* MessageDigestAlgorithm.getInstance() *- * */ public class MessageDigestAlgorithm extends Algorithm { /** Message Digest - NOT RECOMMENDED MD5*/ - public static final String ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5 = Constants.MoreAlgorithmsSpecNS + "md5"; - /** Digest - Required SHA1*/ - public static final String ALGO_ID_DIGEST_SHA1 = Constants.SignatureSpecNS + "sha1"; - /** Message Digest - RECOMMENDED SHA256*/ - public static final String ALGO_ID_DIGEST_SHA256 = EncryptionConstants.EncryptionSpecNS + "sha256"; - /** Message Digest - OPTIONAL SHA384*/ - public static final String ALGO_ID_DIGEST_SHA384 = Constants.MoreAlgorithmsSpecNS + "sha384"; - /** Message Digest - OPTIONAL SHA512*/ - public static final String ALGO_ID_DIGEST_SHA512 = EncryptionConstants.EncryptionSpecNS + "sha512"; - /** Message Digest - OPTIONAL RIPEMD-160*/ - public static final String ALGO_ID_DIGEST_RIPEMD160 = EncryptionConstants.EncryptionSpecNS + "ripemd160"; + public static final String ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5 = + Constants.MoreAlgorithmsSpecNS + "md5"; + /** Digest - Required SHA1*/ + public static final String ALGO_ID_DIGEST_SHA1 = Constants.SignatureSpecNS + "sha1"; + /** Message Digest - RECOMMENDED SHA256*/ + public static final String ALGO_ID_DIGEST_SHA256 = + EncryptionConstants.EncryptionSpecNS + "sha256"; + /** Message Digest - OPTIONAL SHA384*/ + public static final String ALGO_ID_DIGEST_SHA384 = + Constants.MoreAlgorithmsSpecNS + "sha384"; + /** Message Digest - OPTIONAL SHA512*/ + public static final String ALGO_ID_DIGEST_SHA512 = + EncryptionConstants.EncryptionSpecNS + "sha512"; + /** Message Digest - OPTIONAL RIPEMD-160*/ + public static final String ALGO_ID_DIGEST_RIPEMD160 = + EncryptionConstants.EncryptionSpecNS + "ripemd160"; - /** Field algorithm stores the actual {@link java.security.MessageDigest} */ - java.security.MessageDigest algorithm = null; + /** Field algorithm stores the actual {@link java.security.MessageDigest} */ + private final MessageDigest algorithm; - /** - * Constructor for the brave who pass their own message digest algorithms and the corresponding URI. - * @param doc - * @param messageDigest - * @param algorithmURI - */ - private MessageDigestAlgorithm(Document doc, MessageDigest messageDigest, - String algorithmURI) { + /** + * Constructor for the brave who pass their own message digest algorithms and the + * corresponding URI. + * @param doc + * @param algorithmURI + */ + private MessageDigestAlgorithm(Document doc, String algorithmURI) + throws XMLSignatureException { + super(doc, algorithmURI); - super(doc, algorithmURI); + algorithm = getDigestInstance(algorithmURI); + } - this.algorithm = messageDigest; - } + /** + * Factory method for constructing a message digest algorithm by name. + * + * @param doc + * @param algorithmURI + * @return The MessageDigestAlgorithm element to attach in document and to digest + * @throws XMLSignatureException + */ + public static MessageDigestAlgorithm getInstance( + Document doc, String algorithmURI + ) throws XMLSignatureException { + return new MessageDigestAlgorithm(doc, algorithmURI); + } - static ThreadLocal
Transformation algorithm
- *
- * @return the URI representation of Transformation algorithm
- */
- protected abstract String engineGetURI();
+ /**
+ * Returns the URI representation of Transformation algorithm
+ *
+ * @return the URI representation of Transformation algorithm
+ */
+ protected abstract String engineGetURI();
- /**
- * Proxy method for {@link java.security.Signature#getAlgorithm}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @return the result of the {@link java.security.Signature#getAlgorithm} method
- */
- protected abstract String engineGetJCEAlgorithmString();
+ /**
+ * Proxy method for {@link java.security.Signature#getAlgorithm}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @return the result of the {@link java.security.Signature#getAlgorithm} method
+ */
+ protected abstract String engineGetJCEAlgorithmString();
- /**
- * Method engineGetJCEProviderName
- *
- * @return the JCE ProviderName
- */
- protected abstract String engineGetJCEProviderName();
+ /**
+ * Method engineGetJCEProviderName
+ *
+ * @return the JCE ProviderName
+ */
+ protected abstract String engineGetJCEProviderName();
- /**
- * Proxy method for {@link java.security.Signature#update(byte[])}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param input
- * @throws XMLSignatureException
- */
- protected abstract void engineUpdate(byte[] input)
- throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#update(byte[])}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param input
+ * @throws XMLSignatureException
+ */
+ protected abstract void engineUpdate(byte[] input) throws XMLSignatureException;
- /**
- * Proxy method for {@link java.security.Signature#update(byte[])}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param input
- * @throws XMLSignatureException
- */
- protected abstract void engineUpdate(byte input)
- throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#update(byte[])}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param input
+ * @throws XMLSignatureException
+ */
+ protected abstract void engineUpdate(byte input) throws XMLSignatureException;
- /**
- * Proxy method for {@link java.security.Signature#update(byte[], int, int)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param buf
- * @param offset
- * @param len
- * @throws XMLSignatureException
- */
- protected abstract void engineUpdate(byte buf[], int offset, int len)
- throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#update(byte[], int, int)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param buf
+ * @param offset
+ * @param len
+ * @throws XMLSignatureException
+ */
+ protected abstract void engineUpdate(byte buf[], int offset, int len)
+ throws XMLSignatureException;
- /**
- * Proxy method for {@link java.security.Signature#initSign(java.security.PrivateKey)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param signingKey
- * @throws XMLSignatureException if this method is called on a MAC
- */
- protected abstract void engineInitSign(Key signingKey)
- throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#initSign(java.security.PrivateKey)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param signingKey
+ * @throws XMLSignatureException if this method is called on a MAC
+ */
+ protected abstract void engineInitSign(Key signingKey) throws XMLSignatureException;
- /**
- * Proxy method for {@link java.security.Signature#initSign(java.security.PrivateKey, java.security.SecureRandom)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param signingKey
- * @param secureRandom
- * @throws XMLSignatureException if this method is called on a MAC
- */
- protected abstract void engineInitSign(
- Key signingKey, SecureRandom secureRandom) throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#initSign(java.security.PrivateKey,
+ * java.security.SecureRandom)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param signingKey
+ * @param secureRandom
+ * @throws XMLSignatureException if this method is called on a MAC
+ */
+ protected abstract void engineInitSign(Key signingKey, SecureRandom secureRandom)
+ throws XMLSignatureException;
- /**
- * Proxy method for {@link javax.crypto.Mac}
- * which is executed on the internal {@link javax.crypto.Mac#init(Key)} object.
- *
- * @param signingKey
- * @param algorithmParameterSpec
- * @throws XMLSignatureException if this method is called on a Signature
- */
- protected abstract void engineInitSign(
- Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
- throws XMLSignatureException;
+ /**
+ * Proxy method for {@link javax.crypto.Mac}
+ * which is executed on the internal {@link javax.crypto.Mac#init(Key)} object.
+ *
+ * @param signingKey
+ * @param algorithmParameterSpec
+ * @throws XMLSignatureException if this method is called on a Signature
+ */
+ protected abstract void engineInitSign(
+ Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
+ ) throws XMLSignatureException;
- /**
- * Proxy method for {@link java.security.Signature#sign()}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @return the result of the {@link java.security.Signature#sign()} method
- * @throws XMLSignatureException
- */
- protected abstract byte[] engineSign() throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#sign()}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @return the result of the {@link java.security.Signature#sign()} method
+ * @throws XMLSignatureException
+ */
+ protected abstract byte[] engineSign() throws XMLSignatureException;
- /**
- * Method engineInitVerify
- *
- * @param verificationKey
- * @throws XMLSignatureException
- */
- protected abstract void engineInitVerify(Key verificationKey)
- throws XMLSignatureException;
+ /**
+ * Method engineInitVerify
+ *
+ * @param verificationKey
+ * @throws XMLSignatureException
+ */
+ protected abstract void engineInitVerify(Key verificationKey) throws XMLSignatureException;
- /**
- * Proxy method for {@link java.security.Signature#verify(byte[])}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param signature
- * @return true if the signature is correct
- * @throws XMLSignatureException
- */
- protected abstract boolean engineVerify(byte[] signature)
- throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#verify(byte[])}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param signature
+ * @return true if the signature is correct
+ * @throws XMLSignatureException
+ */
+ protected abstract boolean engineVerify(byte[] signature) throws XMLSignatureException;
- /**
- * Proxy method for {@link java.security.Signature#setParameter(java.security.spec.AlgorithmParameterSpec)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param params
- * @throws XMLSignatureException
- */
- protected abstract void engineSetParameter(AlgorithmParameterSpec params)
- throws XMLSignatureException;
+ /**
+ * Proxy method for {@link java.security.Signature#setParameter(
+ * java.security.spec.AlgorithmParameterSpec)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param params
+ * @throws XMLSignatureException
+ */
+ protected abstract void engineSetParameter(AlgorithmParameterSpec params)
+ throws XMLSignatureException;
- /**
- * Method engineGetContextFromElement
- *
- * @param element
- */
- protected void engineGetContextFromElement(Element element) {
- }
+ /**
+ * Method engineGetContextFromElement
+ *
+ * @param element
+ */
+ protected void engineGetContextFromElement(Element element) {
+ }
- /**
- * Method engineSetHMACOutputLength
- *
- * @param HMACOutputLength
- * @throws XMLSignatureException
- */
- protected abstract void engineSetHMACOutputLength(int HMACOutputLength)
- throws XMLSignatureException;
+ /**
+ * Method engineSetHMACOutputLength
+ *
+ * @param HMACOutputLength
+ * @throws XMLSignatureException
+ */
+ protected abstract void engineSetHMACOutputLength(int HMACOutputLength)
+ throws XMLSignatureException;
public void reset() {
- }
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
index 7231b069a18..8935e389728 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
@@ -2,26 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
-
-
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
@@ -42,570 +42,498 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Text;
-
-/**
- *
- * @author $Author: mullan $
- */
public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
- java.util.logging.Logger.getLogger(IntegrityHmacSHA1.class.getName());
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(IntegrityHmac.class.getName());
- /**
- * Method engineGetURI
- *
- *@inheritDoc
- */
- public abstract String engineGetURI();
+ /** Field macAlgorithm */
+ private Mac macAlgorithm = null;
- /**
- * Returns the output length of the hash/digest.
- */
- abstract int getDigestLength();
+ /** Field HMACOutputLength */
+ private int HMACOutputLength = 0;
+ private boolean HMACOutputLengthSet = false;
- /** Field _macAlgorithm */
- private Mac _macAlgorithm = null;
- private boolean _HMACOutputLengthSet = false;
+ /**
+ * Method engineGetURI
+ *
+ *@inheritDoc
+ */
+ public abstract String engineGetURI();
- /** Field _HMACOutputLength */
- int _HMACOutputLength = 0;
+ /**
+ * Returns the output length of the hash/digest.
+ */
+ abstract int getDigestLength();
- /**
- * Method IntegrityHmacSHA1das
- *
- * @throws XMLSignatureException
- */
- public IntegrityHmac() throws XMLSignatureException {
+ /**
+ * Method IntegrityHmac
+ *
+ * @throws XMLSignatureException
+ */
+ public IntegrityHmac() throws XMLSignatureException {
+ String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID);
+ }
- String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
- if (log.isLoggable(java.util.logging.Level.FINE))
- log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID);
+ try {
+ this.macAlgorithm = Mac.getInstance(algorithmID);
+ } catch (java.security.NoSuchAlgorithmException ex) {
+ Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
- try {
- this._macAlgorithm = Mac.getInstance(algorithmID);
- } catch (java.security.NoSuchAlgorithmException ex) {
- Object[] exArgs = { algorithmID,
- ex.getLocalizedMessage() };
+ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
+ }
+ }
- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
- }
- }
+ /**
+ * Proxy method for {@link java.security.Signature#setParameter(
+ * java.security.spec.AlgorithmParameterSpec)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param params
+ * @throws XMLSignatureException
+ */
+ protected void engineSetParameter(AlgorithmParameterSpec params) throws XMLSignatureException {
+ throw new XMLSignatureException("empty");
+ }
- /**
- * Proxy method for {@link java.security.Signature#setParameter(java.security.spec.AlgorithmParameterSpec)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param params
- * @throws XMLSignatureException
- */
- protected void engineSetParameter(AlgorithmParameterSpec params)
- throws XMLSignatureException {
- throw new XMLSignatureException("empty");
- }
+ public void reset() {
+ HMACOutputLength = 0;
+ HMACOutputLengthSet = false;
+ this.macAlgorithm.reset();
+ }
- public void reset() {
- _HMACOutputLength=0;
- _HMACOutputLengthSet = false;
- _macAlgorithm.reset();
- }
-
- /**
- * Proxy method for {@link java.security.Signature#verify(byte[])}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param signature
- * @return true if the signature is correct
- * @throws XMLSignatureException
- */
- protected boolean engineVerify(byte[] signature)
- throws XMLSignatureException {
-
- try {
- if (this._HMACOutputLengthSet && this._HMACOutputLength < getDigestLength()) {
- if (log.isLoggable(java.util.logging.Level.FINE)) {
- log.log(java.util.logging.Level.FINE,
- "HMACOutputLength must not be less than " + getDigestLength());
+ /**
+ * Proxy method for {@link java.security.Signature#verify(byte[])}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param signature
+ * @return true if the signature is correct
+ * @throws XMLSignatureException
+ */
+ protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
+ try {
+ if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
+ }
+ Object[] exArgs = { String.valueOf(getDigestLength()) };
+ throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
+ } else {
+ byte[] completeResult = this.macAlgorithm.doFinal();
+ return MessageDigestAlgorithm.isEqual(completeResult, signature);
}
- throw new XMLSignatureException("errorMessages.XMLSignatureException");
- } else {
- byte[] completeResult = this._macAlgorithm.doFinal();
- return MessageDigestAlgorithm.isEqual(completeResult, signature);
- }
- } catch (IllegalStateException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ } catch (IllegalStateException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- /**
- * Proxy method for {@link java.security.Signature#initVerify(java.security.PublicKey)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param secretKey
- * @throws XMLSignatureException
- */
- protected void engineInitVerify(Key secretKey) throws XMLSignatureException {
+ /**
+ * Proxy method for {@link java.security.Signature#initVerify(java.security.PublicKey)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param secretKey
+ * @throws XMLSignatureException
+ */
+ protected void engineInitVerify(Key secretKey) throws XMLSignatureException {
+ if (!(secretKey instanceof SecretKey)) {
+ String supplied = secretKey.getClass().getName();
+ String needed = SecretKey.class.getName();
+ Object exArgs[] = { supplied, needed };
- if (!(secretKey instanceof SecretKey)) {
- String supplied = secretKey.getClass().getName();
- String needed = SecretKey.class.getName();
- Object exArgs[] = { supplied, needed };
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
+ }
- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
- exArgs);
- }
-
- try {
- this._macAlgorithm.init(secretKey);
- } catch (InvalidKeyException ex) {
+ try {
+ this.macAlgorithm.init(secretKey);
+ } catch (InvalidKeyException ex) {
// reinstantiate Mac object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
- Mac mac = this._macAlgorithm;
+ Mac mac = this.macAlgorithm;
try {
- this._macAlgorithm = Mac.getInstance
- (_macAlgorithm.getAlgorithm());
+ this.macAlgorithm = Mac.getInstance(macAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous Mac
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Mac:" + e);
}
- this._macAlgorithm = mac;
+ this.macAlgorithm = mac;
}
throw new XMLSignatureException("empty", ex);
- }
- }
+ }
+ }
- /**
- * Proxy method for {@link java.security.Signature#sign()}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @return the result of the {@link java.security.Signature#sign()} method
- * @throws XMLSignatureException
- */
- protected byte[] engineSign() throws XMLSignatureException {
-
- try {
- if (this._HMACOutputLengthSet && this._HMACOutputLength < getDigestLength()) {
- if (log.isLoggable(java.util.logging.Level.FINE)) {
- log.log(java.util.logging.Level.FINE,
- "HMACOutputLength must not be less than " + getDigestLength());
+ /**
+ * Proxy method for {@link java.security.Signature#sign()}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @return the result of the {@link java.security.Signature#sign()} method
+ * @throws XMLSignatureException
+ */
+ protected byte[] engineSign() throws XMLSignatureException {
+ try {
+ if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
+ }
+ Object[] exArgs = { String.valueOf(getDigestLength()) };
+ throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
+ } else {
+ return this.macAlgorithm.doFinal();
}
- throw new XMLSignatureException("errorMessages.XMLSignatureException");
- } else {
- return this._macAlgorithm.doFinal();
- }
- } catch (IllegalStateException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ } catch (IllegalStateException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- /**
- * Method reduceBitLength
- *
- * @param completeResult
- * @return the reduced bits.
- * @param length
- *
- */
- private static byte[] reduceBitLength(byte completeResult[], int length) {
+ /**
+ * Method engineInitSign
+ *
+ * @param secretKey
+ * @throws XMLSignatureException
+ */
+ protected void engineInitSign(Key secretKey) throws XMLSignatureException {
+ if (!(secretKey instanceof SecretKey)) {
+ String supplied = secretKey.getClass().getName();
+ String needed = SecretKey.class.getName();
+ Object exArgs[] = { supplied, needed };
- int bytes = length / 8;
- int abits = length % 8;
- byte[] strippedResult = new byte[bytes + ((abits == 0)
- ? 0
- : 1)];
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
+ }
- System.arraycopy(completeResult, 0, strippedResult, 0, bytes);
+ try {
+ this.macAlgorithm.init(secretKey);
+ } catch (InvalidKeyException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- if (abits > 0) {
- byte[] MASK = { (byte) 0x00, (byte) 0x80, (byte) 0xC0, (byte) 0xE0,
- (byte) 0xF0, (byte) 0xF8, (byte) 0xFC, (byte) 0xFE };
+ /**
+ * Method engineInitSign
+ *
+ * @param secretKey
+ * @param algorithmParameterSpec
+ * @throws XMLSignatureException
+ */
+ protected void engineInitSign(
+ Key secretKey, AlgorithmParameterSpec algorithmParameterSpec
+ ) throws XMLSignatureException {
+ if (!(secretKey instanceof SecretKey)) {
+ String supplied = secretKey.getClass().getName();
+ String needed = SecretKey.class.getName();
+ Object exArgs[] = { supplied, needed };
- strippedResult[bytes] = (byte) (completeResult[bytes] & MASK[abits]);
- }
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
+ }
- return strippedResult;
- }
+ try {
+ this.macAlgorithm.init(secretKey, algorithmParameterSpec);
+ } catch (InvalidKeyException ex) {
+ throw new XMLSignatureException("empty", ex);
+ } catch (InvalidAlgorithmParameterException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- /**
- * Method engineInitSign
- *
- * @param secretKey
- * @throws XMLSignatureException
- */
- protected void engineInitSign(Key secretKey) throws XMLSignatureException {
+ /**
+ * Method engineInitSign
+ *
+ * @param secretKey
+ * @param secureRandom
+ * @throws XMLSignatureException
+ */
+ protected void engineInitSign(Key secretKey, SecureRandom secureRandom)
+ throws XMLSignatureException {
+ throw new XMLSignatureException("algorithms.CannotUseSecureRandomOnMAC");
+ }
- if (!(secretKey instanceof SecretKey)) {
- String supplied = secretKey.getClass().getName();
- String needed = SecretKey.class.getName();
- Object exArgs[] = { supplied, needed };
+ /**
+ * Proxy method for {@link java.security.Signature#update(byte[])}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param input
+ * @throws XMLSignatureException
+ */
+ protected void engineUpdate(byte[] input) throws XMLSignatureException {
+ try {
+ this.macAlgorithm.update(input);
+ } catch (IllegalStateException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
- exArgs);
- }
+ /**
+ * Proxy method for {@link java.security.Signature#update(byte)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param input
+ * @throws XMLSignatureException
+ */
+ protected void engineUpdate(byte input) throws XMLSignatureException {
+ try {
+ this.macAlgorithm.update(input);
+ } catch (IllegalStateException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- try {
- this._macAlgorithm.init(secretKey);
- } catch (InvalidKeyException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /**
+ * Proxy method for {@link java.security.Signature#update(byte[], int, int)}
+ * which is executed on the internal {@link java.security.Signature} object.
+ *
+ * @param buf
+ * @param offset
+ * @param len
+ * @throws XMLSignatureException
+ */
+ protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
+ try {
+ this.macAlgorithm.update(buf, offset, len);
+ } catch (IllegalStateException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- /**
- * Method engineInitSign
- *
- * @param secretKey
- * @param algorithmParameterSpec
- * @throws XMLSignatureException
- */
- protected void engineInitSign(
- Key secretKey, AlgorithmParameterSpec algorithmParameterSpec)
- throws XMLSignatureException {
+ /**
+ * Method engineGetJCEAlgorithmString
+ * @inheritDoc
+ *
+ */
+ protected String engineGetJCEAlgorithmString() {
+ return this.macAlgorithm.getAlgorithm();
+ }
- if (!(secretKey instanceof SecretKey)) {
- String supplied = secretKey.getClass().getName();
- String needed = SecretKey.class.getName();
- Object exArgs[] = { supplied, needed };
+ /**
+ * Method engineGetJCEAlgorithmString
+ *
+ * @inheritDoc
+ */
+ protected String engineGetJCEProviderName() {
+ return this.macAlgorithm.getProvider().getName();
+ }
- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
- exArgs);
- }
+ /**
+ * Method engineSetHMACOutputLength
+ *
+ * @param HMACOutputLength
+ */
+ protected void engineSetHMACOutputLength(int HMACOutputLength) {
+ this.HMACOutputLength = HMACOutputLength;
+ this.HMACOutputLengthSet = true;
+ }
- try {
- this._macAlgorithm.init(secretKey, algorithmParameterSpec);
- } catch (InvalidKeyException ex) {
- throw new XMLSignatureException("empty", ex);
- } catch (InvalidAlgorithmParameterException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /**
+ * Method engineGetContextFromElement
+ *
+ * @param element
+ */
+ protected void engineGetContextFromElement(Element element) {
+ super.engineGetContextFromElement(element);
- /**
- * Method engineInitSign
- *
- * @param secretKey
- * @param secureRandom
- * @throws XMLSignatureException
- */
- protected void engineInitSign(Key secretKey, SecureRandom secureRandom)
- throws XMLSignatureException {
- throw new XMLSignatureException("algorithms.CannotUseSecureRandomOnMAC");
- }
+ if (element == null) {
+ throw new IllegalArgumentException("element null");
+ }
- /**
- * Proxy method for {@link java.security.Signature#update(byte[])}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param input
- * @throws XMLSignatureException
- */
- protected void engineUpdate(byte[] input) throws XMLSignatureException {
+ Text hmaclength =
+ XMLUtils.selectDsNodeText(element.getFirstChild(), Constants._TAG_HMACOUTPUTLENGTH, 0);
- try {
- this._macAlgorithm.update(input);
- } catch (IllegalStateException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ if (hmaclength != null) {
+ this.HMACOutputLength = Integer.parseInt(hmaclength.getData());
+ this.HMACOutputLengthSet = true;
+ }
+ }
- /**
- * Proxy method for {@link java.security.Signature#update(byte)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param input
- * @throws XMLSignatureException
- */
- protected void engineUpdate(byte input) throws XMLSignatureException {
+ /**
+ * Method engineAddContextToElement
+ *
+ * @param element
+ */
+ public void engineAddContextToElement(Element element) {
+ if (element == null) {
+ throw new IllegalArgumentException("null element");
+ }
- try {
- this._macAlgorithm.update(input);
- } catch (IllegalStateException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ if (this.HMACOutputLengthSet) {
+ Document doc = element.getOwnerDocument();
+ Element HMElem =
+ XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_HMACOUTPUTLENGTH);
+ Text HMText =
+ doc.createTextNode(Integer.valueOf(this.HMACOutputLength).toString());
- /**
- * Proxy method for {@link java.security.Signature#update(byte[], int, int)}
- * which is executed on the internal {@link java.security.Signature} object.
- *
- * @param buf
- * @param offset
- * @param len
- * @throws XMLSignatureException
- */
- protected void engineUpdate(byte buf[], int offset, int len)
- throws XMLSignatureException {
+ HMElem.appendChild(HMText);
+ XMLUtils.addReturnToElement(element);
+ element.appendChild(HMElem);
+ XMLUtils.addReturnToElement(element);
+ }
+ }
- try {
- this._macAlgorithm.update(buf, offset, len);
- } catch (IllegalStateException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /**
+ * Class IntegrityHmacSHA1
+ */
+ public static class IntegrityHmacSHA1 extends IntegrityHmac {
- /**
- * Method engineGetJCEAlgorithmString
- * @inheritDoc
- *
- */
- protected String engineGetJCEAlgorithmString() {
+ /**
+ * Constructor IntegrityHmacSHA1
+ *
+ * @throws XMLSignatureException
+ */
+ public IntegrityHmacSHA1() throws XMLSignatureException {
+ super();
+ }
- log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()");
+ /**
+ * Method engineGetURI
+ * @inheritDoc
+ *
+ */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_MAC_HMAC_SHA1;
+ }
- return this._macAlgorithm.getAlgorithm();
- }
+ int getDigestLength() {
+ return 160;
+ }
+ }
- /**
- * Method engineGetJCEAlgorithmString
- *
- * @inheritDoc
- */
- protected String engineGetJCEProviderName() {
- return this._macAlgorithm.getProvider().getName();
- }
+ /**
+ * Class IntegrityHmacSHA256
+ */
+ public static class IntegrityHmacSHA256 extends IntegrityHmac {
- /**
- * Method engineSetHMACOutputLength
- *
- * @param HMACOutputLength
- */
- protected void engineSetHMACOutputLength(int HMACOutputLength) {
- this._HMACOutputLength = HMACOutputLength;
- this._HMACOutputLengthSet = true;
- }
+ /**
+ * Constructor IntegrityHmacSHA256
+ *
+ * @throws XMLSignatureException
+ */
+ public IntegrityHmacSHA256() throws XMLSignatureException {
+ super();
+ }
- /**
- * Method engineGetContextFromElement
- *
- * @param element
- */
- protected void engineGetContextFromElement(Element element) {
+ /**
+ * Method engineGetURI
+ *
+ * @inheritDoc
+ */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_MAC_HMAC_SHA256;
+ }
- super.engineGetContextFromElement(element);
+ int getDigestLength() {
+ return 256;
+ }
+ }
- if (element == null) {
- throw new IllegalArgumentException("element null");
- }
+ /**
+ * Class IntegrityHmacSHA384
+ */
+ public static class IntegrityHmacSHA384 extends IntegrityHmac {
- Text hmaclength =XMLUtils.selectDsNodeText(element.getFirstChild(),
- Constants._TAG_HMACOUTPUTLENGTH,0);
+ /**
+ * Constructor IntegrityHmacSHA384
+ *
+ * @throws XMLSignatureException
+ */
+ public IntegrityHmacSHA384() throws XMLSignatureException {
+ super();
+ }
- if (hmaclength != null) {
- this._HMACOutputLength = Integer.parseInt(hmaclength.getData());
- this._HMACOutputLengthSet = true;
- }
+ /**
+ * Method engineGetURI
+ * @inheritDoc
+ *
+ */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_MAC_HMAC_SHA384;
+ }
- }
+ int getDigestLength() {
+ return 384;
+ }
+ }
- /**
- * Method engineAddContextToElement
- *
- * @param element
- */
- public void engineAddContextToElement(Element element) {
+ /**
+ * Class IntegrityHmacSHA512
+ */
+ public static class IntegrityHmacSHA512 extends IntegrityHmac {
- if (element == null) {
- throw new IllegalArgumentException("null element");
- }
+ /**
+ * Constructor IntegrityHmacSHA512
+ *
+ * @throws XMLSignatureException
+ */
+ public IntegrityHmacSHA512() throws XMLSignatureException {
+ super();
+ }
- if (this._HMACOutputLengthSet) {
- Document doc = element.getOwnerDocument();
- Element HMElem = XMLUtils.createElementInSignatureSpace(doc,
- Constants._TAG_HMACOUTPUTLENGTH);
- Text HMText =
- doc.createTextNode(new Integer(this._HMACOutputLength).toString());
+ /**
+ * Method engineGetURI
+ * @inheritDoc
+ *
+ */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_MAC_HMAC_SHA512;
+ }
- HMElem.appendChild(HMText);
- XMLUtils.addReturnToElement(element);
- element.appendChild(HMElem);
- XMLUtils.addReturnToElement(element);
- }
- }
+ int getDigestLength() {
+ return 512;
+ }
+ }
- /**
- * Class IntegrityHmacSHA1
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
- */
- public static class IntegrityHmacSHA1 extends IntegrityHmac {
+ /**
+ * Class IntegrityHmacRIPEMD160
+ */
+ public static class IntegrityHmacRIPEMD160 extends IntegrityHmac {
- /**
- * Constructor IntegrityHmacSHA1
- *
- * @throws XMLSignatureException
- */
- public IntegrityHmacSHA1() throws XMLSignatureException {
- super();
- }
+ /**
+ * Constructor IntegrityHmacRIPEMD160
+ *
+ * @throws XMLSignatureException
+ */
+ public IntegrityHmacRIPEMD160() throws XMLSignatureException {
+ super();
+ }
- /**
- * Method engineGetURI
- * @inheritDoc
- *
- */
- public String engineGetURI() {
- return XMLSignature.ALGO_ID_MAC_HMAC_SHA1;
- }
+ /**
+ * Method engineGetURI
+ *
+ * @inheritDoc
+ */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160;
+ }
- int getDigestLength() {
- return 160;
- }
- }
+ int getDigestLength() {
+ return 160;
+ }
+ }
- /**
- * Class IntegrityHmacSHA256
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
- */
- public static class IntegrityHmacSHA256 extends IntegrityHmac {
+ /**
+ * Class IntegrityHmacMD5
+ */
+ public static class IntegrityHmacMD5 extends IntegrityHmac {
- /**
- * Constructor IntegrityHmacSHA256
- *
- * @throws XMLSignatureException
- */
- public IntegrityHmacSHA256() throws XMLSignatureException {
- super();
- }
+ /**
+ * Constructor IntegrityHmacMD5
+ *
+ * @throws XMLSignatureException
+ */
+ public IntegrityHmacMD5() throws XMLSignatureException {
+ super();
+ }
- /**
- * Method engineGetURI
- *
- * @inheritDoc
- */
- public String engineGetURI() {
- return XMLSignature.ALGO_ID_MAC_HMAC_SHA256;
- }
+ /**
+ * Method engineGetURI
+ *
+ * @inheritDoc
+ */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5;
+ }
- int getDigestLength() {
- return 256;
- }
- }
-
- /**
- * Class IntegrityHmacSHA384
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
- */
- public static class IntegrityHmacSHA384 extends IntegrityHmac {
-
- /**
- * Constructor IntegrityHmacSHA384
- *
- * @throws XMLSignatureException
- */
- public IntegrityHmacSHA384() throws XMLSignatureException {
- super();
- }
-
- /**
- * Method engineGetURI
- * @inheritDoc
- *
- */
- public String engineGetURI() {
- return XMLSignature.ALGO_ID_MAC_HMAC_SHA384;
- }
-
- int getDigestLength() {
- return 384;
- }
- }
-
- /**
- * Class IntegrityHmacSHA512
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
- */
- public static class IntegrityHmacSHA512 extends IntegrityHmac {
-
- /**
- * Constructor IntegrityHmacSHA512
- *
- * @throws XMLSignatureException
- */
- public IntegrityHmacSHA512() throws XMLSignatureException {
- super();
- }
-
- /**
- * Method engineGetURI
- * @inheritDoc
- *
- */
- public String engineGetURI() {
- return XMLSignature.ALGO_ID_MAC_HMAC_SHA512;
- }
-
- int getDigestLength() {
- return 512;
- }
- }
-
- /**
- * Class IntegrityHmacRIPEMD160
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
- */
- public static class IntegrityHmacRIPEMD160 extends IntegrityHmac {
-
- /**
- * Constructor IntegrityHmacRIPEMD160
- *
- * @throws XMLSignatureException
- */
- public IntegrityHmacRIPEMD160() throws XMLSignatureException {
- super();
- }
-
- /**
- * Method engineGetURI
- *
- * @inheritDoc
- */
- public String engineGetURI() {
- return XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160;
- }
-
- int getDigestLength() {
- return 160;
- }
- }
-
- /**
- * Class IntegrityHmacMD5
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
- */
- public static class IntegrityHmacMD5 extends IntegrityHmac {
-
- /**
- * Constructor IntegrityHmacMD5
- *
- * @throws XMLSignatureException
- */
- public IntegrityHmacMD5() throws XMLSignatureException {
- super();
- }
-
- /**
- * Method engineGetURI
- *
- * @inheritDoc
- */
- public String engineGetURI() {
- return XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5;
- }
-
- int getDigestLength() {
- return 128;
- }
- }
+ int getDigestLength() {
+ return 128;
+ }
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
index ccc01b01c58..7460f66ffd6 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2007 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
@@ -36,22 +38,17 @@ import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
-/**
- *
- * @author $Author: mullan $
- */
public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
- java.util.logging.Logger.getLogger
- (SignatureBaseRSA.class.getName());
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(SignatureBaseRSA.class.getName());
/** @inheritDoc */
public abstract String engineGetURI();
/** Field algorithm */
- private java.security.Signature _signatureAlgorithm = null;
+ private java.security.Signature signatureAlgorithm = null;
/**
* Constructor SignatureRSA
@@ -59,17 +56,17 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
* @throws XMLSignatureException
*/
public SignatureBaseRSA() throws XMLSignatureException {
-
String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
- if (log.isLoggable(java.util.logging.Level.FINE))
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Created SignatureRSA using " + algorithmID);
- String provider=JCEMapper.getProviderId();
+ }
+ String provider = JCEMapper.getProviderId();
try {
- if (provider==null) {
- this._signatureAlgorithm = Signature.getInstance(algorithmID);
+ if (provider == null) {
+ this.signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
- this._signatureAlgorithm = Signature.getInstance(algorithmID,provider);
+ this.signatureAlgorithm = Signature.getInstance(algorithmID,provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
@@ -85,20 +82,17 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
-
try {
- this._signatureAlgorithm.setParameter(params);
+ this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
- protected boolean engineVerify(byte[] signature)
- throws XMLSignatureException {
-
+ protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try {
- return this._signatureAlgorithm.verify(signature);
+ return this.signatureAlgorithm.verify(signature);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -106,32 +100,29 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
-
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
- throw new XMLSignatureException
- ("algorithms.WrongKeyForThisOperation", exArgs);
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
- this._signatureAlgorithm.initVerify((PublicKey) publicKey);
+ this.signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
- Signature sig = this._signatureAlgorithm;
+ Signature sig = this.signatureAlgorithm;
try {
- this._signatureAlgorithm = Signature.getInstance
- (_signatureAlgorithm.getAlgorithm());
+ this.signatureAlgorithm = Signature.getInstance(signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
- this._signatureAlgorithm = sig;
+ this.signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
@@ -140,7 +131,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected byte[] engineSign() throws XMLSignatureException {
try {
- return this._signatureAlgorithm.sign();
+ return this.signatureAlgorithm.sign();
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -149,19 +140,16 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
throws XMLSignatureException {
-
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
- throw new XMLSignatureException
- ("algorithms.WrongKeyForThisOperation", exArgs);
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
- this._signatureAlgorithm.initSign
- ((PrivateKey) privateKey, secureRandom);
+ this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -169,18 +157,16 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
-
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
- throw new XMLSignatureException
- ("algorithms.WrongKeyForThisOperation", exArgs);
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
- this._signatureAlgorithm.initSign((PrivateKey) privateKey);
+ this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -189,7 +175,7 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
- this._signatureAlgorithm.update(input);
+ this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -198,17 +184,16 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
- this._signatureAlgorithm.update(input);
+ this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
}
/** @inheritDoc */
- protected void engineUpdate(byte buf[], int offset, int len)
- throws XMLSignatureException {
+ protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try {
- this._signatureAlgorithm.update(buf, offset, len);
+ this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -216,34 +201,29 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/** @inheritDoc */
protected String engineGetJCEAlgorithmString() {
- return this._signatureAlgorithm.getAlgorithm();
+ return this.signatureAlgorithm.getAlgorithm();
}
/** @inheritDoc */
protected String engineGetJCEProviderName() {
- return this._signatureAlgorithm.getProvider().getName();
+ return this.signatureAlgorithm.getProvider().getName();
}
/** @inheritDoc */
protected void engineSetHMACOutputLength(int HMACOutputLength)
throws XMLSignatureException {
- throw new XMLSignatureException
- ("algorithms.HMACOutputLengthOnlyForHMAC");
+ throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/** @inheritDoc */
protected void engineInitSign(
- Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
- throws XMLSignatureException {
- throw new XMLSignatureException(
- "algorithms.CannotUseAlgorithmParameterSpecOnRSA");
+ Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
+ ) throws XMLSignatureException {
+ throw new XMLSignatureException("algorithms.CannotUseAlgorithmParameterSpecOnRSA");
}
/**
* Class SignatureRSASHA1
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
*/
public static class SignatureRSASHA1 extends SignatureBaseRSA {
@@ -264,9 +244,6 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/**
* Class SignatureRSASHA256
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
*/
public static class SignatureRSASHA256 extends SignatureBaseRSA {
@@ -287,9 +264,6 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/**
* Class SignatureRSASHA384
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
*/
public static class SignatureRSASHA384 extends SignatureBaseRSA {
@@ -310,9 +284,6 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/**
* Class SignatureRSASHA512
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
*/
public static class SignatureRSASHA512 extends SignatureBaseRSA {
@@ -333,9 +304,6 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/**
* Class SignatureRSARIPEMD160
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
*/
public static class SignatureRSARIPEMD160 extends SignatureBaseRSA {
@@ -356,9 +324,6 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
/**
* Class SignatureRSAMD5
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
*/
public static class SignatureRSAMD5 extends SignatureBaseRSA {
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
index 615aa436e46..0c6aca1361a 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
@@ -37,21 +39,17 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
import com.sun.org.apache.xml.internal.security.utils.Constants;
-/**
- *
- * @author $Author: mullan $
- */
public class SignatureDSA extends SignatureAlgorithmSpi {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureDSA.class.getName());
- /** Field _URI */
- public static final String _URI = Constants.SignatureSpecNS + "dsa-sha1";
+ /** Field URI */
+ public static final String URI = Constants.SignatureSpecNS + "dsa-sha1";
/** Field algorithm */
- private java.security.Signature _signatureAlgorithm = null;
+ private java.security.Signature signatureAlgorithm = null;
/**
* Method engineGetURI
@@ -59,7 +57,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected String engineGetURI() {
- return SignatureDSA._URI;
+ return SignatureDSA.URI;
}
/**
@@ -68,17 +66,17 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @throws XMLSignatureException
*/
public SignatureDSA() throws XMLSignatureException {
-
- String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA._URI);
- if (log.isLoggable(java.util.logging.Level.FINE))
+ String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA.URI);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID);
+ }
String provider = JCEMapper.getProviderId();
try {
if (provider == null) {
- this._signatureAlgorithm = Signature.getInstance(algorithmID);
+ this.signatureAlgorithm = Signature.getInstance(algorithmID);
} else {
- this._signatureAlgorithm =
+ this.signatureAlgorithm =
Signature.getInstance(algorithmID, provider);
}
} catch (java.security.NoSuchAlgorithmException ex) {
@@ -95,9 +93,8 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
*/
protected void engineSetParameter(AlgorithmParameterSpec params)
throws XMLSignatureException {
-
try {
- this._signatureAlgorithm.setParameter(params);
+ this.signatureAlgorithm.setParameter(params);
} catch (InvalidAlgorithmParameterException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -107,15 +104,15 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected boolean engineVerify(byte[] signature)
- throws XMLSignatureException {
-
+ throws XMLSignatureException {
try {
- if (log.isLoggable(java.util.logging.Level.FINE))
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature));
+ }
byte[] jcebytes = SignatureDSA.convertXMLDSIGtoASN1(signature);
- return this._signatureAlgorithm.verify(jcebytes);
+ return this.signatureAlgorithm.verify(jcebytes);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
} catch (IOException ex) {
@@ -127,32 +124,29 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
-
if (!(publicKey instanceof PublicKey)) {
String supplied = publicKey.getClass().getName();
String needed = PublicKey.class.getName();
Object exArgs[] = { supplied, needed };
- throw new XMLSignatureException
- ("algorithms.WrongKeyForThisOperation", exArgs);
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
- this._signatureAlgorithm.initVerify((PublicKey) publicKey);
+ this.signatureAlgorithm.initVerify((PublicKey) publicKey);
} catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
- Signature sig = this._signatureAlgorithm;
+ Signature sig = this.signatureAlgorithm;
try {
- this._signatureAlgorithm = Signature.getInstance
- (_signatureAlgorithm.getAlgorithm());
+ this.signatureAlgorithm = Signature.getInstance(signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
- this._signatureAlgorithm = sig;
+ this.signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
}
@@ -162,9 +156,8 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected byte[] engineSign() throws XMLSignatureException {
-
try {
- byte jcebytes[] = this._signatureAlgorithm.sign();
+ byte jcebytes[] = this.signatureAlgorithm.sign();
return SignatureDSA.convertASN1toXMLDSIG(jcebytes);
} catch (IOException ex) {
@@ -178,20 +171,17 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
- throws XMLSignatureException {
-
+ throws XMLSignatureException {
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
- throw new XMLSignatureException
- ("algorithms.WrongKeyForThisOperation", exArgs);
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
- this._signatureAlgorithm.initSign((PrivateKey) privateKey,
- secureRandom);
+ this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -201,18 +191,16 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
-
if (!(privateKey instanceof PrivateKey)) {
String supplied = privateKey.getClass().getName();
String needed = PrivateKey.class.getName();
Object exArgs[] = { supplied, needed };
- throw new XMLSignatureException
- ("algorithms.WrongKeyForThisOperation", exArgs);
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
}
try {
- this._signatureAlgorithm.initSign((PrivateKey) privateKey);
+ this.signatureAlgorithm.initSign((PrivateKey) privateKey);
} catch (InvalidKeyException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -223,7 +211,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
*/
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
- this._signatureAlgorithm.update(input);
+ this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -234,7 +222,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
*/
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
- this._signatureAlgorithm.update(input);
+ this.signatureAlgorithm.update(input);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -243,10 +231,9 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
/**
* @inheritDoc
*/
- protected void engineUpdate(byte buf[], int offset, int len)
- throws XMLSignatureException {
+ protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
try {
- this._signatureAlgorithm.update(buf, offset, len);
+ this.signatureAlgorithm.update(buf, offset, len);
} catch (SignatureException ex) {
throw new XMLSignatureException("empty", ex);
}
@@ -258,7 +245,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected String engineGetJCEAlgorithmString() {
- return this._signatureAlgorithm.getAlgorithm();
+ return this.signatureAlgorithm.getAlgorithm();
}
/**
@@ -267,7 +254,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @inheritDoc
*/
protected String engineGetJCEProviderName() {
- return this._signatureAlgorithm.getProvider().getName();
+ return this.signatureAlgorithm.getProvider().getName();
}
/**
@@ -282,8 +269,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @throws IOException
* @see 6.4.1 DSA
*/
- private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
- throws IOException {
+ private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) throws IOException {
byte rLength = asn1Bytes[3];
int i;
@@ -294,19 +280,18 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
int j;
for (j = sLength;
- (j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--);
+ (j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--);
if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2)
- || (asn1Bytes[2] != 2) || (i > 20)
- || (asn1Bytes[4 + rLength] != 2) || (j > 20)) {
+ || (asn1Bytes[2] != 2) || (i > 20)
+ || (asn1Bytes[4 + rLength] != 2) || (j > 20)) {
throw new IOException("Invalid ASN.1 format of DSA signature");
}
byte xmldsigBytes[] = new byte[40];
- System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i,
- i);
+ System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i, i);
System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes,
- 40 - j, j);
+ 40 - j, j);
return xmldsigBytes;
}
@@ -323,8 +308,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @throws IOException
* @see 6.4.1 DSA
*/
- private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[])
- throws IOException {
+ private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) throws IOException {
if (xmldsigBytes.length != 40) {
throw new IOException("Invalid XMLDSIG format of DSA signature");
@@ -337,7 +321,7 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
int j = i;
if (xmldsigBytes[20 - i] < 0) {
- j += 1;
+ j += 1;
}
int k;
@@ -373,10 +357,8 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @param HMACOutputLength
* @throws XMLSignatureException
*/
- protected void engineSetHMACOutputLength(int HMACOutputLength)
- throws XMLSignatureException {
- throw new XMLSignatureException(
- "algorithms.HMACOutputLengthOnlyForHMAC");
+ protected void engineSetHMACOutputLength(int HMACOutputLength) throws XMLSignatureException {
+ throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
}
/**
@@ -387,9 +369,8 @@ public class SignatureDSA extends SignatureAlgorithmSpi {
* @throws XMLSignatureException
*/
protected void engineInitSign(
- Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
- throws XMLSignatureException {
- throw new XMLSignatureException(
- "algorithms.CannotUseAlgorithmParameterSpecOnDSA");
+ Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
+ ) throws XMLSignatureException {
+ throw new XMLSignatureException("algorithms.CannotUseAlgorithmParameterSpecOnDSA");
}
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java
index 18fdffe28fb..8da7a8c6e67 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java
@@ -2,26 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.algorithms.implementations;
-
-
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
@@ -40,345 +40,417 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
-
/**
*
- * @author $Author: mullan $
+ * @author $Author: raul $
+ * @author Alex Dupre
*/
public abstract class SignatureECDSA extends SignatureAlgorithmSpi {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(SignatureECDSA.class.getName());
/** @inheritDoc */
- public abstract String engineGetURI();
+ public abstract String engineGetURI();
- /** Field algorithm */
- private java.security.Signature _signatureAlgorithm = null;
+ /** Field algorithm */
+ private java.security.Signature signatureAlgorithm = null;
- /**
- * Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
- *
- * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
- * pairs; the XML Signature requires the core BigInteger values.
