90,7 @@ public class ObjectContainer extends SignatureElementProxy {
*/
public void setMimeType(String MimeType) {
if ((this._state == MODE_SIGN) && (MimeType != null)) {
if ( (MimeType != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_MIMETYPE,
MimeType);
}
@ -119,7 +112,7 @@ public class ObjectContainer extends SignatureElementProxy {
*/
public void setEncoding(String Encoding) {
if ((this._state == MODE_SIGN) && (Encoding != null)) {
if ((Encoding != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ENCODING,
Encoding);
}
@ -135,18 +128,16 @@ public class ObjectContainer extends SignatureElementProxy {
}
/**
* Adds childe Node
* Adds child Node
*
* @param node childe Node
* @param node child Node
* @return the new node in the tree.
*/
public Node appendChild(Node node) {
Node result = null;
if (this._state == MODE_SIGN) {
result = this._constructionElement.appendChild(node);
}
result = this._constructionElement.appendChild(node);
return result;
}

129
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -25,6 +24,8 @@ package com.sun.org.apache.xml.internal.security.signature;
import java.io.IOException;
import java.io.OutputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Set;
@ -102,6 +103,32 @@ import org.w3c.dom.Text;
*/
public class Reference extends SignatureElementProxy {
/**
* Look up useC14N11 system property. If true, an explicit C14N11 transform
* will be added if necessary when generating the signature. See section
* 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info.
*/
private static boolean useC14N11 =
AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
public Boolean run() {
return Boolean.getBoolean
("com.sun.org.apache.xml.internal.security.useC14N11");
}
});
/*
static {
try {
useC14N11 = Boolean.getBoolean("com.sun.org.apache.xml.internal.security.useC14N11");
} catch (Exception e) {
// ignore exceptions
}
}
*/
/** Field CacheSignedNodes */
public final static boolean CacheSignedNodes = false;
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Reference.class.getName());
@ -118,6 +145,12 @@ public class Reference extends SignatureElementProxy {
XMLSignatureInput _transformsOutput;
//J+
private Transforms transforms;
private Element digestMethodElem;
private Element digestValueElement;
/**
* Constructor Reference
*
@ -148,6 +181,7 @@ public class Reference extends SignatureElementProxy {
// this._manifest.appendChild(this._doc.createTextNode("\n"));
if (transforms != null) {
this.transforms=transforms;
this._constructionElement.appendChild(transforms.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
@ -156,11 +190,12 @@ public class Reference extends SignatureElementProxy {
MessageDigestAlgorithm.getInstance(this._doc,
messageDigestAlgorithm);
this._constructionElement.appendChild(mda.getElement());
digestMethodElem=mda.getElement();
this._constructionElement.appendChild(digestMethodElem);
XMLUtils.addReturnToElement(this._constructionElement);
}
{
Element digestValueElement =
digestValueElement =
XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_DIGESTVALUE);
@ -182,7 +217,15 @@ public class Reference extends SignatureElementProxy {
throws XMLSecurityException {
super(element, BaseURI);
this._baseURI=BaseURI;
Element el=XMLUtils.getNextElement(element.getFirstChild());
if (Constants._TAG_TRANSFORMS.equals(el.getLocalName()) &&
Constants.SignatureSpecNS.equals(el.getNamespaceURI())) {
transforms = new Transforms(el,this._baseURI);
el=XMLUtils.getNextElement(el.getNextSibling());
}
digestMethodElem = el;
digestValueElement =XMLUtils.getNextElement(digestMethodElem.getNextSibling());;
this._manifest = manifest;
}
@ -197,9 +240,6 @@ public class Reference extends SignatureElementProxy {
public MessageDigestAlgorithm getMessageDigestAlgorithm()
throws XMLSignatureException {
Element digestMethodElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_DIGESTMETHOD,0);
if (digestMethodElem == null) {
return null;
}
@ -221,7 +261,7 @@ public class Reference extends SignatureElementProxy {
*/
public void setURI(String URI) {
if ((this._state == MODE_SIGN) && (URI != null)) {
if ( URI != null) {
this._constructionElement.setAttributeNS(null, Constants._ATT_URI,
URI);
}
@ -243,7 +283,7 @@ public class Reference extends SignatureElementProxy {
*/
public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) {
if ( Id != null ) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}
@ -265,7 +305,7 @@ public class Reference extends SignatureElementProxy {
*/
public void setType(String Type) {
if ((this._state == MODE_SIGN) && (Type != null)) {
if (Type != null) {
this._constructionElement.setAttributeNS(null, Constants._ATT_TYPE,
Type);
}
@ -291,8 +331,7 @@ public class Reference extends SignatureElementProxy {
*/
public boolean typeIsReferenceToObject() {
if ((this.getType() != null)
&& this.getType().equals(Reference.OBJECT_URI)) {
if (Reference.OBJECT_URI.equals(this.getType())) {
return true;
}
@ -309,8 +348,7 @@ public class Reference extends SignatureElementProxy {
*/
public boolean typeIsReferenceToManifest() {
if ((this.getType() != null)
&& this.getType().equals(Reference.MANIFEST_URI)) {
if (Reference.MANIFEST_URI.equals(this.getType())) {
return true;
}
@ -324,10 +362,6 @@ public class Reference extends SignatureElementProxy {
*/
private void setDigestValueElement(byte[] digestValue)
{
if (this._state == MODE_SIGN) {
Element digestValueElement =XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_DIGESTVALUE,0);
Node n=digestValueElement.getFirstChild();
while (n!=null) {
digestValueElement.removeChild(n);
@ -338,7 +372,6 @@ public class Reference extends SignatureElementProxy {
Text t = this._doc.createTextNode(base64codedValue);
digestValueElement.appendChild(t);
}
}
/**
@ -349,11 +382,7 @@ public class Reference extends SignatureElementProxy {
*/
public void generateDigestValue()
throws XMLSignatureException, ReferenceNotInitializedException {
if (this._state == MODE_SIGN) {
this.setDigestValueElement(this.calculateDigest());
}
this.setDigestValueElement(this.calculateDigest(false));
}
/**
@ -608,9 +637,12 @@ public class Reference extends SignatureElementProxy {
* but only preserve the octets, the memory footprint is dramatically
* reduced.
*/
if (!Reference.CacheSignedNodes) {
this._transformsOutput = output;
this._transformsOutput = output;//new XMLSignatureInput(output.getBytes());
//this._transformsOutput.setSourceURI(output.getSourceURI());
}
return output;
} catch (XMLSecurityException ex) {
throw new ReferenceNotInitializedException("empty", ex);
@ -630,16 +662,7 @@ public class Reference extends SignatureElementProxy {
throws XMLSignatureException, InvalidTransformException,
TransformationException, XMLSecurityException {
Element transformsElement = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_TRANSFORMS,0);
if (transformsElement != null) {
Transforms transforms = new Transforms(transformsElement,
this._baseURI);
return transforms;
}
return null;
return transforms;
}
/**
@ -667,13 +690,14 @@ public class Reference extends SignatureElementProxy {
/**
* Method resolverResult
* Method calculateDigest
*
* @param validating true if validating the reference
* @return reference Calculate the digest of this reference.
* @throws ReferenceNotInitializedException
* @throws XMLSignatureException
*/
private byte[] calculateDigest()
private byte[] calculateDigest(boolean validating)
throws ReferenceNotInitializedException, XMLSignatureException {
try {
@ -684,7 +708,20 @@ public class Reference extends SignatureElementProxy {
DigesterOutputStream diOs=new DigesterOutputStream(mda);
OutputStream os=new UnsyncBufferedOutputStream(diOs);
XMLSignatureInput output=this.dereferenceURIandPerformTransforms(os);
output.updateOutputStream(os);
// if signing and c14n11 property == true explicitly add
// C14N11 transform if needed
if (this.useC14N11 && !validating &&
!output.isOutputStreamSet() && !output.isOctetStream()) {
if (transforms == null) {
transforms = new Transforms(this._doc);
this._constructionElement.insertBefore
(transforms.getElement(), digestMethodElem);
}
transforms.addTransform(Transforms.TRANSFORM_C14N11_OMIT_COMMENTS);
output.updateOutputStream(os, true);
} else {
output.updateOutputStream(os);
}
os.flush();
//this.getReferencedBytes(diOs);
//mda.update(data);
@ -694,7 +731,7 @@ public class Reference extends SignatureElementProxy {
throw new ReferenceNotInitializedException("empty", ex);
} catch (IOException ex) {
throw new ReferenceNotInitializedException("empty", ex);
}
}
}
/**
@ -702,12 +739,10 @@ public class Reference extends SignatureElementProxy {
*
* @return the digest value.
* @throws Base64DecodingException if Reference contains no proper base64 encoded data.
* @throws XMLSecurityException if the Reference does not contain a DigestValue element
* @throws XMLSecurityException if the Reference does not contain a DigestValue element
*/
public byte[] getDigestValue() throws Base64DecodingException, XMLSecurityException {
Element digestValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild()
,Constants._TAG_DIGESTVALUE,0);
if (digestValueElem == null) {
if (digestValueElement == null) {
// The required element is not in the XML!
Object[] exArgs ={ Constants._TAG_DIGESTVALUE,
Constants.SignatureSpecNS };
@ -715,7 +750,7 @@ public class Reference extends SignatureElementProxy {
"signature.Verification.NoSignatureElement",
exArgs);
}
byte[] elemDig = Base64.decode(digestValueElem);
byte[] elemDig = Base64.decode(digestValueElement);
return elemDig;
}
@ -731,13 +766,15 @@ public class Reference extends SignatureElementProxy {
throws ReferenceNotInitializedException, XMLSecurityException {
byte[] elemDig = this.getDigestValue();
byte[] calcDig = this.calculateDigest();
byte[] calcDig = this.calculateDigest(true);
boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);
if (!equal) {
log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
} else {
if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "Verification successful for URI \"" + this.getURI() + "\"");
log.log(java.util.logging.Level.INFO, "Verification successful for URI \"" + this.getURI() + "\"");
}
return equal;

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ReferenceNotInitializedException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

8
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperties.java
View file

@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.signature;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.IdResolver;
@ -42,10 +40,6 @@ import org.w3c.dom.Element;
*/
public class SignatureProperties extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureProperties.class.getName());
/**
* Constructor SignatureProperties
*
@ -115,7 +109,7 @@ public class SignatureProperties extends SignatureElementProxy {
*/
public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) {
if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}

11
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperty.java
View file

@ -30,18 +30,13 @@ import org.w3c.dom.Node;
/**
* Handles <code>&lt;ds:SignatureProperty&gt;</code> elements
* Addittional information item concerning the generation of the signature(s) can
* Additional information item concerning the generation of the signature(s) can
* be placed in this Element
*
* @author Christian Geuer-Pollmann
*/
public class SignatureProperty extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(
SignatureProperty.class.getName());
/**
* Constructs{@link SignatureProperty} using specified <code>Target</code> attribute
*
@ -85,7 +80,7 @@ public class SignatureProperty extends SignatureElementProxy {
*/
public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) {
if ((Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}
@ -107,7 +102,7 @@ public class SignatureProperty extends SignatureElementProxy {
*/
public void setTarget(String Target) {
if ((this._state == MODE_SIGN) && (Target != null)) {
if ((Target != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_TARGET, Target);
}
}