- *
- * @param asn1Bytes
- * @return the decode bytes
- *
- * @throws IOException
- * @see 6.4.1 DSA
- * @see 3.3. ECDSA Signatures
- */
- private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[])
- throws IOException {
+ /**
+ * Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value.
+ *
+ * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
+ * pairs; the XML Signature requires the core BigInteger values.
+ *
+ * @param asn1Bytes
+ * @return the decode bytes
+ *
+ * @throws IOException
+ * @see 6.4.1 DSA
+ * @see 3.3. ECDSA Signatures
+ */
+ public static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) throws IOException {
- byte rLength = asn1Bytes[3];
- int i;
-
- for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--);
-
- byte sLength = asn1Bytes[5 + rLength];
- int j;
-
- for (j = sLength;
- (j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--);
-
- if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2)
- || (asn1Bytes[2] != 2) || (i > 24)
- || (asn1Bytes[4 + rLength] != 2) || (j > 24)) {
- throw new IOException("Invalid ASN.1 format of ECDSA signature");
- }
- byte xmldsigBytes[] = new byte[48];
-
- System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 24 - i,
- i);
- System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes,
- 48 - j, j);
-
- return xmldsigBytes;
- }
-
- /**
- * Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
- *
- * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
- * pairs; the XML Signature requires the core BigInteger values.
- *
- * @param xmldsigBytes
- * @return the encoded ASN.1 bytes
- *
- * @throws IOException
- * @see 6.4.1 DSA
- * @see 3.3. ECDSA Signatures
- */
- private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[])
- throws IOException {
-
- if (xmldsigBytes.length != 48) {
- throw new IOException("Invalid XMLDSIG format of ECDSA signature");
- }
-
- int i;
-
- for (i = 24; (i > 0) && (xmldsigBytes[24 - i] == 0); i--);
-
- int j = i;
-
- if (xmldsigBytes[24 - i] < 0) {
- j += 1;
- }
-
- int k;
-
- for (k = 24; (k > 0) && (xmldsigBytes[48 - k] == 0); k--);
-
- int l = k;
-
- if (xmldsigBytes[48 - k] < 0) {
- l += 1;
- }
-
- byte asn1Bytes[] = new byte[6 + j + l];
-
- asn1Bytes[0] = 48;
- asn1Bytes[1] = (byte) (4 + j + l);
- asn1Bytes[2] = 2;
- asn1Bytes[3] = (byte) j;
-
- System.arraycopy(xmldsigBytes, 24 - i, asn1Bytes, (4 + j) - i, i);
-
- asn1Bytes[4 + j] = 2;
- asn1Bytes[5 + j] = (byte) l;
-
- System.arraycopy(xmldsigBytes, 48 - k, asn1Bytes, (6 + j + l) - k, k);
-
- return asn1Bytes;
- }
-
- /**
- * Constructor SignatureRSA
- *
- * @throws XMLSignatureException
- */
- public SignatureECDSA() throws XMLSignatureException {
-
- String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
-
- if (log.isLoggable(java.util.logging.Level.FINE))
- log.log(java.util.logging.Level.FINE, "Created SignatureECDSA using " + algorithmID);
- String provider=JCEMapper.getProviderId();
- try {
- if (provider==null) {
- this._signatureAlgorithm = Signature.getInstance(algorithmID);
- } else {
- this._signatureAlgorithm = Signature.getInstance(algorithmID,provider);
- }
- } catch (java.security.NoSuchAlgorithmException ex) {
- Object[] exArgs = { algorithmID,
- ex.getLocalizedMessage() };
-
- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
- } catch (NoSuchProviderException ex) {
- Object[] exArgs = { algorithmID,
- ex.getLocalizedMessage() };
-
- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
+ if (asn1Bytes.length < 8 || asn1Bytes[0] != 48) {
+ throw new IOException("Invalid ASN.1 format of ECDSA signature");
+ }
+ int offset;
+ if (asn1Bytes[1] > 0) {
+ offset = 2;
+ } else if (asn1Bytes[1] == (byte) 0x81) {
+ offset = 3;
+ } else {
+ throw new IOException("Invalid ASN.1 format of ECDSA signature");
}
- }
- /** @inheritDoc */
- protected void engineSetParameter(AlgorithmParameterSpec params)
- throws XMLSignatureException {
+ byte rLength = asn1Bytes[offset + 1];
+ int i;
- try {
- this._signatureAlgorithm.setParameter(params);
- } catch (InvalidAlgorithmParameterException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ for (i = rLength; (i > 0) && (asn1Bytes[(offset + 2 + rLength) - i] == 0); i--);
- /** @inheritDoc */
- protected boolean engineVerify(byte[] signature)
- throws XMLSignatureException {
+ byte sLength = asn1Bytes[offset + 2 + rLength + 1];
+ int j;
- try {
- byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature);
+ for (j = sLength;
+ (j > 0) && (asn1Bytes[(offset + 2 + rLength + 2 + sLength) - j] == 0); j--);
- if (log.isLoggable(java.util.logging.Level.FINE))
- log.log(java.util.logging.Level.FINE, "Called ECDSA.verify() on " + Base64.encode(signature));
+ int rawLen = Math.max(i, j);
- return this._signatureAlgorithm.verify(jcebytes);
- } catch (SignatureException ex) {
- throw new XMLSignatureException("empty", ex);
- } catch (IOException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ if ((asn1Bytes[offset - 1] & 0xff) != asn1Bytes.length - offset
+ || (asn1Bytes[offset - 1] & 0xff) != 2 + rLength + 2 + sLength
+ || asn1Bytes[offset] != 2
+ || asn1Bytes[offset + 2 + rLength] != 2) {
+ throw new IOException("Invalid ASN.1 format of ECDSA signature");
+ }
+ byte xmldsigBytes[] = new byte[2*rawLen];
- /** @inheritDoc */
- protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
+ System.arraycopy(asn1Bytes, (offset + 2 + rLength) - i, xmldsigBytes, rawLen - i, i);
+ System.arraycopy(asn1Bytes, (offset + 2 + rLength + 2 + sLength) - j, xmldsigBytes,
+ 2*rawLen - j, j);
- if (!(publicKey instanceof PublicKey)) {
- String supplied = publicKey.getClass().getName();
- String needed = PublicKey.class.getName();
- Object exArgs[] = { supplied, needed };
+ return xmldsigBytes;
+ }
- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
- exArgs);
- }
+ /**
+ * Converts a XML Signature ECDSA Value to an ASN.1 DSA value.
+ *
+ * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value
+ * pairs; the XML Signature requires the core BigInteger values.
+ *
+ * @param xmldsigBytes
+ * @return the encoded ASN.1 bytes
+ *
+ * @throws IOException
+ * @see 6.4.1 DSA
+ * @see 3.3. ECDSA Signatures
+ */
+ public static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) throws IOException {
- try {
- this._signatureAlgorithm.initVerify((PublicKey) publicKey);
- } catch (InvalidKeyException ex) {
+ int rawLen = xmldsigBytes.length/2;
+
+ int i;
+
+ for (i = rawLen; (i > 0) && (xmldsigBytes[rawLen - i] == 0); i--);
+
+ int j = i;
+
+ if (xmldsigBytes[rawLen - i] < 0) {
+ j += 1;
+ }
+
+ int k;
+
+ for (k = rawLen; (k > 0) && (xmldsigBytes[2*rawLen - k] == 0); k--);
+
+ int l = k;
+
+ if (xmldsigBytes[2*rawLen - k] < 0) {
+ l += 1;
+ }
+
+ int len = 2 + j + 2 + l;
+ if (len > 255) {
+ throw new IOException("Invalid XMLDSIG format of ECDSA signature");
+ }
+ int offset;
+ byte asn1Bytes[];
+ if (len < 128) {
+ asn1Bytes = new byte[2 + 2 + j + 2 + l];
+ offset = 1;
+ } else {
+ asn1Bytes = new byte[3 + 2 + j + 2 + l];
+ asn1Bytes[1] = (byte) 0x81;
+ offset = 2;
+ }
+ asn1Bytes[0] = 48;
+ asn1Bytes[offset++] = (byte) len;
+ asn1Bytes[offset++] = 2;
+ asn1Bytes[offset++] = (byte) j;
+
+ System.arraycopy(xmldsigBytes, rawLen - i, asn1Bytes, (offset + j) - i, i);
+
+ offset += j;
+
+ asn1Bytes[offset++] = 2;
+ asn1Bytes[offset++] = (byte) l;
+
+ System.arraycopy(xmldsigBytes, 2*rawLen - k, asn1Bytes, (offset + l) - k, k);
+
+ return asn1Bytes;
+ }
+
+ /**
+ * Constructor SignatureRSA
+ *
+ * @throws XMLSignatureException
+ */
+ public SignatureECDSA() throws XMLSignatureException {
+
+ String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI());
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Created SignatureECDSA using " + algorithmID);
+ }
+ String provider = JCEMapper.getProviderId();
+ try {
+ if (provider == null) {
+ this.signatureAlgorithm = Signature.getInstance(algorithmID);
+ } else {
+ this.signatureAlgorithm = Signature.getInstance(algorithmID,provider);
+ }
+ } catch (java.security.NoSuchAlgorithmException ex) {
+ Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
+
+ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
+ } catch (NoSuchProviderException ex) {
+ Object[] exArgs = { algorithmID, ex.getLocalizedMessage() };
+
+ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs);
+ }
+ }
+
+ /** @inheritDoc */
+ protected void engineSetParameter(AlgorithmParameterSpec params)
+ throws XMLSignatureException {
+ try {
+ this.signatureAlgorithm.setParameter(params);
+ } catch (InvalidAlgorithmParameterException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
+
+ /** @inheritDoc */
+ protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
+ try {
+ byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature);
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Called ECDSA.verify() on " + Base64.encode(signature));
+ }
+
+ return this.signatureAlgorithm.verify(jcebytes);
+ } catch (SignatureException ex) {
+ throw new XMLSignatureException("empty", ex);
+ } catch (IOException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
+
+ /** @inheritDoc */
+ protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
+
+ if (!(publicKey instanceof PublicKey)) {
+ String supplied = publicKey.getClass().getName();
+ String needed = PublicKey.class.getName();
+ Object exArgs[] = { supplied, needed };
+
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
+ }
+
+ try {
+ this.signatureAlgorithm.initVerify((PublicKey) publicKey);
+ } catch (InvalidKeyException ex) {
// reinstantiate Signature object to work around bug in JDK
// see: http://bugs.sun.com/view_bug.do?bug_id=4953555
- Signature sig = this._signatureAlgorithm;
+ Signature sig = this.signatureAlgorithm;
try {
- this._signatureAlgorithm = Signature.getInstance
- (_signatureAlgorithm.getAlgorithm());
+ this.signatureAlgorithm = Signature.getInstance(signatureAlgorithm.getAlgorithm());
} catch (Exception e) {
// this shouldn't occur, but if it does, restore previous
// Signature
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
}
- this._signatureAlgorithm = sig;
+ this.signatureAlgorithm = sig;
}
throw new XMLSignatureException("empty", ex);
- }
- }
+ }
+ }
- /** @inheritDoc */
- protected byte[] engineSign() throws XMLSignatureException {
+ /** @inheritDoc */
+ protected byte[] engineSign() throws XMLSignatureException {
+ try {
+ byte jcebytes[] = this.signatureAlgorithm.sign();
- try {
- byte jcebytes[] = this._signatureAlgorithm.sign();
+ return SignatureECDSA.convertASN1toXMLDSIG(jcebytes);
+ } catch (SignatureException ex) {
+ throw new XMLSignatureException("empty", ex);
+ } catch (IOException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- return SignatureECDSA.convertASN1toXMLDSIG(jcebytes);
- } catch (SignatureException ex) {
- throw new XMLSignatureException("empty", ex);
- } catch (IOException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /** @inheritDoc */
+ protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
+ throws XMLSignatureException {
+ if (!(privateKey instanceof PrivateKey)) {
+ String supplied = privateKey.getClass().getName();
+ String needed = PrivateKey.class.getName();
+ Object exArgs[] = { supplied, needed };
- /** @inheritDoc */
- protected void engineInitSign(Key privateKey, SecureRandom secureRandom)
- throws XMLSignatureException {
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
+ }
- if (!(privateKey instanceof PrivateKey)) {
- String supplied = privateKey.getClass().getName();
- String needed = PrivateKey.class.getName();
- Object exArgs[] = { supplied, needed };
+ try {
+ this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom);
+ } catch (InvalidKeyException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
- exArgs);
- }
+ /** @inheritDoc */
+ protected void engineInitSign(Key privateKey) throws XMLSignatureException {
+ if (!(privateKey instanceof PrivateKey)) {
+ String supplied = privateKey.getClass().getName();
+ String needed = PrivateKey.class.getName();
+ Object exArgs[] = { supplied, needed };
- try {
- this._signatureAlgorithm.initSign((PrivateKey) privateKey,
- secureRandom);
- } catch (InvalidKeyException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
+ }
- /** @inheritDoc */
- protected void engineInitSign(Key privateKey) throws XMLSignatureException {
+ try {
+ this.signatureAlgorithm.initSign((PrivateKey) privateKey);
+ } catch (InvalidKeyException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- if (!(privateKey instanceof PrivateKey)) {
- String supplied = privateKey.getClass().getName();
- String needed = PrivateKey.class.getName();
- Object exArgs[] = { supplied, needed };
+ /** @inheritDoc */
+ protected void engineUpdate(byte[] input) throws XMLSignatureException {
+ try {
+ this.signatureAlgorithm.update(input);
+ } catch (SignatureException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation",
- exArgs);
- }
+ /** @inheritDoc */
+ protected void engineUpdate(byte input) throws XMLSignatureException {
+ try {
+ this.signatureAlgorithm.update(input);
+ } catch (SignatureException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- try {
- this._signatureAlgorithm.initSign((PrivateKey) privateKey);
- } catch (InvalidKeyException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /** @inheritDoc */
+ protected void engineUpdate(byte buf[], int offset, int len) throws XMLSignatureException {
+ try {
+ this.signatureAlgorithm.update(buf, offset, len);
+ } catch (SignatureException ex) {
+ throw new XMLSignatureException("empty", ex);
+ }
+ }
- /** @inheritDoc */
- protected void engineUpdate(byte[] input) throws XMLSignatureException {
+ /** @inheritDoc */
+ protected String engineGetJCEAlgorithmString() {
+ return this.signatureAlgorithm.getAlgorithm();
+ }
- try {
- this._signatureAlgorithm.update(input);
- } catch (SignatureException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /** @inheritDoc */
+ protected String engineGetJCEProviderName() {
+ return this.signatureAlgorithm.getProvider().getName();
+ }
- /** @inheritDoc */
- protected void engineUpdate(byte input) throws XMLSignatureException {
+ /** @inheritDoc */
+ protected void engineSetHMACOutputLength(int HMACOutputLength)
+ throws XMLSignatureException {
+ throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
+ }
- try {
- this._signatureAlgorithm.update(input);
- } catch (SignatureException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /** @inheritDoc */
+ protected void engineInitSign(
+ Key signingKey, AlgorithmParameterSpec algorithmParameterSpec
+ ) throws XMLSignatureException {
+ throw new XMLSignatureException("algorithms.CannotUseAlgorithmParameterSpecOnRSA");
+ }
- /** @inheritDoc */
- protected void engineUpdate(byte buf[], int offset, int len)
- throws XMLSignatureException {
+ /**
+ * Class SignatureRSASHA1
+ *
+ * @author $Author: marcx $
+ */
+ public static class SignatureECDSASHA1 extends SignatureECDSA {
+ /**
+ * Constructor SignatureRSASHA1
+ *
+ * @throws XMLSignatureException
+ */
+ public SignatureECDSASHA1() throws XMLSignatureException {
+ super();
+ }
- try {
- this._signatureAlgorithm.update(buf, offset, len);
- } catch (SignatureException ex) {
- throw new XMLSignatureException("empty", ex);
- }
- }
+ /** @inheritDoc */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1;
+ }
+ }
- /** @inheritDoc */
- protected String engineGetJCEAlgorithmString() {
- return this._signatureAlgorithm.getAlgorithm();
- }
+ /**
+ * Class SignatureRSASHA256
+ *
+ * @author Alex Dupre
+ */
+ public static class SignatureECDSASHA256 extends SignatureECDSA {
- /** @inheritDoc */
- protected String engineGetJCEProviderName() {
- return this._signatureAlgorithm.getProvider().getName();
- }
+ /**
+ * Constructor SignatureRSASHA256
+ *
+ * @throws XMLSignatureException
+ */
+ public SignatureECDSASHA256() throws XMLSignatureException {
+ super();
+ }
- /** @inheritDoc */
- protected void engineSetHMACOutputLength(int HMACOutputLength)
- throws XMLSignatureException {
- throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC");
- }
+ /** @inheritDoc */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256;
+ }
+ }
- /** @inheritDoc */
- protected void engineInitSign(
- Key signingKey, AlgorithmParameterSpec algorithmParameterSpec)
- throws XMLSignatureException {
- throw new XMLSignatureException(
- "algorithms.CannotUseAlgorithmParameterSpecOnRSA");
- }
+ /**
+ * Class SignatureRSASHA384
+ *
+ * @author Alex Dupre
+ */
+ public static class SignatureECDSASHA384 extends SignatureECDSA {
- /**
- * Class SignatureRSASHA1
- *
- * @author $Author: mullan $
- * @version $Revision: 1.2 $
- */
- public static class SignatureECDSASHA1 extends SignatureECDSA {
+ /**
+ * Constructor SignatureRSASHA384
+ *
+ * @throws XMLSignatureException
+ */
+ public SignatureECDSASHA384() throws XMLSignatureException {
+ super();
+ }
- /**
- * Constructor SignatureRSASHA1
- *
- * @throws XMLSignatureException
- */
- public SignatureECDSASHA1() throws XMLSignatureException {
- super();
- }
+ /** @inheritDoc */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384;
+ }
+ }
- /** @inheritDoc */
- public String engineGetURI() {
- return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1;
- }
- }
+ /**
+ * Class SignatureRSASHA512
+ *
+ * @author Alex Dupre
+ */
+ public static class SignatureECDSASHA512 extends SignatureECDSA {
+
+ /**
+ * Constructor SignatureRSASHA512
+ *
+ * @throws XMLSignatureException
+ */
+ public SignatureECDSASHA512() throws XMLSignatureException {
+ super();
+ }
+
+ /** @inheritDoc */
+ public String engineGetURI() {
+ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512;
+ }
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
index 36c98cfe790..aae62133dcc 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
@@ -2,29 +2,28 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.c14n;
-
-
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
-
/**
* Class CanonicalizationException
*
@@ -32,57 +31,58 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
*/
public class CanonicalizationException extends XMLSecurityException {
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
- /**
- * Constructor CanonicalizationException
- *
- */
- public CanonicalizationException() {
- super();
- }
+ /**
+ * Constructor CanonicalizationException
+ *
+ */
+ public CanonicalizationException() {
+ super();
+ }
- /**
- * Constructor CanonicalizationException
- *
- * @param _msgID
- */
- public CanonicalizationException(String _msgID) {
- super(_msgID);
- }
+ /**
+ * Constructor CanonicalizationException
+ *
+ * @param msgID
+ */
+ public CanonicalizationException(String msgID) {
+ super(msgID);
+ }
- /**
- * Constructor CanonicalizationException
- *
- * @param _msgID
- * @param exArgs
- */
- public CanonicalizationException(String _msgID, Object exArgs[]) {
- super(_msgID, exArgs);
- }
+ /**
+ * Constructor CanonicalizationException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public CanonicalizationException(String msgID, Object exArgs[]) {
+ super(msgID, exArgs);
+ }
- /**
- * Constructor CanonicalizationException
- *
- * @param _msgID
- * @param _originalException
- */
- public CanonicalizationException(String _msgID, Exception _originalException) {
- super(_msgID, _originalException);
- }
+ /**
+ * Constructor CanonicalizationException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public CanonicalizationException(String msgID, Exception originalException) {
+ super(msgID, originalException);
+ }
- /**
- * Constructor CanonicalizationException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public CanonicalizationException(String _msgID, Object exArgs[],
- Exception _originalException) {
- super(_msgID, exArgs, _originalException);
- }
+ /**
+ * Constructor CanonicalizationException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public CanonicalizationException(
+ String msgID, Object exArgs[], Exception originalException
+ ) {
+ super(msgID, exArgs, originalException);
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
index db1d4c261b7..2f0b31f5ed4 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
@@ -39,6 +39,7 @@ import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicaliz
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments;
+import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
@@ -91,6 +92,11 @@ public class Canonicalizer {
*/
public static final String ALGO_ID_C14N11_WITH_COMMENTS =
ALGO_ID_C14N11_OMIT_COMMENTS + "#WithComments";
+ /**
+ * Non-standard algorithm to serialize the physical representation for XML Encryption
+ */
+ public static final String ALGO_ID_C14N_PHYSICAL =
+ "http://santuario.apache.org/c14n/physical";
private static Map&<"#x9, #xA, and #xD, with character
- * references. The character references are written in uppercase
- * hexadecimal with no leading zeroes (for example, #xD is represented
- * by the character reference 
)&<"#x9, #xA, and #xD, with character
+ * references. The character references are written in uppercase
+ * hexadecimal with no leading zeroes (for example, #xD is represented
+ * by the character reference 
)Strings into Nodes and visa versa.
+ *
+ * An abstract class for common Serializer functionality
+ */
+public abstract class AbstractSerializer implements Serializer {
+
+ protected Canonicalizer canon;
+
+ public void setCanonicalizer(Canonicalizer canon) {
+ this.canon = canon;
+ }
+
+ /**
+ * Returns a String representation of the specified
+ * Element.
+ *
+ * Refer also to comments about setup of format.
+ *
+ * @param element the Element to serialize.
+ * @return the String representation of the serilaized
+ * Element.
+ * @throws Exception
+ */
+ public String serialize(Element element) throws Exception {
+ return canonSerialize(element);
+ }
+
+ /**
+ * Returns a byte[] representation of the specified
+ * Element.
+ *
+ * @param element the Element to serialize.
+ * @return the byte[] representation of the serilaized
+ * Element.
+ * @throws Exception
+ */
+ public byte[] serializeToByteArray(Element element) throws Exception {
+ return canonSerializeToByteArray(element);
+ }
+
+ /**
+ * Returns a String representation of the specified
+ * NodeList.
+ *
+ * This is a special case because the NodeList may represent a
+ * DocumentFragment. A document fragment may be a
+ * non-valid XML document (refer to appropriate description of
+ * W3C) because it my start with a non-element node, e.g. a text
+ * node.
+ *
+ * The methods first converts the node list into a document fragment.
+ * Special care is taken to not destroy the current document, thus
+ * the method clones the nodes (deep cloning) before it appends
+ * them to the document fragment.
+ *
+ * Refer also to comments about setup of format.
+ *
+ * @param content the NodeList to serialize.
+ * @return the String representation of the serialized
+ * NodeList.
+ * @throws Exception
+ */
+ public String serialize(NodeList content) throws Exception {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ canon.setWriter(baos);
+ canon.notReset();
+ for (int i = 0; i < content.getLength(); i++) {
+ canon.canonicalizeSubtree(content.item(i));
+ }
+ String ret = baos.toString("UTF-8");
+ baos.reset();
+ return ret;
+ }
+
+ /**
+ * Returns a byte[] representation of the specified
+ * NodeList.
+ *
+ * @param content the NodeList to serialize.
+ * @return the byte[] representation of the serialized
+ * NodeList.
+ * @throws Exception
+ */
+ public byte[] serializeToByteArray(NodeList content) throws Exception {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ canon.setWriter(baos);
+ canon.notReset();
+ for (int i = 0; i < content.getLength(); i++) {
+ canon.canonicalizeSubtree(content.item(i));
+ }
+ return baos.toByteArray();
+ }
+
+ /**
+ * Use the Canonicalizer to serialize the node
+ * @param node
+ * @return the canonicalization of the node
+ * @throws Exception
+ */
+ public String canonSerialize(Node node) throws Exception {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ canon.setWriter(baos);
+ canon.notReset();
+ canon.canonicalizeSubtree(node);
+ String ret = baos.toString("UTF-8");
+ baos.reset();
+ return ret;
+ }
+
+ /**
+ * Use the Canonicalizer to serialize the node
+ * @param node
+ * @return the (byte[]) canonicalization of the node
+ * @throws Exception
+ */
+ public byte[] canonSerializeToByteArray(Node node) throws Exception {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ canon.setWriter(baos);
+ canon.notReset();
+ canon.canonicalizeSubtree(node);
+ return baos.toByteArray();
+ }
+
+ /**
+ * @param source
+ * @param ctx
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ public abstract Node deserialize(String source, Node ctx) throws XMLEncryptionException;
+
+ /**
+ * @param source
+ * @param ctx
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ public abstract Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
+
+ protected static byte[] createContext(byte[] source, Node ctx) throws XMLEncryptionException {
+ // Create the context to parse the document against
+ ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
+ try {
+ OutputStreamWriter outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, "UTF-8");
+ outputStreamWriter.write("byte array.
- * @return
+ * Returns a byte array.
+ * @return a byte array.
*/
byte[] getKANonce();
@@ -92,8 +93,8 @@ public interface AgreementMethod {
void setKANonce(byte[] kanonce);
/**
- * Returns aditional information regarding the AgreementMethod.
- * @return
+ * Returns additional information regarding the AgreementMethod.
+ * @return additional information regarding the AgreementMethod.
*/
IteratorCipherData provides encrypted data. It must either contain the
* encrypted octet sequence as base64 encoded text of the
@@ -42,10 +43,12 @@ package com.sun.org.apache.xml.internal.security.encryption;
* @author Axl Mattheus
*/
public interface CipherData {
+
/** VALUE_TYPE ASN */
- public static final int VALUE_TYPE = 0x00000001;
+ int VALUE_TYPE = 0x00000001;
+
/** REFERENCE_TYPE ASN */
- public static final int REFERENCE_TYPE = 0x00000002;
+ int REFERENCE_TYPE = 0x00000002;
/**
* Returns the type of encrypted data contained in the
@@ -76,18 +79,17 @@ public interface CipherData {
* Returns a reference to an external location containing the encrypted
* octet sequence (byte array).
*
- * @return the reference to an external location containing the enctrypted
- * octet sequence.
+ * @return the reference to an external location containing the encrypted
+ * octet sequence.
*/
CipherReference getCipherReference();
/**
* Sets the CipherData's reference.
*
- * @param reference an external location containing the enctrypted octet
- * sequence.
+ * @param reference an external location containing the encrypted octet sequence.
* @throws XMLEncryptionException
*/
- void setCipherReference(CipherReference reference) throws
- XMLEncryptionException;
+ void setCipherReference(CipherReference reference) throws XMLEncryptionException;
}
+
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java
index 1610741193f..75b0dcb7971 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java
@@ -2,34 +2,34 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
import org.w3c.dom.Attr;
-
/**
* CipherReference identifies a source which, when processed,
* yields the encrypted octet sequence.
*
* The actual value is obtained as follows. The
@@ -40,36 +39,12 @@ package com.sun.org.apache.xml.internal.security.encryption;
*/
public interface Transforms {
/**
- * Returns an
+ * Note This will be removed in future versions
*/
- /* Iterator getTransforms(); */
-
- /**
- * Adds a
- * Note This will be removed in future versions
- * @return
- */
-
- com.sun.org.apache.xml.internal.security.transforms.Transforms getDSTransforms();
+ com.sun.org.apache.xml.internal.security.transforms.Transforms getDSTransforms();
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
index 8177cf34546..81d79b040cf 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
@@ -2,57 +2,62 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import java.io.IOException;
-import java.io.StringReader;
import java.io.UnsupportedEncodingException;
+import java.net.URI;
+import java.net.URISyntaxException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
+import java.security.SecureRandom;
+import java.security.spec.MGF1ParameterSpec;
+import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
+import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
-import javax.xml.XMLConstants;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
+import javax.crypto.spec.OAEPParameterSpec;
+import javax.crypto.spec.PSource;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.MessageDigestAlgorithm;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException;
+import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.KeyInfo;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.EncryptedKeyResolver;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.transforms.InvalidTransformException;
@@ -62,17 +67,11 @@ import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy;
import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
-import com.sun.org.apache.xml.internal.utils.URI;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
-import org.w3c.dom.DocumentFragment;
import org.w3c.dom.Element;
-import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import org.xml.sax.InputSource;
-import org.xml.sax.SAXException;
-
/**
*
* NOTE1: The transformation name does not follow the same
- * pattern as that oulined in the Java Cryptography Extension Reference
+ * pattern as that outlined in the Java Cryptography Extension Reference
* Guide but rather that specified by the XML Encryption Syntax and
* Processing document. The rational behind this is to make it easier for a
* novice at writing Java Encryption software to use the library.
@@ -257,7 +386,7 @@ public class XMLCipher {
* same pattern regarding exceptional conditions as that used in
*
- *
- * @param transformation the name of the transformation, e.g.,
- *
+ *
+ * @param transformation the name of the transformation
+ * @param canon the name of the c14n algorithm, if
+ *
+ * @param transformation the name of the transformation
+ * @param canon the name of the c14n algorithm, if
- *
- * @param transformation the name of the transformation, e.g.,
- *
+ *
+ * @param transformation the name of the transformation
+ * @param provider the JCE provider that supplies the transformation
+ * @param canon the name of the c14n algorithm, if
+ * Returns the EncryptedData being built during an ENCRYPT operation.
+ * This can then be used by applications to add KeyInfo elements and
+ * set other parameters.
+ *
+ * @return The EncryptedData being built
+ */
+ public EncryptedData getEncryptedData() {
+ // Sanity checks
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Returning EncryptedData");
}
+ return ed;
+ }
- /**
- * Set a Key Encryption Key.
- *
- * The Key Encryption Key (KEK) is used for encrypting/decrypting
- * EncryptedKey elements. By setting this separately, the XMLCipher
- * class can know whether a key applies to the data part or wrapped key
- * part of an encrypted object.
- *
- * @param kek The key to use for de/encrypting key data
- */
-
- public void setKEK(Key kek) {
-
- _kek = kek;
-
+ /**
+ * Get the EncryptedData being build
+ *
+ * Returns the EncryptedData being built during an ENCRYPT operation.
+ * This can then be used by applications to add KeyInfo elements and
+ * set other parameters.
+ *
+ * @return The EncryptedData being built
+ */
+ public EncryptedKey getEncryptedKey() {
+ // Sanity checks
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Returning EncryptedKey");
}
+ return ek;
+ }
- /**
- * Martial an EncryptedData
- *
- * Takes an EncryptedData object and returns a DOM Element that
- * represents the appropriate
- * Note: This should only be used in cases where the context
- * document has been passed in via a call to doFinal.
- *
- * @param encryptedData EncryptedData object to martial
- * @return the DOM
+ * The Key Encryption Key (KEK) is used for encrypting/decrypting
+ * EncryptedKey elements. By setting this separately, the XMLCipher
+ * class can know whether a key applies to the data part or wrapped key
+ * part of an encrypted object.
+ *
+ * @param kek The key to use for de/encrypting key data
*/
- public Element martial(EncryptedData encryptedData) {
+ public void setKEK(Key kek) {
+ this.kek = kek;
+ }
- return (_factory.toElement (encryptedData));
+ /**
+ * Martial an EncryptedData
+ *
+ * Takes an EncryptedData object and returns a DOM Element that
+ * represents the appropriate
+ * Note: This should only be used in cases where the context
+ * document has been passed in via a call to doFinal.
+ *
+ * @param encryptedData EncryptedData object to martial
+ * @return the DOM
- * Note: This should only be used in cases where the context
- * document has been passed in via a call to doFinal.
- *
- * @param encryptedKey EncryptedKey object to martial
- * @return the DOM
+ * Note: This should only be used in cases where the context
+ * document has been passed in via a call to doFinal.
+ *
+ * @param encryptedKey EncryptedKey object to martial
+ * @return the DOM
+ * Note: This should only be used in cases where the context
+ * document has been passed in via a call to doFinal.
+ *
+ * @param referenceList ReferenceList object to martial
+ * @return the DOM
- * An EncryptionMethod will still need to be added however
- *
- * @param type Either REFERENCE_TYPE or VALUE_TYPE - defines what kind of
- * CipherData this EncryptedData will contain.
+ * The newEncryptedData and newEncryptedKey methods create fairly complete
+ * elements that are immediately useable. All the other create* methods
+ * return bare elements that still need to be built upon.
+ *
+ * An EncryptionMethod will still need to be added however
+ *
+ * @param type Either REFERENCE_TYPE or VALUE_TYPE - defines what kind of
+ * CipherData this EncryptedData will contain.
* @param value the Base 64 encoded, encrypted text to wrap in the
*
- * An EncryptionMethod will still need to be added however
- *
- * @param type Either REFERENCE_TYPE or VALUE_TYPE - defines what kind of
- * CipherData this EncryptedData will contain.
+ * The newEncryptedData and newEncryptedKey methods create fairly complete
+ * elements that are immediately useable. All the other create* methods
+ * return bare elements that still need to be built upon.
+ *
+ * An EncryptionMethod will still need to be added however
+ *
+ * @param type Either REFERENCE_TYPE or VALUE_TYPE - defines what kind of
+ * CipherData this EncryptedData will contain.
* @param value the Base 64 encoded, encrypted text to wrap in the
*
- * Note: A context document must have been set
- * elsewhere (possibly via a call to doFinal). If not, use the
- * createTransforms(Document) method.
- * @return
- */
-
- public Transforms createTransforms() {
- return (_factory.newTransforms());
- }
-
- /**
- * Create a new Transforms object
- *
- * Because the handling of Transforms is currently done in the signature
- * code, the creation of a Transforms object requires a
- * context document.
- *
- * @param doc Document that will own the created Transforms node
- * @return
- */
- public Transforms createTransforms(Document doc) {
- return (_factory.newTransforms(doc));
- }
-
/**
- * Converts
- * NOTE: For internal use only.
+ * Create an AgreementMethod object
*
- * @author Axl Mattheus
+ * @param algorithm Algorithm of the agreement method
+ * @return a new
+ * Note: A context document must have been set
+ * elsewhere (possibly via a call to doFinal). If not, use the
+ * createTransforms(Document) method.
+ * @return a new CipherReference URI
* contains an identifier that is dereferenced. Should the
- * CipherReference element contain an OPTIONAL sequence of
* Transforms, the data resulting from dereferencing the URI is
* transformed as specified so as to yield the intended cipher value. For
* example, if the value is base64 encoded within an XML document; the
@@ -62,20 +62,21 @@ public interface CipherReference {
/**
* Returns an URI that contains an identifier that should be
* dereferenced.
- * @return
+ * @return an URI that contains an identifier that should be
+ * dereferenced.
*/
String getURI();
- /**
- * Gets the URI as an Attribute node. Used to meld the CipherREference
- * with the XMLSignature ResourceResolvers
- * @return
- */
- public Attr getURIAsAttr();
+ /**
+ * Gets the URI as an Attribute node. Used to meld the CipherReference
+ * with the XMLSignature ResourceResolvers
+ * @return the URI as an Attribute node
+ */
+ Attr getURIAsAttr();
/**
* Returns the Transforms that specifies how to transform the
- * URI to yield the appropiate cipher value.
+ * URI to yield the appropriate cipher value.
*
* @return the transform that specifies how to transform the reference to
* yield the intended cipher value.
@@ -84,10 +85,11 @@ public interface CipherReference {
/**
* Sets the Transforms that specifies how to transform the
- * URI to yield the appropiate cipher value.
+ * URI to yield the appropriate cipher value.
*
* @param transforms the set of Transforms that specifies how
* to transform the reference to yield the intended cipher value.
*/
void setTransforms(Transforms transforms);
}
+
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java
index 28486365d72..193aef8a908 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java
@@ -2,25 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
/**
* CipherValue is the wrapper for cipher text.
*
@@ -28,20 +29,18 @@ package com.sun.org.apache.xml.internal.security.encryption;
*/
public interface CipherValue {
/**
- * Resturns the Base 64 encoded, encrypted octets that is the
- * CihperValue.
+ * Returns the Base 64 encoded, encrypted octets that is the
+ * CipherValue.
*
* @return cipher value.
*/
- String getValue();
- // byte[] getValue();
+ String getValue();
/**
* Sets the Base 64 encoded, encrypted octets that is the
- * CihperValue.
+ * CipherValue.
*
* @param value the cipher value.
*/
- void setValue(String value);
- // void setValue(byte[] value);
+ void setValue(String value);
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/DocumentSerializer.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/DocumentSerializer.java
new file mode 100644
index 00000000000..f0ffb91f1c2
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/DocumentSerializer.java
@@ -0,0 +1,114 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.encryption;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.StringReader;
+
+import javax.xml.XMLConstants;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.DocumentFragment;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+
+/**
+ * Converts Strings into Nodes and visa versa.
+ */
+public class DocumentSerializer extends AbstractSerializer {
+
+ protected DocumentBuilderFactory dbf;
+
+ /**
+ * @param source
+ * @param ctx
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException {
+ byte[] fragment = createContext(source, ctx);
+ return deserialize(ctx, new InputSource(new ByteArrayInputStream(fragment)));
+ }
+
+ /**
+ * @param source
+ * @param ctx
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ public Node deserialize(String source, Node ctx) throws XMLEncryptionException {
+ String fragment = createContext(source, ctx);
+ return deserialize(ctx, new InputSource(new StringReader(fragment)));
+ }
+
+ /**
+ * @param ctx
+ * @param inputSource
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ private Node deserialize(Node ctx, InputSource inputSource) throws XMLEncryptionException {
+ try {
+ if (dbf == null) {
+ dbf = DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
+ dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
+ dbf.setValidating(false);
+ }
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ Document d = db.parse(inputSource);
+
+ Document contextDocument = null;
+ if (Node.DOCUMENT_NODE == ctx.getNodeType()) {
+ contextDocument = (Document)ctx;
+ } else {
+ contextDocument = ctx.getOwnerDocument();
+ }
+
+ Element fragElt =
+ (Element) contextDocument.importNode(d.getDocumentElement(), true);
+ DocumentFragment result = contextDocument.createDocumentFragment();
+ Node child = fragElt.getFirstChild();
+ while (child != null) {
+ fragElt.removeChild(child);
+ result.appendChild(child);
+ child = fragElt.getFirstChild();
+ }
+ return result;
+ } catch (SAXException se) {
+ throw new XMLEncryptionException("empty", se);
+ } catch (ParserConfigurationException pce) {
+ throw new XMLEncryptionException("empty", pce);
+ } catch (IOException ioe) {
+ throw new XMLEncryptionException("empty", ioe);
+ }
+ }
+
+}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java
index 79038a67cb5..c09eeceaa59 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java
@@ -2,25 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
/**
* The EncryptedData element is the core element in the syntax. Not
* only does its CipherData child contain the encrypted data, but
@@ -42,3 +43,4 @@ package com.sun.org.apache.xml.internal.security.encryption;
*/
public interface EncryptedData extends EncryptedType {
}
+
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java
index 9607917108b..05fafaf873b 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java
@@ -2,26 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
-
/**
* The EncryptedKey element is used to transport encryption keys
* from the originator to a known recipient(s). It may be used as a stand-alone
@@ -51,9 +51,9 @@ package com.sun.org.apache.xml.internal.security.encryption;
* @author Axl Mattheus
*/
public interface EncryptedKey extends EncryptedType {
+
/**
- * Returns a hint as to which recipient this encrypted key value is intended
- * for.
+ * Returns a hint as to which recipient this encrypted key value is intended for.
*
* @return the recipient of the EncryptedKey.
*/
@@ -110,3 +110,4 @@ public interface EncryptedKey extends EncryptedType {
*/
void setCarriedName(String name);
}
+
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java
index 17ffded82a5..61e7e51df9d 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java
@@ -2,28 +2,28 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
import com.sun.org.apache.xml.internal.security.keys.KeyInfo;
-
/**
* EncryptedType is the abstract type from which EncryptedData and
* EncryptedKey are derived. While these two latter element types
@@ -50,6 +50,7 @@ import com.sun.org.apache.xml.internal.security.keys.KeyInfo;
* @author Axl Mattheus
*/
public interface EncryptedType {
+
/**
* Returns a String providing for the standard method of
* assigning an id to the element within the document context.
@@ -61,7 +62,7 @@ public interface EncryptedType {
/**
* Sets the id.
*
- * @param id.
+ * @param id
*/
void setId(String id);
@@ -117,7 +118,7 @@ public interface EncryptedType {
void setMimeType(String type);
/**
- * Retusn an URI representing the encoding of the
+ * Return an URI representing the encoding of the
* EncryptedType.
*
* @return the encoding of this EncryptedType.
@@ -128,7 +129,7 @@ public interface EncryptedType {
* Sets the URI representing the encoding of the
* EncryptedType.
*
- * @param encoding.
+ * @param encoding
*/
void setEncoding(String encoding);
@@ -189,7 +190,8 @@ public interface EncryptedType {
* Sets the EncryptionProperties that supplies additional
* information about the generation of the EncryptedType.
*
- * @param properties.
+ * @param properties
*/
void setEncryptionProperties(EncryptionProperties properties);
}
+
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java
index 2664db9ae94..05c3cdc76cd 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java
@@ -2,29 +2,29 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
import java.util.Iterator;
import org.w3c.dom.Element;
-
/**
* EncryptionMethod describes the encryption algorithm applied to
* the cipher data. If the element is absent, the encryption algorithm must be
@@ -82,6 +82,30 @@ public interface EncryptionMethod {
*/
void setOAEPparams(byte[] parameters);
+ /**
+ * Set the Digest Algorithm to use
+ * @param digestAlgorithm the Digest Algorithm to use
+ */
+ void setDigestAlgorithm(String digestAlgorithm);
+
+ /**
+ * Get the Digest Algorithm to use
+ * @return the Digest Algorithm to use
+ */
+ String getDigestAlgorithm();
+
+ /**
+ * Set the MGF Algorithm to use
+ * @param mgfAlgorithm the MGF Algorithm to use
+ */
+ void setMGFAlgorithm(String mgfAlgorithm);
+
+ /**
+ * Get the MGF Algorithm to use
+ * @return the MGF Algorithm to use
+ */
+ String getMGFAlgorithm();
+
/**
* Returns an iterator over all the additional elements contained in the
* EncryptionMethod.
@@ -106,3 +130,4 @@ public interface EncryptionMethod {
*/
void removeEncryptionMethodInformation(Element information);
}
+
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java
index da1eb65d255..736d63f151a 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java
@@ -2,28 +2,28 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
import java.util.Iterator;
-
/**
* EncryptionProperties can hold additional information concerning
* the generation of the EncryptedData or
@@ -46,6 +46,7 @@ import java.util.Iterator;
* @author Axl Mattheus
*/
public interface EncryptionProperties {
+
/**
* Returns the EncryptionProperties' id.
*
@@ -72,14 +73,15 @@ public interface EncryptionProperties {
/**
* Adds an EncryptionProperty.
*
- * @param property.
+ * @param property
*/
void addEncryptionProperty(EncryptionProperty property);
/**
* Removes the specified EncryptionProperty.
*
- * @param property.
+ * @param property
*/
void removeEncryptionProperty(EncryptionProperty property);
}
+
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java
index 4cd6c4696cd..fc969018033 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java
@@ -2,25 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
import java.util.Iterator;
import org.w3c.dom.Element;
@@ -50,6 +51,7 @@ import org.w3c.dom.Element;
* @author Axl Mattheus
*/
public interface EncryptionProperty {
+
/**
* Returns the EncryptedType being described.
*
@@ -61,7 +63,7 @@ public interface EncryptionProperty {
/**
* Sets the target.
*
- * @param target.
+ * @param target
*/
void setTarget(String target);
@@ -75,7 +77,7 @@ public interface EncryptionProperty {
/**
* Sets the id.
*
- * @param id.
+ * @param id
*/
void setId(String id);
@@ -98,7 +100,7 @@ public interface EncryptionProperty {
/**
* Returns the properties of the EncryptionProperty.
*
- * @return an Iterator over all the addiitonal encryption
+ * @return an Iterator over all the additional encryption
* information contained in this class.
*/
IteratorEncryptedKey to
* items encrypted by that key value (EncryptedData or
@@ -44,6 +44,13 @@ import org.w3c.dom.Element;
* @see ReferenceList
*/
public interface Reference {
+ /**
+ * Returns the Element tag name for this Reference.
+ *
+ * @return the tag name of this Reference.
+ */
+ String getType();
+
/**
* Returns a URI that points to an Element that
* were encrypted using the key defined in the enclosing
@@ -79,14 +86,14 @@ public interface Reference {
/**
* Adds retrieval information.
*
- * @param info.
+ * @param info
*/
void addElementRetrievalInformation(Element info);
/**
* Removes the specified retrieval information.
*
- * @param info.
+ * @param info
*/
void removeElementRetrievalInformation(Element info);
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java
index 2cf0ec5ed44..73d46a2f0b9 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java
@@ -2,28 +2,28 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
import java.util.Iterator;
-
/**
* ReferenceList is an element that contains pointers from a key
* value of an EncryptedKey to items encrypted by that key value
@@ -45,10 +45,12 @@ import java.util.Iterator;
* @see Reference
*/
public interface ReferenceList {
- /** DATA TAG */
- public static final int DATA_REFERENCE = 0x00000001;
+
+ /** DATA TAG */
+ int DATA_REFERENCE = 0x00000001;
+
/** KEY TAG */
- public static final int KEY_REFERENCE = 0x00000002;
+ int KEY_REFERENCE = 0x00000002;
/**
* Adds a reference to this reference list.
@@ -57,21 +59,21 @@ public interface ReferenceList {
* @throws IllegalAccessException if the Reference is not an
* instance of DataReference or KeyReference.
*/
- public void add(Reference reference);
+ void add(Reference reference);
/**
* Removes a reference from the ReferenceList.
*
* @param reference the reference to remove.
*/
- public void remove(Reference reference);
+ void remove(Reference reference);
/**
* Returns the size of the ReferenceList.
*
* @return the size of the ReferenceList.
*/
- public int size();
+ int size();
/**
* Indicates if the ReferenceList is empty.
@@ -79,29 +81,29 @@ public interface ReferenceList {
* @return true if the ReferenceList is
* empty, else false.
*/
- public boolean isEmpty();
+ boolean isEmpty();
/**
* Returns an Iterator over all the References
- * contatined in this ReferenceList.
+ * contained in this ReferenceList.
*
* @return Iterator.
*/
- public IteratorDataReference factory method. Returns a
* DataReference.
* @param uri
- * @return
+ * @return a DataReference.
*/
- public Reference newDataReference(String uri);
+ Reference newDataReference(String uri);
/**
* KeyReference factory method. Returns a
* KeyReference.
* @param uri
- * @return
+ * @return a KeyReference.
*/
- public Reference newKeyReference(String uri);
+ Reference newKeyReference(String uri);
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Serializer.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Serializer.java
new file mode 100644
index 00000000000..8f3cd8fac9a
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Serializer.java
@@ -0,0 +1,77 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.encryption;
+
+import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+/**
+ * Converts Strings into Nodes and visa versa.
+ */
+public interface Serializer {
+
+ /**
+ * Set the Canonicalizer object to use.
+ */
+ void setCanonicalizer(Canonicalizer canon);
+
+ /**
+ * Returns a byte[] representation of the specified
+ * Element.
+ *
+ * @param element the Element to serialize.
+ * @return the byte[] representation of the serilaized
+ * Element.
+ * @throws Exception
+ */
+ byte[] serializeToByteArray(Element element) throws Exception;
+
+ /**
+ * Returns a byte[] representation of the specified
+ * NodeList.
+ *
+ * @param content the NodeList to serialize.
+ * @return the byte[] representation of the serialized
+ * NodeList.
+ * @throws Exception
+ */
+ byte[] serializeToByteArray(NodeList content) throws Exception;
+
+ /**
+ * Use the Canonicalizer to serialize the node
+ * @param node
+ * @return the (byte[]) canonicalization of the node
+ * @throws Exception
+ */
+ byte[] canonSerializeToByteArray(Node node) throws Exception;
+
+ /**
+ * @param source
+ * @param ctx
+ * @return the Node resulting from the parse of the source
+ * @throws XMLEncryptionException
+ */
+ Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
+}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java
index b2434c025a5..02d083b65ee 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java
@@ -2,27 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
-
-
-
/**
* A container for ds:Transforms.
* Iterator over all the transforms contained in
- * this transform list.
- *
- * @return all transforms.
+ * Temporary method to turn the XMLEncryption Transforms class
+ * into a DS class. The main logic is currently implemented in the
+ * DS class, so we need to get to get the base class.
+ * ds:Transform to the list of transforms.
- *
- * @param transform.
- */
- /* void addTransform(Transform transform); */
-
- /**
- * Removes the specified transform.
- *
- * @param transform.
- */
- /* void removeTransform(Transform transform); */
-
- /**
- * Temporary method to turn the XMLEncryption Transforms class
- * into a DS class. The main logic is currently implemented in the
- * DS class, so we need to get to get the base class.
- * XMLCipher encrypts and decrypts the contents of
@@ -85,133 +84,245 @@ import org.xml.sax.SAXException;
*/
public class XMLCipher {
- private static java.util.logging.Logger logger =
+ private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLCipher.class.getName());
- //J-
- /** Triple DES EDE (192 bit key) in CBC mode */
+ /** Triple DES EDE (192 bit key) in CBC mode */
public static final String TRIPLEDES =
EncryptionConstants.ALGO_ID_BLOCKCIPHER_TRIPLEDES;
+
/** AES 128 Cipher */
public static final String AES_128 =
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128;
+
/** AES 256 Cipher */
public static final String AES_256 =
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256;
+
/** AES 192 Cipher */
public static final String AES_192 =
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192;
+
+ /** AES 128 GCM Cipher */
+ public static final String AES_128_GCM =
+ EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM;
+
+ /** AES 192 GCM Cipher */
+ public static final String AES_192_GCM =
+ EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM;
+
+ /** AES 256 GCM Cipher */
+ public static final String AES_256_GCM =
+ EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM;
+
/** RSA 1.5 Cipher */
public static final String RSA_v1dot5 =
EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15;
+
/** RSA OAEP Cipher */
public static final String RSA_OAEP =
EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP;
+
+ /** RSA OAEP Cipher */
+ public static final String RSA_OAEP_11 =
+ EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP_11;
+
/** DIFFIE_HELLMAN Cipher */
public static final String DIFFIE_HELLMAN =
EncryptionConstants.ALGO_ID_KEYAGREEMENT_DH;
+
/** Triple DES EDE (192 bit key) in CBC mode KEYWRAP*/
public static final String TRIPLEDES_KeyWrap =
EncryptionConstants.ALGO_ID_KEYWRAP_TRIPLEDES;
+
/** AES 128 Cipher KeyWrap */
public static final String AES_128_KeyWrap =
EncryptionConstants.ALGO_ID_KEYWRAP_AES128;
+
/** AES 256 Cipher KeyWrap */
public static final String AES_256_KeyWrap =
EncryptionConstants.ALGO_ID_KEYWRAP_AES256;
+
/** AES 192 Cipher KeyWrap */
public static final String AES_192_KeyWrap =
EncryptionConstants.ALGO_ID_KEYWRAP_AES192;
+
/** SHA1 Cipher */
public static final String SHA1 =
Constants.ALGO_ID_DIGEST_SHA1;
+
/** SHA256 Cipher */
public static final String SHA256 =
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256;
+
/** SHA512 Cipher */
public static final String SHA512 =
MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512;
+
/** RIPEMD Cipher */
public static final String RIPEMD_160 =
MessageDigestAlgorithm.ALGO_ID_DIGEST_RIPEMD160;
+
/** XML Signature NS */
public static final String XML_DSIG =
Constants.SignatureSpecNS;
+
/** N14C_XML */
public static final String N14C_XML =
Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
+
/** N14C_XML with comments*/
public static final String N14C_XML_WITH_COMMENTS =
Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
- /** N14C_XML excluisve */
+
+ /** N14C_XML exclusive */
public static final String EXCL_XML_N14C =
Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
- /** N14C_XML exclusive with commetns*/
+
+ /** N14C_XML exclusive with comments*/
public static final String EXCL_XML_N14C_WITH_COMMENTS =
Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
+
+ /** N14C_PHYSICAL preserve the physical representation*/
+ public static final String PHYSICAL_XML_N14C =
+ Canonicalizer.ALGO_ID_C14N_PHYSICAL;
+
/** Base64 encoding */
public static final String BASE64_ENCODING =
com.sun.org.apache.xml.internal.security.transforms.Transforms.TRANSFORM_BASE64_DECODE;
- //J+
/** ENCRYPT Mode */
public static final int ENCRYPT_MODE = Cipher.ENCRYPT_MODE;
+
/** DECRYPT Mode */
public static final int DECRYPT_MODE = Cipher.DECRYPT_MODE;
+
/** UNWRAP Mode */
public static final int UNWRAP_MODE = Cipher.UNWRAP_MODE;
+
/** WRAP Mode */
public static final int WRAP_MODE = Cipher.WRAP_MODE;
private static final String ENC_ALGORITHMS = TRIPLEDES + "\n" +
- AES_128 + "\n" + AES_256 + "\n" + AES_192 + "\n" + RSA_v1dot5 + "\n" +
- RSA_OAEP + "\n" + TRIPLEDES_KeyWrap + "\n" + AES_128_KeyWrap + "\n" +
- AES_256_KeyWrap + "\n" + AES_192_KeyWrap+ "\n";
+ AES_128 + "\n" + AES_256 + "\n" + AES_192 + "\n" + RSA_v1dot5 + "\n" +
+ RSA_OAEP + "\n" + RSA_OAEP_11 + "\n" + TRIPLEDES_KeyWrap + "\n" +
+ AES_128_KeyWrap + "\n" + AES_256_KeyWrap + "\n" + AES_192_KeyWrap + "\n" +
+ AES_128_GCM + "\n" + AES_192_GCM + "\n" + AES_256_GCM + "\n";
- /** Cipher created during initialisation that is used for encryption */
- private Cipher _contextCipher;
- /** Mode that the XMLCipher object is operating in */
- private int _cipherMode = Integer.MIN_VALUE;
- /** URI of algorithm that is being used for cryptographic operation */
- private String _algorithm = null;
- /** Cryptographic provider requested by caller */
- private String _requestedJCEProvider = null;
- /** Holds c14n to serialize, if initialized then _always_ use this c14n to serialize */
- private Canonicalizer _canon;
- /** Used for creation of DOM nodes in WRAP and ENCRYPT modes */
- private Document _contextDocument;
- /** Instance of factory used to create XML Encryption objects */
- private Factory _factory;
- /** Internal serializer class for going to/from UTF-8 */
- private Serializer _serializer;
+ /** Cipher created during initialisation that is used for encryption */
+ private Cipher contextCipher;
- /** Local copy of user's key */
- private Key _key;
- /** Local copy of the kek (used to decrypt EncryptedKeys during a
+ /** Mode that the XMLCipher object is operating in */
+ private int cipherMode = Integer.MIN_VALUE;
+
+ /** URI of algorithm that is being used for cryptographic operation */
+ private String algorithm = null;
+
+ /** Cryptographic provider requested by caller */
+ private String requestedJCEProvider = null;
+
+ /** Holds c14n to serialize, if initialized then _always_ use this c14n to serialize */
+ private Canonicalizer canon;
+
+ /** Used for creation of DOM nodes in WRAP and ENCRYPT modes */
+ private Document contextDocument;
+
+ /** Instance of factory used to create XML Encryption objects */
+ private Factory factory;
+
+ /** Serializer class for going to/from UTF-8 */
+ private Serializer serializer;
+
+ /** Local copy of user's key */
+ private Key key;
+
+ /** Local copy of the kek (used to decrypt EncryptedKeys during a
* DECRYPT_MODE operation */
- private Key _kek;
+ private Key kek;
- // The EncryptedKey being built (part of a WRAP operation) or read
- // (part of an UNWRAP operation)
+ // The EncryptedKey being built (part of a WRAP operation) or read
+ // (part of an UNWRAP operation)
+ private EncryptedKey ek;
- private EncryptedKey _ek;
+ // The EncryptedData being built (part of a WRAP operation) or read
+ // (part of an UNWRAP operation)
+ private EncryptedData ed;
- // The EncryptedData being built (part of a WRAP operation) or read
- // (part of an UNWRAP operation)
+ private SecureRandom random;
- private EncryptedData _ed;
+ private boolean secureValidation;
+
+ private String digestAlg;
+
+ /** List of internal KeyResolvers for DECRYPT and UNWRAP modes. */
+ private ListXMLCipher.
*
- * @since 1.0.
+ * @param transformation the name of the transformation, e.g.,
+ * XMLCipher.TRIPLEDES. If null the XMLCipher can only
+ * be used for decrypt or unwrap operations where the encryption method
+ * is defined in the EncryptionMethod element.
+ * @param provider the JCE provider that supplies the transformation,
+ * if null use the default provider.
+ * @param canon the name of the c14n algorithm, if
+ * null use standard serializer
+ * @param digestMethod An optional digestMethod to use.
*/
- private XMLCipher() {
- logger.log(java.util.logging.Level.FINE, "Constructing XMLCipher...");
+ private XMLCipher(
+ String transformation,
+ String provider,
+ String canonAlg,
+ String digestMethod
+ ) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Constructing XMLCipher...");
+ }
- _factory = new Factory();
- _serializer = new Serializer();
+ factory = new Factory();
+ algorithm = transformation;
+ requestedJCEProvider = provider;
+ digestAlg = digestMethod;
+
+ // Create a canonicalizer - used when serializing DOM to octets
+ // prior to encryption (and for the reverse)
+
+ try {
+ if (canonAlg == null) {
+ // The default is to preserve the physical representation.
+ this.canon = Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_PHYSICAL);
+ } else {
+ this.canon = Canonicalizer.getInstance(canonAlg);
+ }
+ } catch (InvalidCanonicalizerException ice) {
+ throw new XMLEncryptionException("empty", ice);
+ }
+
+ if (serializer == null) {
+ serializer = new DocumentSerializer();
+ }
+ serializer.setCanonicalizer(this.canon);
+
+ if (transformation != null) {
+ contextCipher = constructCipher(transformation, digestMethod);
+ }
}
/**
@@ -222,20 +333,38 @@ public class XMLCipher {
* @since 1.0.
*/
private static boolean isValidEncryptionAlgorithm(String algorithm) {
- boolean result = (
+ return (
algorithm.equals(TRIPLEDES) ||
algorithm.equals(AES_128) ||
algorithm.equals(AES_256) ||
algorithm.equals(AES_192) ||
+ algorithm.equals(AES_128_GCM) ||
+ algorithm.equals(AES_192_GCM) ||
+ algorithm.equals(AES_256_GCM) ||
algorithm.equals(RSA_v1dot5) ||
algorithm.equals(RSA_OAEP) ||
+ algorithm.equals(RSA_OAEP_11) ||
algorithm.equals(TRIPLEDES_KeyWrap) ||
algorithm.equals(AES_128_KeyWrap) ||
algorithm.equals(AES_256_KeyWrap) ||
algorithm.equals(AES_192_KeyWrap)
);
+ }
- return (result);
+ /**
+ * Validate the transformation argument of getInstance or getProviderInstance
+ *
+ * @param transformation the name of the transformation, e.g.,
+ * XMLCipher.TRIPLEDES which is shorthand for
+ * "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
+ */
+ private static void validateTransformation(String transformation) {
+ if (null == transformation) {
+ throw new NullPointerException("Transformation unexpectedly null...");
+ }
+ if (!isValidEncryptionAlgorithm(transformation)) {
+ log.log(java.util.logging.Level.WARNING, "Algorithm non-standard, expected one of " + ENC_ALGORITHMS);
+ }
}
/**
@@ -248,7 +377,7 @@ public class XMLCipher {
* the default provider package, other provider packages are searched.
* javax.crypto.Cipher. Instead, it only throws an
* XMLEncryptionException which wraps an underlying exception.
- * The stack trace from the exception should be self explanitory.
+ * The stack trace from the exception should be self explanatory.
*
* @param transformation the name of the transformation, e.g.,
* XMLCipher.TRIPLEDES which is shorthand for
@@ -266,293 +395,169 @@ public class XMLCipher {
* @return the XMLCipher
* @see javax.crypto.Cipher#getInstance(java.lang.String)
*/
- public static XMLCipher getInstance(String transformation) throws
- XMLEncryptionException {
- // sanity checks
- logger.log(java.util.logging.Level.FINE, "Getting XMLCipher...");
- if (null == transformation)
- logger.log(java.util.logging.Level.SEVERE, "Transformation unexpectedly null...");
- if(!isValidEncryptionAlgorithm(transformation))
- logger.log(java.util.logging.Level.WARNING, "Algorithm non-standard, expected one of " + ENC_ALGORITHMS);
-
- XMLCipher instance = new XMLCipher();
-
- instance._algorithm = transformation;
- instance._key = null;
- instance._kek = null;
-
-
- /* Create a canonicaliser - used when serialising DOM to octets
- * prior to encryption (and for the reverse) */
-
- try {
- instance._canon = Canonicalizer.getInstance
- (Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
-
- } catch (InvalidCanonicalizerException ice) {
- throw new XMLEncryptionException("empty", ice);
- }
-
- String jceAlgorithm = JCEMapper.translateURItoJCEID(transformation);
-
- try {
- instance._contextCipher = Cipher.getInstance(jceAlgorithm);
- logger.log(java.util.logging.Level.FINE, "cihper.algoritm = " +
- instance._contextCipher.getAlgorithm());
- } catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
- } catch (NoSuchPaddingException nspe) {
- throw new XMLEncryptionException("empty", nspe);
+ public static XMLCipher getInstance(String transformation) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with transformation");
}
-
- return (instance);
+ validateTransformation(transformation);
+ return new XMLCipher(transformation, null, null, null);
}
- /**
- * Returns an XMLCipher that implements the specified
- * transformation, operates on the specified context document and serializes
- * the document with the specified canonicalization algorithm before it
- * encrypts the document.
- * XMLCipher.TRIPLEDES which is
- * shorthand for
- * "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
- * @param canon the name of the c14n algorithm, if
- * null use standard serializer
- * @return
- * @throws XMLEncryptionException
- */
-
- public static XMLCipher getInstance(String transformation, String canon)
- throws XMLEncryptionException {
- XMLCipher instance = XMLCipher.getInstance(transformation);
-
- if (canon != null) {
- try {
- instance._canon = Canonicalizer.getInstance(canon);
- } catch (InvalidCanonicalizerException ice) {
- throw new XMLEncryptionException("empty", ice);
- }
- }
-
- return instance;
+ /**
+ * Returns an XMLCipher that implements the specified
+ * transformation, operates on the specified context document and serializes
+ * the document with the specified canonicalization algorithm before it
+ * encrypts the document.