293
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignedInfo.java
View file

@ -20,12 +20,9 @@
*/
package com.sun.org.apache.xml.internal.security.signature;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.OutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.ParserConfigurationException;
@ -43,165 +40,174 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
/**
* Handles <code>&lt;ds:SignedInfo&gt;</code> elements
* This <code>SignedInfo<code> element includes the canonicalization algorithm,
* a signature algorithm, and one or more references
* a signature algorithm, and one or more references.
*
* @author Christian Geuer-Pollmann
*/
public class SignedInfo extends Manifest {
/** Field _signatureAlgorithm */
private SignatureAlgorithm _signatureAlgorithm = null;
/** Field _signatureAlgorithm */
private SignatureAlgorithm _signatureAlgorithm = null;
/** Field _c14nizedBytes */
private byte[] _c14nizedBytes = null;
/** Field _c14nizedBytes */
private byte[] _c14nizedBytes = null;
/**
* Overwrites {@link Manifest#addDocument} because it creates another Element.
*
* @param doc the {@link Document} in which <code>XMLsignature</code> will be placed
* @throws XMLSecurityException
*/
public SignedInfo(Document doc) throws XMLSecurityException {
this(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA, Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
}
private Element c14nMethod;
private Element signatureMethod;
/**
* Constructs {@link SignedInfo} using given Canoicaliztion algorithm and Signature algorithm
*
* @param doc <code>SignedInfo</code> is placed in this document
* @param CanonicalizationMethodURI URI representation of the Canonicalization method
* @param SignatureMethodURI URI representation of the Digest and Signature algorithm
* @throws XMLSecurityException
*/
public SignedInfo(
Document doc, String SignatureMethodURI, String CanonicalizationMethodURI)
/**
* Overwrites {@link Manifest#addDocument} because it creates another
* Element.
*
* @param doc the {@link Document} in which <code>XMLsignature</code> will
* be placed
* @throws XMLSecurityException
*/
public SignedInfo(Document doc) throws XMLSecurityException {
this(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA,
Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
}
/**
* Constructs {@link SignedInfo} using given Canonicalization algorithm and
* Signature algorithm.
*
* @param doc <code>SignedInfo</code> is placed in this document
* @param signatureMethodURI URI representation of the Digest and
* Signature algorithm
* @param canonicalizationMethodURI URI representation of the
* Canonicalization method
* @throws XMLSecurityException
*/
public SignedInfo(Document doc, String signatureMethodURI,
String canonicalizationMethodURI)
throws XMLSecurityException {
this(doc, SignatureMethodURI, 0, CanonicalizationMethodURI);
}
this(doc, signatureMethodURI, 0, canonicalizationMethodURI);
}
/**
* Constructor SignedInfo
*
* @param doc
* @param CanonicalizationMethodURI
* @param SignatureMethodURI
* @param HMACOutputLength
* @throws XMLSecurityException
*/
public SignedInfo(
Document doc, String SignatureMethodURI, int HMACOutputLength, String CanonicalizationMethodURI)
/**
* Constructor SignedInfo
*
* @param doc <code>SignedInfo</code> is placed in this document
* @param signatureMethodURI URI representation of the Digest and
* Signature algorithm
* @param hMACOutputLength
* @param canonicalizationMethodURI URI representation of the
* Canonicalization method
* @throws XMLSecurityException
*/
public SignedInfo(Document doc, String signatureMethodURI,
int hMACOutputLength, String canonicalizationMethodURI)
throws XMLSecurityException {
super(doc);
super(doc);
// XMLUtils.addReturnToElement(this._constructionElement);
{
Element canonElem = XMLUtils.createElementInSignatureSpace(this._doc,
c14nMethod = XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_CANONICALIZATIONMETHOD);
canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM,
CanonicalizationMethodURI);
this._constructionElement.appendChild(canonElem);
XMLUtils.addReturnToElement(this._constructionElement);
}
{
if (HMACOutputLength > 0) {
c14nMethod.setAttributeNS(null, Constants._ATT_ALGORITHM,
canonicalizationMethodURI);
this._constructionElement.appendChild(c14nMethod);
XMLUtils.addReturnToElement(this._constructionElement);
if (hMACOutputLength > 0) {
this._signatureAlgorithm = new SignatureAlgorithm(this._doc,
SignatureMethodURI, HMACOutputLength);
} else {
signatureMethodURI, hMACOutputLength);
} else {
this._signatureAlgorithm = new SignatureAlgorithm(this._doc,
SignatureMethodURI);
}
signatureMethodURI);
}
this._constructionElement
.appendChild(this._signatureAlgorithm.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
}
signatureMethod = this._signatureAlgorithm.getElement();
this._constructionElement.appendChild(signatureMethod);
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
* @param doc
* @param SignatureMethodElem
* @param CanonicalizationMethodElem
* @throws XMLSecurityException
*/
public SignedInfo(
Document doc, Element SignatureMethodElem, Element CanonicalizationMethodElem)
throws XMLSecurityException {
/**
* @param doc
* @param signatureMethodElem
* @param canonicalizationMethodElem
* @throws XMLSecurityException
*/
public SignedInfo(Document doc, Element signatureMethodElem,
Element canonicalizationMethodElem) throws XMLSecurityException {
super(doc);
super(doc);
// Check this?
this.c14nMethod = canonicalizationMethodElem;
this._constructionElement.appendChild(c14nMethod);
XMLUtils.addReturnToElement(this._constructionElement);
this._constructionElement.appendChild(CanonicalizationMethodElem);
XMLUtils.addReturnToElement(this._constructionElement);
this._signatureAlgorithm =
new SignatureAlgorithm(signatureMethodElem, null);
this._signatureAlgorithm = new SignatureAlgorithm(SignatureMethodElem, null);
signatureMethod = this._signatureAlgorithm.getElement();
this._constructionElement.appendChild(signatureMethod);
this._constructionElement
.appendChild(this._signatureAlgorithm.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
* Build a {@link SignedInfo} from an {@link Element}
*
* @param element <code>SignedInfo</code>
* @param BaseURI the URI of the resource where the XML instance was stored
* @throws XMLSecurityException
* @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0033.html">Question</A>
* @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html">Answer</A>
*/
public SignedInfo(Element element, String BaseURI)
/**
* Build a {@link SignedInfo} from an {@link Element}
*
* @param element <code>SignedInfo</code>
* @param baseURI the URI of the resource where the XML instance was stored
* @throws XMLSecurityException
* @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0033.html">Question</A>
* @see <A HREF="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001OctDec/0054.html">Answer</A>
*/
public SignedInfo(Element element, String baseURI)
throws XMLSecurityException {
// Parse the Reference children and Id attribute in the Manifest
super(element, BaseURI);
// Parse the Reference children and Id attribute in the Manifest
super(element, baseURI);
/* canonicalize ds:SignedInfo, reparse it into a new document
* and replace the original not-canonicalized ds:SignedInfo by
* the re-parsed canonicalized one.
*/
String c14nMethodURI=this.getCanonicalizationMethodURI();
if (!(c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315") ||
c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments") ||
c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") ||
c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) {
//The c14n is not a secure one and can rewrite the URIs or like that reparse the SignedInfo to be sure
try {
Canonicalizer c14nizer =
Canonicalizer.getInstance(this.getCanonicalizationMethodURI());
/* canonicalize ds:SignedInfo, reparse it into a new document
* and replace the original not-canonicalized ds:SignedInfo by
* the re-parsed canonicalized one.
*/
c14nMethod = XMLUtils.getNextElement(element.getFirstChild());
String c14nMethodURI = this.getCanonicalizationMethodURI();
if (!(c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS) ||
c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS) ||
c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS) ||
c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS))) {
// the c14n is not a secure one and can rewrite the URIs or like
// that reparse the SignedInfo to be sure
try {
Canonicalizer c14nizer =
Canonicalizer.getInstance(this.getCanonicalizationMethodURI());
this._c14nizedBytes =
c14nizer.canonicalizeSubtree(this._constructionElement);
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
this._c14nizedBytes =
c14nizer.canonicalizeSubtree(this._constructionElement);
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
org.w3c.dom.Document newdoc =
db.parse(new ByteArrayInputStream(this._c14nizedBytes));
Node imported =
this._doc.importNode(newdoc.getDocumentElement(), true);
dbf.setNamespaceAware(true);
this._constructionElement.getParentNode().replaceChild(imported,
this._constructionElement);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
org.w3c.dom.Document newdoc =
db.parse(new ByteArrayInputStream(this._c14nizedBytes));
Node imported = this._doc.importNode(newdoc.getDocumentElement(),
true);
this._constructionElement.getParentNode().replaceChild(imported,
this._constructionElement);
this._constructionElement = (Element) imported;
} catch (ParserConfigurationException ex) {
throw new XMLSecurityException("empty", ex);
} catch (IOException ex) {
throw new XMLSecurityException("empty", ex);
} catch (SAXException ex) {
throw new XMLSecurityException("empty", ex);
}
}
this._signatureAlgorithm =
new SignatureAlgorithm(this.getSignatureMethodElement(),
this.getBaseURI());
}
this._constructionElement = (Element) imported;
} catch (ParserConfigurationException ex) {
throw new XMLSecurityException("empty", ex);
} catch (IOException ex) {
throw new XMLSecurityException("empty", ex);
} catch (SAXException ex) {
throw new XMLSecurityException("empty", ex);
}
}
signatureMethod = XMLUtils.getNextElement(c14nMethod.getNextSibling());
this._signatureAlgorithm =
new SignatureAlgorithm(signatureMethod, this.getBaseURI());
}
/**
* Tests core validation process
@ -294,12 +300,8 @@ public class SignedInfo extends Manifest {
*/
public String getCanonicalizationMethodURI() {
Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_CANONICALIZATIONMETHOD,0);
if (el==null) {
return null;
}
return el.getAttributeNS(null, Constants._ATT_ALGORITHM);
return c14nMethod.getAttributeNS(null, Constants._ATT_ALGORITHM);
}
/**
@ -324,8 +326,7 @@ public class SignedInfo extends Manifest {
*
*/
public Element getSignatureMethodElement() {
return XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_SIGNATUREMETHOD,0);
return signatureMethod;
}
/**
@ -343,6 +344,9 @@ public class SignedInfo extends Manifest {
.getJCEAlgorithmString());
}
protected SignatureAlgorithm getSignatureAlgorithm() {
return _signatureAlgorithm;
}
/**
* Method getBaseLocalName
* @inheritDoc
@ -354,21 +358,16 @@ public class SignedInfo extends Manifest {
public String getInclusiveNamespaces() {
Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_CANONICALIZATIONMETHOD,0);
if (el==null) {
return null;
}
String c14nMethodURI = el.getAttributeNS(null, Constants._ATT_ALGORITHM);
String c14nMethodURI = c14nMethod.getAttributeNS(null, Constants._ATT_ALGORITHM);
if(!(c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") ||
c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) {
return null;
}
Element inclusiveElement = XMLUtils.selectNode(
el.getFirstChild(),InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);
Element inclusiveElement = XMLUtils.getNextElement(
c14nMethod.getFirstChild());
if(inclusiveElement != null)
{