+ * null use
+ * standard serializer
+ * @return the XMLCipher
+ * @throws XMLEncryptionException
+ */
+ public static XMLCipher getInstance(String transformation, String canon)
+ throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with transformation and c14n algorithm");
}
+ validateTransformation(transformation);
+ return new XMLCipher(transformation, null, canon, null);
+ }
- public static XMLCipher getInstance(String transformation,Cipher cipher) throws XMLEncryptionException {
- // sanity checks
- logger.log(java.util.logging.Level.FINE, "Getting XMLCipher...");
- if (null == transformation)
- logger.log(java.util.logging.Level.SEVERE, "Transformation unexpectedly null...");
- if(!isValidEncryptionAlgorithm(transformation))
- logger.log(java.util.logging.Level.WARNING, "Algorithm non-standard, expected one of " + ENC_ALGORITHMS);
-
- XMLCipher instance = new XMLCipher();
-
- instance._algorithm = transformation;
- instance._key = null;
- instance._kek = null;
-
-
- /* Create a canonicaliser - used when serialising DOM to octets
- * prior to encryption (and for the reverse) */
-
- try {
- instance._canon = Canonicalizer.getInstance
- (Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
-
- } catch (InvalidCanonicalizerException ice) {
- throw new XMLEncryptionException("empty", ice);
+ /**
+ * Returns an XMLCipher that implements the specified
+ * transformation, operates on the specified context document and serializes
+ * the document with the specified canonicalization algorithm before it
+ * encrypts the document.
+ * null use
+ * standard serializer
+ * @param digestMethod An optional digestMethod to use
+ * @return the XMLCipher
+ * @throws XMLEncryptionException
+ */
+ public static XMLCipher getInstance(String transformation, String canon, String digestMethod)
+ throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with transformation and c14n algorithm");
}
-
- String jceAlgorithm = JCEMapper.translateURItoJCEID(transformation);
-
- try {
- instance._contextCipher = cipher;
- //Cipher.getInstance(jceAlgorithm);
- logger.log(java.util.logging.Level.FINE, "cihper.algoritm = " +
- instance._contextCipher.getAlgorithm());
- }catch(Exception ex) {
- throw new XMLEncryptionException("empty", ex);
- }
-
- return (instance);
+ validateTransformation(transformation);
+ return new XMLCipher(transformation, null, canon, digestMethod);
}
/**
* Returns an XMLCipher that implements the specified
* transformation and operates on the specified context document.
*
- * @param transformation the name of the transformation, e.g.,
- * XMLCipher.TRIPLEDES which is shorthand for
- * "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
- * @param provider the JCE provider that supplies the transformation
+ * @param transformation the name of the transformation
+ * @param provider the JCE provider that supplies the transformation
* @return the XMLCipher
* @throws XMLEncryptionException
*/
-
public static XMLCipher getProviderInstance(String transformation, String provider)
- throws XMLEncryptionException {
- // sanity checks
- logger.log(java.util.logging.Level.FINE, "Getting XMLCipher...");
- if (null == transformation)
- logger.log(java.util.logging.Level.SEVERE, "Transformation unexpectedly null...");
- if(null == provider)
- logger.log(java.util.logging.Level.SEVERE, "Provider unexpectedly null..");
- if("" == provider)
- logger.log(java.util.logging.Level.SEVERE, "Provider's value unexpectedly not specified...");
- if(!isValidEncryptionAlgorithm(transformation))
- logger.log(java.util.logging.Level.WARNING, "Algorithm non-standard, expected one of " + ENC_ALGORITHMS);
-
- XMLCipher instance = new XMLCipher();
-
- instance._algorithm = transformation;
- instance._requestedJCEProvider = provider;
- instance._key = null;
- instance._kek = null;
-
- /* Create a canonicaliser - used when serialising DOM to octets
- * prior to encryption (and for the reverse) */
-
- try {
- instance._canon = Canonicalizer.getInstance
- (Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
- } catch (InvalidCanonicalizerException ice) {
- throw new XMLEncryptionException("empty", ice);
- }
-
- try {
- String jceAlgorithm =
- JCEMapper.translateURItoJCEID(transformation);
-
- instance._contextCipher = Cipher.getInstance(jceAlgorithm, provider);
-
- logger.log(java.util.logging.Level.FINE, "cipher._algorithm = " +
- instance._contextCipher.getAlgorithm());
- logger.log(java.util.logging.Level.FINE, "provider.name = " + provider);
- } catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
- } catch (NoSuchProviderException nspre) {
- throw new XMLEncryptionException("empty", nspre);
- } catch (NoSuchPaddingException nspe) {
- throw new XMLEncryptionException("empty", nspe);
+ throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with transformation and provider");
}
-
- return (instance);
+ if (null == provider) {
+ throw new NullPointerException("Provider unexpectedly null..");
+ }
+ validateTransformation(transformation);
+ return new XMLCipher(transformation, provider, null, null);
}
- /**
- * Returns an XMLCipher that implements the specified
+ /**
+ * Returns an XMLCipher that implements the specified
* transformation, operates on the specified context document and serializes
* the document with the specified canonicalization algorithm before it
* encrypts the document.
* XMLCipher.TRIPLEDES which is
- * shorthand for
- * "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
- * @param provider the JCE provider that supplies the transformation
- * @param canon the name of the c14n algorithm, if
- * null use standard serializer
- * @return
- * @throws XMLEncryptionException
- */
- public static XMLCipher getProviderInstance(
- String transformation,
- String provider,
- String canon)
- throws XMLEncryptionException {
-
- XMLCipher instance = XMLCipher.getProviderInstance(transformation, provider);
- if (canon != null) {
- try {
- instance._canon = Canonicalizer.getInstance(canon);
- } catch (InvalidCanonicalizerException ice) {
- throw new XMLEncryptionException("empty", ice);
- }
- }
- return instance;
- }
-
- /**
- * Returns an XMLCipher that implements no specific
- * transformation, and can therefore only be used for decrypt or
- * unwrap operations where the encryption method is defined in the
- * EncryptionMethod element.
- *
- * @return The XMLCipher
+ *
+ * @param transformation the name of the transformation
+ * @param provider the JCE provider that supplies the transformation
+ * @param canon the name of the c14n algorithm, if null use standard
+ * serializer
+ * @return the XMLCipher
* @throws XMLEncryptionException
*/
+ public static XMLCipher getProviderInstance(
+ String transformation, String provider, String canon
+ ) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with transformation, provider and c14n algorithm");
+ }
+ if (null == provider) {
+ throw new NullPointerException("Provider unexpectedly null..");
+ }
+ validateTransformation(transformation);
+ return new XMLCipher(transformation, provider, canon, null);
+ }
- public static XMLCipher getInstance()
- throws XMLEncryptionException {
- // sanity checks
- logger.log(java.util.logging.Level.FINE, "Getting XMLCipher for no transformation...");
-
- XMLCipher instance = new XMLCipher();
-
- instance._algorithm = null;
- instance._requestedJCEProvider = null;
- instance._key = null;
- instance._kek = null;
- instance._contextCipher = null;
-
- /* Create a canonicaliser - used when serialising DOM to octets
- * prior to encryption (and for the reverse) */
-
- try {
- instance._canon = Canonicalizer.getInstance
- (Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
- } catch (InvalidCanonicalizerException ice) {
- throw new XMLEncryptionException("empty", ice);
- }
-
- return (instance);
+ /**
+ * Returns an XMLCipher that implements the specified
+ * transformation, operates on the specified context document and serializes
+ * the document with the specified canonicalization algorithm before it
+ * encrypts the document.
+ * null use standard
+ * serializer
+ * @param digestMethod An optional digestMethod to use
+ * @return the XMLCipher
+ * @throws XMLEncryptionException
+ */
+ public static XMLCipher getProviderInstance(
+ String transformation, String provider, String canon, String digestMethod
+ ) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with transformation, provider and c14n algorithm");
+ }
+ if (null == provider) {
+ throw new NullPointerException("Provider unexpectedly null..");
+ }
+ validateTransformation(transformation);
+ return new XMLCipher(transformation, provider, canon, digestMethod);
}
/**
* Returns an XMLCipher that implements no specific
- * transformation, and can therefore only be used for decrypt or
- * unwrap operations where the encryption method is defined in the
- * EncryptionMethod element.
- *
- * Allows the caller to specify a provider that will be used for
- * cryptographic operations.
+ * transformation, and can therefore only be used for decrypt or
+ * unwrap operations where the encryption method is defined in the
+ * EncryptionMethod element.
*
- * @param provider the JCE provider that supplies the cryptographic
- * needs.
+ * @return The XMLCipher
+ * @throws XMLEncryptionException
+ */
+ public static XMLCipher getInstance() throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with no arguments");
+ }
+ return new XMLCipher(null, null, null, null);
+ }
+
+ /**
+ * Returns an XMLCipher that implements no specific
+ * transformation, and can therefore only be used for decrypt or
+ * unwrap operations where the encryption method is defined in the
+ * EncryptionMethod element.
+ *
+ * Allows the caller to specify a provider that will be used for
+ * cryptographic operations.
+ *
+ * @param provider the JCE provider that supplies the transformation
* @return the XMLCipher
* @throws XMLEncryptionException
*/
-
- public static XMLCipher getProviderInstance(String provider)
- throws XMLEncryptionException {
- // sanity checks
-
- logger.log(java.util.logging.Level.FINE, "Getting XMLCipher, provider but no transformation");
- if(null == provider)
- logger.log(java.util.logging.Level.SEVERE, "Provider unexpectedly null..");
- if("" == provider)
- logger.log(java.util.logging.Level.SEVERE, "Provider's value unexpectedly not specified...");
-
- XMLCipher instance = new XMLCipher();
-
- instance._algorithm = null;
- instance._requestedJCEProvider = provider;
- instance._key = null;
- instance._kek = null;
- instance._contextCipher = null;
-
- try {
- instance._canon = Canonicalizer.getInstance
- (Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
- } catch (InvalidCanonicalizerException ice) {
- throw new XMLEncryptionException("empty", ice);
- }
-
- return (instance);
+ public static XMLCipher getProviderInstance(String provider) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Getting XMLCipher with provider");
+ }
+ return new XMLCipher(null, provider, null, null);
}
/**
@@ -561,13 +566,13 @@ public class XMLCipher {
* The cipher is initialized for one of the following four operations:
* encryption, decryption, key wrapping or key unwrapping, depending on the
* value of opmode.
- *
- * For WRAP and ENCRYPT modes, this also initialises the internal
- * EncryptedKey or EncryptedData (with a CipherValue)
- * structure that will be used during the ensuing operations. This
- * can be obtained (in order to modify KeyInfo elements etc. prior to
- * finalising the encryption) by calling
- * {@link #getEncryptedData} or {@link #getEncryptedKey}.
+ *
+ * For WRAP and ENCRYPT modes, this also initialises the internal
+ * EncryptedKey or EncryptedData (with a CipherValue)
+ * structure that will be used during the ensuing operations. This
+ * can be obtained (in order to modify KeyInfo elements etc. prior to
+ * finalising the encryption) by calling
+ * {@link #getEncryptedData} or {@link #getEncryptedKey}.
*
* @param opmode the operation mode of this cipher (this is one of the
* following: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE or UNWRAP_MODE)
@@ -577,164 +582,216 @@ public class XMLCipher {
*/
public void init(int opmode, Key key) throws XMLEncryptionException {
// sanity checks
- logger.log(java.util.logging.Level.FINE, "Initializing XMLCipher...");
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Initializing XMLCipher...");
+ }
- _ek = null;
- _ed = null;
+ ek = null;
+ ed = null;
- switch (opmode) {
+ switch (opmode) {
- case ENCRYPT_MODE :
- logger.log(java.util.logging.Level.FINE, "opmode = ENCRYPT_MODE");
- _ed = createEncryptedData(CipherData.VALUE_TYPE, "NO VALUE YET");
- break;
- case DECRYPT_MODE :
- logger.log(java.util.logging.Level.FINE, "opmode = DECRYPT_MODE");
- break;
- case WRAP_MODE :
- logger.log(java.util.logging.Level.FINE, "opmode = WRAP_MODE");
- _ek = createEncryptedKey(CipherData.VALUE_TYPE, "NO VALUE YET");
- break;
- case UNWRAP_MODE :
- logger.log(java.util.logging.Level.FINE, "opmode = UNWRAP_MODE");
- break;
- default :
- logger.log(java.util.logging.Level.SEVERE, "Mode unexpectedly invalid");
- throw new XMLEncryptionException("Invalid mode in init");
- }
-
- _cipherMode = opmode;
- _key = key;
+ case ENCRYPT_MODE :
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "opmode = ENCRYPT_MODE");
+ }
+ ed = createEncryptedData(CipherData.VALUE_TYPE, "NO VALUE YET");
+ break;
+ case DECRYPT_MODE :
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "opmode = DECRYPT_MODE");
+ }
+ break;
+ case WRAP_MODE :
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "opmode = WRAP_MODE");
+ }
+ ek = createEncryptedKey(CipherData.VALUE_TYPE, "NO VALUE YET");
+ break;
+ case UNWRAP_MODE :
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "opmode = UNWRAP_MODE");
+ }
+ break;
+ default :
+ log.log(java.util.logging.Level.SEVERE, "Mode unexpectedly invalid");
+ throw new XMLEncryptionException("Invalid mode in init");
+ }
+ cipherMode = opmode;
+ this.key = key;
}
- /**
- * Get the EncryptedData being build
- *
- * Returns the EncryptedData being built during an ENCRYPT operation.
- * This can then be used by applications to add KeyInfo elements and
- * set other parameters.
- *
- * @return The EncryptedData being built
- */
-
- public EncryptedData getEncryptedData() {
-
- // Sanity checks
- logger.log(java.util.logging.Level.FINE, "Returning EncryptedData");
- return _ed;
+ /**
+ * Set whether secure validation is enabled or not. The default is false.
+ */
+ public void setSecureValidation(boolean secureValidation) {
+ this.secureValidation = secureValidation;
+ }
+ /**
+ * This method is used to add a custom {@link KeyResolverSpi} to an XMLCipher.
+ * These KeyResolvers are used in KeyInfo objects in DECRYPT and
+ * UNWRAP modes.
+ *
+ * @param keyResolver
+ */
+ public void registerInternalKeyResolver(KeyResolverSpi keyResolver) {
+ if (internalKeyResolvers == null) {
+ internalKeyResolvers = new ArrayListEncryptedData
- * Element representing the passed in
- * object
+ /**
+ * Set a Key Encryption Key.
+ * EncryptedData
+ * Element representing the passed in
+ * object
+ */
+ public Element martial(EncryptedData encryptedData) {
+ return factory.toElement(encryptedData);
+ }
- }
+ /**
+ * Martial an EncryptedData
+ *
+ * Takes an EncryptedData object and returns a DOM Element that
+ * represents the appropriate EncryptedData
+ *
+ * @param context The document that will own the returned nodes
+ * @param encryptedData EncryptedData object to martial
+ * @return the DOM Element representing the passed in
+ * object
+ */
+ public Element martial(Document context, EncryptedData encryptedData) {
+ contextDocument = context;
+ return factory.toElement(encryptedData);
+ }
- /**
- * Martial an EncryptedKey
- *
- * Takes an EncryptedKey object and returns a DOM Element that
- * represents the appropriate EncryptedKey
- *
- * Element representing the passed in
- * object */
+ /**
+ * Martial an EncryptedKey
+ *
+ * Takes an EncryptedKey object and returns a DOM Element that
+ * represents the appropriate EncryptedKey
+ *
+ * Element representing the passed in
+ * object
+ */
+ public Element martial(EncryptedKey encryptedKey) {
+ return factory.toElement(encryptedKey);
+ }
- public Element martial(EncryptedKey encryptedKey) {
+ /**
+ * Martial an EncryptedKey
+ *
+ * Takes an EncryptedKey object and returns a DOM Element that
+ * represents the appropriate EncryptedKey
+ *
+ * @param context The document that will own the created nodes
+ * @param encryptedKey EncryptedKey object to martial
+ * @return the DOM Element representing the passed in
+ * object
+ */
+ public Element martial(Document context, EncryptedKey encryptedKey) {
+ contextDocument = context;
+ return factory.toElement(encryptedKey);
+ }
- return (_factory.toElement (encryptedKey));
+ /**
+ * Martial a ReferenceList
+ *
+ * Takes a ReferenceList object and returns a DOM Element that
+ * represents the appropriate ReferenceList
+ *
+ * Element representing the passed in
+ * object
+ */
+ public Element martial(ReferenceList referenceList) {
+ return factory.toElement(referenceList);
+ }
- }
-
- /**
- * Martial an EncryptedData
- *
- * Takes an EncryptedData object and returns a DOM Element that
- * represents the appropriate EncryptedData
- *
- * @param context The document that will own the returned nodes
- * @param encryptedData EncryptedData object to martial
- * @return the DOM Element representing the passed in
- * object */
-
- public Element martial(Document context, EncryptedData encryptedData) {
-
- _contextDocument = context;
- return (_factory.toElement (encryptedData));
-
- }
-
- /**
- * Martial an EncryptedKey
- *
- * Takes an EncryptedKey object and returns a DOM Element that
- * represents the appropriate EncryptedKey
- *
- * @param context The document that will own the created nodes
- * @param encryptedKey EncryptedKey object to martial
- * @return the DOM Element representing the passed in
- * object */
-
- public Element martial(Document context, EncryptedKey encryptedKey) {
-
- _contextDocument = context;
- return (_factory.toElement (encryptedKey));
-
- }
+ /**
+ * Martial a ReferenceList
+ *
+ * Takes a ReferenceList object and returns a DOM Element that
+ * represents the appropriate ReferenceList
+ *
+ * @param context The document that will own the created nodes
+ * @param referenceList ReferenceList object to martial
+ * @return the DOM Element representing the passed in
+ * object
+ */
+ public Element martial(Document context, ReferenceList referenceList) {
+ contextDocument = context;
+ return factory.toElement(referenceList);
+ }
/**
* Encrypts an Element and replaces it with its encrypted
@@ -747,25 +804,28 @@ public class XMLCipher {
* Element having replaced the source Element.
* @throws Exception
*/
-
private Document encryptElement(Element element) throws Exception{
- logger.log(java.util.logging.Level.FINE, "Encrypting element...");
- if(null == element)
- logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
- if(_cipherMode != ENCRYPT_MODE)
- logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Encrypting element...");
+ }
+ if (null == element) {
+ log.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
+ }
+ if (cipherMode != ENCRYPT_MODE && log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ }
- if (_algorithm == null) {
- throw new XMLEncryptionException("XMLCipher instance without transformation specified");
- }
- encryptData(_contextDocument, element, false);
+ if (algorithm == null) {
+ throw new XMLEncryptionException("XMLCipher instance without transformation specified");
+ }
+ encryptData(contextDocument, element, false);
- Element encryptedElement = _factory.toElement(_ed);
+ Element encryptedElement = factory.toElement(ed);
Node sourceParent = element.getParentNode();
sourceParent.replaceChild(encryptedElement, element);
- return (_contextDocument);
+ return contextDocument;
}
/**
@@ -782,25 +842,28 @@ public class XMLCipher {
* Element.
* @throws Exception
*/
- private Document encryptElementContent(Element element) throws
- /* XMLEncryption */Exception {
- logger.log(java.util.logging.Level.FINE, "Encrypting element content...");
- if(null == element)
- logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
- if(_cipherMode != ENCRYPT_MODE)
- logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ private Document encryptElementContent(Element element) throws /* XMLEncryption */Exception {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Encrypting element content...");
+ }
+ if (null == element) {
+ log.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
+ }
+ if (cipherMode != ENCRYPT_MODE && log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ }
- if (_algorithm == null) {
- throw new XMLEncryptionException("XMLCipher instance without transformation specified");
- }
- encryptData(_contextDocument, element, true);
+ if (algorithm == null) {
+ throw new XMLEncryptionException("XMLCipher instance without transformation specified");
+ }
+ encryptData(contextDocument, element, true);
- Element encryptedElement = _factory.toElement(_ed);
+ Element encryptedElement = factory.toElement(ed);
removeContent(element);
element.appendChild(encryptedElement);
- return (_contextDocument);
+ return contextDocument;
}
/**
@@ -812,19 +875,22 @@ public class XMLCipher {
* @return the processed Document.
* @throws Exception to indicate any exceptional conditions.
*/
- public Document doFinal(Document context, Document source) throws
- /* XMLEncryption */Exception {
- logger.log(java.util.logging.Level.FINE, "Processing source document...");
- if(null == context)
- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
- if(null == source)
- logger.log(java.util.logging.Level.SEVERE, "Source document unexpectedly null...");
+ public Document doFinal(Document context, Document source) throws /* XMLEncryption */Exception {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Processing source document...");
+ }
+ if (null == context) {
+ log.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
+ }
+ if (null == source) {
+ log.log(java.util.logging.Level.SEVERE, "Source document unexpectedly null...");
+ }
- _contextDocument = context;
+ contextDocument = context;
Document result = null;
- switch (_cipherMode) {
+ switch (cipherMode) {
case DECRYPT_MODE:
result = decryptElement(source.getDocumentElement());
break;
@@ -832,15 +898,13 @@ public class XMLCipher {
result = encryptElement(source.getDocumentElement());
break;
case UNWRAP_MODE:
- break;
case WRAP_MODE:
break;
default:
- throw new XMLEncryptionException(
- "empty", new IllegalStateException());
+ throw new XMLEncryptionException("empty", new IllegalStateException());
}
- return (result);
+ return result;
}
/**
@@ -852,19 +916,22 @@ public class XMLCipher {
* @return the processed Document.
* @throws Exception to indicate any exceptional conditions.
*/
- public Document doFinal(Document context, Element element) throws
- /* XMLEncryption */Exception {
- logger.log(java.util.logging.Level.FINE, "Processing source element...");
- if(null == context)
- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
- if(null == element)
- logger.log(java.util.logging.Level.SEVERE, "Source element unexpectedly null...");
+ public Document doFinal(Document context, Element element) throws /* XMLEncryption */Exception {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Processing source element...");
+ }
+ if (null == context) {
+ log.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
+ }
+ if (null == element) {
+ log.log(java.util.logging.Level.SEVERE, "Source element unexpectedly null...");
+ }
- _contextDocument = context;
+ contextDocument = context;
Document result = null;
- switch (_cipherMode) {
+ switch (cipherMode) {
case DECRYPT_MODE:
result = decryptElement(element);
break;
@@ -872,15 +939,13 @@ public class XMLCipher {
result = encryptElement(element);
break;
case UNWRAP_MODE:
- break;
case WRAP_MODE:
break;
default:
- throw new XMLEncryptionException(
- "empty", new IllegalStateException());
+ throw new XMLEncryptionException("empty", new IllegalStateException());
}
- return (result);
+ return result;
}
/**
@@ -896,18 +961,22 @@ public class XMLCipher {
* @throws Exception to indicate any exceptional conditions.
*/
public Document doFinal(Document context, Element element, boolean content)
- throws /* XMLEncryption*/ Exception {
- logger.log(java.util.logging.Level.FINE, "Processing source element...");
- if(null == context)
- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
- if(null == element)
- logger.log(java.util.logging.Level.SEVERE, "Source element unexpectedly null...");
+ throws /* XMLEncryption*/ Exception {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Processing source element...");
+ }
+ if (null == context) {
+ log.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
+ }
+ if (null == element) {
+ log.log(java.util.logging.Level.SEVERE, "Source element unexpectedly null...");
+ }
- _contextDocument = context;
+ contextDocument = context;
Document result = null;
- switch (_cipherMode) {
+ switch (cipherMode) {
case DECRYPT_MODE:
if (content) {
result = decryptElementContent(element);
@@ -923,15 +992,13 @@ public class XMLCipher {
}
break;
case UNWRAP_MODE:
- break;
case WRAP_MODE:
break;
default:
- throw new XMLEncryptionException(
- "empty", new IllegalStateException());
+ throw new XMLEncryptionException("empty", new IllegalStateException());
}
- return (result);
+ return result;
}
/**
@@ -939,7 +1006,7 @@ public class XMLCipher {
* you want to have full control over the contents of the
* EncryptedData structure.
*
- * this does not change the source document in any way.
+ * This does not change the source document in any way.
*
* @param context the context Document.
* @param element the Element that will be encrypted.
@@ -947,7 +1014,7 @@ public class XMLCipher {
* @throws Exception
*/
public EncryptedData encryptData(Document context, Element element) throws
- /* XMLEncryption */Exception {
+ /* XMLEncryption */Exception {
return encryptData(context, element, false);
}
@@ -965,16 +1032,21 @@ public class XMLCipher {
* @return the EncryptedData
* @throws Exception
*/
- public EncryptedData encryptData(Document context, String type,
- InputStream serializedData) throws Exception {
-
- logger.log(java.util.logging.Level.FINE, "Encrypting element...");
- if (null == context)
- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
- if (null == serializedData)
- logger.log(java.util.logging.Level.SEVERE, "Serialized data unexpectedly null...");
- if (_cipherMode != ENCRYPT_MODE)
- logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ public EncryptedData encryptData(
+ Document context, String type, InputStream serializedData
+ ) throws Exception {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Encrypting element...");
+ }
+ if (null == context) {
+ log.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
+ }
+ if (null == serializedData) {
+ log.log(java.util.logging.Level.SEVERE, "Serialized data unexpectedly null...");
+ }
+ if (cipherMode != ENCRYPT_MODE && log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ }
return encryptData(context, null, type, serializedData);
}
@@ -984,7 +1056,7 @@ public class XMLCipher {
* you want to have full control over the contents of the
* EncryptedData structure.
*
- * this does not change the source document in any way.
+ * This does not change the source document in any way.
*
* @param context the context Document.
* @param element the Element that will be encrypted.
@@ -994,84 +1066,84 @@ public class XMLCipher {
* @throws Exception
*/
public EncryptedData encryptData(
- Document context, Element element, boolean contentMode)
- throws /* XMLEncryption */ Exception {
-
- logger.log(java.util.logging.Level.FINE, "Encrypting element...");
- if (null == context)
- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
- if (null == element)
- logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
- if (_cipherMode != ENCRYPT_MODE)
- logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ Document context, Element element, boolean contentMode
+ ) throws /* XMLEncryption */ Exception {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Encrypting element...");
+ }
+ if (null == context) {
+ log.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
+ }
+ if (null == element) {
+ log.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
+ }
+ if (cipherMode != ENCRYPT_MODE && log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE...");
+ }
if (contentMode) {
- return encryptData
- (context, element, EncryptionConstants.TYPE_CONTENT, null);
+ return encryptData(context, element, EncryptionConstants.TYPE_CONTENT, null);
} else {
- return encryptData
- (context, element, EncryptionConstants.TYPE_ELEMENT, null);
+ return encryptData(context, element, EncryptionConstants.TYPE_ELEMENT, null);
}
}
private EncryptedData encryptData(
- Document context, Element element, String type,
- InputStream serializedData) throws /* XMLEncryption */ Exception {
+ Document context, Element element, String type, InputStream serializedData
+ ) throws /* XMLEncryption */ Exception {
+ contextDocument = context;
- _contextDocument = context;
-
- if (_algorithm == null) {
- throw new XMLEncryptionException
- ("XMLCipher instance without transformation specified");
+ if (algorithm == null) {
+ throw new XMLEncryptionException("XMLCipher instance without transformation specified");
}
- String serializedOctets = null;
+ byte[] serializedOctets = null;
if (serializedData == null) {
- if (type == EncryptionConstants.TYPE_CONTENT) {
+ if (type.equals(EncryptionConstants.TYPE_CONTENT)) {
NodeList children = element.getChildNodes();
if (null != children) {
- serializedOctets = _serializer.serialize(children);
+ serializedOctets = serializer.serializeToByteArray(children);
} else {
Object exArgs[] = { "Element has no content." };
throw new XMLEncryptionException("empty", exArgs);
}
} else {
- serializedOctets = _serializer.serialize(element);
+ serializedOctets = serializer.serializeToByteArray(element);
+ }
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Serialized octets:\n" + new String(serializedOctets, "UTF-8"));
}
- logger.log(java.util.logging.Level.FINE, "Serialized octets:\n" + serializedOctets);
}
byte[] encryptedBytes = null;
// Now create the working cipher if none was created already
Cipher c;
- if (_contextCipher == null) {
- String jceAlgorithm = JCEMapper.translateURItoJCEID(_algorithm);
- logger.log(java.util.logging.Level.FINE, "alg = " + jceAlgorithm);
-
- try {
- if (_requestedJCEProvider == null)
- c = Cipher.getInstance(jceAlgorithm);
- else
- c = Cipher.getInstance(jceAlgorithm, _requestedJCEProvider);
- } catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
- } catch (NoSuchProviderException nspre) {
- throw new XMLEncryptionException("empty", nspre);
- } catch (NoSuchPaddingException nspae) {
- throw new XMLEncryptionException("empty", nspae);
- }
+ if (contextCipher == null) {
+ c = constructCipher(algorithm, null);
} else {
- c = _contextCipher;
+ c = contextCipher;
}
// Now perform the encryption
try {
- // Should internally generate an IV
- // todo - allow user to set an IV
- c.init(_cipherMode, _key);
+ // The Spec mandates a 96-bit IV for GCM algorithms
+ if (AES_128_GCM.equals(algorithm) || AES_192_GCM.equals(algorithm)
+ || AES_256_GCM.equals(algorithm)) {
+ if (random == null) {
+ random = SecureRandom.getInstance("SHA1PRNG");
+ }
+ byte[] temp = new byte[12];
+ random.nextBytes(temp);
+ IvParameterSpec paramSpec = new IvParameterSpec(temp);
+ c.init(cipherMode, key, paramSpec);
+ } else {
+ c.init(cipherMode, key);
+ }
} catch (InvalidKeyException ike) {
throw new XMLEncryptionException("empty", ike);
+ } catch (NoSuchAlgorithmException ex) {
+ throw new XMLEncryptionException("empty", ex);
}
try {
@@ -1086,13 +1158,16 @@ public class XMLCipher {
baos.write(c.doFinal());
encryptedBytes = baos.toByteArray();
} else {
- encryptedBytes = c.doFinal(serializedOctets.getBytes("UTF-8"));
- logger.log(java.util.logging.Level.FINE, "Expected cipher.outputSize = " +
- Integer.toString(c.getOutputSize(
- serializedOctets.getBytes().length)));
+ encryptedBytes = c.doFinal(serializedOctets);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Expected cipher.outputSize = " +
+ Integer.toString(c.getOutputSize(serializedOctets.length)));
+ }
+ }
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Actual cipher.outputSize = "
+ + Integer.toString(encryptedBytes.length));
}
- logger.log(java.util.logging.Level.FINE, "Actual cipher.outputSize = " +
- Integer.toString(encryptedBytes.length));
} catch (IllegalStateException ise) {
throw new XMLEncryptionException("empty", ise);
} catch (IllegalBlockSizeException ibse) {
@@ -1106,308 +1181,418 @@ public class XMLCipher {
// Now build up to a properly XML Encryption encoded octet stream
// IvParameterSpec iv;
byte[] iv = c.getIV();
- byte[] finalEncryptedBytes =
- new byte[iv.length + encryptedBytes.length];
+ byte[] finalEncryptedBytes = new byte[iv.length + encryptedBytes.length];
System.arraycopy(iv, 0, finalEncryptedBytes, 0, iv.length);
- System.arraycopy(encryptedBytes, 0, finalEncryptedBytes, iv.length,
- encryptedBytes.length);
+ System.arraycopy(encryptedBytes, 0, finalEncryptedBytes, iv.length, encryptedBytes.length);
String base64EncodedEncryptedOctets = Base64.encode(finalEncryptedBytes);
- logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
- logger.log(java.util.logging.Level.FINE, "Encrypted octets length = " +
- base64EncodedEncryptedOctets.length());
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
+ log.log(java.util.logging.Level.FINE, "Encrypted octets length = " + base64EncodedEncryptedOctets.length());
+ }
try {
- CipherData cd = _ed.getCipherData();
+ CipherData cd = ed.getCipherData();
CipherValue cv = cd.getCipherValue();
// cv.setValue(base64EncodedEncryptedOctets.getBytes());
cv.setValue(base64EncodedEncryptedOctets);
if (type != null) {
- _ed.setType(new URI(type).toString());
+ ed.setType(new URI(type).toString());
}
EncryptionMethod method =
- _factory.newEncryptionMethod(new URI(_algorithm).toString());
- _ed.setEncryptionMethod(method);
- } catch (URI.MalformedURIException mfue) {
- throw new XMLEncryptionException("empty", mfue);
+ factory.newEncryptionMethod(new URI(algorithm).toString());
+ method.setDigestAlgorithm(digestAlg);
+ ed.setEncryptionMethod(method);
+ } catch (URISyntaxException ex) {
+ throw new XMLEncryptionException("empty", ex);
}
- return (_ed);
+ return ed;
}
/**
* Returns an EncryptedData interface. Use this operation if
* you want to load an EncryptedData structure from a DOM
- * structure and manipulate the contents
+ * structure and manipulate the contents.
*
* @param context the context Document.
* @param element the Element that will be loaded
* @throws XMLEncryptionException
- * @return
+ * @return the EncryptedData
*/
public EncryptedData loadEncryptedData(Document context, Element element)
- throws XMLEncryptionException {
- logger.log(java.util.logging.Level.FINE, "Loading encrypted element...");
- if(null == context)
- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
- if(null == element)
- logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
- if(_cipherMode != DECRYPT_MODE)
- logger.log(java.util.logging.Level.SEVERE, "XMLCipher unexpectedly not in DECRYPT_MODE...");
+ throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Loading encrypted element...");
+ }
+ if (null == context) {
+ throw new NullPointerException("Context document unexpectedly null...");
+ }
+ if (null == element) {
+ throw new NullPointerException("Element unexpectedly null...");
+ }
+ if (cipherMode != DECRYPT_MODE) {
+ throw new XMLEncryptionException("XMLCipher unexpectedly not in DECRYPT_MODE...");
+ }
- _contextDocument = context;
- _ed = _factory.newEncryptedData(element);
+ contextDocument = context;
+ ed = factory.newEncryptedData(element);
- return (_ed);
+ return ed;
}
/**
* Returns an EncryptedKey interface. Use this operation if
* you want to load an EncryptedKey structure from a DOM
- * structure and manipulate the contents.
+ * structure and manipulate the contents.
*
* @param context the context Document.
* @param element the Element that will be loaded
- * @return
+ * @return the EncryptedKey
* @throws XMLEncryptionException
*/
-
public EncryptedKey loadEncryptedKey(Document context, Element element)
- throws XMLEncryptionException {
- logger.log(java.util.logging.Level.FINE, "Loading encrypted key...");
- if(null == context)
- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null...");
- if(null == element)
- logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null...");
- if(_cipherMode != UNWRAP_MODE && _cipherMode != DECRYPT_MODE)
- logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in UNWRAP_MODE or DECRYPT_MODE...");
+ throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Loading encrypted key...");
+ }
+ if (null == context) {
+ throw new NullPointerException("Context document unexpectedly null...");
+ }
+ if (null == element) {
+ throw new NullPointerException("Element unexpectedly null...");
+ }
+ if (cipherMode != UNWRAP_MODE && cipherMode != DECRYPT_MODE) {
+ throw new XMLEncryptionException(
+ "XMLCipher unexpectedly not in UNWRAP_MODE or DECRYPT_MODE..."
+ );
+ }
- _contextDocument = context;
- _ek = _factory.newEncryptedKey(element);
- return (_ek);
+ contextDocument = context;
+ ek = factory.newEncryptedKey(element);
+ return ek;
}
/**
* Returns an EncryptedKey interface. Use this operation if
* you want to load an EncryptedKey structure from a DOM
- * structure and manipulate the contents.
- *
- * Assumes that the context document is the document that owns the element
+ * structure and manipulate the contents.
+ *
+ * Assumes that the context document is the document that owns the element
*
* @param element the Element that will be loaded
- * @return
+ * @return the EncryptedKey
* @throws XMLEncryptionException
*/
-
- public EncryptedKey loadEncryptedKey(Element element)
- throws XMLEncryptionException {
-
- return (loadEncryptedKey(element.getOwnerDocument(), element));
+ public EncryptedKey loadEncryptedKey(Element element) throws XMLEncryptionException {
+ return loadEncryptedKey(element.getOwnerDocument(), element);
}
/**
* Encrypts a key to an EncryptedKey structure
- *
- * @param doc the Context document that will be used to general DOM
- * @param key Key to encrypt (will use previously set KEK to
- * perform encryption
- * @return
+ *
+ * @param doc the Context document that will be used to general DOM
+ * @param key Key to encrypt (will use previously set KEK to
+ * perform encryption
+ * @return the EncryptedKey
* @throws XMLEncryptionException
*/
+ public EncryptedKey encryptKey(Document doc, Key key) throws XMLEncryptionException {
+ return encryptKey(doc, key, null, null);
+ }
- public EncryptedKey encryptKey(Document doc, Key key) throws
- XMLEncryptionException {
+ /**
+ * Encrypts a key to an EncryptedKey structure
+ *
+ * @param doc the Context document that will be used to general DOM
+ * @param key Key to encrypt (will use previously set KEK to
+ * perform encryption
+ * @param mgfAlgorithm The xenc11 MGF Algorithm to use
+ * @param oaepParams The OAEPParams to use
+ * @return the EncryptedKey
+ * @throws XMLEncryptionException
+ */
+ public EncryptedKey encryptKey(
+ Document doc,
+ Key key,
+ String mgfAlgorithm,
+ byte[] oaepParams
+ ) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Encrypting key ...");
+ }
- logger.log(java.util.logging.Level.FINE, "Encrypting key ...");
+ if (null == key) {
+ log.log(java.util.logging.Level.SEVERE, "Key unexpectedly null...");
+ }
+ if (cipherMode != WRAP_MODE) {
+ log.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in WRAP_MODE...");
+ }
+ if (algorithm == null) {
+ throw new XMLEncryptionException("XMLCipher instance without transformation specified");
+ }
- if(null == key)
- logger.log(java.util.logging.Level.SEVERE, "Key unexpectedly null...");
- if(_cipherMode != WRAP_MODE)
- logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in WRAP_MODE...");
+ contextDocument = doc;
- if (_algorithm == null) {
+ byte[] encryptedBytes = null;
+ Cipher c;
- throw new XMLEncryptionException("XMLCipher instance without transformation specified");
- }
-
- _contextDocument = doc;
-
- byte[] encryptedBytes = null;
- Cipher c;
-
- if (_contextCipher == null) {
- // Now create the working cipher
-
- String jceAlgorithm =
- JCEMapper.translateURItoJCEID(_algorithm);
-
- logger.log(java.util.logging.Level.FINE, "alg = " + jceAlgorithm);
-
- try {
- if (_requestedJCEProvider == null)
- c = Cipher.getInstance(jceAlgorithm);
- else
- c = Cipher.getInstance(jceAlgorithm, _requestedJCEProvider);
- } catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
- } catch (NoSuchProviderException nspre) {
- throw new XMLEncryptionException("empty", nspre);
- } catch (NoSuchPaddingException nspae) {
- throw new XMLEncryptionException("empty", nspae);
- }
- } else {
- c = _contextCipher;
- }
- // Now perform the encryption
-
- try {
- // Should internally generate an IV
- // todo - allow user to set an IV
- c.init(Cipher.WRAP_MODE, _key);
- encryptedBytes = c.wrap(key);
- } catch (InvalidKeyException ike) {
- throw new XMLEncryptionException("empty", ike);
- } catch (IllegalBlockSizeException ibse) {
- throw new XMLEncryptionException("empty", ibse);
- }
-
- String base64EncodedEncryptedOctets = Base64.encode(encryptedBytes);
-
- logger.log(java.util.logging.Level.FINE, "Encrypted key octets:\n" + base64EncodedEncryptedOctets);
- logger.log(java.util.logging.Level.FINE, "Encrypted key octets length = " +
- base64EncodedEncryptedOctets.length());
-
- CipherValue cv = _ek.getCipherData().getCipherValue();
- cv.setValue(base64EncodedEncryptedOctets);
+ if (contextCipher == null) {
+ // Now create the working cipher
+ c = constructCipher(algorithm, null);
+ } else {
+ c = contextCipher;
+ }
+ // Now perform the encryption
try {
- EncryptionMethod method = _factory.newEncryptionMethod(
- new URI(_algorithm).toString());
- _ek.setEncryptionMethod(method);
- } catch (URI.MalformedURIException mfue) {
- throw new XMLEncryptionException("empty", mfue);
+ // Should internally generate an IV
+ // todo - allow user to set an IV
+ OAEPParameterSpec oaepParameters =
+ constructOAEPParameters(
+ algorithm, digestAlg, mgfAlgorithm, oaepParams
+ );
+ if (oaepParameters == null) {
+ c.init(Cipher.WRAP_MODE, this.key);
+ } else {
+ c.init(Cipher.WRAP_MODE, this.key, oaepParameters);
+ }
+ encryptedBytes = c.wrap(key);
+ } catch (InvalidKeyException ike) {
+ throw new XMLEncryptionException("empty", ike);
+ } catch (IllegalBlockSizeException ibse) {
+ throw new XMLEncryptionException("empty", ibse);
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new XMLEncryptionException("empty", e);
}
- return _ek;
+ String base64EncodedEncryptedOctets = Base64.encode(encryptedBytes);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Encrypted key octets:\n" + base64EncodedEncryptedOctets);
+ log.log(java.util.logging.Level.FINE, "Encrypted key octets length = " + base64EncodedEncryptedOctets.length());
+ }
+
+ CipherValue cv = ek.getCipherData().getCipherValue();
+ cv.setValue(base64EncodedEncryptedOctets);
+
+ try {
+ EncryptionMethod method = factory.newEncryptionMethod(new URI(algorithm).toString());
+ method.setDigestAlgorithm(digestAlg);
+ method.setMGFAlgorithm(mgfAlgorithm);
+ method.setOAEPparams(oaepParams);
+ ek.setEncryptionMethod(method);
+ } catch (URISyntaxException ex) {
+ throw new XMLEncryptionException("empty", ex);
+ }
+ return ek;
}
- /**
- * Decrypt a key from a passed in EncryptedKey structure
- *
- * @param encryptedKey Previously loaded EncryptedKey that needs
- * to be decrypted.
- * @param algorithm Algorithm for the decryption
- * @return a key corresponding to the give type
+ /**
+ * Decrypt a key from a passed in EncryptedKey structure
+ *
+ * @param encryptedKey Previously loaded EncryptedKey that needs
+ * to be decrypted.
+ * @param algorithm Algorithm for the decryption
+ * @return a key corresponding to the given type
* @throws XMLEncryptionException
- */
+ */
+ public Key decryptKey(EncryptedKey encryptedKey, String algorithm)
+ throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Decrypting key from previously loaded EncryptedKey...");
+ }
- public Key decryptKey(EncryptedKey encryptedKey, String algorithm) throws
- XMLEncryptionException {
+ if (cipherMode != UNWRAP_MODE && log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in UNWRAP_MODE...");
+ }
- logger.log(java.util.logging.Level.FINE, "Decrypting key from previously loaded EncryptedKey...");
+ if (algorithm == null) {
+ throw new XMLEncryptionException("Cannot decrypt a key without knowing the algorithm");
+ }
- if(_cipherMode != UNWRAP_MODE)
- logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in UNWRAP_MODE...");
-
- if (algorithm == null) {
- throw new XMLEncryptionException("Cannot decrypt a key without knowing the algorithm");
- }
-
- if (_key == null) {
-
- logger.log(java.util.logging.Level.FINE, "Trying to find a KEK via key resolvers");
-
- KeyInfo ki = encryptedKey.getKeyInfo();
- if (ki != null) {
- try {
- _key = ki.getSecretKey();
- }
- catch (Exception e) {
- }
- }
- if (_key == null) {
- logger.log(java.util.logging.Level.SEVERE, "XMLCipher::decryptKey called without a KEK and cannot resolve");
- throw new XMLEncryptionException("Unable to decrypt without a KEK");
- }
- }
-
- // Obtain the encrypted octets
- XMLCipherInput cipherInput = new XMLCipherInput(encryptedKey);
- byte [] encryptedBytes = cipherInput.getBytes();
-
- String jceKeyAlgorithm =
- JCEMapper.getJCEKeyAlgorithmFromURI(algorithm);
-
- Cipher c;
- if (_contextCipher == null) {
- // Now create the working cipher
-
- String jceAlgorithm =
- JCEMapper.translateURItoJCEID(
- encryptedKey.getEncryptionMethod().getAlgorithm());
-
- logger.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
-
- try {
- if (_requestedJCEProvider == null)
- c = Cipher.getInstance(jceAlgorithm);
- else
- c = Cipher.getInstance(jceAlgorithm, _requestedJCEProvider);
- } catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
- } catch (NoSuchProviderException nspre) {
- throw new XMLEncryptionException("empty", nspre);
- } catch (NoSuchPaddingException nspae) {
- throw new XMLEncryptionException("empty", nspae);
- }
- } else {
- c = _contextCipher;
- }
-
- Key ret;
+ if (key == null) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Trying to find a KEK via key resolvers");
+ }
+ KeyInfo ki = encryptedKey.getKeyInfo();
+ if (ki != null) {
+ ki.setSecureValidation(secureValidation);
try {
- c.init(Cipher.UNWRAP_MODE, _key);
- ret = c.unwrap(encryptedBytes, jceKeyAlgorithm, Cipher.SECRET_KEY);
-
- } catch (InvalidKeyException ike) {
- throw new XMLEncryptionException("empty", ike);
- } catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
+ String keyWrapAlg = encryptedKey.getEncryptionMethod().getAlgorithm();
+ String keyType = JCEMapper.getJCEKeyAlgorithmFromURI(keyWrapAlg);
+ if ("RSA".equals(keyType)) {
+ key = ki.getPrivateKey();
+ } else {
+ key = ki.getSecretKey();
+ }
}
+ catch (Exception e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, e.getMessage(), e);
+ }
+ }
+ }
+ if (key == null) {
+ log.log(java.util.logging.Level.SEVERE, "XMLCipher::decryptKey called without a KEK and cannot resolve");
+ throw new XMLEncryptionException("Unable to decrypt without a KEK");
+ }
+ }
- logger.log(java.util.logging.Level.FINE, "Decryption of key type " + algorithm + " OK");
+ // Obtain the encrypted octets
+ XMLCipherInput cipherInput = new XMLCipherInput(encryptedKey);
+ cipherInput.setSecureValidation(secureValidation);
+ byte[] encryptedBytes = cipherInput.getBytes();
- return ret;
+ String jceKeyAlgorithm = JCEMapper.getJCEKeyAlgorithmFromURI(algorithm);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "JCE Key Algorithm: " + jceKeyAlgorithm);
+ }
+ Cipher c;
+ if (contextCipher == null) {
+ // Now create the working cipher
+ c =
+ constructCipher(
+ encryptedKey.getEncryptionMethod().getAlgorithm(),
+ encryptedKey.getEncryptionMethod().getDigestAlgorithm()
+ );
+ } else {
+ c = contextCipher;
+ }
+
+ Key ret;
+
+ try {
+ EncryptionMethod encMethod = encryptedKey.getEncryptionMethod();
+ OAEPParameterSpec oaepParameters =
+ constructOAEPParameters(
+ encMethod.getAlgorithm(), encMethod.getDigestAlgorithm(),
+ encMethod.getMGFAlgorithm(), encMethod.getOAEPparams()
+ );
+ if (oaepParameters == null) {
+ c.init(Cipher.UNWRAP_MODE, key);
+ } else {
+ c.init(Cipher.UNWRAP_MODE, key, oaepParameters);
+ }
+ ret = c.unwrap(encryptedBytes, jceKeyAlgorithm, Cipher.SECRET_KEY);
+ } catch (InvalidKeyException ike) {
+ throw new XMLEncryptionException("empty", ike);
+ } catch (NoSuchAlgorithmException nsae) {
+ throw new XMLEncryptionException("empty", nsae);
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new XMLEncryptionException("empty", e);
+ }
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Decryption of key type " + algorithm + " OK");
+ }
+
+ return ret;
}
- /**
- * Decrypt a key from a passed in EncryptedKey structure. This version
- * is used mainly internally, when the cipher already has an
- * EncryptedData loaded. The algorithm URI will be read from the
- * EncryptedData
- *
- * @param encryptedKey Previously loaded EncryptedKey that needs
- * to be decrypted.
- * @return a key corresponding to the give type
- * @throws XMLEncryptionException
- */
+ /**
+ * Construct an OAEPParameterSpec object from the given parameters
+ */
+ private OAEPParameterSpec constructOAEPParameters(
+ String encryptionAlgorithm,
+ String digestAlgorithm,
+ String mgfAlgorithm,
+ byte[] oaepParams
+ ) {
+ if (XMLCipher.RSA_OAEP.equals(encryptionAlgorithm)
+ || XMLCipher.RSA_OAEP_11.equals(encryptionAlgorithm)) {
- public Key decryptKey(EncryptedKey encryptedKey) throws
- XMLEncryptionException {
+ String jceDigestAlgorithm = "SHA-1";
+ if (digestAlgorithm != null) {
+ jceDigestAlgorithm = JCEMapper.translateURItoJCEID(digestAlgorithm);
+ }
- return decryptKey(encryptedKey, _ed.getEncryptionMethod().getAlgorithm());
+ PSource.PSpecified pSource = PSource.PSpecified.DEFAULT;
+ if (oaepParams != null) {
+ pSource = new PSource.PSpecified(oaepParams);
+ }
+ MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1");
+ if (XMLCipher.RSA_OAEP_11.equals(encryptionAlgorithm)) {
+ if (EncryptionConstants.MGF1_SHA256.equals(mgfAlgorithm)) {
+ mgfParameterSpec = new MGF1ParameterSpec("SHA-256");
+ } else if (EncryptionConstants.MGF1_SHA384.equals(mgfAlgorithm)) {
+ mgfParameterSpec = new MGF1ParameterSpec("SHA-384");
+ } else if (EncryptionConstants.MGF1_SHA512.equals(mgfAlgorithm)) {
+ mgfParameterSpec = new MGF1ParameterSpec("SHA-512");
+ }
+ }
+ return new OAEPParameterSpec(jceDigestAlgorithm, "MGF1", mgfParameterSpec, pSource);
}
+ return null;
+ }
+
+ /**
+ * Construct a Cipher object
+ */
+ private Cipher constructCipher(String algorithm, String digestAlgorithm) throws XMLEncryptionException {
+ String jceAlgorithm = JCEMapper.translateURItoJCEID(algorithm);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
+ }
+
+ Cipher c;
+ try {
+ if (requestedJCEProvider == null) {
+ c = Cipher.getInstance(jceAlgorithm);
+ } else {
+ c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
+ }
+ } catch (NoSuchAlgorithmException nsae) {
+ // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
+ // Some JDKs don't support RSA/ECB/OAEPPadding
+ if (XMLCipher.RSA_OAEP.equals(algorithm)
+ && (digestAlgorithm == null
+ || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm))) {
+ try {
+ if (requestedJCEProvider == null) {
+ c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
+ } else {
+ c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
+ }
+ } catch (Exception ex) {
+ throw new XMLEncryptionException("empty", ex);
+ }
+ } else {
+ throw new XMLEncryptionException("empty", nsae);
+ }
+ } catch (NoSuchProviderException nspre) {
+ throw new XMLEncryptionException("empty", nspre);
+ } catch (NoSuchPaddingException nspae) {
+ throw new XMLEncryptionException("empty", nspae);
+ }
+
+ return c;
+ }
+
+ /**
+ * Decrypt a key from a passed in EncryptedKey structure. This version
+ * is used mainly internally, when the cipher already has an
+ * EncryptedData loaded. The algorithm URI will be read from the
+ * EncryptedData
+ *
+ * @param encryptedKey Previously loaded EncryptedKey that needs
+ * to be decrypted.
+ * @return a key corresponding to the given type
+ * @throws XMLEncryptionException
+ */
+ public Key decryptKey(EncryptedKey encryptedKey) throws XMLEncryptionException {
+ return decryptKey(encryptedKey, ed.getEncryptionMethod().getAlgorithm());
+ }
+
/**
* Removes the contents of a Node.
*
* @param node the Node to clear.
*/
private static void removeContent(Node node) {
- while (node.hasChildNodes()) {
+ while (node.hasChildNodes()) {
node.removeChild(node.getFirstChild());
}
}
@@ -1419,196 +1604,191 @@ public class XMLCipher {
* @return the Node as a result of the decrypt operation.
* @throws XMLEncryptionException
*/
- private Document decryptElement(Element element) throws
- XMLEncryptionException {
-
- logger.log(java.util.logging.Level.FINE, "Decrypting element...");
-
- if(_cipherMode != DECRYPT_MODE)
- logger.log(java.util.logging.Level.SEVERE, "XMLCipher unexpectedly not in DECRYPT_MODE...");
-
- String octets;
- try {
- octets = new String(decryptToByteArray(element), "UTF-8");
- } catch (UnsupportedEncodingException uee) {
- throw new XMLEncryptionException("empty", uee);
- }
-
-
- logger.log(java.util.logging.Level.FINE, "Decrypted octets:\n" + octets);
-
- Node sourceParent = element.getParentNode();
-
- DocumentFragment decryptedFragment =
- _serializer.deserialize(octets, sourceParent);
-
-
- // The de-serialiser returns a fragment whose children we need to
- // take on.
-
- if (sourceParent != null && sourceParent.getNodeType() == Node.DOCUMENT_NODE) {
-
- // If this is a content decryption, this may have problems
-
- _contextDocument.removeChild(_contextDocument.getDocumentElement());
- _contextDocument.appendChild(decryptedFragment);
- }
- else {
- sourceParent.replaceChild(decryptedFragment, element);
-
- }
-
- return (_contextDocument);
- }
-
-
- /**
- *
- * @param element
- * @return
- * @throws XMLEncryptionException
- */
- private Document decryptElementContent(Element element) throws
- XMLEncryptionException {
- Element e = (Element) element.getElementsByTagNameNS(
- EncryptionConstants.EncryptionSpecNS,
- EncryptionConstants._TAG_ENCRYPTEDDATA).item(0);
-
- if (null == e) {
- throw new XMLEncryptionException("No EncryptedData child element.");
+ private Document decryptElement(Element element) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Decrypting element...");
}
- return (decryptElement(e));
+ if (cipherMode != DECRYPT_MODE) {
+ log.log(java.util.logging.Level.SEVERE, "XMLCipher unexpectedly not in DECRYPT_MODE...");
+ }
+
+ byte[] octets = decryptToByteArray(element);
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Decrypted octets:\n" + new String(octets));
+ }
+
+ Node sourceParent = element.getParentNode();
+ Node decryptedNode = serializer.deserialize(octets, sourceParent);
+
+ // The de-serialiser returns a node whose children we need to take on.
+ if (sourceParent != null && Node.DOCUMENT_NODE == sourceParent.getNodeType()) {
+ // If this is a content decryption, this may have problems
+ contextDocument.removeChild(contextDocument.getDocumentElement());
+ contextDocument.appendChild(decryptedNode);
+ } else if (sourceParent != null) {
+ sourceParent.replaceChild(decryptedNode, element);
+ }
+
+ return contextDocument;
}
- /**
- * Decrypt an EncryptedData element to a byte array
- *
- * When passed in an EncryptedData node, returns the decryption
- * as a byte array.
- *
- * Does not modify the source document
+ /**
+ *
* @param element
- * @return
+ * @return the Node as a result of the decrypt operation.
* @throws XMLEncryptionException
- */
+ */
+ private Document decryptElementContent(Element element) throws XMLEncryptionException {
+ Element e =
+ (Element) element.getElementsByTagNameNS(
+ EncryptionConstants.EncryptionSpecNS,
+ EncryptionConstants._TAG_ENCRYPTEDDATA
+ ).item(0);
- public byte[] decryptToByteArray(Element element)
- throws XMLEncryptionException {
+ if (null == e) {
+ throw new XMLEncryptionException("No EncryptedData child element.");
+ }
- logger.log(java.util.logging.Level.FINE, "Decrypting to ByteArray...");
+ return decryptElement(e);
+ }
- if(_cipherMode != DECRYPT_MODE)
- logger.log(java.util.logging.Level.SEVERE, "XMLCipher unexpectedly not in DECRYPT_MODE...");
+ /**
+ * Decrypt an EncryptedData element to a byte array.
+ *
+ * When passed in an EncryptedData node, returns the decryption
+ * as a byte array.
+ *
+ * Does not modify the source document.
+ * @param element
+ * @return the bytes resulting from the decryption
+ * @throws XMLEncryptionException
+ */
+ public byte[] decryptToByteArray(Element element) throws XMLEncryptionException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Decrypting to ByteArray...");
+ }
- EncryptedData encryptedData = _factory.newEncryptedData(element);
+ if (cipherMode != DECRYPT_MODE) {
+ log.log(java.util.logging.Level.SEVERE, "XMLCipher unexpectedly not in DECRYPT_MODE...");
+ }
- if (_key == null) {
+ EncryptedData encryptedData = factory.newEncryptedData(element);
- KeyInfo ki = encryptedData.getKeyInfo();
-
- if (ki != null) {
- try {
- // Add a EncryptedKey resolver
- ki.registerInternalKeyResolver(
- new EncryptedKeyResolver(encryptedData.
- getEncryptionMethod().
- getAlgorithm(),
- _kek));
- _key = ki.getSecretKey();
- } catch (KeyResolverException kre) {
- // We will throw in a second...
- }
- }
-
- if (_key == null) {
- logger.log(java.util.logging.Level.SEVERE, "XMLCipher::decryptElement called without a key and unable to resolve");
-
- throw new XMLEncryptionException("encryption.nokey");
- }
- }
-
- // Obtain the encrypted octets
- XMLCipherInput cipherInput = new XMLCipherInput(encryptedData);
- byte [] encryptedBytes = cipherInput.getBytes();
-
- // Now create the working cipher
-
- String jceAlgorithm =
- JCEMapper.translateURItoJCEID(encryptedData.getEncryptionMethod().getAlgorithm());
-
- Cipher c;
+ if (key == null) {
+ KeyInfo ki = encryptedData.getKeyInfo();
+ if (ki != null) {
try {
- if (_requestedJCEProvider == null)
- c = Cipher.getInstance(jceAlgorithm);
- else
- c = Cipher.getInstance(jceAlgorithm, _requestedJCEProvider);
- } catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
- } catch (NoSuchProviderException nspre) {
- throw new XMLEncryptionException("empty", nspre);
- } catch (NoSuchPaddingException nspae) {
- throw new XMLEncryptionException("empty", nspae);
+ // Add an EncryptedKey resolver
+ String encMethodAlgorithm = encryptedData.getEncryptionMethod().getAlgorithm();
+ EncryptedKeyResolver resolver = new EncryptedKeyResolver(encMethodAlgorithm, kek);
+ if (internalKeyResolvers != null) {
+ int size = internalKeyResolvers.size();
+ for (int i = 0; i < size; i++) {
+ resolver.registerInternalKeyResolver(internalKeyResolvers.get(i));
+ }
+ }
+ ki.registerInternalKeyResolver(resolver);
+ ki.setSecureValidation(secureValidation);
+ key = ki.getSecretKey();
+ } catch (KeyResolverException kre) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, kre.getMessage(), kre);
+ }
}
+ }
- // Calculate the IV length and copy out
+ if (key == null) {
+ log.log(java.util.logging.Level.SEVERE,
+ "XMLCipher::decryptElement called without a key and unable to resolve"
+ );
+ throw new XMLEncryptionException("encryption.nokey");
+ }
+ }
- // For now, we only work with Block ciphers, so this will work.
- // This should probably be put into the JCE mapper.
+ // Obtain the encrypted octets
+ XMLCipherInput cipherInput = new XMLCipherInput(encryptedData);
+ cipherInput.setSecureValidation(secureValidation);
+ byte[] encryptedBytes = cipherInput.getBytes();
- int ivLen = c.getBlockSize();
- byte[] ivBytes = new byte[ivLen];
+ // Now create the working cipher
+ String jceAlgorithm =
+ JCEMapper.translateURItoJCEID(encryptedData.getEncryptionMethod().getAlgorithm());
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
+ }
- // You may be able to pass the entire piece in to IvParameterSpec
- // and it will only take the first x bytes, but no way to be certain
- // that this will work for every JCE provider, so lets copy the
- // necessary bytes into a dedicated array.
+ Cipher c;
+ try {
+ if (requestedJCEProvider == null) {
+ c = Cipher.getInstance(jceAlgorithm);
+ } else {
+ c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
+ }
+ } catch (NoSuchAlgorithmException nsae) {
+ throw new XMLEncryptionException("empty", nsae);
+ } catch (NoSuchProviderException nspre) {
+ throw new XMLEncryptionException("empty", nspre);
+ } catch (NoSuchPaddingException nspae) {
+ throw new XMLEncryptionException("empty", nspae);
+ }
- System.arraycopy(encryptedBytes, 0, ivBytes, 0, ivLen);
- IvParameterSpec iv = new IvParameterSpec(ivBytes);
+ // Calculate the IV length and copy out
- try {
- c.init(_cipherMode, _key, iv);
- } catch (InvalidKeyException ike) {
- throw new XMLEncryptionException("empty", ike);
- } catch (InvalidAlgorithmParameterException iape) {
- throw new XMLEncryptionException("empty", iape);
- }
+ // For now, we only work with Block ciphers, so this will work.
+ // This should probably be put into the JCE mapper.
- byte[] plainBytes;
+ int ivLen = c.getBlockSize();
+ String alg = encryptedData.getEncryptionMethod().getAlgorithm();
+ if (AES_128_GCM.equals(alg) || AES_192_GCM.equals(alg) || AES_256_GCM.equals(alg)) {
+ ivLen = 12;
+ }
+ byte[] ivBytes = new byte[ivLen];
+
+ // You may be able to pass the entire piece in to IvParameterSpec
+ // and it will only take the first x bytes, but no way to be certain
+ // that this will work for every JCE provider, so lets copy the
+ // necessary bytes into a dedicated array.
+
+ System.arraycopy(encryptedBytes, 0, ivBytes, 0, ivLen);
+ IvParameterSpec iv = new IvParameterSpec(ivBytes);
try {
- plainBytes = c.doFinal(encryptedBytes,
- ivLen,
- encryptedBytes.length - ivLen);
+ c.init(cipherMode, key, iv);
+ } catch (InvalidKeyException ike) {
+ throw new XMLEncryptionException("empty", ike);
+ } catch (InvalidAlgorithmParameterException iape) {
+ throw new XMLEncryptionException("empty", iape);
+ }
+ try {
+ return c.doFinal(encryptedBytes, ivLen, encryptedBytes.length - ivLen);
} catch (IllegalBlockSizeException ibse) {
throw new XMLEncryptionException("empty", ibse);
} catch (BadPaddingException bpe) {
throw new XMLEncryptionException("empty", bpe);
}
-
- return (plainBytes);
}
- /*
- * Expose the interface for creating XML Encryption objects
- */
+ /*
+ * Expose the interface for creating XML Encryption objects
+ */
/**
* Creates an EncryptedData Element.
*
- * The newEncryptedData and newEncryptedKey methods create fairly complete
- * elements that are immediately useable. All the other create* methods
- * return bare elements that still need to be built upon.
- *EncryptedData or the URI to set in the CipherReference
- * (usage will depend on the type
+ * (usage will depend on the type
* @return the EncryptedData Element.
*
*
* @throws XMLEncryptionException
*/
-
- public EncryptedData createEncryptedData(int type, String value) throws
- XMLEncryptionException {
+ public EncryptedData createEncryptedData(int type, String value) throws XMLEncryptionException {
EncryptedData result = null;
CipherData data = null;
switch (type) {
- case CipherData.REFERENCE_TYPE:
- CipherReference cipherReference = _factory.newCipherReference(
- value);
- data = _factory.newCipherData(type);
- data.setCipherReference(cipherReference);
- result = _factory.newEncryptedData(data);
- break;
- case CipherData.VALUE_TYPE:
- CipherValue cipherValue = _factory.newCipherValue(value);
- data = _factory.newCipherData(type);
- data.setCipherValue(cipherValue);
- result = _factory.newEncryptedData(data);
+ case CipherData.REFERENCE_TYPE:
+ CipherReference cipherReference = factory.newCipherReference(value);
+ data = factory.newCipherData(type);
+ data.setCipherReference(cipherReference);
+ result = factory.newEncryptedData(data);
+ break;
+ case CipherData.VALUE_TYPE:
+ CipherValue cipherValue = factory.newCipherValue(value);
+ data = factory.newCipherData(type);
+ data.setCipherValue(cipherValue);
+ result = factory.newEncryptedData(data);
}
- return (result);
+ return result;
}
/**
* Creates an EncryptedKey Element.
*
- * The newEncryptedData and newEncryptedKey methods create fairly complete
- * elements that are immediately useable. All the other create* methods
- * return bare elements that still need to be built upon.
- *EncryptedKey or the URI to set in the CipherReference
- * (usage will depend on the type
+ * (usage will depend on the type
* @return the EncryptedKey Element.
*
*
* @throws XMLEncryptionException
*/
-
- public EncryptedKey createEncryptedKey(int type, String value) throws
- XMLEncryptionException {
+ public EncryptedKey createEncryptedKey(int type, String value) throws XMLEncryptionException {
EncryptedKey result = null;
CipherData data = null;
switch (type) {
- case CipherData.REFERENCE_TYPE:
- CipherReference cipherReference = _factory.newCipherReference(
- value);
- data = _factory.newCipherData(type);
- data.setCipherReference(cipherReference);
- result = _factory.newEncryptedKey(data);
- break;
- case CipherData.VALUE_TYPE:
- CipherValue cipherValue = _factory.newCipherValue(value);
- data = _factory.newCipherData(type);
- data.setCipherValue(cipherValue);
- result = _factory.newEncryptedKey(data);
+ case CipherData.REFERENCE_TYPE:
+ CipherReference cipherReference = factory.newCipherReference(value);
+ data = factory.newCipherData(type);
+ data.setCipherReference(cipherReference);
+ result = factory.newEncryptedKey(data);
+ break;
+ case CipherData.VALUE_TYPE:
+ CipherValue cipherValue = factory.newCipherValue(value);
+ data = factory.newCipherData(type);
+ data.setCipherValue(cipherValue);
+ result = factory.newEncryptedKey(data);
}
- return (result);
+ return result;
}
- /**
- * Create an AgreementMethod object
- *
- * @param algorithm Algorithm of the agreement method
- * @return
- */
-
- public AgreementMethod createAgreementMethod(String algorithm) {
- return (_factory.newAgreementMethod(algorithm));
- }
-
- /**
- * Create a CipherData object
- *
- * @param type Type of this CipherData (either VALUE_TUPE or
- * REFERENCE_TYPE)
- * @return
- */
-
- public CipherData createCipherData(int type) {
- return (_factory.newCipherData(type));
- }
-
- /**
- * Create a CipherReference object
- *
- * @return
- * @param uri The URI that the reference will refer
- */
-
- public CipherReference createCipherReference(String uri) {
- return (_factory.newCipherReference(uri));
- }
-
- /**
- * Create a CipherValue element
- *
- * @param value The value to set the ciphertext to
- * @return
- */
-
- public CipherValue createCipherValue(String value) {
- return (_factory.newCipherValue(value));
- }
-
- /**
- * Create an EncryptedMethod object
- *
- * @param algorithm Algorithm for the encryption
- * @return
- */
- public EncryptionMethod createEncryptionMethod(String algorithm) {
- return (_factory.newEncryptionMethod(algorithm));
- }
-
- /**
- * Create an EncryptedProperties element
- * @return
- */
- public EncryptionProperties createEncryptionProperties() {
- return (_factory.newEncryptionProperties());
- }
-
- /**
- * Create a new EncryptionProperty element
- * @return
- */
- public EncryptionProperty createEncryptionProperty() {
- return (_factory.newEncryptionProperty());
- }
-
- /**
- * Create a new ReferenceList object
- * @return
- * @param type
- */
- public ReferenceList createReferenceList(int type) {
- return (_factory.newReferenceList(type));
- }
-
- /**
- * Create a new Transforms object
- * Strings into Nodes and visa versa.
- * AgreementMethod
*/
-
- private class Serializer {
- /**
- * Initialize the XMLSerializer with the specified context
- * Document.
- * String representation of the specified
- * Document.
- *
- * Refer also to comments about setup of format.
- *
- * @param document the Document to serialize.
- * @return the String representation of the serilaized
- * Document.
- * @throws Exception
- */
- String serialize(Document document) throws Exception {
- return canonSerialize(document);
- }
-
- /**
- * Returns a String representation of the specified
- * Element.
- *
- * Refer also to comments about setup of format.
- *
- * @param element the Element to serialize.
- * @return the String representation of the serilaized
- * Element.
- * @throws Exception
- */
- String serialize(Element element) throws Exception {
- return canonSerialize(element);
- }
-
- /**
- * Returns a String representation of the specified
- * NodeList.
- *
- * This is a special case because the NodeList may represent a
- * DocumentFragment. A document fragement may be a
- * non-valid XML document (refer to appropriate description of
- * W3C) because it my start with a non-element node, e.g. a text
- * node.
- *
- * The methods first converts the node list into a document fragment.
- * Special care is taken to not destroy the current document, thus
- * the method clones the nodes (deep cloning) before it appends
- * them to the document fragment.
- *
- * Refer also to comments about setup of format.
- *
- * @param content the NodeList to serialize.
- * @return the String representation of the serilaized
- * NodeList.
- * @throws Exception
- */
- String serialize(NodeList content) throws Exception { //XMLEncryptionException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- _canon.setWriter(baos);
- _canon.notReset();
- for (int i = 0; i < content.getLength(); i++) {
- _canon.canonicalizeSubtree(content.item(i));
- }
- baos.close();
- return baos.toString("UTF-8");
- }
-
- /**
- * Use the Canoncializer to serialize the node
- * @param node
- * @return
- * @throws Exception
- */
- String canonSerialize(Node node) throws Exception {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- _canon.setWriter(baos);
- _canon.notReset();
- _canon.canonicalizeSubtree(node);
- baos.close();
- return baos.toString("UTF-8");
- }
- /**
- * @param source
- * @param ctx
- * @return
- * @throws XMLEncryptionException
- *
- */
- DocumentFragment deserialize(String source, Node ctx) throws XMLEncryptionException {
- DocumentFragment result;
- final String tagname = "fragment";
-
- // Create the context to parse the document against
- StringBuffer sb;
-
- sb = new StringBuffer();
- sb.append("<"+tagname);
-
- // Run through each node up to the document node and find any
- // xmlns: nodes
-
- Node wk = ctx;
-
- while (wk != null) {
-
- NamedNodeMap atts = wk.getAttributes();
- int length;
- if (atts != null)
- length = atts.getLength();
- else
- length = 0;
-
- for (int i = 0 ; i < length ; ++i) {
- Node att = atts.item(i);
- if (att.getNodeName().startsWith("xmlns:") ||
- att.getNodeName().equals("xmlns")) {
-
- // Check to see if this node has already been found
- Node p = ctx;
- boolean found = false;
- while (p != wk) {
- NamedNodeMap tstAtts = p.getAttributes();
- if (tstAtts != null &&
- tstAtts.getNamedItem(att.getNodeName()) != null) {
- found = true;
- break;
- }
- p = p.getParentNode();
- }
- if (found == false) {
-
- // This is an attribute node
- sb.append(" " + att.getNodeName() + "=\"" +
- att.getNodeValue() + "\"");
- }
- }
- }
- wk = wk.getParentNode();
- }
- sb.append(">" + source + "");
- String fragment = sb.toString();
-
- try {
- DocumentBuilderFactory dbf =
- DocumentBuilderFactory.newInstance();
- dbf.setNamespaceAware(true);
- dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
- dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
- DocumentBuilder db = dbf.newDocumentBuilder();
- Document d = db.parse(
- new InputSource(new StringReader(fragment)));
-
- Element fragElt = (Element) _contextDocument.importNode(
- d.getDocumentElement(), true);
- result = _contextDocument.createDocumentFragment();
- Node child = fragElt.getFirstChild();
- while (child != null) {
- fragElt.removeChild(child);
- result.appendChild(child);
- child = fragElt.getFirstChild();
- }
- // String outp = serialize(d);
-
- } catch (SAXException se) {
- throw new XMLEncryptionException("empty", se);
- } catch (ParserConfigurationException pce) {
- throw new XMLEncryptionException("empty", pce);
- } catch (IOException ioe) {
- throw new XMLEncryptionException("empty", ioe);
- }
-
- return (result);
- }
+ public AgreementMethod createAgreementMethod(String algorithm) {
+ return factory.newAgreementMethod(algorithm);
}
+ /**
+ * Create a CipherData object
+ *
+ * @param type Type of this CipherData (either VALUE_TUPE or
+ * REFERENCE_TYPE)
+ * @return a new CipherData
+ */
+ public CipherData createCipherData(int type) {
+ return factory.newCipherData(type);
+ }
+
+ /**
+ * Create a CipherReference object
+ *
+ * @param uri The URI that the reference will refer
+ * @return a new CipherReference
+ */
+ public CipherReference createCipherReference(String uri) {
+ return factory.newCipherReference(uri);
+ }
+
+ /**
+ * Create a CipherValue element
+ *
+ * @param value The value to set the ciphertext to
+ * @return a new CipherValue
+ */
+ public CipherValue createCipherValue(String value) {
+ return factory.newCipherValue(value);
+ }
+
+ /**
+ * Create an EncryptionMethod object
+ *
+ * @param algorithm Algorithm for the encryption
+ * @return a new EncryptionMethod
+ */
+ public EncryptionMethod createEncryptionMethod(String algorithm) {
+ return factory.newEncryptionMethod(algorithm);
+ }
+
+ /**
+ * Create an EncryptionProperties element
+ * @return a new EncryptionProperties
+ */
+ public EncryptionProperties createEncryptionProperties() {
+ return factory.newEncryptionProperties();
+ }
+
+ /**
+ * Create a new EncryptionProperty element
+ * @return a new EncryptionProperty
+ */
+ public EncryptionProperty createEncryptionProperty() {
+ return factory.newEncryptionProperty();
+ }
+
+ /**
+ * Create a new ReferenceList object
+ * @param type ReferenceList.DATA_REFERENCE or ReferenceList.KEY_REFERENCE
+ * @return a new ReferenceList
+ */
+ public ReferenceList createReferenceList(int type) {
+ return factory.newReferenceList(type);
+ }
+
+ /**
+ * Create a new Transforms object
+ * Transforms
+ */
+ public Transforms createTransforms() {
+ return factory.newTransforms();
+ }
+
+ /**
+ * Create a new Transforms object
+ *
+ * Because the handling of Transforms is currently done in the signature
+ * code, the creation of a Transforms object requires a
+ * context document.