168
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java
View file

@ -75,7 +75,7 @@ import org.w3c.dom.Text;
* <li>sign and checkSignatureValue methods are used to sign and validate the
* signature. </li></ul>
*
* @author $Author: raul $
* @author $Author: mullan $
*/
public final class XMLSignature extends SignatureElementProxy {
@ -115,6 +115,10 @@ public final class XMLSignature extends SignatureElementProxy {
public static final String ALGO_ID_MAC_HMAC_SHA384 = Constants.MoreAlgorithmsSpecNS + "hmac-sha384";
/** HMAC - Optional HMAC-SHA512 */
public static final String ALGO_ID_MAC_HMAC_SHA512 = Constants.MoreAlgorithmsSpecNS + "hmac-sha512";
/**Signature - Optional ECDSAwithSHA1 */
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1";
//J+
/** ds:Signature.ds:SignedInfo element */
@ -130,6 +134,8 @@ public final class XMLSignature extends SignatureElementProxy {
*/
private boolean _followManifestsDuringValidation = false;
private Element signatureValueElement;
/**
* This creates a new <CODE>ds:Signature</CODE> Element and adds an empty
* <CODE>ds:SignedInfo</CODE>.
@ -195,6 +201,15 @@ public final class XMLSignature extends SignatureElementProxy {
super(doc);
String xmlnsDsPrefix =
getDefaultPrefixBindings(Constants.SignatureSpecNS);
if (xmlnsDsPrefix == null) {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS);
} else {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, xmlnsDsPrefix, Constants.SignatureSpecNS);
}
XMLUtils.addReturnToElement(this._constructionElement);
this._baseURI = BaseURI;
@ -206,7 +221,7 @@ public final class XMLSignature extends SignatureElementProxy {
XMLUtils.addReturnToElement(this._constructionElement);
// create an empty SignatureValue; this is filled by setSignatureValueElement
Element signatureValueElement =
signatureValueElement =
XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_SIGNATUREVALUE);
@ -227,6 +242,15 @@ public final class XMLSignature extends SignatureElementProxy {
super(doc);
String xmlnsDsPrefix =
getDefaultPrefixBindings(Constants.SignatureSpecNS);
if (xmlnsDsPrefix == null) {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS);
} else {
this._constructionElement.setAttributeNS
(Constants.NamespaceSpecNS, xmlnsDsPrefix, Constants.SignatureSpecNS);
}
XMLUtils.addReturnToElement(this._constructionElement);
this._baseURI = BaseURI;
@ -236,7 +260,7 @@ public final class XMLSignature extends SignatureElementProxy {
XMLUtils.addReturnToElement(this._constructionElement);
// create an empty SignatureValue; this is filled by setSignatureValueElement
Element signatureValueElement =
signatureValueElement =
XMLUtils.createElementInSignatureSpace(this._doc,
Constants._TAG_SIGNATUREVALUE);
@ -259,8 +283,8 @@ public final class XMLSignature extends SignatureElementProxy {
super(element, BaseURI);
// check out SignedInfo child
Element signedInfoElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_SIGNEDINFO,0);
Element signedInfoElem = XMLUtils.getNextElement(element.getFirstChild());// XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
//Constants._TAG_SIGNEDINFO,0);
// check to see if it is there
if (signedInfoElem == null) {
@ -274,8 +298,8 @@ public final class XMLSignature extends SignatureElementProxy {
this._signedInfo = new SignedInfo(signedInfoElem, BaseURI);
// check out SignatureValue child
Element signatureValueElement = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_SIGNATUREVALUE,0);
this.signatureValueElement =XMLUtils.getNextElement(signedInfoElem.getNextSibling()); //XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
// Constants._TAG_SIGNATUREVALUE,0);
// check to see if it exists
if (signatureValueElement == null) {
@ -286,11 +310,12 @@ public final class XMLSignature extends SignatureElementProxy {
}
// <element ref="ds:KeyInfo" minOccurs="0"/>
Element keyInfoElem =XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_KEYINFO,0);
Element keyInfoElem = XMLUtils.getNextElement(signatureValueElement.getNextSibling());//XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
// Constants._TAG_KEYINFO,0);
// If it exists use it, but it's not mandatory
if (keyInfoElem != null) {
if ((keyInfoElem != null) && (keyInfoElem.getNamespaceURI().equals(Constants.SignatureSpecNS) &&
keyInfoElem.getLocalName().equals(Constants._TAG_KEYINFO)) ) {
this._keyInfo = new KeyInfo(keyInfoElem, BaseURI);
}
}
@ -302,7 +327,7 @@ public final class XMLSignature extends SignatureElementProxy {
*/
public void setId(String Id) {
if ((this._state == MODE_SIGN) && (Id != null)) {
if ( (Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}
@ -336,9 +361,7 @@ public final class XMLSignature extends SignatureElementProxy {
public byte[] getSignatureValue() throws XMLSignatureException {
try {
Element signatureValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_SIGNATUREVALUE,0);
byte[] signatureValue = Base64.decode(signatureValueElem);
byte[] signatureValue = Base64.decode(signatureValueElement);
return signatureValue;
} catch (Base64DecodingException ex) {
@ -346,33 +369,28 @@ public final class XMLSignature extends SignatureElementProxy {
}
}
/**
* Base64 encodes and sets the bytes as the content of the SignatureValue
* Node.
*
* @param bytes bytes to be used by SignatureValue before Base64 encoding
*/
private void setSignatureValueElement(byte[] bytes)
{
/**
* Base64 encodes and sets the bytes as the content of the SignatureValue
* Node.
*
* @param bytes bytes to be used by SignatureValue before Base64 encoding
*/
private void setSignatureValueElement(byte[] bytes) {
if (this._state == MODE_SIGN) {
Element signatureValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
Constants._TAG_SIGNATUREVALUE,0);
while (signatureValueElem.hasChildNodes()) {
signatureValueElem.removeChild(signatureValueElem.getFirstChild());
}
while (signatureValueElement.hasChildNodes()) {
signatureValueElement.removeChild
(signatureValueElement.getFirstChild());
}
String base64codedValue = Base64.encode(bytes);
String base64codedValue = Base64.encode(bytes);
if (base64codedValue.length() > 76) {
if (base64codedValue.length() > 76 && !XMLUtils.ignoreLineBreaks()) {
base64codedValue = "\n" + base64codedValue + "\n";
}
}
Text t = this._doc.createTextNode(base64codedValue);
signatureValueElem.appendChild(t);
}
}
Text t = this._doc.createTextNode(base64codedValue);
signatureValueElement.appendChild(t);
}
/**
* Returns the KeyInfo child. If we are in signing mode and the KeyInfo
@ -385,7 +403,7 @@ public final class XMLSignature extends SignatureElementProxy {
public KeyInfo getKeyInfo() {
// check to see if we are signing and if we have to create a keyinfo
if ((this._state == MODE_SIGN) && (this._keyInfo == null)) {
if ( (this._keyInfo == null)) {
// create the KeyInfo
this._keyInfo = new KeyInfo(this._doc);
@ -401,8 +419,7 @@ public final class XMLSignature extends SignatureElementProxy {
// add it before the object
this._constructionElement.insertBefore(keyInfoElement,
firstObject);
this._constructionElement
.insertBefore(this._doc.createTextNode("\n"), firstObject);
XMLUtils.addReturnBeforeChild(this._constructionElement, firstObject);
} else {
// add it as the last element to the signature
@ -425,17 +442,17 @@ public final class XMLSignature extends SignatureElementProxy {
public void appendObject(ObjectContainer object)
throws XMLSignatureException {
try {
if (this._state != MODE_SIGN) {
throw new XMLSignatureException(
"signature.operationOnlyBeforeSign");
}
//try {
//if (this._state != MODE_SIGN) {
// throw new XMLSignatureException(
// "signature.operationOnlyBeforeSign");
//}
this._constructionElement.appendChild(object.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}
//} catch (XMLSecurityException ex) {
// throw new XMLSignatureException("empty", ex);
//}
}
/**
@ -481,23 +498,13 @@ public final class XMLSignature extends SignatureElementProxy {
}
try {
if (this._state == MODE_SIGN) {
// XMLUtils.indentSignature(this._constructionElement, " ", 0);
// get the SignatureMethodElement
Element signatureMethodElement =
this._signedInfo.getSignatureMethodElement();
// if (this._state == MODE_SIGN) {
//Create a SignatureAlgorithm object
SignatureAlgorithm sa =
new SignatureAlgorithm(signatureMethodElement,
this.getBaseURI());
SignedInfo si = this.getSignedInfo();
SignatureAlgorithm sa = si.getSignatureAlgorithm();
// initialize SignatureAlgorithm for signing
sa.initSign(signingKey);
SignedInfo si = this.getSignedInfo();
// generate digest values for all References in this SignedInfo
si.generateDigestValues();
OutputStream so=new UnsyncBufferedOutputStream(new SignerOutputStream(sa));
@ -513,7 +520,7 @@ public final class XMLSignature extends SignatureElementProxy {
// set them on the SignateValue element
this.setSignatureValueElement(jcebytes);
}
//}
} catch (CanonicalizationException ex) {
throw new XMLSignatureException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
@ -584,50 +591,45 @@ public final class XMLSignature extends SignatureElementProxy {
throw new XMLSignatureException("empty", exArgs);
}
// all references inside the signedinfo need to be dereferenced and
// digested again to see if the outcome matches the stored value in the
// SignedInfo.
// If _followManifestsDuringValidation is true it will do the same for
// References inside a Manifest.
try {
if (!this.getSignedInfo()
.verify(this._followManifestsDuringValidation)) {
return false;
}
SignedInfo si=this.getSignedInfo();
//create a SignatureAlgorithms from the SignatureMethod inside
//SignedInfo. This is used to validate the signature.
SignatureAlgorithm sa =
new SignatureAlgorithm(this.getSignedInfo()
.getSignatureMethodElement(), this.getBaseURI());
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "SignatureMethodURI = " + sa.getAlgorithmURI());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName());
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "PublicKey = " + pk);
SignatureAlgorithm sa =si.getSignatureAlgorithm();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "SignatureMethodURI = " + sa.getAlgorithmURI());
log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString());
log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName());
log.log(java.util.logging.Level.FINE, "PublicKey = " + pk);
}
sa.initVerify(pk);
// Get the canonicalized (normalized) SignedInfo
SignerOutputStream so=new SignerOutputStream(sa);
OutputStream bos=new UnsyncBufferedOutputStream(so);
this._signedInfo.signInOctectStream(bos);
si.signInOctectStream(bos);
try {
bos.close();
} catch (IOException e) {
//Imposible
}
bos.close();
} catch (IOException e) {
//Imposible
}
//retrieve the byte[] from the stored signature
byte sigBytes[] = this.getSignatureValue();
//Have SignatureAlgorithm sign the input bytes and compare them to the
//bytes that were stored in the signature.
boolean verify = sa.verify(sigBytes);
if (!sa.verify(sigBytes)) {
log.log(java.util.logging.Level.WARNING, "Signature verification failed.");
return false;
}
return verify;
return si.verify(this._followManifestsDuringValidation);
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

873
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java
View file

File diff suppressed because it is too large Load diff

27
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java
View file

@ -39,7 +39,8 @@ import org.w3c.dom.ProcessingInstruction;
/**
* Class XMLSignatureInputDebugger
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.3 $
*/
public class XMLSignatureInputDebugger {
@ -599,23 +600,23 @@ public class XMLSignatureInputDebugger {
length = data.length();
if ((data != null) && (length > 0)) {
this._writer.write(" ");
if (length > 0) {
this._writer.write(" ");
for (int i = 0; i < length; i++) {
char c = data.charAt(i);
for (int i = 0; i < length; i++) {
char c = data.charAt(i);
switch (c) {
switch (c) {
case 0x0D:
this._writer.write("&amp;#xD;");
break;
case 0x0D:
this._writer.write("&amp;#xD;");
break;
default:
this._writer.write(c);
break;
}
default:
this._writer.write(c);
break;
}
}
}
this._writer.write("?&gt;");

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/InvalidTransformException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

555
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
View file

@ -20,14 +20,11 @@
*/
package com.sun.org.apache.xml.internal.security.transforms;
import java.io.IOException;
import java.io.OutputStream;
import java.util.HashMap;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashMap;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
@ -38,17 +35,17 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.HelperNodeList;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
/**
* Implements the behaviour of the <code>ds:Transform</code> element.
*
* This <code>Transform</code>(Factory) class role as the Factory and Proxy of
* implemanting class that have the functionality of <a
* This <code>Transform</code>(Factory) class acts as the Factory and Proxy of
* the implementing class that supports the functionality of <a
* href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>a Transform
* algorithm</a>.
* Implements the Factory and Proxy pattern for ds:Transform algorithms.
@ -60,326 +57,314 @@ import org.xml.sax.SAXException;
*/
public final class Transform extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Transform.class.getName());
/** Field _alreadyInitialized */
static boolean _alreadyInitialized = false;
/** Field _alreadyInitialized */
private static boolean alreadyInitialized = false;
/** All available Transform classes are registered here */
static HashMap _transformHash = null;
/** All available Transform classes are registered here */
private static HashMap transformClassHash = null;
/** Field transformSpi */
protected TransformSpi transformSpi = null;
private static HashMap transformSpiHash = new HashMap();
/**
* Constructs {@link Transform}
*
* @param doc the {@link Document} in which <code>Transform</code> will be placed
* @param algorithmURI URI representation of
* <code>Transform algorithm</code> will be specified as parameter of
* {@link #getInstance(Document, String)}, when generate. </br>
* @param contextNodes the child node list of <code>Transform</code> element
* @throws InvalidTransformException
*/
public Transform(Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
private TransformSpi transformSpi = null;
super(doc);
/**
* Constructs {@link Transform}
*
* @param doc the {@link Document} in which <code>Transform</code> will be
* placed
* @param algorithmURI URI representation of
* <code>Transform algorithm</code> which will be specified as parameter of
* {@link #getInstance(Document, String)}, when generated. </br>
* @param contextNodes the child node list of <code>Transform</code> element
* @throws InvalidTransformException
*/
public Transform(Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
try {
this._constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM,
algorithmURI);
super(doc);
Class implementingClass =
Transform.getImplementingClass(algorithmURI);
this._constructionElement.setAttributeNS
(null, Constants._ATT_ALGORITHM, algorithmURI);
if(implementingClass == null) {
transformSpi = getTransformSpi(algorithmURI);
if (transformSpi == null) {
Object exArgs[] = { algorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ implementingClass + "\"");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The NodeList is " + contextNodes);
}
// create the custom Transform object
this.transformSpi =
(TransformSpi) implementingClass.newInstance();
this.transformSpi.setTransform(this);
// give it to the current document
if (contextNodes != null) {
/*
while (contextNodes.getLength() > 0) {
this._constructionElement.appendChild(contextNodes.item(0));
}
*/
for (int i = 0; i < contextNodes.getLength(); i++) {
this._constructionElement.appendChild(contextNodes.item(i).cloneNode(true));
}
}
} catch (IllegalAccessException ex) {
Object exArgs[] = { algorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
} catch (InstantiationException ex) {
Object exArgs[] = { algorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
}
}
/**
* This constructor can only be called from the {@link Transforms} object, so
* it's protected.
*
* @param element <code>ds:Transform</code> element
* @param BaseURI the URI of the resource where the XML instance was stored
* @throws InvalidTransformException
* @throws TransformationException
* @throws XMLSecurityException
*/
public Transform(Element element, String BaseURI)
throws InvalidTransformException, TransformationException,
XMLSecurityException {
super(element, BaseURI);
// retrieve Algorithm Attribute from ds:Transform
String AlgorithmURI = element.getAttributeNS(null, Constants._ATT_ALGORITHM);
if ((AlgorithmURI == null) || (AlgorithmURI.length() == 0)) {
Object exArgs[] = { Constants._ATT_ALGORITHM,
Constants._TAG_TRANSFORM };
throw new TransformationException("xml.WrongContent", exArgs);
}
try {
Class implementingClass = (Class) _transformHash.get(AlgorithmURI);
this.transformSpi =
(TransformSpi) implementingClass.newInstance();
this.transformSpi.setTransform(this);
} catch (IllegalAccessException e) {
Object exArgs[] = { AlgorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
} catch (InstantiationException e) {
Object exArgs[] = { AlgorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
} catch (NullPointerException e) {
Object exArgs[] = { AlgorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
}
}
/**
* Generates a Transform object that implements the specified <code>Transform algorithm</code> URI.
*
* @param algorithmURI <code>Transform algorithm</code> URI representation, such as specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a>
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static final Transform getInstance(
Document doc, String algorithmURI) throws InvalidTransformException {
return Transform.getInstance(doc, algorithmURI, (NodeList) null);
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
+ transformSpi.getClass() + "\"");
log.log(java.util.logging.Level.FINE, "The NodeList is " + contextNodes);
}
/**
* Generates a Transform object that implements the specified <code>Transform algorithm</code> URI.
*
* @param algorithmURI <code>Transform algorithm</code> URI representation, such as specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a>
* @param contextChild the child element of <code>Transform</code> element
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static final Transform getInstance(
Document doc, String algorithmURI, Element contextChild)
throws InvalidTransformException {
// give it to the current document
if (contextNodes != null) {
for (int i = 0; i < contextNodes.getLength(); i++) {
this._constructionElement.appendChild
(contextNodes.item(i).cloneNode(true));
}
}
}
HelperNodeList contextNodes = new HelperNodeList();
/**
* This constructor can only be called from the {@link Transforms} object,
* so it's protected.
*
* @param element <code>ds:Transform</code> element
* @param BaseURI the URI of the resource where the XML instance was stored
* @throws InvalidTransformException
* @throws TransformationException
* @throws XMLSecurityException
*/
public Transform(Element element, String BaseURI)
throws InvalidTransformException, TransformationException,
XMLSecurityException {
contextNodes.appendChild(doc.createTextNode("\n"));
contextNodes.appendChild(contextChild);
contextNodes.appendChild(doc.createTextNode("\n"));
super(element, BaseURI);
return Transform.getInstance(doc, algorithmURI, contextNodes);
}
// retrieve Algorithm Attribute from ds:Transform
String algorithmURI = element.getAttributeNS(null, Constants._ATT_ALGORITHM);
/**
* Generates a Transform object that implements the specified <code>Transform algorithm</code> URI.
*
* @param algorithmURI <code>Transform algorithm</code> URI form, such as specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a>
* @param contextNodes the child node list of <code>Transform</code> element
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static final Transform getInstance(
Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
return new Transform(doc, algorithmURI, contextNodes);
}
if (algorithmURI == null || algorithmURI.length() == 0) {
Object exArgs[] = { Constants._ATT_ALGORITHM,
Constants._TAG_TRANSFORM };
throw new TransformationException("xml.WrongContent", exArgs);
}
/**
* Initalizes for this {@link Transform}
*
*/
public static void init() {
transformSpi = getTransformSpi(algorithmURI);
if (transformSpi == null) {
Object exArgs[] = { algorithmURI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs);
}
}
if (!_alreadyInitialized) {
_transformHash = new HashMap(10);
_alreadyInitialized = true;
}
}
/**
* Generates a Transform object that implements the specified
* <code>Transform algorithm</code> URI.
*
* @param algorithmURI <code>Transform algorithm</code> URI representation,
* such as specified in
* <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a>
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static Transform getInstance(
Document doc, String algorithmURI) throws InvalidTransformException {
return getInstance(doc, algorithmURI, (NodeList) null);
}
/**
* Registers implementing class of the Transform algorithm with algorithmURI
*
* @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code>
* will be specified as parameter of {@link #getInstance(Document, String)}, when generate. </br>
* @param implementingClass <code>implementingClass</code> the implementing class of {@link TransformSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
*/
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException {
/**
* Generates a Transform object that implements the specified
* <code>Transform algorithm</code> URI.
*
* @param algorithmURI <code>Transform algorithm</code> URI representation,
* such as specified in
* <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>Transform algorithm </a>
* @param contextChild the child element of <code>Transform</code> element
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static Transform getInstance(
Document doc, String algorithmURI, Element contextChild)
throws InvalidTransformException {
{
HelperNodeList contextNodes = new HelperNodeList();
// are we already registered?
Class registeredClass = Transform.getImplementingClass(algorithmURI);
XMLUtils.addReturnToElement(doc, contextNodes);
contextNodes.appendChild(contextChild);
XMLUtils.addReturnToElement(doc, contextNodes);
if ((registeredClass != null) ) {
return getInstance(doc, algorithmURI, contextNodes);
}
/**
* Generates a Transform object that implements the specified
* <code>Transform algorithm</code> URI.
*
* @param algorithmURI <code>Transform algorithm</code> URI form, such as
* specified in <a href=http://www.w3.org/TR/xmldsig-core/#sec-TransformAlg>
* Transform algorithm </a>
* @param contextNodes the child node list of <code>Transform</code> element
* @param doc the proxy {@link Document}
* @return <code>{@link Transform}</code> object
* @throws InvalidTransformException
*/
public static Transform getInstance(
Document doc, String algorithmURI, NodeList contextNodes)
throws InvalidTransformException {
return new Transform(doc, algorithmURI, contextNodes);
}
/**
* Initalizes for this {@link Transform}.
*/
public static void init() {
if (!alreadyInitialized) {
transformClassHash = new HashMap(10);
alreadyInitialized = true;
}
}
/**
* Registers implementing class of the Transform algorithm with algorithmURI
*
* @param algorithmURI algorithmURI URI representation of
* <code>Transform algorithm</code> will be specified as parameter of
* {@link #getInstance(Document, String)}, when generate. </br>
* @param implementingClass <code>implementingClass</code> the implementing
* class of {@link TransformSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI
* is already registered
*/
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException {
// are we already registered?
Class registeredClass = getImplementingClass(algorithmURI);
if ((registeredClass != null) ) {
Object exArgs[] = { algorithmURI, registeredClass };
throw new AlgorithmAlreadyRegisteredException(
"algorithm.alreadyRegistered", exArgs);
}
}
ClassLoader cl = (ClassLoader) AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
return Thread.currentThread().getContextClassLoader();
}
});
ClassLoader cl = (ClassLoader) AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
return Thread.currentThread().getContextClassLoader();
}
});
try {
Transform._transformHash.put
(algorithmURI, Class.forName(implementingClass, true, cl));
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
try {
transformClassHash.put
(algorithmURI, Class.forName(implementingClass, true, cl));
} catch (ClassNotFoundException e) {
throw new RuntimeException(e);
}
}
/**
* Returns the URI representation of Transformation algorithm
*
* @return the URI representation of Transformation algorithm
*/
public final String getURI() {
return this._constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM);
}
/**
* Returns the URI representation of Transformation algorithm
*
* @return the URI representation of Transformation algorithm
*/
public String getURI() {
return this._constructionElement.getAttributeNS
(null, Constants._ATT_ALGORITHM);
}
/**
* Transforms the input, and generats {@link XMLSignatureInput} as output.
* @param input input {@link XMLSignatureInput} which can supplied Octect Stream and NodeSet as Input of Transformation
*
* @return the {@link XMLSignatureInput} class as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws TransformationException
*/
public XMLSignatureInput performTransform(XMLSignatureInput input)
throws IOException, CanonicalizationException,
InvalidCanonicalizerException, TransformationException {
/**
* Transforms the input, and generates {@link XMLSignatureInput} as output.
*
* @param input input {@link XMLSignatureInput} which can supplied Octet
* Stream and NodeSet as Input of Transformation
* @return the {@link XMLSignatureInput} class as the result of
* transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws TransformationException
*/
public XMLSignatureInput performTransform(XMLSignatureInput input)
throws IOException, CanonicalizationException,
InvalidCanonicalizerException, TransformationException {
XMLSignatureInput result = null;
XMLSignatureInput result = null;
try {
result = transformSpi.enginePerformTransform(input);
} catch (ParserConfigurationException ex) {
Object exArgs[] = { this.getURI(), "ParserConfigurationException" };
try {
result = transformSpi.enginePerformTransform(input, this);
} catch (ParserConfigurationException ex) {
Object exArgs[] = { this.getURI(), "ParserConfigurationException" };
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
} catch (SAXException ex) {
Object exArgs[] = { this.getURI(), "SAXException" };
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
}
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
} catch (SAXException ex) {
Object exArgs[] = { this.getURI(), "SAXException" };
return result;
}
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
}
/**
* Transforms the input, and generates {@link XMLSignatureInput} as output.
*
* @param input input {@link XMLSignatureInput} which can supplied Octet
* Stream and NodeSet as Input of Transformation
* @param os where to output the result of the last transformation
* @return the {@link XMLSignatureInput} class as the result of
* transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws TransformationException
*/
public XMLSignatureInput performTransform(XMLSignatureInput input,
OutputStream os) throws IOException, CanonicalizationException,
InvalidCanonicalizerException, TransformationException {
return result;
}
XMLSignatureInput result = null;
/**
* Transforms the input, and generats {@link XMLSignatureInput} as output.
* @param input input {@link XMLSignatureInput} which can supplied Octect Stream and NodeSet as Input of Transformation
* @param os where to output the result of the last transformation
*
* @return the {@link XMLSignatureInput} class as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws TransformationException
*/
public XMLSignatureInput performTransform(XMLSignatureInput input, OutputStream os)
throws IOException, CanonicalizationException,
InvalidCanonicalizerException, TransformationException {
try {
result = transformSpi.enginePerformTransform(input, os, this);
} catch (ParserConfigurationException ex) {
Object exArgs[] = { this.getURI(), "ParserConfigurationException" };
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
} catch (SAXException ex) {
Object exArgs[] = { this.getURI(), "SAXException" };
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
}
XMLSignatureInput result = null;
return result;
}
try {
result = transformSpi.enginePerformTransform(input,os);
} catch (ParserConfigurationException ex) {
Object exArgs[] = { this.getURI(), "ParserConfigurationException" };
/**
* Method getImplementingClass
*
* @param URI
* @return The name of the class implementing the URI.
*/
private static Class getImplementingClass(String URI) {
return (Class) transformClassHash.get(URI);
}
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
} catch (SAXException ex) {
Object exArgs[] = { this.getURI(), "SAXException" };
throw new CanonicalizationException(
"signature.Transform.ErrorDuringTransform", exArgs, ex);
private static TransformSpi getTransformSpi(String URI)
throws InvalidTransformException {
try {
Object value = transformSpiHash.get(URI);
if (value != null) {
return (TransformSpi) value;
}
Class cl = (Class) transformClassHash.get(URI);
if (cl != null) {
TransformSpi tr = (TransformSpi) cl.newInstance();
transformSpiHash.put(URI, tr);
return tr;
}
} catch (InstantiationException ex) {
Object exArgs[] = { URI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
} catch (IllegalAccessException ex) {
Object exArgs[] = { URI };
throw new InvalidTransformException(
"signature.Transform.UnknownTransform", exArgs, ex);
}
return null;
}
return result;
}
/**
* Method getImplementingClass
*
* @param URI
* @return The name of the class implementing the URI.
*/
private static Class getImplementingClass(String URI) {
return (Class)Transform._transformHash.get(URI);
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_TRANSFORM;
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_TRANSFORM;
}
}