+ *
+ * @param doc Document that will own the created Transforms node
+ * @return a new Transforms
+ */
+ public Transforms createTransforms(Document doc) {
+ return factory.newTransforms(doc);
+ }
/**
*
@@ -2020,201 +1994,110 @@ public class XMLCipher {
private class Factory {
/**
* @param algorithm
- * @return
- *
+ * @return a new AgreementMethod
*/
AgreementMethod newAgreementMethod(String algorithm) {
- return (new AgreementMethodImpl(algorithm));
+ return new AgreementMethodImpl(algorithm);
}
/**
* @param type
- * @return
+ * @return a new CipherData
*
*/
CipherData newCipherData(int type) {
- return (new CipherDataImpl(type));
+ return new CipherDataImpl(type);
}
/**
* @param uri
- * @return
- *
+ * @return a new CipherReference
*/
CipherReference newCipherReference(String uri) {
- return (new CipherReferenceImpl(uri));
+ return new CipherReferenceImpl(uri);
}
/**
* @param value
- * @return
- *
+ * @return a new CipherValue
*/
CipherValue newCipherValue(String value) {
- return (new CipherValueImpl(value));
+ return new CipherValueImpl(value);
}
- /**
- *
-
+ /*
CipherValue newCipherValue(byte[] value) {
- return (new CipherValueImpl(value));
+ return new CipherValueImpl(value);
}
- */
+ */
+
/**
* @param data
- * @return
- *
+ * @return a new EncryptedData
*/
EncryptedData newEncryptedData(CipherData data) {
- return (new EncryptedDataImpl(data));
+ return new EncryptedDataImpl(data);
}
/**
* @param data
- * @return
- *
+ * @return a new EncryptedKey
*/
EncryptedKey newEncryptedKey(CipherData data) {
- return (new EncryptedKeyImpl(data));
+ return new EncryptedKeyImpl(data);
}
/**
* @param algorithm
- * @return
- *
+ * @return a new EncryptionMethod
*/
EncryptionMethod newEncryptionMethod(String algorithm) {
- return (new EncryptionMethodImpl(algorithm));
+ return new EncryptionMethodImpl(algorithm);
}
/**
- * @return
- *
+ * @return a new EncryptionProperties
*/
EncryptionProperties newEncryptionProperties() {
- return (new EncryptionPropertiesImpl());
+ return new EncryptionPropertiesImpl();
}
/**
- * @return
- *
+ * @return a new EncryptionProperty
*/
EncryptionProperty newEncryptionProperty() {
- return (new EncryptionPropertyImpl());
+ return new EncryptionPropertyImpl();
}
/**
- * @param type
- * @return
- *
+ * @param type ReferenceList.DATA_REFERENCE or ReferenceList.KEY_REFERENCE
+ * @return a new ReferenceList
*/
ReferenceList newReferenceList(int type) {
- return (new ReferenceListImpl(type));
+ return new ReferenceListImpl(type);
}
/**
- * @return
- *
+ * @return a new Transforms
*/
Transforms newTransforms() {
- return (new TransformsImpl());
+ return new TransformsImpl();
}
/**
* @param doc
- * @return
- *
+ * @return a new Transforms
*/
Transforms newTransforms(Document doc) {
- return (new TransformsImpl(doc));
+ return new TransformsImpl(doc);
}
/**
* @param element
- * @return
+ * @return a new CipherData
* @throws XMLEncryptionException
- *
*/
- // XMLCipherInput is used to wrap input passed into the
* XMLCipher encryption operations.
@@ -50,77 +50,79 @@ import com.sun.org.apache.xml.internal.security.utils.Base64;
public class XMLCipherInput {
private static java.util.logging.Logger logger =
- java.util.logging.Logger.getLogger(XMLCipher.class.getName());
+ java.util.logging.Logger.getLogger(XMLCipherInput.class.getName());
- /** The data we are working with */
- private CipherData _cipherData;
+ /** The data we are working with */
+ private CipherData cipherData;
- /** MODES */
- private int _mode;
+ /** MODES */
+ private int mode;
- /**
- * Constructor for processing encrypted octets
- *
- * @param data The CipherData object to read the bytes from
- * @throws XMLEncryptionException {@link XMLEncryptionException}
- */
-
- public XMLCipherInput(CipherData data) throws XMLEncryptionException {
-
- _cipherData = data;
- _mode = XMLCipher.DECRYPT_MODE;
- if (_cipherData == null) {
- throw new XMLEncryptionException("CipherData is null");
- }
+ private boolean secureValidation;
+ /**
+ * Constructor for processing encrypted octets
+ *
+ * @param data The CipherData object to read the bytes from
+ * @throws XMLEncryptionException {@link XMLEncryptionException}
+ */
+ public XMLCipherInput(CipherData data) throws XMLEncryptionException {
+ cipherData = data;
+ mode = XMLCipher.DECRYPT_MODE;
+ if (cipherData == null) {
+ throw new XMLEncryptionException("CipherData is null");
}
+ }
- /**
- * Constructor for processing encrypted octets
- *
- * @param input The EncryptedType object to read
- * the bytes from.
- * @throws XMLEncryptionException {@link XMLEncryptionException}
- */
-
- public XMLCipherInput(EncryptedType input) throws XMLEncryptionException {
-
- _cipherData = ((input == null) ? null : input.getCipherData());
- _mode = XMLCipher.DECRYPT_MODE;
- if (_cipherData == null) {
- throw new XMLEncryptionException("CipherData is null");
- }
-
+ /**
+ * Constructor for processing encrypted octets
+ *
+ * @param input The EncryptedType object to read
+ * the bytes from.
+ * @throws XMLEncryptionException {@link XMLEncryptionException}
+ */
+ public XMLCipherInput(EncryptedType input) throws XMLEncryptionException {
+ cipherData = ((input == null) ? null : input.getCipherData());
+ mode = XMLCipher.DECRYPT_MODE;
+ if (cipherData == null) {
+ throw new XMLEncryptionException("CipherData is null");
}
+ }
- /**
- * Dereferences the input and returns it as a single byte array.
- *
- * @throws XMLEncryptionException
+ /**
+ * Set whether secure validation is enabled or not. The default is false.
+ */
+ public void setSecureValidation(boolean secureValidation) {
+ this.secureValidation = secureValidation;
+ }
+
+ /**
+ * Dereferences the input and returns it as a single byte array.
+ *
+ * @throws XMLEncryptionException
* @return The decripted bytes.
- */
-
- public byte[] getBytes() throws XMLEncryptionException {
-
- if (_mode == XMLCipher.DECRYPT_MODE) {
- return getDecryptBytes();
- }
- return null;
+ */
+ public byte[] getBytes() throws XMLEncryptionException {
+ if (mode == XMLCipher.DECRYPT_MODE) {
+ return getDecryptBytes();
}
+ return null;
+ }
/**
* Internal method to get bytes in decryption mode
- * @return the decripted bytes
+ * @return the decrypted bytes
* @throws XMLEncryptionException
*/
private byte[] getDecryptBytes() throws XMLEncryptionException {
-
String base64EncodedEncryptedOctets = null;
- if (_cipherData.getDataType() == CipherData.REFERENCE_TYPE) {
+ if (cipherData.getDataType() == CipherData.REFERENCE_TYPE) {
// Fun time!
- logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData");
- CipherReference cr = _cipherData.getCipherReference();
+ if (logger.isLoggable(java.util.logging.Level.FINE)) {
+ logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData");
+ }
+ CipherReference cr = cipherData.getCipherReference();
// Need to wrap the uri in an Attribute node so that we can
// Pass to the resource resolvers
@@ -130,25 +132,32 @@ public class XMLCipherInput {
try {
ResourceResolver resolver =
- ResourceResolver.getInstance(uriAttr, null);
- input = resolver.resolve(uriAttr, null);
+ ResourceResolver.getInstance(uriAttr, null, secureValidation);
+ input = resolver.resolve(uriAttr, null, secureValidation);
} catch (ResourceResolverException ex) {
throw new XMLEncryptionException("empty", ex);
}
if (input != null) {
- logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\"");
+ if (logger.isLoggable(java.util.logging.Level.FINE)) {
+ logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\"");
+ }
} else {
- logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\"");
+ if (logger.isLoggable(java.util.logging.Level.FINE)) {
+ logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\"");
+ }
}
// Lets see if there are any transforms
Transforms transforms = cr.getTransforms();
if (transforms != null) {
- logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference");
+ if (logger.isLoggable(java.util.logging.Level.FINE)) {
+ logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference");
+ }
try {
com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms =
transforms.getDSTransforms();
+ dsTransforms.setSecureValidation(secureValidation);
input = dsTransforms.performTransforms(input);
} catch (TransformationException ex) {
throw new XMLEncryptionException("empty", ex);
@@ -163,23 +172,21 @@ public class XMLCipherInput {
throw new XMLEncryptionException("empty", ex);
}
- // retrieve the cipher text
- } else if (_cipherData.getDataType() == CipherData.VALUE_TYPE) {
- base64EncodedEncryptedOctets =
- _cipherData.getCipherValue().getValue();
+ // retrieve the cipher text
+ } else if (cipherData.getDataType() == CipherData.VALUE_TYPE) {
+ base64EncodedEncryptedOctets = cipherData.getCipherValue().getValue();
} else {
throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
}
- logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
+ if (logger.isLoggable(java.util.logging.Level.FINE)) {
+ logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets);
+ }
- byte[] encryptedBytes = null;
try {
- encryptedBytes = Base64.decode(base64EncodedEncryptedOctets);
+ return Base64.decode(base64EncodedEncryptedOctets);
} catch (Base64DecodingException bde) {
throw new XMLEncryptionException("empty", bde);
}
-
- return (encryptedBytes);
}
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java
index e25e1fa2a61..1c74f02060d 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java
@@ -2,104 +2,85 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package com.sun.org.apache.xml.internal.security.encryption;
-
/**
* Constants
*/
public interface XMLCipherParameters {
- /** */
- public static final String AES_128 =
+ String AES_128 =
"http://www.w3.org/2001/04/xmlenc#aes128-cbc";
- /** */
- public static final String AES_256 =
+ String AES_256 =
"http://www.w3.org/2001/04/xmlenc#aes256-cbc";
- /** */
- public static final String AES_192 =
+ String AES_192 =
"http://www.w3.org/2001/04/xmlenc#aes192-cbc";
- /** */
- public static final String RSA_1_5 =
+ String RSA_1_5 =
"http://www.w3.org/2001/04/xmlenc#rsa-1_5";
- /** */
- public static final String RSA_OAEP =
+ String RSA_OAEP =
"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
- /** */
- public static final String DIFFIE_HELLMAN =
+ String DIFFIE_HELLMAN =
"http://www.w3.org/2001/04/xmlenc#dh";
- /** */
- public static final String TRIPLEDES_KEYWRAP =
+ String TRIPLEDES_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-tripledes";
- /** */
- public static final String AES_128_KEYWRAP =
+ String AES_128_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes128";
- /** */
- public static final String AES_256_KEYWRAP =
+ String AES_256_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes256";
- /** */
- public static final String AES_192_KEYWRAP =
+ String AES_192_KEYWRAP =
"http://www.w3.org/2001/04/xmlenc#kw-aes192";
- /** */
- public static final String SHA1 =
+ String SHA1 =
"http://www.w3.org/2000/09/xmldsig#sha1";
- /** */
- public static final String SHA256 =
+ String SHA256 =
"http://www.w3.org/2001/04/xmlenc#sha256";
- /** */
- public static final String SHA512 =
+ String SHA512 =
"http://www.w3.org/2001/04/xmlenc#sha512";
- /** */
- public static final String RIPEMD_160 =
+ String RIPEMD_160 =
"http://www.w3.org/2001/04/xmlenc#ripemd160";
- /** */
- public static final String XML_DSIG =
+ String XML_DSIG =
"http://www.w3.org/2000/09/xmldsig#";
- /** */
- public static final String N14C_XML =
+ String N14C_XML =
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
- /** */
- public static final String N14C_XML_CMMNTS =
+ String N14C_XML_CMMNTS =
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
- /** */
- public static final String EXCL_XML_N14C =
+ String EXCL_XML_N14C =
"http://www.w3.org/2001/10/xml-exc-c14n#";
- /** */
- public static final String EXCL_XML_N14C_CMMNTS =
+ String EXCL_XML_N14C_CMMNTS =
"http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionException.java
index 0c913145058..8d027a2d893 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLEncryptionException.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.encryption;
@@ -26,49 +28,53 @@ import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
*
*/
public class XMLEncryptionException extends XMLSecurityException {
- /**
- *
- */
- private static final long serialVersionUID = 1L;
- /**
+ /**
*
- *
- */
- public XMLEncryptionException() {
- super();
- }
- /**
- *
- * @param _msgID
- */
- public XMLEncryptionException(String _msgID) {
- super(_msgID);
- }
- /**
- *
- * @param _msgID
- * @param exArgs
- */
- public XMLEncryptionException(String _msgID, Object exArgs[]) {
- super(_msgID, exArgs);
- }
- /**
- *
- * @param _msgID
- * @param _originalException
- */
- public XMLEncryptionException(String _msgID,
- Exception _originalException) {
- super(_msgID, _originalException);
- }
- /**
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public XMLEncryptionException(String _msgID, Object exArgs[],
- Exception _originalException) {
- super(_msgID, exArgs, _originalException);
- }
+ */
+ private static final long serialVersionUID = 1L;
+
+ /**
+ *
+ *
+ */
+ public XMLEncryptionException() {
+ super();
+ }
+
+ /**
+ *
+ * @param msgID
+ */
+ public XMLEncryptionException(String msgID) {
+ super(msgID);
+ }
+
+ /**
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public XMLEncryptionException(String msgID, Object exArgs[]) {
+ super(msgID, exArgs);
+ }
+
+ /**
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public XMLEncryptionException(String msgID, Exception originalException) {
+ super(msgID, originalException);
+
+ }
+
+ /**
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public XMLEncryptionException(String msgID, Object exArgs[], Exception originalException) {
+ super(msgID, exArgs, originalException);
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/AlgorithmAlreadyRegisteredException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/AlgorithmAlreadyRegisteredException.java
index bbdbaefa27d..1dcb10b9ec6 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/AlgorithmAlreadyRegisteredException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/AlgorithmAlreadyRegisteredException.java
@@ -2,88 +2,80 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.exceptions;
-
-
-/**
- *
- *
- *
- *
- * @author Christian Geuer-Pollmann
- *
- */
public class AlgorithmAlreadyRegisteredException extends XMLSecurityException {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ /**
+ * Constructor AlgorithmAlreadyRegisteredException
+ *
+ */
+ public AlgorithmAlreadyRegisteredException() {
+ super();
+ }
- /**
- * Constructor AlgorithmAlreadyRegisteredException
- *
- */
- public AlgorithmAlreadyRegisteredException() {
- super();
- }
+ /**
+ * Constructor AlgorithmAlreadyRegisteredException
+ *
+ * @param msgID
+ */
+ public AlgorithmAlreadyRegisteredException(String msgID) {
+ super(msgID);
+ }
- /**
- * Constructor AlgorithmAlreadyRegisteredException
- *
- * @param _msgID
- */
- public AlgorithmAlreadyRegisteredException(String _msgID) {
- super(_msgID);
- }
+ /**
+ * Constructor AlgorithmAlreadyRegisteredException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public AlgorithmAlreadyRegisteredException(String msgID, Object exArgs[]) {
+ super(msgID, exArgs);
+ }
- /**
- * Constructor AlgorithmAlreadyRegisteredException
- *
- * @param _msgID
- * @param exArgs
- */
- public AlgorithmAlreadyRegisteredException(String _msgID, Object exArgs[]) {
- super(_msgID, exArgs);
- }
+ /**
+ * Constructor AlgorithmAlreadyRegisteredException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public AlgorithmAlreadyRegisteredException(String msgID, Exception originalException) {
+ super(msgID, originalException);
+ }
- /**
- * Constructor AlgorithmAlreadyRegisteredException
- *
- * @param _msgID
- * @param _originalException
- */
- public AlgorithmAlreadyRegisteredException(String _msgID,
- Exception _originalException) {
- super(_msgID, _originalException);
- }
+ /**
+ * Constructor AlgorithmAlreadyRegisteredException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public AlgorithmAlreadyRegisteredException(
+ String msgID, Object exArgs[], Exception originalException
+ ) {
+ super(msgID, exArgs, originalException);
+ }
- /**
- * Constructor AlgorithmAlreadyRegisteredException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public AlgorithmAlreadyRegisteredException(String _msgID, Object exArgs[],
- Exception _originalException) {
- super(_msgID, exArgs, _originalException);
- }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/Base64DecodingException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/Base64DecodingException.java
index bf039a2602e..0b982c0b241 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/Base64DecodingException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/Base64DecodingException.java
@@ -2,26 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.exceptions;
-
-
/**
* This Exception is thrown if decoding of Base64 data fails.
*
@@ -29,58 +29,54 @@ package com.sun.org.apache.xml.internal.security.exceptions;
*/
public class Base64DecodingException extends XMLSecurityException {
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ private static final long serialVersionUID = 1L;
- /**
- * Constructor Base64DecodingException
- *
- */
- public Base64DecodingException() {
- super();
- }
+ /**
+ * Constructor Base64DecodingException
+ *
+ */
+ public Base64DecodingException() {
+ super();
+ }
- /**
- * Constructor Base64DecodingException
- *
- * @param _msgID
- */
- public Base64DecodingException(String _msgID) {
- super(_msgID);
- }
+ /**
+ * Constructor Base64DecodingException
+ *
+ * @param msgID
+ */
+ public Base64DecodingException(String msgID) {
+ super(msgID);
+ }
- /**
- * Constructor Base64DecodingException
- *
- * @param _msgID
- * @param exArgs
- */
- public Base64DecodingException(String _msgID, Object exArgs[]) {
- super(_msgID, exArgs);
- }
+ /**
+ * Constructor Base64DecodingException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public Base64DecodingException(String msgID, Object exArgs[]) {
+ super(msgID, exArgs);
+ }
- /**
- * Constructor Base64DecodingException
- *
- * @param _msgID
- * @param _originalException
- */
- public Base64DecodingException(String _msgID,
- Exception _originalException) {
- super(_msgID, _originalException);
- }
+ /**
+ * Constructor Base64DecodingException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public Base64DecodingException(String msgID, Exception originalException) {
+ super(msgID, originalException);
+ }
+
+ /**
+ * Constructor Base64DecodingException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public Base64DecodingException(String msgID, Object exArgs[], Exception originalException) {
+ super(msgID, exArgs, originalException);
+ }
- /**
- * Constructor Base64DecodingException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public Base64DecodingException(String _msgID, Object exArgs[],
- Exception _originalException) {
- super(_msgID, exArgs, _originalException);
- }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityException.java
index 4a4be909ab2..63cb4572e49 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityException.java
@@ -2,26 +2,26 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.exceptions;
-
-
import java.io.PrintStream;
import java.io.PrintWriter;
import java.text.MessageFormat;
@@ -29,7 +29,6 @@ import java.text.MessageFormat;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.I18n;
-
/**
* The mother of all Exceptions in this bundle. It allows exceptions to have
* their messages translated to the different locales.
@@ -64,186 +63,154 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
*/
public class XMLSecurityException extends Exception {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+ /** Field msgID */
+ protected String msgID;
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ /**
+ * Constructor XMLSecurityException
+ *
+ */
+ public XMLSecurityException() {
+ super("Missing message string");
- /** Field originalException */
- protected Exception originalException = null;
+ this.msgID = null;
+ }
- /** Field msgID */
- protected String msgID;
+ /**
+ * Constructor XMLSecurityException
+ *
+ * @param msgID
+ */
+ public XMLSecurityException(String msgID) {
+ super(I18n.getExceptionMessage(msgID));
- /**
- * Constructor XMLSecurityException
- *
- */
- public XMLSecurityException() {
+ this.msgID = msgID;
+ }
- super("Missing message string");
+ /**
+ * Constructor XMLSecurityException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public XMLSecurityException(String msgID, Object exArgs[]) {
- this.msgID = null;
- this.originalException = null;
- }
+ super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs));
- /**
- * Constructor XMLSecurityException
- *
- * @param _msgID
- */
- public XMLSecurityException(String _msgID) {
+ this.msgID = msgID;
+ }
- super(I18n.getExceptionMessage(_msgID));
+ /**
+ * Constructor XMLSecurityException
+ *
+ * @param originalException
+ */
+ public XMLSecurityException(Exception originalException) {
- this.msgID = _msgID;
- this.originalException = null;
- }
+ super("Missing message ID to locate message string in resource bundle \""
+ + Constants.exceptionMessagesResourceBundleBase
+ + "\". Original Exception was a "
+ + originalException.getClass().getName() + " and message "
+ + originalException.getMessage(), originalException);
+ }
- /**
- * Constructor XMLSecurityException
- *
- * @param _msgID
- * @param exArgs
- */
- public XMLSecurityException(String _msgID, Object exArgs[]) {
+ /**
+ * Constructor XMLSecurityException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public XMLSecurityException(String msgID, Exception originalException) {
+ super(I18n.getExceptionMessage(msgID, originalException), originalException);
- super(MessageFormat.format(I18n.getExceptionMessage(_msgID), exArgs));
+ this.msgID = msgID;
+ }
- this.msgID = _msgID;
- this.originalException = null;
- }
+ /**
+ * Constructor XMLSecurityException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public XMLSecurityException(String msgID, Object exArgs[], Exception originalException) {
+ super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs), originalException);
- /**
- * Constructor XMLSecurityException
- *
- * @param _originalException
- */
- public XMLSecurityException(Exception _originalException) {
+ this.msgID = msgID;
+ }
- super("Missing message ID to locate message string in resource bundle \""
- + Constants.exceptionMessagesResourceBundleBase
- + "\". Original Exception was a "
- + _originalException.getClass().getName() + " and message "
- + _originalException.getMessage());
+ /**
+ * Method getMsgID
+ *
+ * @return the messageId
+ */
+ public String getMsgID() {
+ if (msgID == null) {
+ return "Missing message ID";
+ }
+ return msgID;
+ }
- this.originalException = _originalException;
- }
+ /** @inheritDoc */
+ public String toString() {
+ String s = this.getClass().getName();
+ String message = super.getLocalizedMessage();
- /**
- * Constructor XMLSecurityException
- *
- * @param _msgID
- * @param _originalException
- */
- public XMLSecurityException(String _msgID, Exception _originalException) {
+ if (message != null) {
+ message = s + ": " + message;
+ } else {
+ message = s;
+ }
- super(I18n.getExceptionMessage(_msgID, _originalException));
+ if (super.getCause() != null) {
+ message = message + "\nOriginal Exception was " + super.getCause().toString();
+ }
- this.msgID = _msgID;
- this.originalException = _originalException;
- }
+ return message;
+ }
- /**
- * Constructor XMLSecurityException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public XMLSecurityException(String _msgID, Object exArgs[],
- Exception _originalException) {
+ /**
+ * Method printStackTrace
+ *
+ */
+ public void printStackTrace() {
+ synchronized (System.err) {
+ super.printStackTrace(System.err);
+ }
+ }
- super(MessageFormat.format(I18n.getExceptionMessage(_msgID), exArgs));
+ /**
+ * Method printStackTrace
+ *
+ * @param printwriter
+ */
+ public void printStackTrace(PrintWriter printwriter) {
+ super.printStackTrace(printwriter);
+ }
- this.msgID = _msgID;
- this.originalException = _originalException;
- }
+ /**
+ * Method printStackTrace
+ *
+ * @param printstream
+ */
+ public void printStackTrace(PrintStream printstream) {
+ super.printStackTrace(printstream);
+ }
- /**
- * Method getMsgID
- *
- * @return the messageId
- */
- public String getMsgID() {
-
- if (msgID == null) {
- return "Missing message ID";
- }
- return msgID;
- }
-
- /** @inheritDoc */
- public String toString() {
-
- String s = this.getClass().getName();
- String message = super.getLocalizedMessage();
-
- if (message != null) {
- message = s + ": " + message;
- } else {
- message = s;
- }
-
- if (originalException != null) {
- message = message + "\nOriginal Exception was "
- + originalException.toString();
- }
-
- return message;
- }
-
- /**
- * Method printStackTrace
- *
- */
- public void printStackTrace() {
-
- synchronized (System.err) {
- super.printStackTrace(System.err);
-
- if (this.originalException != null) {
- this.originalException.printStackTrace(System.err);
- }
- }
- }
-
- /**
- * Method printStackTrace
- *
- * @param printwriter
- */
- public void printStackTrace(PrintWriter printwriter) {
-
- super.printStackTrace(printwriter);
-
- if (this.originalException != null) {
- this.originalException.printStackTrace(printwriter);
- }
- }
-
- /**
- * Method printStackTrace
- *
- * @param printstream
- */
- public void printStackTrace(PrintStream printstream) {
-
- super.printStackTrace(printstream);
-
- if (this.originalException != null) {
- this.originalException.printStackTrace(printstream);
- }
- }
-
- /**
- * Method getOriginalException
- *
- * @return the original exception
- */
- public Exception getOriginalException() {
- return originalException;
- }
+ /**
+ * Method getOriginalException
+ *
+ * @return the original exception
+ */
+ public Exception getOriginalException() {
+ if (this.getCause() instanceof Exception) {
+ return (Exception)this.getCause();
+ }
+ return null;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityRuntimeException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityRuntimeException.java
index 69a803b04c9..06cb920dabe 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityRuntimeException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/exceptions/XMLSecurityRuntimeException.java
@@ -1,3 +1,25 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
package com.sun.org.apache.xml.internal.security.exceptions;
import java.io.PrintStream;
@@ -39,186 +61,152 @@ import com.sun.org.apache.xml.internal.security.utils.I18n;
*
* @author Christian Geuer-Pollmann
*/
-public class XMLSecurityRuntimeException
- extends RuntimeException {
- /**
- *
- */
+public class XMLSecurityRuntimeException extends RuntimeException {
+
private static final long serialVersionUID = 1L;
- /** Field originalException */
- protected Exception originalException = null;
+ /** Field msgID */
+ protected String msgID;
- /** Field msgID */
- protected String msgID;
+ /**
+ * Constructor XMLSecurityRuntimeException
+ *
+ */
+ public XMLSecurityRuntimeException() {
+ super("Missing message string");
- /**
- * Constructor XMLSecurityRuntimeException
- *
- */
- public XMLSecurityRuntimeException() {
+ this.msgID = null;
+ }
- super("Missing message string");
+ /**
+ * Constructor XMLSecurityRuntimeException
+ *
+ * @param msgID
+ */
+ public XMLSecurityRuntimeException(String msgID) {
+ super(I18n.getExceptionMessage(msgID));
- this.msgID = null;
- this.originalException = null;
- }
+ this.msgID = msgID;
+ }
- /**
- * Constructor XMLSecurityRuntimeException
- *
- * @param _msgID
- */
- public XMLSecurityRuntimeException(String _msgID) {
+ /**
+ * Constructor XMLSecurityRuntimeException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public XMLSecurityRuntimeException(String msgID, Object exArgs[]) {
+ super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs));
- super(I18n.getExceptionMessage(_msgID));
+ this.msgID = msgID;
+ }
- this.msgID = _msgID;
- this.originalException = null;
- }
+ /**
+ * Constructor XMLSecurityRuntimeException
+ *
+ * @param originalException
+ */
+ public XMLSecurityRuntimeException(Exception originalException) {
+ super("Missing message ID to locate message string in resource bundle \""
+ + Constants.exceptionMessagesResourceBundleBase
+ + "\". Original Exception was a "
+ + originalException.getClass().getName() + " and message "
+ + originalException.getMessage(), originalException);
+ }
- /**
- * Constructor XMLSecurityRuntimeException
- *
- * @param _msgID
- * @param exArgs
- */
- public XMLSecurityRuntimeException(String _msgID, Object exArgs[]) {
+ /**
+ * Constructor XMLSecurityRuntimeException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public XMLSecurityRuntimeException(String msgID, Exception originalException) {
+ super(I18n.getExceptionMessage(msgID, originalException), originalException);
- super(MessageFormat.format(I18n.getExceptionMessage(_msgID), exArgs));
+ this.msgID = msgID;
+ }
- this.msgID = _msgID;
- this.originalException = null;
- }
+ /**
+ * Constructor XMLSecurityRuntimeException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public XMLSecurityRuntimeException(String msgID, Object exArgs[], Exception originalException) {
+ super(MessageFormat.format(I18n.getExceptionMessage(msgID), exArgs));
- /**
- * Constructor XMLSecurityRuntimeException
- *
- * @param _originalException
- */
- public XMLSecurityRuntimeException(Exception _originalException) {
+ this.msgID = msgID;
+ }
- super("Missing message ID to locate message string in resource bundle \""
- + Constants.exceptionMessagesResourceBundleBase
- + "\". Original Exception was a "
- + _originalException.getClass().getName() + " and message "
- + _originalException.getMessage());
+ /**
+ * Method getMsgID
+ *
+ * @return the messageId
+ */
+ public String getMsgID() {
+ if (msgID == null) {
+ return "Missing message ID";
+ }
+ return msgID;
+ }
- this.originalException = _originalException;
- }
+ /** @inheritDoc */
+ public String toString() {
+ String s = this.getClass().getName();
+ String message = super.getLocalizedMessage();
- /**
- * Constructor XMLSecurityRuntimeException
- *
- * @param _msgID
- * @param _originalException
- */
- public XMLSecurityRuntimeException(String _msgID, Exception _originalException) {
+ if (message != null) {
+ message = s + ": " + message;
+ } else {
+ message = s;
+ }
- super(I18n.getExceptionMessage(_msgID, _originalException));
+ if (this.getCause() != null) {
+ message = message + "\nOriginal Exception was " + this.getCause().toString();
+ }
- this.msgID = _msgID;
- this.originalException = _originalException;
- }
+ return message;
+ }
- /**
- * Constructor XMLSecurityRuntimeException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public XMLSecurityRuntimeException(String _msgID, Object exArgs[],
- Exception _originalException) {
+ /**
+ * Method printStackTrace
+ *
+ */
+ public void printStackTrace() {
+ synchronized (System.err) {
+ super.printStackTrace(System.err);
+ }
+ }
- super(MessageFormat.format(I18n.getExceptionMessage(_msgID), exArgs));
+ /**
+ * Method printStackTrace
+ *
+ * @param printwriter
+ */
+ public void printStackTrace(PrintWriter printwriter) {
+ super.printStackTrace(printwriter);
+ }
- this.msgID = _msgID;
- this.originalException = _originalException;
- }
+ /**
+ * Method printStackTrace
+ *
+ * @param printstream
+ */
+ public void printStackTrace(PrintStream printstream) {
+ super.printStackTrace(printstream);
+ }
- /**
- * Method getMsgID
- *
- * @return the messageId
- */
- public String getMsgID() {
+ /**
+ * Method getOriginalException
+ *
+ * @return the original exception
+ */
+ public Exception getOriginalException() {
+ if (this.getCause() instanceof Exception) {
+ return (Exception)this.getCause();
+ }
+ return null;
+ }
- if (msgID == null) {
- return "Missing message ID";
- }
- return msgID;
- }
-
- /** @inheritDoc */
- public String toString() {
-
- String s = this.getClass().getName();
- String message = super.getLocalizedMessage();
-
- if (message != null) {
- message = s + ": " + message;
- } else {
- message = s;
- }
-
- if (originalException != null) {
- message = message + "\nOriginal Exception was "
- + originalException.toString();
- }
-
- return message;
- }
-
- /**
- * Method printStackTrace
- *
- */
- public void printStackTrace() {
-
- synchronized (System.err) {
- super.printStackTrace(System.err);
-
- if (this.originalException != null) {
- this.originalException.printStackTrace(System.err);
- }
- }
- }
-
- /**
- * Method printStackTrace
- *
- * @param printwriter
- */
- public void printStackTrace(PrintWriter printwriter) {
-
- super.printStackTrace(printwriter);
-
- if (this.originalException != null) {
- this.originalException.printStackTrace(printwriter);
- }
- }
-
- /**
- * Method printStackTrace
- *
- * @param printstream
- */
- public void printStackTrace(PrintStream printstream) {
-
- super.printStackTrace(printstream);
-
- if (this.originalException != null) {
- this.originalException.printStackTrace(printstream);
- }
- }
-
- /**
- * Method getOriginalException
- *
- * @return the original exception
- */
- public Exception getOriginalException() {
- return originalException;
- }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java
index 6477d9bba2c..ad807c2d862 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java
@@ -2,89 +2,83 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys;
-
-
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+public class ContentHandlerAlreadyRegisteredException extends XMLSecurityException {
-/**
- *
- * @author $Author: mullan $
- */
-public class ContentHandlerAlreadyRegisteredException
- extends XMLSecurityException {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ /**
+ * Constructor ContentHandlerAlreadyRegisteredException
+ *
+ */
+ public ContentHandlerAlreadyRegisteredException() {
+ super();
+ }
- /**
- * Constructor ContentHandlerAlreadyRegisteredException
- *
- */
- public ContentHandlerAlreadyRegisteredException() {
- super();
- }
+ /**
+ * Constructor ContentHandlerAlreadyRegisteredException
+ *
+ * @param msgID
+ */
+ public ContentHandlerAlreadyRegisteredException(String msgID) {
+ super(msgID);
+ }
- /**
- * Constructor ContentHandlerAlreadyRegisteredException
- *
- * @param _msgID
- */
- public ContentHandlerAlreadyRegisteredException(String _msgID) {
- super(_msgID);
- }
+ /**
+ * Constructor ContentHandlerAlreadyRegisteredException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public ContentHandlerAlreadyRegisteredException(String msgID, Object exArgs[]) {
+ super(msgID, exArgs);
+ }
- /**
- * Constructor ContentHandlerAlreadyRegisteredException
- *
- * @param _msgID
- * @param exArgs
- */
- public ContentHandlerAlreadyRegisteredException(String _msgID,
- Object exArgs[]) {
- super(_msgID, exArgs);
- }
+ /**
+ * Constructor ContentHandlerAlreadyRegisteredException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public ContentHandlerAlreadyRegisteredException(String msgID, Exception originalException) {
+ super(msgID, originalException);
+ }
- /**
- * Constructor ContentHandlerAlreadyRegisteredException
- *
- * @param _msgID
- * @param _originalException
- */
- public ContentHandlerAlreadyRegisteredException(String _msgID,
- Exception _originalException) {
- super(_msgID, _originalException);
- }
+ /**
+ * Constructor ContentHandlerAlreadyRegisteredException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public ContentHandlerAlreadyRegisteredException(
+ String msgID, Object exArgs[], Exception originalException
+ ) {
+ super(msgID, exArgs, originalException);
+ }
- /**
- * Constructor ContentHandlerAlreadyRegisteredException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public ContentHandlerAlreadyRegisteredException(String _msgID,
- Object exArgs[], Exception _originalException) {
- super(_msgID, exArgs, _originalException);
- }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
index 3c273dea7ac..6716d80d899 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
@@ -2,30 +2,30 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys;
-
-
+import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
-import java.util.Collections;
import java.util.Iterator;
import java.util.List;
@@ -35,6 +35,8 @@ import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.encryption.XMLEncryptionException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.keys.content.DEREncodedKeyValue;
+import com.sun.org.apache.xml.internal.security.keys.content.KeyInfoReference;
import com.sun.org.apache.xml.internal.security.keys.content.KeyName;
import com.sun.org.apache.xml.internal.security.keys.content.KeyValue;
import com.sun.org.apache.xml.internal.security.keys.content.MgmtData;
@@ -49,9 +51,8 @@ import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverExce
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
-import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.Constants;
-import com.sun.org.apache.xml.internal.security.utils.IdResolver;
+import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
@@ -60,7 +61,6 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-
/**
* This class stand for KeyInfo Element that may contain keys, names,
* certificates and other public key management information,
@@ -91,639 +91,769 @@ import org.w3c.dom.NodeList;
* The containsXXX() methods return whether the KeyInfo
* contains the corresponding type.