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformParam.java
View file

@ -23,7 +23,7 @@ package com.sun.org.apache.xml.internal.security.transforms;
/**
*
* @author $Author: blautenb $
* @author $Author: mullan $
*/
public interface TransformParam {

159
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -21,11 +20,8 @@
*/
package com.sun.org.apache.xml.internal.security.transforms;
import java.io.IOException;
import java.io.OutputStream;
import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
@ -33,68 +29,109 @@ import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerExcepti
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import org.xml.sax.SAXException;
/**
* Base class which all Transform algorithms extend. The common methods that
* have to be overridden are the {@link #enginePerformTransform(XMLSignatureInput)} method.
* have to be overridden are the
* {@link #enginePerformTransform(XMLSignatureInput, Transform)} method.
*
* @author Christian Geuer-Pollmann
*/
public abstract class TransformSpi {
/**
* For API compatibility not thread safe.
* @deprecated
*/
protected Transform _transformObject = null;
/**
* Set the transform object.
* Depeprecated For API compatibility.
* @param transform the Transform
* @deprecated
*/
protected void setTransform(Transform transform) {
this._transformObject = transform;
}
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
*
* @param input {@link XMLSignatureInput} as the input of transformation
* @param os where to output this transformation.
* @param _transformObject the Transform
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(
XMLSignatureInput input, OutputStream os, Transform _transformObject)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException {
return enginePerformTransform(input, _transformObject);
}
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
* In order to be compatible with preexisting Transform implementations,
* by default this implementation invokes the deprecated, thread-unsafe
* methods. Subclasses should override this with a thread-safe
* implementation.
*
* @param input {@link XMLSignatureInput} as the input of transformation
* @param _transformObject the Transform
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(
XMLSignatureInput input, Transform _transformObject)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException {
//Default implementation overide with a much better
try {
TransformSpi tmp = (TransformSpi) getClass().newInstance();
tmp.setTransform(_transformObject);
return tmp.enginePerformTransform(input);
} catch (InstantiationException e) {
throw new TransformationException("",e);
} catch (IllegalAccessException e) {
throw new TransformationException("",e);
}
}
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(TransformSpi.class.getName());
protected Transform _transformObject = null;
protected void setTransform(Transform transform) {
this._transformObject = transform;
}
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
*
* @param input {@link XMLSignatureInput} as the input of transformation
* @param os where to output this transformation.
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(
XMLSignatureInput input, OutputStream os)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException {
return enginePerformTransform(input);
}
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
*
* @param input {@link XMLSignatureInput} as the input of transformation
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected abstract XMLSignatureInput enginePerformTransform(
XMLSignatureInput input)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException;
/**
* Returns the URI representation of <code>Transformation algorithm</code>
*
* @return the URI representation of <code>Transformation algorithm</code>
*/
protected abstract String engineGetURI();
/**
* The mega method which MUST be implemented by the Transformation Algorithm.
* @deprecated
* @param input {@link XMLSignatureInput} as the input of transformation
* @return {@link XMLSignatureInput} as the result of transformation
* @throws CanonicalizationException
* @throws IOException
* @throws InvalidCanonicalizerException
* @throws ParserConfigurationException
* @throws SAXException
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(
XMLSignatureInput input)
throws IOException,
CanonicalizationException, InvalidCanonicalizerException,
TransformationException, ParserConfigurationException,
SAXException {
throw new UnsupportedOperationException();
}
/**
* Returns the URI representation of <code>Transformation algorithm</code>
*
* @return the URI representation of <code>Transformation algorithm</code>
*/
protected abstract String engineGetURI();
}

1
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformationException.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*

461
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transforms.java
View file

@ -3,7 +3,7 @@
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
* Copyright 1999-2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -20,8 +20,6 @@
*/
package com.sun.org.apache.xml.internal.security.transforms;
import java.io.IOException;
import java.io.OutputStream;
@ -39,11 +37,13 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
/**
* Holder of the {@link com.sun.org.apache.xml.internal.security.transforms.Transform} steps to be performed on the data.
* The input to the first Transform is the result of dereferencing the <code>URI</code> attribute of the <code>Reference</code> element.
* The output from the last Transform is the input for the <code>DigestMethod algorithm</code>
* Holder of the {@link com.sun.org.apache.xml.internal.security.transforms.Transform} steps to
* be performed on the data.
* The input to the first Transform is the result of dereferencing the
* <code>URI</code> attribute of the <code>Reference</code> element.
* The output from the last Transform is the input for the
* <code>DigestMethod algorithm</code>
*
* @author Christian Geuer-Pollmann
* @see Transform
@ -51,252 +51,273 @@ import org.w3c.dom.NodeList;
*/
public class Transforms extends SignatureElementProxy {
/** {@link java.util.logging} logging facility */
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(Transforms.class.getName());
//J-
/** Canonicalization - Required Canonical XML (omits comments) */
public static final String TRANSFORM_C14N_OMIT_COMMENTS = Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
/** Canonicalization - Recommended Canonical XML with Comments */
public static final String TRANSFORM_C14N_WITH_COMMENTS = Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
/** Canonicalization - Required Exclusive Canonicalization (omits comments) */
public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
/** Canonicalization - Recommended Exclusive Canonicalization with Comments */
public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS = Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
/** Transform - Optional XSLT */
public static final String TRANSFORM_XSLT = "http://www.w3.org/TR/1999/REC-xslt-19991116";
/** Transform - Required base64 decoding */
public static final String TRANSFORM_BASE64_DECODE = Constants.SignatureSpecNS + "base64";
/** Transform - Recommended XPath */
public static final String TRANSFORM_XPATH = "http://www.w3.org/TR/1999/REC-xpath-19991116";
/** Transform - Required Enveloped Signature */
public static final String TRANSFORM_ENVELOPED_SIGNATURE = Constants.SignatureSpecNS + "enveloped-signature";
/** Transform - XPointer */
public static final String TRANSFORM_XPOINTER = "http://www.w3.org/TR/2001/WD-xptr-20010108";
/** Transform - XPath Filter v2.0 */
public static final String TRANSFORM_XPATH2FILTER04 = "http://www.w3.org/2002/04/xmldsig-filter2";
/** Transform - XPath Filter */
public static final String TRANSFORM_XPATH2FILTER = "http://www.w3.org/2002/06/xmldsig-filter2";
/** Transform - XPath Filter CHGP private*/
public static final String TRANSFORM_XPATHFILTERCHGP = "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter";
//J+
Element []transforms;
/**
* Consturcts {@link Transforms}
*
* @param doc the {@link Document} in which <code>XMLsignature</code> will be placed
*/
public Transforms(Document doc) {
/** Canonicalization - Required Canonical XML (omits comments) */
public static final String TRANSFORM_C14N_OMIT_COMMENTS
= Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
/** Canonicalization - Recommended Canonical XML with Comments */
public static final String TRANSFORM_C14N_WITH_COMMENTS
= Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
/** Canonicalization - Required Canonical XML 1.1 (omits comments) */
public static final String TRANSFORM_C14N11_OMIT_COMMENTS
= Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS;
/** Canonicalization - Recommended Canonical XML 1.1 with Comments */
public static final String TRANSFORM_C14N11_WITH_COMMENTS
= Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS;
/** Canonicalization - Required Exclusive Canonicalization (omits comments) */
public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS
= Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
/** Canonicalization - Recommended Exclusive Canonicalization with Comments */
public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS
= Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
/** Transform - Optional XSLT */
public static final String TRANSFORM_XSLT
= "http://www.w3.org/TR/1999/REC-xslt-19991116";
/** Transform - Required base64 decoding */
public static final String TRANSFORM_BASE64_DECODE
= Constants.SignatureSpecNS + "base64";
/** Transform - Recommended XPath */
public static final String TRANSFORM_XPATH
= "http://www.w3.org/TR/1999/REC-xpath-19991116";
/** Transform - Required Enveloped Signature */
public static final String TRANSFORM_ENVELOPED_SIGNATURE
= Constants.SignatureSpecNS + "enveloped-signature";
/** Transform - XPointer */
public static final String TRANSFORM_XPOINTER
= "http://www.w3.org/TR/2001/WD-xptr-20010108";
/** Transform - XPath Filter v2.0 */
public static final String TRANSFORM_XPATH2FILTER04
= "http://www.w3.org/2002/04/xmldsig-filter2";
/** Transform - XPath Filter */
public static final String TRANSFORM_XPATH2FILTER
= "http://www.w3.org/2002/06/xmldsig-filter2";
/** Transform - XPath Filter CHGP private */
public static final String TRANSFORM_XPATHFILTERCHGP
= "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter";
super(doc);
Element []transforms;
XMLUtils.addReturnToElement(this._constructionElement);
}
protected Transforms() { };
/**
* Consturcts {@link Transforms} from {@link Element} which is <code>Transforms</code> Element
*
* @param element is <code>Transforms</code> element
* @param BaseURI the URI where the XML instance was stored
* @throws DOMException
* @throws InvalidTransformException
* @throws TransformationException
* @throws XMLSecurityException
* @throws XMLSignatureException
*/
public Transforms(Element element, String BaseURI)
/**
* Constructs {@link Transforms}.
*
* @param doc the {@link Document} in which <code>XMLSignature</code> will
* be placed
*/
public Transforms(Document doc) {
super(doc);
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
* Constructs {@link Transforms} from {@link Element} which is
* <code>Transforms</code> Element
*
* @param element is <code>Transforms</code> element
* @param BaseURI the URI where the XML instance was stored
* @throws DOMException
* @throws InvalidTransformException
* @throws TransformationException
* @throws XMLSecurityException
* @throws XMLSignatureException
*/
public Transforms(Element element, String BaseURI)
throws DOMException, XMLSignatureException,
InvalidTransformException, TransformationException,
XMLSecurityException {
super(element, BaseURI);
super(element, BaseURI);
int numberOfTransformElems = this.getLength();
int numberOfTransformElems = this.getLength();
if (numberOfTransformElems == 0) {
if (numberOfTransformElems == 0) {
// At least ont Transform element must be present. Bad.
Object exArgs[] = { Constants._TAG_TRANSFORM,
Constants._TAG_TRANSFORMS };
// At least one Transform element must be present. Bad.
Object exArgs[] = { Constants._TAG_TRANSFORM,
Constants._TAG_TRANSFORMS };
throw new TransformationException("xml.WrongContent", exArgs);
}
}
throw new TransformationException("xml.WrongContent", exArgs);
}
}
/**
* Adds the <code>Transform</code> with the specified <code>Transform algorithm URI</code>
*
* @param transformURI the URI form of transform that indicates which transformation is applied to data
* @throws TransformationException
*/
public void addTransform(String transformURI)
/**
* Adds the <code>Transform</code> with the specified <code>Transform
* algorithm URI</code>
*
* @param transformURI the URI form of transform that indicates which
* transformation is applied to data
* @throws TransformationException
*/
public void addTransform(String transformURI)
throws TransformationException {
try {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")");
try {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")");
Transform transform = Transform.getInstance(this._doc, transformURI);
Transform transform =
Transform.getInstance(this._doc, transformURI);
this.addTransform(transform);
} catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex);
}
}
this.addTransform(transform);
} catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex);
}
}
/**
* Adds the <code>Transform</code> with the specified <code>Transform algorithm URI</code>
*
* @param transformURI the URI form of transform that indicates which transformation is applied to data
* @param contextElement
* @throws TransformationException
* @see Transform#getInstance(Document doc, String algorithmURI, Element childElement)
*/
public void addTransform(String transformURI, Element contextElement)
/**
* Adds the <code>Transform</code> with the specified <code>Transform
* algorithm URI</code>
*
* @param transformURI the URI form of transform that indicates which
* transformation is applied to data
* @param contextElement
* @throws TransformationException
* @see Transform#getInstance(Document doc, String algorithmURI, Element childElement)
*/
public void addTransform(String transformURI, Element contextElement)
throws TransformationException {
try {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")");
try {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")");
Transform transform = Transform.getInstance(this._doc, transformURI,
contextElement);
Transform transform =
Transform.getInstance(this._doc, transformURI, contextElement);
this.addTransform(transform);
} catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex);
}
}
this.addTransform(transform);
} catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex);
}
}
/**
* Adds the <code>Transform</code> with the specified <code>Transform algorithm URI</code>
*
* @param transformURI the URI form of transform that indicates which transformation is applied to data
* @param contextNodes
* @throws TransformationException
* @see Transform#getInstance(Document doc, String algorithmURI, NodeList contextNodes)
*/
public void addTransform(String transformURI, NodeList contextNodes)
/**
* Adds the <code>Transform</code> with the specified <code>Transform
* algorithm URI</code>.
*
* @param transformURI the URI form of transform that indicates which
* transformation is applied to data
* @param contextNodes
* @throws TransformationException
* @see Transform#getInstance(Document doc, String algorithmURI, NodeList contextNodes)
*/
public void addTransform(String transformURI, NodeList contextNodes)
throws TransformationException {
try {
Transform transform = Transform.getInstance(this._doc, transformURI,
contextNodes);
try {
Transform transform =
Transform.getInstance(this._doc, transformURI, contextNodes);
this.addTransform(transform);
} catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex);
}
}
this.addTransform(transform);
} catch (InvalidTransformException ex) {
throw new TransformationException("empty", ex);
}
}
/**
* Adds a user-provided Transform step.
*
* @param transform {@link Transform} object
*/
private void addTransform(Transform transform) {
if (log.isLoggable(java.util.logging.Level.FINE))
log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transform.getURI() + ")");
/**
* Adds a user-provided Transform step.
*
* @param transform {@link Transform} object
*/
private void addTransform(Transform transform) {
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transform.getURI() + ")");
Element transformElement = transform.getElement();
Element transformElement = transform.getElement();
this._constructionElement.appendChild(transformElement);
XMLUtils.addReturnToElement(this._constructionElement);
}
this._constructionElement.appendChild(transformElement);
XMLUtils.addReturnToElement(this._constructionElement);
}
/**
* Applies all included <code>Transform</code>s to xmlSignatureInput and returns the result of these transformations.
*
* @param xmlSignatureInput the input for the <code>Transform</code>s
* @return the result of the <code>Transforms</code>
* @throws TransformationException
*/
public XMLSignatureInput performTransforms(
XMLSignatureInput xmlSignatureInput) throws TransformationException {
return performTransforms(xmlSignatureInput,null);
}
/**
* Applies all included <code>Transform</code>s to xmlSignatureInput and returns the result of these transformations.
*
* @param xmlSignatureInput the input for the <code>Transform</code>s
* @param os where to output the last transformation.
* @return the result of the <code>Transforms</code>
* @throws TransformationException
*/
/**
* Applies all included <code>Transform</code>s to xmlSignatureInput and
* returns the result of these transformations.
*
* @param xmlSignatureInput the input for the <code>Transform</code>s
* @return the result of the <code>Transforms</code>
* @throws TransformationException
*/
public XMLSignatureInput performTransforms(
XMLSignatureInput xmlSignatureInput,OutputStream os) throws TransformationException {
XMLSignatureInput xmlSignatureInput) throws TransformationException {
return performTransforms(xmlSignatureInput, null);
}
try {
int last=this.getLength()-1;
for (int i = 0; i < last; i++) {
Transform t = this.item(i);
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Preform the (" + i + ")th " + t.getURI() + " transform");
}
xmlSignatureInput = t.performTransform(xmlSignatureInput);
}
if (last>=0) {
Transform t = this.item(last);
xmlSignatureInput = t.performTransform(xmlSignatureInput, os);
}
/**
* Applies all included <code>Transform</code>s to xmlSignatureInput and
* returns the result of these transformations.
*
* @param xmlSignatureInput the input for the <code>Transform</code>s
* @param os where to output the last transformation.
* @return the result of the <code>Transforms</code>
* @throws TransformationException
*/
public XMLSignatureInput performTransforms(
XMLSignatureInput xmlSignatureInput, OutputStream os)
throws TransformationException {
return xmlSignatureInput;
} catch (IOException ex) {
throw new TransformationException("empty", ex);
// } catch (ParserConfigurationException ex) { throw new TransformationException("empty", ex);
// } catch (SAXException ex) { throw new TransformationException("empty", ex);
} catch (CanonicalizationException ex) {
throw new TransformationException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
throw new TransformationException("empty", ex);
}
}
/**
* Return the nonnegative number of transformations.
*
* @return the number of transformations
*/
public int getLength()
{
/*Element nscontext = XMLUtils.createDSctx(this._doc, "ds",
Constants.SignatureSpecNS);
NodeList transformElems =
XPathAPI.selectNodeList(this._constructionElement,
"./ds:Transform", nscontext);
return transformElems.getLength();*/
if (transforms==null) {
transforms=XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(),
"Transform");
}
return transforms.length;
}
/**
* Return the <it>i</it><sup>th</sup> <code>{@link Transform}</code>.
* Valid <code>i</code> values are 0 to <code>{@link #getLength}-1</code>.
*
* @param i index of {@link Transform} to return
* @return the <it>i</it><sup>th</sup> transforms
* @throws TransformationException
*/
public Transform item(int i) throws TransformationException {
try {
if (transforms==null) {
transforms=XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(),
"Transform");
}
return new Transform(transforms[i], this._baseURI);
} catch (XMLSecurityException ex) {
throw new TransformationException("empty", ex);
try {
int last=this.getLength()-1;
for (int i = 0; i < last; i++) {
Transform t = this.item(i);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Perform the (" + i + ")th " + t.getURI()
+ " transform");
}
}
xmlSignatureInput = t.performTransform(xmlSignatureInput);
}
if (last>=0) {
Transform t = this.item(last);
xmlSignatureInput = t.performTransform(xmlSignatureInput, os);
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_TRANSFORMS;
}
return xmlSignatureInput;
} catch (IOException ex) {
throw new TransformationException("empty", ex);
} catch (CanonicalizationException ex) {
throw new TransformationException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
throw new TransformationException("empty", ex);
}
}
/**
* Return the nonnegative number of transformations.
*
* @return the number of transformations
*/
public int getLength()
{
if (transforms == null) {
transforms = XMLUtils.selectDsNodes
(this._constructionElement.getFirstChild(), "Transform");
}
return transforms.length;
}
/**
* Return the <it>i</it><sup>th</sup> <code>{@link Transform}</code>.
* Valid <code>i</code> values are 0 to <code>{@link #getLength}-1</code>.
*
* @param i index of {@link Transform} to return
* @return the <it>i</it><sup>th</sup> Transform
* @throws TransformationException
*/
public Transform item(int i) throws TransformationException {
try {
if (transforms == null) {
transforms = XMLUtils.selectDsNodes
(this._constructionElement.getFirstChild(), "Transform");
}
return new Transform(transforms[i], this._baseURI);
} catch (XMLSecurityException ex) {
throw new TransformationException("empty", ex);
}
}
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_TRANSFORMS;
}
}