*
- * @author $Author: mullan $
*/
public class KeyInfo extends SignatureElementProxy {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(KeyInfo.class.getName());
- ListId attribute
- *
- * @param Id ID
- */
- public void setId(String Id) {
-
- if (Id != null) {
- setLocalIdAttribute(Constants._ATT_ID, Id);
- }
- }
-
- /**
- * Returns the Id attribute
- *
- * @return the Id attribute
- */
- public String getId() {
- return this._constructionElement.getAttributeNS(null, Constants._ATT_ID);
- }
-
- /**
- * Method addKeyName
- *
- * @param keynameString
- */
- public void addKeyName(String keynameString) {
- this.add(new KeyName(this._doc, keynameString));
- }
-
- /**
- * Method add
- *
- * @param keyname
- */
- public void add(KeyName keyname) {
-
- this._constructionElement.appendChild(keyname.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
-
- /**
- * Method addKeyValue
- *
- * @param pk
- */
- public void addKeyValue(PublicKey pk) {
- this.add(new KeyValue(this._doc, pk));
- }
-
- /**
- * Method addKeyValue
- *
- * @param unknownKeyValueElement
- */
- public void addKeyValue(Element unknownKeyValueElement) {
- this.add(new KeyValue(this._doc, unknownKeyValueElement));
- }
-
- /**
- * Method add
- *
- * @param dsakeyvalue
- */
- public void add(DSAKeyValue dsakeyvalue) {
- this.add(new KeyValue(this._doc, dsakeyvalue));
- }
-
- /**
- * Method add
- *
- * @param rsakeyvalue
- */
- public void add(RSAKeyValue rsakeyvalue) {
- this.add(new KeyValue(this._doc, rsakeyvalue));
- }
-
- /**
- * Method add
- *
- * @param pk
- */
- public void add(PublicKey pk) {
- this.add(new KeyValue(this._doc, pk));
- }
-
- /**
- * Method add
- *
- * @param keyvalue
- */
- public void add(KeyValue keyvalue) {
- this._constructionElement.appendChild(keyvalue.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
-
- /**
- * Method addMgmtData
- *
- * @param mgmtdata
- */
- public void addMgmtData(String mgmtdata) {
- this.add(new MgmtData(this._doc, mgmtdata));
- }
-
- /**
- * Method add
- *
- * @param mgmtdata
- */
- public void add(MgmtData mgmtdata) {
- this._constructionElement.appendChild(mgmtdata.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
-
- /**
- * Method addPGPData
- *
- * @param pgpdata
- */
- public void add(PGPData pgpdata) {
- this._constructionElement.appendChild(pgpdata.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
-
- /**
- * Method addRetrievalMethod
- *
- * @param URI
- * @param transforms
- * @param Type
- */
- public void addRetrievalMethod(String URI, Transforms transforms,
- String Type) {
- this.add(new RetrievalMethod(this._doc, URI, transforms, Type));
- }
-
- /**
- * Method add
- *
- * @param retrievalmethod
- */
- public void add(RetrievalMethod retrievalmethod) {
- this._constructionElement.appendChild(retrievalmethod.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
-
- /**
- * Method add
- *
- * @param spkidata
- */
- public void add(SPKIData spkidata) {
- this._constructionElement.appendChild(spkidata.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
-
- /**
- * Method addX509Data
- *
- * @param x509data
- */
- public void add(X509Data x509data) {
- if (x509Datas==null)
- x509Datas=new ArrayListId attribute
+ *
+ * @param Id ID
+ */
+ public void setId(String id) {
+ if (id != null) {
+ this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
+ this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
+ }
+ }
+
+ /**
+ * Returns the Id attribute
+ *
+ * @return the Id attribute
+ */
+ public String getId() {
+ return this.constructionElement.getAttributeNS(null, Constants._ATT_ID);
+ }
+
+ /**
+ * Method addKeyName
+ *
+ * @param keynameString
+ */
+ public void addKeyName(String keynameString) {
+ this.add(new KeyName(this.doc, keynameString));
+ }
+
+ /**
+ * Method add
+ *
+ * @param keyname
+ */
+ public void add(KeyName keyname) {
+ this.constructionElement.appendChild(keyname.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
+
+ /**
+ * Method addKeyValue
+ *
+ * @param pk
+ */
+ public void addKeyValue(PublicKey pk) {
+ this.add(new KeyValue(this.doc, pk));
+ }
+
+ /**
+ * Method addKeyValue
+ *
+ * @param unknownKeyValueElement
+ */
+ public void addKeyValue(Element unknownKeyValueElement) {
+ this.add(new KeyValue(this.doc, unknownKeyValueElement));
+ }
+
+ /**
+ * Method add
+ *
+ * @param dsakeyvalue
+ */
+ public void add(DSAKeyValue dsakeyvalue) {
+ this.add(new KeyValue(this.doc, dsakeyvalue));
+ }
+
+ /**
+ * Method add
+ *
+ * @param rsakeyvalue
+ */
+ public void add(RSAKeyValue rsakeyvalue) {
+ this.add(new KeyValue(this.doc, rsakeyvalue));
+ }
+
+ /**
+ * Method add
+ *
+ * @param pk
+ */
+ public void add(PublicKey pk) {
+ this.add(new KeyValue(this.doc, pk));
+ }
+
+ /**
+ * Method add
+ *
+ * @param keyvalue
+ */
+ public void add(KeyValue keyvalue) {
+ this.constructionElement.appendChild(keyvalue.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
+
+ /**
+ * Method addMgmtData
+ *
+ * @param mgmtdata
+ */
+ public void addMgmtData(String mgmtdata) {
+ this.add(new MgmtData(this.doc, mgmtdata));
+ }
+
+ /**
+ * Method add
+ *
+ * @param mgmtdata
+ */
+ public void add(MgmtData mgmtdata) {
+ this.constructionElement.appendChild(mgmtdata.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
+
+ /**
+ * Method addPGPData
+ *
+ * @param pgpdata
+ */
+ public void add(PGPData pgpdata) {
+ this.constructionElement.appendChild(pgpdata.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
+
+ /**
+ * Method addRetrievalMethod
+ *
+ * @param uri
+ * @param transforms
+ * @param Type
+ */
+ public void addRetrievalMethod(String uri, Transforms transforms, String Type) {
+ this.add(new RetrievalMethod(this.doc, uri, transforms, Type));
+ }
+
+ /**
+ * Method add
+ *
+ * @param retrievalmethod
+ */
+ public void add(RetrievalMethod retrievalmethod) {
+ this.constructionElement.appendChild(retrievalmethod.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
+
+ /**
+ * Method add
+ *
+ * @param spkidata
+ */
+ public void add(SPKIData spkidata) {
+ this.constructionElement.appendChild(spkidata.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
+
+ /**
+ * Method addX509Data
+ *
+ * @param x509data
+ */
+ public void add(X509Data x509data) {
+ if (x509Datas == null) {
+ x509Datas = new ArrayListcom.sun.org.apache.xml.internal.security.keys package.
*
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
public class KeyUtils {
- private KeyUtils() {
- // no instantiation
- }
+ private KeyUtils() {
+ // no instantiation
+ }
- /**
- * Method prinoutKeyInfo
- *
- * @param ki
- * @param os
- * @throws XMLSecurityException
- */
- public static void prinoutKeyInfo(KeyInfo ki, PrintStream os)
- throws XMLSecurityException {
+ /**
+ * Method prinoutKeyInfo
+ *
+ * @param ki
+ * @param os
+ * @throws XMLSecurityException
+ */
+ public static void prinoutKeyInfo(KeyInfo ki, PrintStream os)
+ throws XMLSecurityException {
- for (int i = 0; i < ki.lengthKeyName(); i++) {
- KeyName x = ki.itemKeyName(i);
+ for (int i = 0; i < ki.lengthKeyName(); i++) {
+ KeyName x = ki.itemKeyName(i);
- os.println("KeyName(" + i + ")=\"" + x.getKeyName() + "\"");
- }
+ os.println("KeyName(" + i + ")=\"" + x.getKeyName() + "\"");
+ }
- for (int i = 0; i < ki.lengthKeyValue(); i++) {
- KeyValue x = ki.itemKeyValue(i);
- PublicKey pk = x.getPublicKey();
+ for (int i = 0; i < ki.lengthKeyValue(); i++) {
+ KeyValue x = ki.itemKeyValue(i);
+ PublicKey pk = x.getPublicKey();
- os.println("KeyValue Nr. " + i);
- os.println(pk);
- }
+ os.println("KeyValue Nr. " + i);
+ os.println(pk);
+ }
- for (int i = 0; i < ki.lengthMgmtData(); i++) {
- MgmtData x = ki.itemMgmtData(i);
+ for (int i = 0; i < ki.lengthMgmtData(); i++) {
+ MgmtData x = ki.itemMgmtData(i);
- os.println("MgmtData(" + i + ")=\"" + x.getMgmtData() + "\"");
- }
+ os.println("MgmtData(" + i + ")=\"" + x.getMgmtData() + "\"");
+ }
- for (int i = 0; i < ki.lengthX509Data(); i++) {
- X509Data x = ki.itemX509Data(i);
+ for (int i = 0; i < ki.lengthX509Data(); i++) {
+ X509Data x = ki.itemX509Data(i);
- os.println("X509Data(" + i + ")=\"" + (x.containsCertificate()
- ? "Certificate "
- : "") + (x
- .containsIssuerSerial()
- ? "IssuerSerial "
- : "") + "\"");
- }
- }
+ os.println("X509Data(" + i + ")=\"" + (x.containsCertificate()
+ ? "Certificate " : "") + (x.containsIssuerSerial()
+ ? "IssuerSerial " : "") + "\"");
+ }
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/DEREncodedKeyValue.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/DEREncodedKeyValue.java
new file mode 100644
index 00000000000..0144025216a
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/DEREncodedKeyValue.java
@@ -0,0 +1,158 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.keys.content;
+
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.Signature11ElementProxy;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+/**
+ * Provides content model support for the dsig11:DEREncodedKeyvalue element.
+ *
+ * @author Brent Putman (putmanb@georgetown.edu)
+ */
+public class DEREncodedKeyValue extends Signature11ElementProxy implements KeyInfoContent {
+
+ /** JCA algorithm key types supported by this implementation. */
+ public static final String supportedKeyTypes[] = { "RSA", "DSA", "EC"};
+
+ /**
+ * Constructor DEREncodedKeyValue
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public DEREncodedKeyValue(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
+
+ /**
+ * Constructor DEREncodedKeyValue
+ *
+ * @param doc
+ * @param publicKey
+ * @throws XMLSecurityException
+ */
+ public DEREncodedKeyValue(Document doc, PublicKey publicKey) throws XMLSecurityException {
+ super(doc);
+
+ this.addBase64Text(getEncodedDER(publicKey));
+ }
+
+ /**
+ * Constructor DEREncodedKeyValue
+ *
+ * @param doc
+ * @param base64EncodedKey
+ */
+ public DEREncodedKeyValue(Document doc, byte[] encodedKey) {
+ super(doc);
+
+ this.addBase64Text(encodedKey);
+ }
+
+ /**
+ * Sets the Id attribute
+ *
+ * @param Id ID
+ */
+ public void setId(String id) {
+ if (id != null) {
+ this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
+ this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
+ } else {
+ this.constructionElement.removeAttributeNS(null, Constants._ATT_ID);
+ }
+ }
+
+ /**
+ * Returns the Id attribute
+ *
+ * @return the Id attribute
+ */
+ public String getId() {
+ return this.constructionElement.getAttributeNS(null, Constants._ATT_ID);
+ }
+
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_DERENCODEDKEYVALUE;
+ }
+
+ /**
+ * Method getPublicKey
+ *
+ * @return the public key
+ * @throws XMLSecurityException
+ */
+ public PublicKey getPublicKey() throws XMLSecurityException {
+ byte[] encodedKey = getBytesFromTextChild();
+
+ // Iterate over the supported key types until one produces a public key.
+ for (String keyType : supportedKeyTypes) {
+ try {
+ KeyFactory keyFactory = KeyFactory.getInstance(keyType);
+ X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
+ PublicKey publicKey = keyFactory.generatePublic(keySpec);
+ if (publicKey != null) {
+ return publicKey;
+ }
+ } catch (NoSuchAlgorithmException e) {
+ // Do nothing, try the next type
+ } catch (InvalidKeySpecException e) {
+ // Do nothing, try the next type
+ }
+ }
+ throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedEncodedKey");
+ }
+
+ /**
+ * Method getEncodedDER
+ *
+ * @return the public key
+ * @throws XMLSecurityException
+ */
+ protected byte[] getEncodedDER(PublicKey publicKey) throws XMLSecurityException {
+ try {
+ KeyFactory keyFactory = KeyFactory.getInstance(publicKey.getAlgorithm());
+ X509EncodedKeySpec keySpec = keyFactory.getKeySpec(publicKey, X509EncodedKeySpec.class);
+ return keySpec.getEncoded();
+ } catch (NoSuchAlgorithmException e) {
+ Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
+ throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e);
+ } catch (InvalidKeySpecException e) {
+ Object exArgs[] = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
+ throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e);
+ }
+ }
+
+}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java
index 4d5a7a6b975..e753f1bb4ce 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java
@@ -2,32 +2,30 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
-
-
-
-
/**
- * Empty interface just to identify Elements that can be cildren of ds:KeyInfo.
+ * Empty interface just to identify Elements that can be children of ds:KeyInfo.
*
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
public interface KeyInfoContent {
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoReference.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoReference.java
new file mode 100644
index 00000000000..f52f4a98e54
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoReference.java
@@ -0,0 +1,107 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.keys.content;
+
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.Signature11ElementProxy;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+/**
+ * Provides content model support for the dsig11:KeyInfoReference element.
+ *
+ * @author Brent Putman (putmanb@georgetown.edu)
+ */
+public class KeyInfoReference extends Signature11ElementProxy implements KeyInfoContent {
+
+ /**
+ * Constructor RetrievalMethod
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public KeyInfoReference(Element element, String baseURI) throws XMLSecurityException {
+ super(element, baseURI);
+ }
+
+ /**
+ * Constructor RetrievalMethod
+ *
+ * @param doc
+ * @param URI
+ */
+ public KeyInfoReference(Document doc, String URI) {
+ super(doc);
+
+ this.constructionElement.setAttributeNS(null, Constants._ATT_URI, URI);
+ }
+
+ /**
+ * Method getURIAttr
+ *
+ * @return the URI attribute
+ */
+ public Attr getURIAttr() {
+ return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_URI);
+ }
+
+ /**
+ * Method getURI
+ *
+ * @return URI string
+ */
+ public String getURI() {
+ return this.getURIAttr().getNodeValue();
+ }
+
+ /**
+ * Sets the Id attribute
+ *
+ * @param Id ID
+ */
+ public void setId(String id) {
+ if (id != null) {
+ this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id);
+ this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true);
+ } else {
+ this.constructionElement.removeAttributeNS(null, Constants._ATT_ID);
+ }
+ }
+
+ /**
+ * Returns the Id attribute
+ *
+ * @return the Id attribute
+ */
+ public String getId() {
+ return this.constructionElement.getAttributeNS(null, Constants._ATT_ID);
+ }
+
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_KEYINFOREFERENCE;
+ }
+}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java
index 6794ea67586..fbe2e0c1faf 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
@@ -27,46 +29,44 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
- *
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
public class KeyName extends SignatureElementProxy implements KeyInfoContent {
- /**
- * Constructor KeyName
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public KeyName(Element element, String BaseURI) throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor KeyName
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public KeyName(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /**
- * Constructor KeyName
- *
- * @param doc
- * @param keyName
- */
- public KeyName(Document doc, String keyName) {
+ /**
+ * Constructor KeyName
+ *
+ * @param doc
+ * @param keyName
+ */
+ public KeyName(Document doc, String keyName) {
+ super(doc);
- super(doc);
+ this.addText(keyName);
+ }
- this.addText(keyName);
- }
+ /**
+ * Method getKeyName
+ *
+ * @return key name
+ */
+ public String getKeyName() {
+ return this.getTextFromTextChild();
+ }
- /**
- * Method getKeyName
- *
- * @return key name
- */
- public String getKeyName() {
- return this.getTextFromTextChild();
- }
-
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_KEYNAME;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_KEYNAME;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java
index 0d3ee810d23..db7a6836d56 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
@@ -39,7 +41,7 @@ import org.w3c.dom.Element;
* keys values represented as PCDATA or element types from an external
* namespace.
*
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
@@ -50,12 +52,11 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* @param dsaKeyValue
*/
public KeyValue(Document doc, DSAKeyValue dsaKeyValue) {
-
super(doc);
- XMLUtils.addReturnToElement(this._constructionElement);
- this._constructionElement.appendChild(dsaKeyValue.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
+ XMLUtils.addReturnToElement(this.constructionElement);
+ this.constructionElement.appendChild(dsaKeyValue.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
}
/**
@@ -65,12 +66,11 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* @param rsaKeyValue
*/
public KeyValue(Document doc, RSAKeyValue rsaKeyValue) {
-
super(doc);
- XMLUtils.addReturnToElement(this._constructionElement);
- this._constructionElement.appendChild(rsaKeyValue.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
+ XMLUtils.addReturnToElement(this.constructionElement);
+ this.constructionElement.appendChild(rsaKeyValue.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
}
/**
@@ -80,12 +80,11 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* @param unknownKeyValue
*/
public KeyValue(Document doc, Element unknownKeyValue) {
-
super(doc);
- XMLUtils.addReturnToElement(this._constructionElement);
- this._constructionElement.appendChild(unknownKeyValue);
- XMLUtils.addReturnToElement(this._constructionElement);
+ XMLUtils.addReturnToElement(this.constructionElement);
+ this.constructionElement.appendChild(unknownKeyValue);
+ XMLUtils.addReturnToElement(this.constructionElement);
}
/**
@@ -95,21 +94,20 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* @param pk
*/
public KeyValue(Document doc, PublicKey pk) {
-
super(doc);
- XMLUtils.addReturnToElement(this._constructionElement);
+ XMLUtils.addReturnToElement(this.constructionElement);
if (pk instanceof java.security.interfaces.DSAPublicKey) {
- DSAKeyValue dsa = new DSAKeyValue(this._doc, pk);
+ DSAKeyValue dsa = new DSAKeyValue(this.doc, pk);
- this._constructionElement.appendChild(dsa.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
+ this.constructionElement.appendChild(dsa.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
} else if (pk instanceof java.security.interfaces.RSAPublicKey) {
- RSAKeyValue rsa = new RSAKeyValue(this._doc, pk);
+ RSAKeyValue rsa = new RSAKeyValue(this.doc, pk);
- this._constructionElement.appendChild(rsa.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
+ this.constructionElement.appendChild(rsa.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
}
}
@@ -120,8 +118,7 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* @param BaseURI
* @throws XMLSecurityException
*/
- public KeyValue(Element element, String BaseURI)
- throws XMLSecurityException {
+ public KeyValue(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
}
@@ -132,22 +129,21 @@ public class KeyValue extends SignatureElementProxy implements KeyInfoContent {
* @throws XMLSecurityException
*/
public PublicKey getPublicKey() throws XMLSecurityException {
-
- Element rsa = XMLUtils.selectDsNode
- (this._constructionElement.getFirstChild(),
- Constants._TAG_RSAKEYVALUE,0);
+ Element rsa =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_RSAKEYVALUE, 0);
if (rsa != null) {
- RSAKeyValue kv = new RSAKeyValue(rsa, this._baseURI);
+ RSAKeyValue kv = new RSAKeyValue(rsa, this.baseURI);
return kv.getPublicKey();
}
- Element dsa = XMLUtils.selectDsNode
- (this._constructionElement.getFirstChild(),
- Constants._TAG_DSAKEYVALUE,0);
+ Element dsa =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_DSAKEYVALUE, 0);
if (dsa != null) {
- DSAKeyValue kv = new DSAKeyValue(dsa, this._baseURI);
+ DSAKeyValue kv = new DSAKeyValue(dsa, this.baseURI);
return kv.getPublicKey();
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java
index 185e3557170..c037ee77f7d 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
@@ -27,47 +29,45 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
- *
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
public class MgmtData extends SignatureElementProxy implements KeyInfoContent {
- /**
- * Constructor MgmtData
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public MgmtData(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor MgmtData
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public MgmtData(Element element, String BaseURI)
+ throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /**
- * Constructor MgmtData
- *
- * @param doc
- * @param mgmtData
- */
- public MgmtData(Document doc, String mgmtData) {
+ /**
+ * Constructor MgmtData
+ *
+ * @param doc
+ * @param mgmtData
+ */
+ public MgmtData(Document doc, String mgmtData) {
+ super(doc);
- super(doc);
+ this.addText(mgmtData);
+ }
- this.addText(mgmtData);
- }
+ /**
+ * Method getMgmtData
+ *
+ * @return the managment data
+ */
+ public String getMgmtData() {
+ return this.getTextFromTextChild();
+ }
- /**
- * Method getMgmtData
- *
- * @return the managment data
- */
- public String getMgmtData() {
- return this.getTextFromTextChild();
- }
-
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_MGMTDATA;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_MGMTDATA;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java
index 010c907a8d9..e4dbbf4b091 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
@@ -26,25 +28,24 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element;
/**
- *
- * @author $Author: mullan $
+ * @author $Author: coheigea $
* $todo$ Implement
*/
public class PGPData extends SignatureElementProxy implements KeyInfoContent {
- /**
- * Constructor PGPData
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public PGPData(Element element, String BaseURI) throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor PGPData
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public PGPData(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_PGPDATA;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_PGPDATA;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java
index 3c4956b7787..5ee9041f7b1 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
@@ -30,118 +32,104 @@ import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-/**
- *
- * @author $Author: mullan $
- */
-public class RetrievalMethod extends SignatureElementProxy
- implements KeyInfoContent {
+public class RetrievalMethod extends SignatureElementProxy implements KeyInfoContent {
- //J-
/** DSA retrieval */
- public static final String TYPE_DSA = Constants.SignatureSpecNS + "DSAKeyValue";
- /** RSA retrieval */
- public static final String TYPE_RSA = Constants.SignatureSpecNS + "RSAKeyValue";
- /** PGP retrieval */
- public static final String TYPE_PGP = Constants.SignatureSpecNS + "PGPData";
- /** SPKI retrieval */
- public static final String TYPE_SPKI = Constants.SignatureSpecNS + "SPKIData";
- /** MGMT retrieval */
- public static final String TYPE_MGMT = Constants.SignatureSpecNS + "MgmtData";
- /** X509 retrieval */
- public static final String TYPE_X509 = Constants.SignatureSpecNS + "X509Data";
- /** RAWX509 retrieval */
- public static final String TYPE_RAWX509 = Constants.SignatureSpecNS + "rawX509Certificate";
- //J+
+ public static final String TYPE_DSA = Constants.SignatureSpecNS + "DSAKeyValue";
+ /** RSA retrieval */
+ public static final String TYPE_RSA = Constants.SignatureSpecNS + "RSAKeyValue";
+ /** PGP retrieval */
+ public static final String TYPE_PGP = Constants.SignatureSpecNS + "PGPData";
+ /** SPKI retrieval */
+ public static final String TYPE_SPKI = Constants.SignatureSpecNS + "SPKIData";
+ /** MGMT retrieval */
+ public static final String TYPE_MGMT = Constants.SignatureSpecNS + "MgmtData";
+ /** X509 retrieval */
+ public static final String TYPE_X509 = Constants.SignatureSpecNS + "X509Data";
+ /** RAWX509 retrieval */
+ public static final String TYPE_RAWX509 = Constants.SignatureSpecNS + "rawX509Certificate";
- /**
- * Constructor RetrievalMethod
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public RetrievalMethod(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor RetrievalMethod
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public RetrievalMethod(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /**
- * Constructor RetrievalMethod
- *
- * @param doc
- * @param URI
- * @param transforms
- * @param Type
- */
- public RetrievalMethod(Document doc, String URI, Transforms transforms,
- String Type) {
+ /**
+ * Constructor RetrievalMethod
+ *
+ * @param doc
+ * @param URI
+ * @param transforms
+ * @param Type
+ */
+ public RetrievalMethod(Document doc, String URI, Transforms transforms, String Type) {
+ super(doc);
- super(doc);
+ this.constructionElement.setAttributeNS(null, Constants._ATT_URI, URI);
- this._constructionElement.setAttributeNS(null, Constants._ATT_URI, URI);
+ if (Type != null) {
+ this.constructionElement.setAttributeNS(null, Constants._ATT_TYPE, Type);
+ }
- if (Type != null) {
- this._constructionElement.setAttributeNS(null, Constants._ATT_TYPE, Type);
- }
+ if (transforms != null) {
+ this.constructionElement.appendChild(transforms.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
+ }
- if (transforms != null) {
- this._constructionElement.appendChild(transforms.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
- }
+ /**
+ * Method getURIAttr
+ *
+ * @return the URI attribute
+ */
+ public Attr getURIAttr() {
+ return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_URI);
+ }
- /**
- * Method getURIAttr
- *
- * @return the URI attribute
- */
- public Attr getURIAttr() {
- return this._constructionElement.getAttributeNodeNS(null, Constants._ATT_URI);
- }
+ /**
+ * Method getURI
+ *
+ * @return URI string
+ */
+ public String getURI() {
+ return this.getURIAttr().getNodeValue();
+ }
- /**
- * Method getURI
- *
- *
- * @return URI string
- */
- public String getURI() {
- return this.getURIAttr().getNodeValue();
- }
+ /** @return the type*/
+ public String getType() {
+ return this.constructionElement.getAttributeNS(null, Constants._ATT_TYPE);
+ }
- /** @return the type*/
- public String getType() {
- return this._constructionElement.getAttributeNS(null, Constants._ATT_TYPE);
- }
+ /**
+ * Method getTransforms
+ *
+ * @throws XMLSecurityException
+ * @return the transformations
+ */
+ public Transforms getTransforms() throws XMLSecurityException {
+ try {
+ Element transformsElem =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_TRANSFORMS, 0);
- /**
- * Method getTransforms
- *
- *
- * @throws XMLSecurityException
- * @return the transforamitons
- */
- public Transforms getTransforms() throws XMLSecurityException {
+ if (transformsElem != null) {
+ return new Transforms(transformsElem, this.baseURI);
+ }
- try {
- Element transformsElem =
- XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
- Constants
- ._TAG_TRANSFORMS, 0);
+ return null;
+ } catch (XMLSignatureException ex) {
+ throw new XMLSecurityException("empty", ex);
+ }
+ }
- if (transformsElem != null) {
- return new Transforms(transformsElem, this._baseURI);
- }
-
- return null;
- } catch (XMLSignatureException ex) {
- throw new XMLSecurityException("empty", ex);
- }
- }
-
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_RETRIEVALMETHOD;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_RETRIEVALMETHOD;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java
index 95cef8d5491..0177f9bcc12 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
@@ -26,26 +28,25 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Element;
/**
- *
- * @author $Author: mullan $
+ * @author $Author: coheigea $
* $todo$ implement
*/
public class SPKIData extends SignatureElementProxy implements KeyInfoContent {
- /**
- * Constructor SPKIData
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public SPKIData(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor SPKIData
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public SPKIData(Element element, String BaseURI)
+ throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_SPKIDATA;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_SPKIDATA;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java
index 199b1dcb020..55a2a0edd40 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java
@@ -2,32 +2,33 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content;
-
-
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509CRL;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
+import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Digest;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509IssuerSerial;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName;
@@ -38,447 +39,501 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-
-/**
- *
- * @author $Author: mullan $
- */
public class X509Data extends SignatureElementProxy implements KeyInfoContent {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(X509Data.class.getName());
- /**
- * Constructor X509Data
- *
- * @param doc
- */
- public X509Data(Document doc) {
+ /**
+ * Constructor X509Data
+ *
+ * @param doc
+ */
+ public X509Data(Document doc) {
+ super(doc);
- super(doc);
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- XMLUtils.addReturnToElement(this._constructionElement);
- }
+ /**
+ * Constructor X509Data
+ *
+ * @param element
+ * @param baseURI
+ * @throws XMLSecurityException
+ */
+ public X509Data(Element element, String baseURI) throws XMLSecurityException {
+ super(element, baseURI);
- /**
- * Constructor X509Data
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public X509Data(Element element, String BaseURI)
- throws XMLSecurityException {
+ Node sibling = this.constructionElement.getFirstChild();
+ while (sibling != null) {
+ if (sibling.getNodeType() != Node.ELEMENT_NODE) {
+ sibling = sibling.getNextSibling();
+ continue;
+ }
+ return;
+ }
+ /* No Elements found */
+ Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
+ throw new XMLSecurityException("xml.WrongContent", exArgs);
+ }
- super(element, BaseURI);
- Node sibling=this._constructionElement.getFirstChild();
- while (sibling!=null) {
- if (sibling.getNodeType()!=Node.ELEMENT_NODE) {
- sibling=sibling.getNextSibling();
- continue;
- }
- return;
- }
- /* No Elements found */
- Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
- throw new XMLSecurityException("xml.WrongContent", exArgs);
- }
+ /**
+ * Method addIssuerSerial
+ *
+ * @param X509IssuerName
+ * @param X509SerialNumber
+ */
+ public void addIssuerSerial(String X509IssuerName, BigInteger X509SerialNumber) {
+ this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber));
+ }
- /**
- * Method addIssuerSerial
- *
- * @param X509IssuerName
- * @param X509SerialNumber
- */
- public void addIssuerSerial(String X509IssuerName,
- BigInteger X509SerialNumber) {
- this.add(new XMLX509IssuerSerial(this._doc, X509IssuerName,
- X509SerialNumber));
- }
+ /**
+ * Method addIssuerSerial
+ *
+ * @param X509IssuerName
+ * @param X509SerialNumber
+ */
+ public void addIssuerSerial(String X509IssuerName, String X509SerialNumber) {
+ this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber));
+ }
- /**
- * Method addIssuerSerial
- *
- * @param X509IssuerName
- * @param X509SerialNumber
- */
- public void addIssuerSerial(String X509IssuerName, String X509SerialNumber) {
- this.add(new XMLX509IssuerSerial(this._doc, X509IssuerName,
- X509SerialNumber));
- }
+ /**
+ * Method addIssuerSerial
+ *
+ * @param X509IssuerName
+ * @param X509SerialNumber
+ */
+ public void addIssuerSerial(String X509IssuerName, int X509SerialNumber) {
+ this.add(new XMLX509IssuerSerial(this.doc, X509IssuerName, X509SerialNumber));
+ }
- /**
- * Method addIssuerSerial
- *
- * @param X509IssuerName
- * @param X509SerialNumber
- */
- public void addIssuerSerial(String X509IssuerName, int X509SerialNumber) {
- this.add(new XMLX509IssuerSerial(this._doc, X509IssuerName,
- X509SerialNumber));
- }
+ /**
+ * Method add
+ *
+ * @param xmlX509IssuerSerial
+ */
+ public void add(XMLX509IssuerSerial xmlX509IssuerSerial) {
- /**
- * Method add
- *
- * @param xmlX509IssuerSerial
- */
- public void add(XMLX509IssuerSerial xmlX509IssuerSerial) {
+ this.constructionElement.appendChild(xmlX509IssuerSerial.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- this._constructionElement
- .appendChild(xmlX509IssuerSerial.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
+ /**
+ * Method addSKI
+ *
+ * @param skiBytes
+ */
+ public void addSKI(byte[] skiBytes) {
+ this.add(new XMLX509SKI(this.doc, skiBytes));
+ }
- /**
- * Method addSKI
- *
- * @param skiBytes
- */
- public void addSKI(byte[] skiBytes) {
- this.add(new XMLX509SKI(this._doc, skiBytes));
- }
+ /**
+ * Method addSKI
+ *
+ * @param x509certificate
+ * @throws XMLSecurityException
+ */
+ public void addSKI(X509Certificate x509certificate)
+ throws XMLSecurityException {
+ this.add(new XMLX509SKI(this.doc, x509certificate));
+ }
- /**
- * Method addSKI
- *
- * @param x509certificate
- * @throws XMLSecurityException
- */
- public void addSKI(X509Certificate x509certificate)
- throws XMLSecurityException {
- this.add(new XMLX509SKI(this._doc, x509certificate));
- }
+ /**
+ * Method add
+ *
+ * @param xmlX509SKI
+ */
+ public void add(XMLX509SKI xmlX509SKI) {
+ this.constructionElement.appendChild(xmlX509SKI.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- /**
- * Method add
- *
- * @param xmlX509SKI
- */
- public void add(XMLX509SKI xmlX509SKI) {
- this._constructionElement.appendChild(xmlX509SKI.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
+ /**
+ * Method addSubjectName
+ *
+ * @param subjectName
+ */
+ public void addSubjectName(String subjectName) {
+ this.add(new XMLX509SubjectName(this.doc, subjectName));
+ }
- /**
- * Method addSubjectName
- *
- * @param subjectName
- */
- public void addSubjectName(String subjectName) {
- this.add(new XMLX509SubjectName(this._doc, subjectName));
- }
+ /**
+ * Method addSubjectName
+ *
+ * @param x509certificate
+ */
+ public void addSubjectName(X509Certificate x509certificate) {
+ this.add(new XMLX509SubjectName(this.doc, x509certificate));
+ }
- /**
- * Method addSubjectName
- *
- * @param x509certificate
- */
- public void addSubjectName(X509Certificate x509certificate) {
- this.add(new XMLX509SubjectName(this._doc, x509certificate));
- }
+ /**
+ * Method add
+ *
+ * @param xmlX509SubjectName
+ */
+ public void add(XMLX509SubjectName xmlX509SubjectName) {
+ this.constructionElement.appendChild(xmlX509SubjectName.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- /**
- * Method add
- *
- * @param xmlX509SubjectName
- */
- public void add(XMLX509SubjectName xmlX509SubjectName) {
- this._constructionElement.appendChild(xmlX509SubjectName.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
+ /**
+ * Method addCertificate
+ *
+ * @param x509certificate
+ * @throws XMLSecurityException
+ */
+ public void addCertificate(X509Certificate x509certificate)
+ throws XMLSecurityException {
+ this.add(new XMLX509Certificate(this.doc, x509certificate));
+ }
- /**
- * Method addCertificate
- *
- * @param x509certificate
- * @throws XMLSecurityException
- */
- public void addCertificate(X509Certificate x509certificate)
- throws XMLSecurityException {
- this.add(new XMLX509Certificate(this._doc, x509certificate));
- }
+ /**
+ * Method addCertificate
+ *
+ * @param x509certificateBytes
+ */
+ public void addCertificate(byte[] x509certificateBytes) {
+ this.add(new XMLX509Certificate(this.doc, x509certificateBytes));