2
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java
View file

@ -62,7 +62,7 @@ import org.w3c.dom.Node;
* -scott
* </PRE>
*
* @author $Author: raul $
* @author $Author: mullan $
* @see com.sun.org.apache.xml.internal.security.transforms.implementations.FuncHere
* @see com.sun.org.apache.xml.internal.security.utils.XPathFuncHereAPI
* @see <A HREF="http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html#function-here">XML Signature - The here() function</A>

13
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -33,6 +32,7 @@ import javax.xml.parsers.ParserConfigurationException;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -43,7 +43,6 @@ import org.w3c.dom.Node;
import org.w3c.dom.Text;
import org.xml.sax.SAXException;
/**
* Implements the <CODE>http://www.w3.org/2000/09/xmldsig#base64</CODE> decoding
* transform.
@ -95,13 +94,15 @@ public class TransformBase64Decode extends TransformSpi {
* @throws IOException
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws IOException, CanonicalizationException,
TransformationException {
return enginePerformTransform(input,null);
return enginePerformTransform(input, null, _transformObject);
}
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,
OutputStream os)
OutputStream os, Transform _transformObject)
throws IOException, CanonicalizationException,
TransformationException {
try {
@ -116,7 +117,7 @@ public class TransformBase64Decode extends TransformSpi {
byte[] decodedBytes = Base64.decode(sb.toString());
return new XMLSignatureInput(decodedBytes);
}
Base64.decode(sb.toString().getBytes(),os);
Base64.decode(sb.toString(),os);
XMLSignatureInput output=new XMLSignatureInput((byte[])null);
output.setOutputStream(os);
return output;

13
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N.java
View file

@ -20,17 +20,15 @@
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/**
* Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315</CODE>
* transform.
@ -54,18 +52,19 @@ public class TransformC14N extends TransformSpi {
/**
* @inheritDoc
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws CanonicalizationException {
return enginePerformTransform(input,null);
return enginePerformTransform(input, null, _transformObject);
}
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException {
Canonicalizer20010315OmitComments c14n = new Canonicalizer20010315OmitComments();
if (os!=null) {
c14n.setWriter(os);
}
byte[] result = null;
input.setNeedsToBeExpanded(true);
result=c14n.engineCanonicalize(input);
XMLSignatureInput output=new XMLSignatureInput(result);
if (os!=null) {

65
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11.java Normal file
View file

@ -0,0 +1,65 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/**
* Implements the <CODE>http://www.w3.org/2006/12/xml-c14n11</CODE>
* (C14N 1.1) transform.
*
* @author Sean Mullan
*/
public class TransformC14N11 extends TransformSpi {
protected String engineGetURI() {
return Transforms.TRANSFORM_C14N11_OMIT_COMMENTS;
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform transform)
throws CanonicalizationException {
return enginePerformTransform(input, null, transform);
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, OutputStream os, Transform transform)
throws CanonicalizationException {
Canonicalizer11_OmitComments c14n = new Canonicalizer11_OmitComments();
if (os != null) {
c14n.setWriter(os);
}
byte[] result = null;
result = c14n.engineCanonicalize(input);
XMLSignatureInput output = new XMLSignatureInput(result);
if (os != null) {
output.setOutputStream(os);
}
return output;
}
}

67
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11_WithComments.java Normal file
View file

@ -0,0 +1,67 @@
/*
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/**
* Implements the <CODE>http://www.w3.org/2006/12/xml-c14n-11#WithComments</CODE>
* (C14N 1.1 With Comments) transform.
*
* @author Sean Mullan
*/
public class TransformC14N11_WithComments extends TransformSpi {
protected String engineGetURI() {
return Transforms.TRANSFORM_C14N11_WITH_COMMENTS;
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform transform)
throws CanonicalizationException {
return enginePerformTransform(input, null, transform);
}
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, OutputStream os, Transform transform)
throws CanonicalizationException {
Canonicalizer11_WithComments c14n = new Canonicalizer11_WithComments();
if (os != null) {
c14n.setWriter(os);
}
byte[] result = null;
result = c14n.engineCanonicalize(input);
XMLSignatureInput output = new XMLSignatureInput(result);
if (os != null) {
output.setOutputStream(os);
}
return output;
}
}

23
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusive.java
View file

@ -20,25 +20,24 @@
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element;
/**
* Class TransformC14NExclusive
*
* @author $Author: raul $
* @author $Author: mullan $
* @version $Revision: 1.5 $
*/
public class TransformC14NExclusive extends TransformSpi {
@ -46,7 +45,6 @@ public class TransformC14NExclusive extends TransformSpi {
public static final String implementedTransformURI =
Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS;
/**
* Method engineGetURI
*
@ -63,27 +61,29 @@ public class TransformC14NExclusive extends TransformSpi {
* @return the transformed of the input
* @throws CanonicalizationException
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws CanonicalizationException {
return enginePerformTransform(input,null);
return enginePerformTransform(input, null, _transformObject);
}
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException {
try {
String inclusiveNamespaces = null;
if (this._transformObject
if (_transformObject
.length(InclusiveNamespaces
.ExclusiveCanonicalizationNamespace, InclusiveNamespaces
._TAG_EC_INCLUSIVENAMESPACES) == 1) {
Element inclusiveElement =
XMLUtils.selectNode(
this._transformObject.getElement().getFirstChild(),
_transformObject.getElement().getFirstChild(),
InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);
inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement,
this._transformObject.getBaseURI()).getInclusiveNamespaces();
_transformObject.getBaseURI()).getInclusiveNamespaces();
}
Canonicalizer20010315ExclOmitComments c14n =
@ -92,7 +92,6 @@ public class TransformC14NExclusive extends TransformSpi {
c14n.setWriter(os);
}
byte []result;
input.setNeedsToBeExpanded(true);
result =c14n.engineCanonicalize(input, inclusiveNamespaces);
XMLSignatureInput output=new XMLSignatureInput(result);

20
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusiveWithComments.java
View file

@ -20,21 +20,19 @@
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element;
/**
* Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</CODE>
* transform.
@ -47,7 +45,6 @@ public class TransformC14NExclusiveWithComments extends TransformSpi {
public static final String implementedTransformURI =
Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS;
/**
* Method engineGetURI
*@inheritDoc
@ -60,27 +57,29 @@ public class TransformC14NExclusiveWithComments extends TransformSpi {
/**
* @inheritDoc
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws CanonicalizationException {
return enginePerformTransform(input,null);
return enginePerformTransform(input, null, _transformObject);
}
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException {
try {
String inclusiveNamespaces = null;
if (this._transformObject
if (_transformObject
.length(InclusiveNamespaces
.ExclusiveCanonicalizationNamespace, InclusiveNamespaces
._TAG_EC_INCLUSIVENAMESPACES) == 1) {
Element inclusiveElement =
XMLUtils.selectNode(
this._transformObject.getElement().getFirstChild(),
_transformObject.getElement().getFirstChild(),
InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);
inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement,
this._transformObject.getBaseURI()).getInclusiveNamespaces();
_transformObject.getBaseURI()).getInclusiveNamespaces();
}
Canonicalizer20010315ExclWithComments c14n =
@ -88,7 +87,6 @@ public class TransformC14NExclusiveWithComments extends TransformSpi {
if (os!=null) {
c14n.setWriter( os);
}
input.setNeedsToBeExpanded(true);
byte []result;
result =c14n.engineCanonicalize(input, inclusiveNamespaces);
XMLSignatureInput output=new XMLSignatureInput(result);

17
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NWithComments.java
View file

@ -20,17 +20,15 @@
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.OutputStream;
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
/**
* Implements the <CODE>http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</CODE>
* transform.
@ -43,18 +41,20 @@ public class TransformC14NWithComments extends TransformSpi {
public static final String implementedTransformURI =
Transforms.TRANSFORM_C14N_WITH_COMMENTS;
/** @inheritDoc */
protected String engineGetURI() {
return implementedTransformURI;
}
/** @inheritDoc */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
throws CanonicalizationException {
return enginePerformTransform(input,null);
protected XMLSignatureInput enginePerformTransform
(XMLSignatureInput input, Transform _transformObject)
throws CanonicalizationException {
return enginePerformTransform(input, null, _transformObject);
}
/** @inheritDoc */
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject)
throws CanonicalizationException {
Canonicalizer20010315WithComments c14n = new Canonicalizer20010315WithComments();
@ -63,7 +63,6 @@ public class TransformC14NWithComments extends TransformSpi {
}
byte[] result = null;
input.setNeedsToBeExpanded(true);
result=c14n.engineCanonicalize(input);
XMLSignatureInput output=new XMLSignatureInput(result);
if (os!=null) {

41
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformEnvelopedSignature.java
View file

@ -20,10 +20,9 @@
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import com.sun.org.apache.xml.internal.security.signature.NodeFilter;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -32,7 +31,6 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
/**
* Implements the <CODE>http://www.w3.org/2000/09/xmldsig#enveloped-signature</CODE>
* transform.
@ -57,7 +55,7 @@ public class TransformEnvelopedSignature extends TransformSpi {
/**
* @inheritDoc
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject)
throws TransformationException {
@ -74,14 +72,7 @@ public class TransformEnvelopedSignature extends TransformSpi {
* (including comments) in the node-set representing the octet stream.
*/
/*
if (input.isOctetStream()) {
input.setNodesetXPath(Canonicalizer.XPATH_C14N_WITH_COMMENTS);
}
*/
Element transformElement = this._transformObject.getElement();
Node signatureElement = transformElement;
Node signatureElement = _transformObject.getElement();
signatureElement = searchSignatureElement(signatureElement);
@ -124,18 +115,24 @@ public class TransformEnvelopedSignature extends TransformSpi {
}
return signatureElement;
}
class EnvelopedNodeFilter implements NodeFilter {
static class EnvelopedNodeFilter implements NodeFilter {
Node exclude;
EnvelopedNodeFilter(Node n) {
exclude=n;
exclude=n;
}
public int isNodeIncludeDO(Node n, int level) {
if ((n==exclude))
return -1;
return 1;
}
/**
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
*/
public int isNodeInclude(Node n) {
if ((n==exclude) || XMLUtils.isDescendantOrSelf(exclude,n))
return -1;
return 1;
//return !XMLUtils.isDescendantOrSelf(exclude,n);
}
/**
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
*/
public boolean isNodeInclude(Node n) {
// TODO Optimize me.
return !XMLUtils.isDescendantOrSelf(exclude,n);
}
}
}

76
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath.java
View file

@ -20,13 +20,12 @@
*/
package com.sun.org.apache.xml.internal.security.transforms.implementations;
import javax.xml.transform.TransformerException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityRuntimeException;
import com.sun.org.apache.xml.internal.security.signature.NodeFilter;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -40,7 +39,6 @@ import org.w3c.dom.DOMException;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
/**
* Class TransformXPath
*
@ -53,15 +51,10 @@ import org.w3c.dom.Node;
*/
public class TransformXPath extends TransformSpi {
/** {@link java.util.logging} logging facility */
static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(TransformXPath.class.getName());
/** Field implementedTransformURI */
public static final String implementedTransformURI =
Transforms.TRANSFORM_XPATH;
/**
* Method engineGetURI
*
@ -78,7 +71,7 @@ public class TransformXPath extends TransformSpi {
*
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject)
throws TransformationException {
try {
@ -94,12 +87,12 @@ public class TransformXPath extends TransformSpi {
* The evaluation of this expression includes all of the document's nodes
* (including comments) in the node-set representing the octet stream.
*/
CachedXPathAPIHolder.setDoc(this._transformObject.getElement().getOwnerDocument());
CachedXPathAPIHolder.setDoc(_transformObject.getElement().getOwnerDocument());
Element xpathElement =XMLUtils.selectDsNode(
this._transformObject.getElement().getFirstChild(),
_transformObject.getElement().getFirstChild(),
Constants._TAG_XPATH,0);
if (xpathElement == null) {
@ -129,42 +122,47 @@ public class TransformXPath extends TransformSpi {
* @return true if needs to be circunvent for bug.
*/
private boolean needsCircunvent(String str) {
return true;
//return str.contains("namespace");
//return true;
//return false;
return (str.indexOf("namespace") != -1) || (str.indexOf("name()") != -1);
}
class XPathNodeFilter implements NodeFilter {
PrefixResolverDefault prefixResolver;
CachedXPathFuncHereAPI xPathFuncHereAPI =
new CachedXPathFuncHereAPI(CachedXPathAPIHolder.getCachedXPathAPI());
;
static class XPathNodeFilter implements NodeFilter {
PrefixResolverDefault prefixResolver;
CachedXPathFuncHereAPI xPathFuncHereAPI =
new CachedXPathFuncHereAPI(CachedXPathAPIHolder.getCachedXPathAPI());
Node xpathnode;
String str;
XPathNodeFilter(Element xpathElement,
Node xpathnode, String str) {
this.xpathnode=xpathnode;
this.str=str;
prefixResolver =new PrefixResolverDefault(xpathElement);
this.xpathnode=xpathnode;
this.str=str;
prefixResolver =new PrefixResolverDefault(xpathElement);
}
/**
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
*/
public boolean isNodeInclude(Node currentNode) {
XObject includeInResult;
try {
includeInResult = xPathFuncHereAPI.eval(currentNode,
xpathnode, str,prefixResolver);
return includeInResult.bool();
} catch (TransformerException e) {
/**
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
*/
public int isNodeInclude(Node currentNode) {
XObject includeInResult;
try {
includeInResult = xPathFuncHereAPI.eval(currentNode,
xpathnode, str,prefixResolver);
if (includeInResult.bool())
return 1;
return 0;
} catch (TransformerException e) {
Object[] eArgs = {currentNode};
throw new XMLSecurityRuntimeException("signature.Transform.node", eArgs, e);
}
catch (Exception e) {
throw new XMLSecurityRuntimeException
("signature.Transform.node", eArgs, e);
} catch (Exception e) {
Object[] eArgs = {currentNode, new Short(currentNode.getNodeType())};
throw new XMLSecurityRuntimeException("signature.Transform.nodeAndType",eArgs, e);
}
}
throw new XMLSecurityRuntimeException
("signature.Transform.nodeAndType",eArgs, e);
}
}
public int isNodeIncludeDO(Node n, int level) {
return isNodeInclude(n);
}
}
}

153
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java
View file

@ -24,7 +24,10 @@ package com.sun.org.apache.xml.internal.security.transforms.implementations;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
@ -34,6 +37,7 @@ import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerExcepti
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.NodeFilter;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -88,9 +92,9 @@ public class TransformXPath2Filter extends TransformSpi {
*
* @throws TransformationException
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject)
throws TransformationException {
CachedXPathAPIHolder.setDoc(this._transformObject.getElement().getOwnerDocument());
CachedXPathAPIHolder.setDoc(_transformObject.getElement().getOwnerDocument());
try {
List unionNodes=new ArrayList();
List substractNodes=new ArrayList();
@ -101,7 +105,7 @@ public class TransformXPath2Filter extends TransformSpi {
Element []xpathElements =XMLUtils.selectNodes(
this._transformObject.getElement().getFirstChild(),
_transformObject.getElement().getFirstChild(),
XPath2FilterContainer.XPathFilter2NS,
XPath2FilterContainer._TAG_XPATH2);
int noOfSteps = xpathElements.length;
@ -122,7 +126,7 @@ public class TransformXPath2Filter extends TransformSpi {
for (int i = 0; i < noOfSteps; i++) {
Element xpathElement =XMLUtils.selectNode(
this._transformObject.getElement().getFirstChild(),
_transformObject.getElement().getFirstChild(),
XPath2FilterContainer.XPathFilter2NS,
XPath2FilterContainer._TAG_XPATH2,i);
XPath2FilterContainer xpathContainer =
@ -143,9 +147,9 @@ public class TransformXPath2Filter extends TransformSpi {
}
}
input.setNeedsToBeExpanded(true);
input.addNodeFilter(new XPath2NodeFilter(unionNodes,substractNodes,intersectNodes));
input.addNodeFilter(new XPath2NodeFilter(convertNodeListToSet(unionNodes),
convertNodeListToSet(substractNodes),convertNodeListToSet(intersectNodes)));
input.setNodeSet(true);
return input;
} catch (TransformerException ex) {
@ -166,37 +170,110 @@ public class TransformXPath2Filter extends TransformSpi {
throw new TransformationException("empty", ex);
}
}
static Set convertNodeListToSet(List l){
Set result=new HashSet();
for (int j=0;j<l.size();j++) {
NodeList rootNodes=(NodeList) l.get(j);
int length = rootNodes.getLength();
for (int i = 0; i < length; i++) {
Node rootNode = rootNodes.item(i);
result.add(rootNode);
}
}
return result;
}
}
class XPath2NodeFilter implements NodeFilter {
XPath2NodeFilter(List unionNodes, List substractNodes,
List intersectNodes) {
boolean hasUnionNodes;
boolean hasSubstractNodes;
boolean hasIntersectNodes;
XPath2NodeFilter(Set unionNodes, Set substractNodes,
Set intersectNodes) {
this.unionNodes=unionNodes;
hasUnionNodes=!unionNodes.isEmpty();
this.substractNodes=substractNodes;
hasSubstractNodes=!substractNodes.isEmpty();
this.intersectNodes=intersectNodes;
hasIntersectNodes=!intersectNodes.isEmpty();
}
List unionNodes=new ArrayList();
List substractNodes=new ArrayList();
List intersectNodes=new ArrayList();
Set unionNodes;
Set substractNodes;
Set intersectNodes;
/**
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
*/
public boolean isNodeInclude(Node currentNode) {
boolean notIncluded=false;
if (rooted(currentNode,substractNodes)) {
notIncluded=true;
} else if (!rooted(currentNode,intersectNodes)) {
notIncluded=true;
}
if (notIncluded && rooted(currentNode,unionNodes)) {
notIncluded=false;
public int isNodeInclude(Node currentNode) {
int result=1;
if (hasSubstractNodes && rooted(currentNode, substractNodes)) {
result = -1;
} else if (hasIntersectNodes && !rooted(currentNode, intersectNodes)) {
result = 0;
}
return !notIncluded;
//TODO OPTIMIZE
if (result==1)
return 1;
if (hasUnionNodes) {
if (rooted(currentNode, unionNodes)) {
return 1;
}
result=0;
}
return result;
}
int inSubstract=-1;
int inIntersect=-1;
int inUnion=-1;
public int isNodeIncludeDO(Node n, int level) {
int result=1;
if (hasSubstractNodes) {
if ((inSubstract==-1) || (level<=inSubstract)) {
if (inList(n, substractNodes)) {
inSubstract=level;
} else {
inSubstract=-1;
}
}
if (inSubstract!=-1){
result=-1;
}
}
if (result!=-1){
if (hasIntersectNodes) {
if ((inIntersect==-1) || (level<=inIntersect)) {
if (!inList(n, intersectNodes)) {
inIntersect=-1;
result=0;
} else {
inIntersect=level;
}
}
}
}
if (level<=inUnion)
inUnion=-1;
if (result==1)
return 1;
if (hasUnionNodes) {
if ((inUnion==-1) && inList(n, unionNodes)) {
inUnion=level;
}
if (inUnion!=-1)
return 1;
result=0;
}
return result;
}
/**
* Method rooted
@ -205,20 +282,28 @@ class XPath2NodeFilter implements NodeFilter {
*
* @return if rooted bye the rootnodes
*/
boolean rooted(Node currentNode, List nodeList ) {
for (int j=0;j<nodeList.size();j++) {
NodeList rootNodes=(NodeList) nodeList.get(j);
int length = rootNodes.getLength();
for (int i = 0; i < length; i++) {
Node rootNode = rootNodes.item(i);
if (XMLUtils.isDescendantOrSelf(rootNode,currentNode)) {
return true;
}
}
static boolean rooted(Node currentNode, Set nodeList ) {
if (nodeList.contains(currentNode)) {
return true;
}
Iterator it=nodeList.iterator();
while (it.hasNext()) {
Node rootNode = (Node) it.next();
if (XMLUtils.isDescendantOrSelf(rootNode,currentNode)) {
return true;
}
}
return false;
}
/**
* Method rooted
* @param currentNode
* @param nodeList
*
* @return if rooted bye the rootnodes
*/
static boolean inList(Node currentNode, Set nodeList ) {
return nodeList.contains(currentNode);
}
}

4
jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPointer.java
View file

@ -2,7 +2,6 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
@ -25,6 +24,7 @@ package com.sun.org.apache.xml.internal.security.transforms.implementations;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
@ -56,7 +56,7 @@ public class TransformXPointer extends TransformSpi {
* @throws TransformationException
*
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject)
throws TransformationException {
Object exArgs[] = { implementedTransformURI };

Some files were not shown because too many files have changed in this diff Show more