+ }
- /**
- * Method addCertificate
- *
- * @param x509certificateBytes
- */
- public void addCertificate(byte[] x509certificateBytes) {
- this.add(new XMLX509Certificate(this._doc, x509certificateBytes));
- }
+ /**
+ * Method add
+ *
+ * @param xmlX509Certificate
+ */
+ public void add(XMLX509Certificate xmlX509Certificate) {
+ this.constructionElement.appendChild(xmlX509Certificate.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- /**
- * Method add
- *
- * @param xmlX509Certificate
- */
- public void add(XMLX509Certificate xmlX509Certificate) {
- this._constructionElement.appendChild(xmlX509Certificate.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
+ /**
+ * Method addCRL
+ *
+ * @param crlBytes
+ */
+ public void addCRL(byte[] crlBytes) {
+ this.add(new XMLX509CRL(this.doc, crlBytes));
+ }
- /**
- * Method addCRL
- *
- * @param crlBytes
- */
- public void addCRL(byte[] crlBytes) {
- this.add(new XMLX509CRL(this._doc, crlBytes));
- }
+ /**
+ * Method add
+ *
+ * @param xmlX509CRL
+ */
+ public void add(XMLX509CRL xmlX509CRL) {
+ this.constructionElement.appendChild(xmlX509CRL.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- /**
- * Method add
- *
- * @param xmlX509CRL
- */
- public void add(XMLX509CRL xmlX509CRL) {
- this._constructionElement.appendChild(xmlX509CRL.getElement());
- XMLUtils.addReturnToElement(this._constructionElement);
- }
+ /**
+ * Method addDigest
+ *
+ * @param x509certificate
+ * @param algorithmURI
+ * @throws XMLSecurityException
+ */
+ public void addDigest(X509Certificate x509certificate, String algorithmURI)
+ throws XMLSecurityException {
+ this.add(new XMLX509Digest(this.doc, x509certificate, algorithmURI));
+ }
- /**
- * Method addUnknownElement
- *
- * @param element
- */
- public void addUnknownElement(Element element) {
- this._constructionElement.appendChild(element);
- XMLUtils.addReturnToElement(this._constructionElement);
- }
+ /**
+ * Method addDigest
+ *
+ * @param x509CertificateDigestByes
+ * @param algorithmURI
+ */
+ public void addDigest(byte[] x509certificateDigestBytes, String algorithmURI) {
+ this.add(new XMLX509Digest(this.doc, x509certificateDigestBytes, algorithmURI));
+ }
- /**
- * Method lengthIssuerSerial
- *
- * @return the number of IssuerSerial elements in this X509Data
- */
- public int lengthIssuerSerial() {
- return this.length(Constants.SignatureSpecNS,
- Constants._TAG_X509ISSUERSERIAL);
- }
+ /**
+ * Method add
+ *
+ * @param XMLX509Digest
+ */
+ public void add(XMLX509Digest xmlX509Digest) {
+ this.constructionElement.appendChild(xmlX509Digest.getElement());
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- /**
- * Method lengthSKI
- *
- * @return the number of SKI elements in this X509Data
- */
- public int lengthSKI() {
- return this.length(Constants.SignatureSpecNS, Constants._TAG_X509SKI);
- }
+ /**
+ * Method addUnknownElement
+ *
+ * @param element
+ */
+ public void addUnknownElement(Element element) {
+ this.constructionElement.appendChild(element);
+ XMLUtils.addReturnToElement(this.constructionElement);
+ }
- /**
- * Method lengthSubjectName
- *
- * @return the number of SubjectName elements in this X509Data
- */
- public int lengthSubjectName() {
- return this.length(Constants.SignatureSpecNS,
- Constants._TAG_X509SUBJECTNAME);
- }
+ /**
+ * Method lengthIssuerSerial
+ *
+ * @return the number of IssuerSerial elements in this X509Data
+ */
+ public int lengthIssuerSerial() {
+ return this.length(Constants.SignatureSpecNS, Constants._TAG_X509ISSUERSERIAL);
+ }
- /**
- * Method lengthCertificate
- *
- * @return the number of Certificate elements in this X509Data
- */
- public int lengthCertificate() {
- return this.length(Constants.SignatureSpecNS,
- Constants._TAG_X509CERTIFICATE);
- }
+ /**
+ * Method lengthSKI
+ *
+ * @return the number of SKI elements in this X509Data
+ */
+ public int lengthSKI() {
+ return this.length(Constants.SignatureSpecNS, Constants._TAG_X509SKI);
+ }
- /**
- * Method lengthCRL
- *
- * @return the number of CRL elements in this X509Data
- */
- public int lengthCRL() {
- return this.length(Constants.SignatureSpecNS, Constants._TAG_X509CRL);
- }
+ /**
+ * Method lengthSubjectName
+ *
+ * @return the number of SubjectName elements in this X509Data
+ */
+ public int lengthSubjectName() {
+ return this.length(Constants.SignatureSpecNS, Constants._TAG_X509SUBJECTNAME);
+ }
- /**
- * Method lengthUnknownElement
- *
- * @return the number of UnknownElement elements in this X509Data
- */
- public int lengthUnknownElement() {
+ /**
+ * Method lengthCertificate
+ *
+ * @return the number of Certificate elements in this X509Data
+ */
+ public int lengthCertificate() {
+ return this.length(Constants.SignatureSpecNS, Constants._TAG_X509CERTIFICATE);
+ }
- int result = 0;
- Node n=this._constructionElement.getFirstChild();
- while (n!=null){
+ /**
+ * Method lengthCRL
+ *
+ * @return the number of CRL elements in this X509Data
+ */
+ public int lengthCRL() {
+ return this.length(Constants.SignatureSpecNS, Constants._TAG_X509CRL);
+ }
- if ((n.getNodeType() == Node.ELEMENT_NODE)
- &&!n.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
- result += 1;
- }
- n=n.getNextSibling();
- }
+ /**
+ * Method lengthDigest
+ *
+ * @return the number of X509Digest elements in this X509Data
+ */
+ public int lengthDigest() {
+ return this.length(Constants.SignatureSpec11NS, Constants._TAG_X509DIGEST);
+ }
- return result;
- }
+ /**
+ * Method lengthUnknownElement
+ *
+ * @return the number of UnknownElement elements in this X509Data
+ */
+ public int lengthUnknownElement() {
+ int result = 0;
+ Node n = this.constructionElement.getFirstChild();
+ while (n != null){
+ if ((n.getNodeType() == Node.ELEMENT_NODE)
+ && !n.getNamespaceURI().equals(Constants.SignatureSpecNS)) {
+ result++;
+ }
+ n = n.getNextSibling();
+ }
- /**
- * Method itemIssuerSerial
- *
- * @param i
- * @return the X509IssuerSerial, null if not present
- * @throws XMLSecurityException
- */
- public XMLX509IssuerSerial itemIssuerSerial(int i)
- throws XMLSecurityException {
+ return result;
+ }
- Element e =
- XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
- Constants._TAG_X509ISSUERSERIAL,i);
+ /**
+ * Method itemIssuerSerial
+ *
+ * @param i
+ * @return the X509IssuerSerial, null if not present
+ * @throws XMLSecurityException
+ */
+ public XMLX509IssuerSerial itemIssuerSerial(int i) throws XMLSecurityException {
+ Element e =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_X509ISSUERSERIAL, i);
- if (e != null) {
- return new XMLX509IssuerSerial(e, this._baseURI);
- }
- return null;
- }
+ if (e != null) {
+ return new XMLX509IssuerSerial(e, this.baseURI);
+ }
+ return null;
+ }
- /**
- * Method itemSKI
- *
- * @param i
- * @return the X509SKI, null if not present
- * @throws XMLSecurityException
- */
- public XMLX509SKI itemSKI(int i) throws XMLSecurityException {
+ /**
+ * Method itemSKI
+ *
+ * @param i
+ * @return the X509SKI, null if not present
+ * @throws XMLSecurityException
+ */
+ public XMLX509SKI itemSKI(int i) throws XMLSecurityException {
- Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
- Constants._TAG_X509SKI,i);
+ Element e =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_X509SKI, i);
- if (e != null) {
- return new XMLX509SKI(e, this._baseURI);
- }
- return null;
- }
+ if (e != null) {
+ return new XMLX509SKI(e, this.baseURI);
+ }
+ return null;
+ }
- /**
- * Method itemSubjectName
- *
- * @param i
- * @return the X509SubjectName, null if not present
- * @throws XMLSecurityException
- */
- public XMLX509SubjectName itemSubjectName(int i)
- throws XMLSecurityException {
+ /**
+ * Method itemSubjectName
+ *
+ * @param i
+ * @return the X509SubjectName, null if not present
+ * @throws XMLSecurityException
+ */
+ public XMLX509SubjectName itemSubjectName(int i) throws XMLSecurityException {
- Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
- Constants._TAG_X509SUBJECTNAME,i);
+ Element e =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_X509SUBJECTNAME, i);
- if (e != null) {
- return new XMLX509SubjectName(e, this._baseURI);
- }
- return null;
- }
+ if (e != null) {
+ return new XMLX509SubjectName(e, this.baseURI);
+ }
+ return null;
+ }
- /**
- * Method itemCertificate
- *
- * @param i
- * @return the X509Certifacte, null if not present
- * @throws XMLSecurityException
- */
- public XMLX509Certificate itemCertificate(int i)
- throws XMLSecurityException {
+ /**
+ * Method itemCertificate
+ *
+ * @param i
+ * @return the X509Certifacte, null if not present
+ * @throws XMLSecurityException
+ */
+ public XMLX509Certificate itemCertificate(int i) throws XMLSecurityException {
- Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
- Constants._TAG_X509CERTIFICATE,i);
+ Element e =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_X509CERTIFICATE, i);
- if (e != null) {
- return new XMLX509Certificate(e, this._baseURI);
- }
- return null;
- }
+ if (e != null) {
+ return new XMLX509Certificate(e, this.baseURI);
+ }
+ return null;
+ }
- /**
- * Method itemCRL
- *
- * @param i
- * @return the X509CRL, null if not present
- * @throws XMLSecurityException
- */
- public XMLX509CRL itemCRL(int i) throws XMLSecurityException {
+ /**
+ * Method itemCRL
+ *
+ * @param i
+ * @return the X509CRL, null if not present
+ * @throws XMLSecurityException
+ */
+ public XMLX509CRL itemCRL(int i) throws XMLSecurityException {
- Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
- Constants._TAG_X509CRL,i);
+ Element e =
+ XMLUtils.selectDsNode(
+ this.constructionElement.getFirstChild(), Constants._TAG_X509CRL, i);
- if (e != null) {
- return new XMLX509CRL(e, this._baseURI);
- }
- return null;
- }
+ if (e != null) {
+ return new XMLX509CRL(e, this.baseURI);
+ }
+ return null;
+ }
- /**
- * Method itemUnknownElement
- *
- * @param i
- * @return the Unknown Element at i
- * TODO implement
- **/
- public Element itemUnknownElement(int i) {
- log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:"+i);
- return null;
- }
+ /**
+ * Method itemDigest
+ *
+ * @param i
+ * @return the X509Digest, null if not present
+ * @throws XMLSecurityException
+ */
+ public XMLX509Digest itemDigest(int i) throws XMLSecurityException {
- /**
- * Method containsIssuerSerial
- *
- * @return true if this X509Data contains a IssuerSerial
- */
- public boolean containsIssuerSerial() {
- return this.lengthIssuerSerial() > 0;
- }
+ Element e =
+ XMLUtils.selectDs11Node(
+ this.constructionElement.getFirstChild(), Constants._TAG_X509DIGEST, i);
- /**
- * Method containsSKI
- *
- * @return true if this X509Data contains a SKI
- */
- public boolean containsSKI() {
- return this.lengthSKI() > 0;
- }
+ if (e != null) {
+ return new XMLX509Digest(e, this.baseURI);
+ }
+ return null;
+ }
- /**
- * Method containsSubjectName
- *
- * @return true if this X509Data contains a SubjectName
- */
- public boolean containsSubjectName() {
- return this.lengthSubjectName() > 0;
- }
+ /**
+ * Method itemUnknownElement
+ *
+ * @param i
+ * @return the Unknown Element at i
+ * TODO implement
+ **/
+ public Element itemUnknownElement(int i) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:" + i);
+ }
+ return null;
+ }
- /**
- * Method containsCertificate
- *
- * @return true if this X509Data contains a Certificate
- */
- public boolean containsCertificate() {
- return this.lengthCertificate() > 0;
- }
+ /**
+ * Method containsIssuerSerial
+ *
+ * @return true if this X509Data contains a IssuerSerial
+ */
+ public boolean containsIssuerSerial() {
+ return this.lengthIssuerSerial() > 0;
+ }
- /**
- * Method containsCRL
- *
- * @return true if this X509Data contains a CRL
- */
- public boolean containsCRL() {
- return this.lengthCRL() > 0;
- }
+ /**
+ * Method containsSKI
+ *
+ * @return true if this X509Data contains a SKI
+ */
+ public boolean containsSKI() {
+ return this.lengthSKI() > 0;
+ }
- /**
- * Method containsUnknownElement
- *
- * @return true if this X509Data contains an UnknownElement
- */
- public boolean containsUnknownElement() {
- return this.lengthUnknownElement() > 0;
- }
+ /**
+ * Method containsSubjectName
+ *
+ * @return true if this X509Data contains a SubjectName
+ */
+ public boolean containsSubjectName() {
+ return this.lengthSubjectName() > 0;
+ }
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_X509DATA;
- }
+ /**
+ * Method containsCertificate
+ *
+ * @return true if this X509Data contains a Certificate
+ */
+ public boolean containsCertificate() {
+ return this.lengthCertificate() > 0;
+ }
+
+ /**
+ * Method containsDigest
+ *
+ * @return true if this X509Data contains an X509Digest
+ */
+ public boolean containsDigest() {
+ return this.lengthDigest() > 0;
+ }
+
+ /**
+ * Method containsCRL
+ *
+ * @return true if this X509Data contains a CRL
+ */
+ public boolean containsCRL() {
+ return this.lengthCRL() > 0;
+ }
+
+ /**
+ * Method containsUnknownElement
+ *
+ * @return true if this X509Data contains an UnknownElement
+ */
+ public boolean containsUnknownElement() {
+ return this.lengthUnknownElement() > 0;
+ }
+
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_X509DATA;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java
index ef735c3dad6..2cfa51fc28c 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
@@ -37,104 +39,93 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-/**
- *
- * @author $Author: mullan $
- */
-public class DSAKeyValue extends SignatureElementProxy
- implements KeyValueContent {
+public class DSAKeyValue extends SignatureElementProxy implements KeyValueContent {
- /**
- * Constructor DSAKeyValue
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public DSAKeyValue(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor DSAKeyValue
+ *
+ * @param element
+ * @param baseURI
+ * @throws XMLSecurityException
+ */
+ public DSAKeyValue(Element element, String baseURI) throws XMLSecurityException {
+ super(element, baseURI);
+ }
- /**
- * Constructor DSAKeyValue
- *
- * @param doc
- * @param P
- * @param Q
- * @param G
- * @param Y
- */
- public DSAKeyValue(Document doc, BigInteger P, BigInteger Q, BigInteger G,
- BigInteger Y) {
+ /**
+ * Constructor DSAKeyValue
+ *
+ * @param doc
+ * @param P
+ * @param Q
+ * @param G
+ * @param Y
+ */
+ public DSAKeyValue(Document doc, BigInteger P, BigInteger Q, BigInteger G, BigInteger Y) {
+ super(doc);
- super(doc);
+ XMLUtils.addReturnToElement(this.constructionElement);
+ this.addBigIntegerElement(P, Constants._TAG_P);
+ this.addBigIntegerElement(Q, Constants._TAG_Q);
+ this.addBigIntegerElement(G, Constants._TAG_G);
+ this.addBigIntegerElement(Y, Constants._TAG_Y);
+ }
- XMLUtils.addReturnToElement(this._constructionElement);
- this.addBigIntegerElement(P, Constants._TAG_P);
- this.addBigIntegerElement(Q, Constants._TAG_Q);
- this.addBigIntegerElement(G, Constants._TAG_G);
- this.addBigIntegerElement(Y, Constants._TAG_Y);
- }
+ /**
+ * Constructor DSAKeyValue
+ *
+ * @param doc
+ * @param key
+ * @throws IllegalArgumentException
+ */
+ public DSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
+ super(doc);
- /**
- * Constructor DSAKeyValue
- *
- * @param doc
- * @param key
- * @throws IllegalArgumentException
- */
- public DSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
+ XMLUtils.addReturnToElement(this.constructionElement);
- super(doc);
+ if (key instanceof java.security.interfaces.DSAPublicKey) {
+ this.addBigIntegerElement(((DSAPublicKey) key).getParams().getP(), Constants._TAG_P);
+ this.addBigIntegerElement(((DSAPublicKey) key).getParams().getQ(), Constants._TAG_Q);
+ this.addBigIntegerElement(((DSAPublicKey) key).getParams().getG(), Constants._TAG_G);
+ this.addBigIntegerElement(((DSAPublicKey) key).getY(), Constants._TAG_Y);
+ } else {
+ Object exArgs[] = { Constants._TAG_DSAKEYVALUE, key.getClass().getName() };
- XMLUtils.addReturnToElement(this._constructionElement);
+ throw new IllegalArgumentException(I18n.translate("KeyValue.IllegalArgument", exArgs));
+ }
+ }
- if (key instanceof java.security.interfaces.DSAPublicKey) {
- this.addBigIntegerElement(((DSAPublicKey) key).getParams().getP(),
- Constants._TAG_P);
- this.addBigIntegerElement(((DSAPublicKey) key).getParams().getQ(),
- Constants._TAG_Q);
- this.addBigIntegerElement(((DSAPublicKey) key).getParams().getG(),
- Constants._TAG_G);
- this.addBigIntegerElement(((DSAPublicKey) key).getY(),
- Constants._TAG_Y);
- } else {
- Object exArgs[] = { Constants._TAG_DSAKEYVALUE,
- key.getClass().getName() };
+ /** @inheritDoc */
+ public PublicKey getPublicKey() throws XMLSecurityException {
+ try {
+ DSAPublicKeySpec pkspec =
+ new DSAPublicKeySpec(
+ this.getBigIntegerFromChildElement(
+ Constants._TAG_Y, Constants.SignatureSpecNS
+ ),
+ this.getBigIntegerFromChildElement(
+ Constants._TAG_P, Constants.SignatureSpecNS
+ ),
+ this.getBigIntegerFromChildElement(
+ Constants._TAG_Q, Constants.SignatureSpecNS
+ ),
+ this.getBigIntegerFromChildElement(
+ Constants._TAG_G, Constants.SignatureSpecNS
+ )
+ );
+ KeyFactory dsaFactory = KeyFactory.getInstance("DSA");
+ PublicKey pk = dsaFactory.generatePublic(pkspec);
- throw new IllegalArgumentException(I18n
- .translate("KeyValue.IllegalArgument", exArgs));
- }
- }
+ return pk;
+ } catch (NoSuchAlgorithmException ex) {
+ throw new XMLSecurityException("empty", ex);
+ } catch (InvalidKeySpecException ex) {
+ throw new XMLSecurityException("empty", ex);
+ }
+ }
- /** @inheritDoc */
- public PublicKey getPublicKey() throws XMLSecurityException {
-
- try {
- DSAPublicKeySpec pkspec =
- new DSAPublicKeySpec(this
- .getBigIntegerFromChildElement(Constants._TAG_Y, Constants
- .SignatureSpecNS), this
- .getBigIntegerFromChildElement(Constants._TAG_P, Constants
- .SignatureSpecNS), this
- .getBigIntegerFromChildElement(Constants._TAG_Q, Constants
- .SignatureSpecNS), this
- .getBigIntegerFromChildElement(Constants
- ._TAG_G, Constants.SignatureSpecNS));
- KeyFactory dsaFactory = KeyFactory.getInstance("DSA");
- PublicKey pk = dsaFactory.generatePublic(pkspec);
-
- return pk;
- } catch (NoSuchAlgorithmException ex) {
- throw new XMLSecurityException("empty", ex);
- } catch (InvalidKeySpecException ex) {
- throw new XMLSecurityException("empty", ex);
- }
- }
-
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_DSAKEYVALUE;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_DSAKEYVALUE;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java
index 31e761443c5..d5ebe5b6937 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java
@@ -2,46 +2,38 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
-
-
import java.security.PublicKey;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
-/**
- *
- *
- *
- *
- * @author $Author: mullan $
- *
- */
public interface KeyValueContent {
- /**
- * Method getPublicKey
- *
- * @return the public key
- * @throws XMLSecurityException
- */
- public PublicKey getPublicKey()
- throws XMLSecurityException;
+ /**
+ * Method getPublicKey
+ *
+ * @return the public key
+ * @throws XMLSecurityException
+ */
+ PublicKey getPublicKey() throws XMLSecurityException;
+
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java
index 71b23cda593..a12b8b45bd9 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
@@ -37,93 +39,86 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-/**
- *
- * @author $Author: mullan $
- */
-public class RSAKeyValue extends SignatureElementProxy
- implements KeyValueContent {
+public class RSAKeyValue extends SignatureElementProxy implements KeyValueContent {
- /**
- * Constructor RSAKeyValue
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public RSAKeyValue(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor RSAKeyValue
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public RSAKeyValue(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /**
- * Constructor RSAKeyValue
- *
- * @param doc
- * @param modulus
- * @param exponent
- */
- public RSAKeyValue(Document doc, BigInteger modulus, BigInteger exponent) {
+ /**
+ * Constructor RSAKeyValue
+ *
+ * @param doc
+ * @param modulus
+ * @param exponent
+ */
+ public RSAKeyValue(Document doc, BigInteger modulus, BigInteger exponent) {
+ super(doc);
- super(doc);
+ XMLUtils.addReturnToElement(this.constructionElement);
+ this.addBigIntegerElement(modulus, Constants._TAG_MODULUS);
+ this.addBigIntegerElement(exponent, Constants._TAG_EXPONENT);
+ }
- XMLUtils.addReturnToElement(this._constructionElement);
- this.addBigIntegerElement(modulus, Constants._TAG_MODULUS);
- this.addBigIntegerElement(exponent, Constants._TAG_EXPONENT);
- }
+ /**
+ * Constructor RSAKeyValue
+ *
+ * @param doc
+ * @param key
+ * @throws IllegalArgumentException
+ */
+ public RSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
+ super(doc);
- /**
- * Constructor RSAKeyValue
- *
- * @param doc
- * @param key
- * @throws IllegalArgumentException
- */
- public RSAKeyValue(Document doc, Key key) throws IllegalArgumentException {
+ XMLUtils.addReturnToElement(this.constructionElement);
- super(doc);
+ if (key instanceof java.security.interfaces.RSAPublicKey ) {
+ this.addBigIntegerElement(
+ ((RSAPublicKey) key).getModulus(), Constants._TAG_MODULUS
+ );
+ this.addBigIntegerElement(
+ ((RSAPublicKey) key).getPublicExponent(), Constants._TAG_EXPONENT
+ );
+ } else {
+ Object exArgs[] = { Constants._TAG_RSAKEYVALUE, key.getClass().getName() };
- XMLUtils.addReturnToElement(this._constructionElement);
+ throw new IllegalArgumentException(I18n.translate("KeyValue.IllegalArgument", exArgs));
+ }
+ }
- if (key instanceof java.security.interfaces.RSAPublicKey ) {
- this.addBigIntegerElement(((RSAPublicKey) key).getModulus(),
- Constants._TAG_MODULUS);
- this.addBigIntegerElement(((RSAPublicKey) key).getPublicExponent(),
- Constants._TAG_EXPONENT);
- } else {
- Object exArgs[] = { Constants._TAG_RSAKEYVALUE,
- key.getClass().getName() };
+ /** @inheritDoc */
+ public PublicKey getPublicKey() throws XMLSecurityException {
+ try {
+ KeyFactory rsaFactory = KeyFactory.getInstance("RSA");
- throw new IllegalArgumentException(I18n
- .translate("KeyValue.IllegalArgument", exArgs));
- }
- }
+ RSAPublicKeySpec rsaKeyspec =
+ new RSAPublicKeySpec(
+ this.getBigIntegerFromChildElement(
+ Constants._TAG_MODULUS, Constants.SignatureSpecNS
+ ),
+ this.getBigIntegerFromChildElement(
+ Constants._TAG_EXPONENT, Constants.SignatureSpecNS
+ )
+ );
+ PublicKey pk = rsaFactory.generatePublic(rsaKeyspec);
- /** @inheritDoc */
- public PublicKey getPublicKey() throws XMLSecurityException {
+ return pk;
+ } catch (NoSuchAlgorithmException ex) {
+ throw new XMLSecurityException("empty", ex);
+ } catch (InvalidKeySpecException ex) {
+ throw new XMLSecurityException("empty", ex);
+ }
+ }
- try {
- KeyFactory rsaFactory = KeyFactory.getInstance("RSA");
-
- // KeyFactory rsaFactory = KeyFactory.getInstance(JCE_RSA);
- RSAPublicKeySpec rsaKeyspec =
- new RSAPublicKeySpec(this
- .getBigIntegerFromChildElement(Constants._TAG_MODULUS, Constants
- .SignatureSpecNS), this
- .getBigIntegerFromChildElement(Constants
- ._TAG_EXPONENT, Constants.SignatureSpecNS));
- PublicKey pk = rsaFactory.generatePublic(rsaKeyspec);
-
- return pk;
- } catch (NoSuchAlgorithmException ex) {
- throw new XMLSecurityException("empty", ex);
- } catch (InvalidKeySpecException ex) {
- throw new XMLSecurityException("empty", ex);
- }
- }
-
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_RSAKEYVALUE;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_RSAKEYVALUE;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java
index b68c444dc08..0046c71d05c 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
@@ -26,51 +28,43 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-/**
- *
- * @author $Author: mullan $
- *
- */
-public class XMLX509CRL extends SignatureElementProxy
- implements XMLX509DataContent {
+public class XMLX509CRL extends SignatureElementProxy implements XMLX509DataContent {
- /**
- * Constructor XMLX509CRL
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public XMLX509CRL(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor XMLX509CRL
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public XMLX509CRL(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /**
- * Constructor X509CRL
- *
- * @param doc
- * @param crlBytes
- */
- public XMLX509CRL(Document doc, byte[] crlBytes) {
+ /**
+ * Constructor X509CRL
+ *
+ * @param doc
+ * @param crlBytes
+ */
+ public XMLX509CRL(Document doc, byte[] crlBytes) {
+ super(doc);
- super(doc);
+ this.addBase64Text(crlBytes);
+ }
- this.addBase64Text(crlBytes);
- }
+ /**
+ * Method getCRLBytes
+ *
+ * @return the CRL bytes
+ * @throws XMLSecurityException
+ */
+ public byte[] getCRLBytes() throws XMLSecurityException {
+ return this.getBytesFromTextChild();
+ }
- /**
- * Method getCRLBytes
- *
- * @return the CRL bytes
- * @throws XMLSecurityException
- */
- public byte[] getCRLBytes() throws XMLSecurityException {
- return this.getBytesFromTextChild();
- }
-
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_X509CRL;
- }
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_X509CRL;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java
index 630d9ccc279..1a5931ff5d8 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
@@ -25,6 +27,7 @@ import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
+import java.util.Arrays;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
@@ -32,135 +35,134 @@ import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-/**
- *
- * @author $Author: mullan $
- */
-public class XMLX509Certificate extends SignatureElementProxy
- implements XMLX509DataContent {
+public class XMLX509Certificate extends SignatureElementProxy implements XMLX509DataContent {
- /** Field JCA_CERT_ID */
- public static final String JCA_CERT_ID = "X.509";
+ /** Field JCA_CERT_ID */
+ public static final String JCA_CERT_ID = "X.509";
- /**
- * Constructor X509Certificate
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public XMLX509Certificate(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor X509Certificate
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public XMLX509Certificate(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /**
- * Constructor X509Certificate
- *
- * @param doc
- * @param certificateBytes
- */
- public XMLX509Certificate(Document doc, byte[] certificateBytes) {
+ /**
+ * Constructor X509Certificate
+ *
+ * @param doc
+ * @param certificateBytes
+ */
+ public XMLX509Certificate(Document doc, byte[] certificateBytes) {
+ super(doc);
- super(doc);
+ this.addBase64Text(certificateBytes);
+ }
- this.addBase64Text(certificateBytes);
- }
+ /**
+ * Constructor XMLX509Certificate
+ *
+ * @param doc
+ * @param x509certificate
+ * @throws XMLSecurityException
+ */
+ public XMLX509Certificate(Document doc, X509Certificate x509certificate)
+ throws XMLSecurityException {
+ super(doc);
- /**
- * Constructor XMLX509Certificate
- *
- * @param doc
- * @param x509certificate
- * @throws XMLSecurityException
- */
- public XMLX509Certificate(Document doc, X509Certificate x509certificate)
- throws XMLSecurityException {
+ try {
+ this.addBase64Text(x509certificate.getEncoded());
+ } catch (java.security.cert.CertificateEncodingException ex) {
+ throw new XMLSecurityException("empty", ex);
+ }
+ }
- super(doc);
+ /**
+ * Method getCertificateBytes
+ *
+ * @return the certificate bytes
+ * @throws XMLSecurityException
+ */
+ public byte[] getCertificateBytes() throws XMLSecurityException {
+ return this.getBytesFromTextChild();
+ }
- try {
- this.addBase64Text(x509certificate.getEncoded());
- } catch (java.security.cert.CertificateEncodingException ex) {
- throw new XMLSecurityException("empty", ex);
- }
- }
+ /**
+ * Method getX509Certificate
+ *
+ * @return the x509 certificate
+ * @throws XMLSecurityException
+ */
+ public X509Certificate getX509Certificate() throws XMLSecurityException {
+ try {
+ byte certbytes[] = this.getCertificateBytes();
+ CertificateFactory certFact =
+ CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
+ X509Certificate cert =
+ (X509Certificate) certFact.generateCertificate(
+ new ByteArrayInputStream(certbytes)
+ );
- /**
- * Method getCertificateBytes
- *
- * @return the certificate bytes
- * @throws XMLSecurityException
- */
- public byte[] getCertificateBytes() throws XMLSecurityException {
- return this.getBytesFromTextChild();
- }
+ if (cert != null) {
+ return cert;
+ }
- /**
- * Method getX509Certificate
- *
- * @return the x509 certificate
- * @throws XMLSecurityException
- */
- public X509Certificate getX509Certificate() throws XMLSecurityException {
+ return null;
+ } catch (CertificateException ex) {
+ throw new XMLSecurityException("empty", ex);
+ }
+ }
- try {
- byte certbytes[] = this.getCertificateBytes();
- CertificateFactory certFact =
- CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
- X509Certificate cert =
- (X509Certificate) certFact
- .generateCertificate(new ByteArrayInputStream(certbytes));
+ /**
+ * Method getPublicKey
+ *
+ * @return the publickey
+ * @throws XMLSecurityException
+ */
+ public PublicKey getPublicKey() throws XMLSecurityException {
+ X509Certificate cert = this.getX509Certificate();
- if (cert != null) {
- return cert;
- }
+ if (cert != null) {
+ return cert.getPublicKey();
+ }
- return null;
- } catch (CertificateException ex) {
- throw new XMLSecurityException("empty", ex);
- }
- }
-
- /**
- * Method getPublicKey
- *
- * @return teh publickey
- * @throws XMLSecurityException
- */
- public PublicKey getPublicKey() throws XMLSecurityException {
-
- X509Certificate cert = this.getX509Certificate();
-
- if (cert != null) {
- return cert.getPublicKey();
- }
-
- return null;
- }
+ return null;
+ }
/** @inheritDoc */
public boolean equals(Object obj) {
-
- if (obj == null) {
- return false;
- }
- if (!this.getClass().getName().equals(obj.getClass().getName())) {
+ if (!(obj instanceof XMLX509Certificate)) {
return false;
}
XMLX509Certificate other = (XMLX509Certificate) obj;
try {
-
- /** $todo$ or should be create X509Certificates and use the equals() from the Certs */
- return java.security.MessageDigest.isEqual
- (other.getCertificateBytes(), this.getCertificateBytes());
+ return Arrays.equals(other.getCertificateBytes(), this.getCertificateBytes());
} catch (XMLSecurityException ex) {
return false;
}
}
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_X509CERTIFICATE;
- }
+ public int hashCode() {
+ int result = 17;
+ try {
+ byte[] bytes = getCertificateBytes();
+ for (int i = 0; i < bytes.length; i++) {
+ result = 31 * result + bytes[i];
+ }
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, e.getMessage(), e);
+ }
+ }
+ return result;
+ }
+
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_X509CERTIFICATE;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java
index 02bf9f82d39..2171572d3ab 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java
@@ -2,32 +2,30 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
-
-
-
-
/**
* Just used for tagging contents that are allowed inside a ds:X509Data Element.
*
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
public interface XMLX509DataContent {
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Digest.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Digest.java
new file mode 100644
index 00000000000..57acc678bd9
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Digest.java
@@ -0,0 +1,139 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.keys.content.x509;
+
+import java.security.MessageDigest;
+import java.security.cert.X509Certificate;
+
+import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.Signature11ElementProxy;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+/**
+ * Provides content model support for the dsig11:X509Digest element.
+ *
+ * @author Brent Putman (putmanb@georgetown.edu)
+ */
+public class XMLX509Digest extends Signature11ElementProxy implements XMLX509DataContent {
+
+ /**
+ * Constructor XMLX509Digest
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public XMLX509Digest(Element element, String BaseURI) throws XMLSecurityException {
+ super(element, BaseURI);
+ }
+
+ /**
+ * Constructor XMLX509Digest
+ *
+ * @param doc
+ * @param digestBytes
+ * @param algorithmURI
+ */
+ public XMLX509Digest(Document doc, byte[] digestBytes, String algorithmURI) {
+ super(doc);
+ this.addBase64Text(digestBytes);
+ this.constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, algorithmURI);
+ }
+
+ /**
+ * Constructor XMLX509Digest
+ *
+ * @param doc
+ * @param x509certificate
+ * @param algorithmURI
+ * @throws XMLSecurityException
+ */
+ public XMLX509Digest(Document doc, X509Certificate x509certificate, String algorithmURI) throws XMLSecurityException {
+ super(doc);
+ this.addBase64Text(getDigestBytesFromCert(x509certificate, algorithmURI));
+ this.constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, algorithmURI);
+ }
+
+ /**
+ * Method getAlgorithmAttr
+ *
+ * @return the Algorithm attribute
+ */
+ public Attr getAlgorithmAttr() {
+ return this.constructionElement.getAttributeNodeNS(null, Constants._ATT_ALGORITHM);
+ }
+
+ /**
+ * Method getAlgorithm
+ *
+ * @return Algorithm string
+ */
+ public String getAlgorithm() {
+ return this.getAlgorithmAttr().getNodeValue();
+ }
+
+ /**
+ * Method getDigestBytes
+ *
+ * @return the digestbytes
+ * @throws XMLSecurityException
+ */
+ public byte[] getDigestBytes() throws XMLSecurityException {
+ return this.getBytesFromTextChild();
+ }
+
+ /**
+ * Method getDigestBytesFromCert
+ *
+ * @param cert
+ * @param algorithmURI
+ * @return digest bytes from the given certificate
+ *
+ * @throws XMLSecurityException
+ */
+ public static byte[] getDigestBytesFromCert(X509Certificate cert, String algorithmURI) throws XMLSecurityException {
+ String jcaDigestAlgorithm = JCEMapper.translateURItoJCEID(algorithmURI);
+ if (jcaDigestAlgorithm == null) {
+ Object exArgs[] = { algorithmURI };
+ throw new XMLSecurityException("XMLX509Digest.UnknownDigestAlgorithm", exArgs);
+ }
+
+ try {
+ MessageDigest md = MessageDigest.getInstance(jcaDigestAlgorithm);
+ return md.digest(cert.getEncoded());
+ } catch (Exception e) {
+ Object exArgs[] = { jcaDigestAlgorithm };
+ throw new XMLSecurityException("XMLX509Digest.FailedDigest", exArgs);
+ }
+
+ }
+
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_X509DIGEST;
+ }
+}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java
index 1d16b2b622f..cf3274377cb 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
@@ -31,17 +33,11 @@ import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-/**
- *
- * @author $Author: mullan $
- */
-public class XMLX509IssuerSerial extends SignatureElementProxy
- implements XMLX509DataContent {
+public class XMLX509IssuerSerial extends SignatureElementProxy implements XMLX509DataContent {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
- java.util.logging.Logger.getLogger(
- XMLX509IssuerSerial.class.getName());
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(XMLX509IssuerSerial.class.getName());
/**
* Constructor XMLX509IssuerSerial
@@ -50,8 +46,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy
* @param baseURI
* @throws XMLSecurityException
*/
- public XMLX509IssuerSerial(Element element, String baseURI)
- throws XMLSecurityException {
+ public XMLX509IssuerSerial(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
}
@@ -62,11 +57,9 @@ public class XMLX509IssuerSerial extends SignatureElementProxy
* @param x509IssuerName
* @param x509SerialNumber
*/
- public XMLX509IssuerSerial(Document doc, String x509IssuerName,
- BigInteger x509SerialNumber) {
-
+ public XMLX509IssuerSerial(Document doc, String x509IssuerName, BigInteger x509SerialNumber) {
super(doc);
- XMLUtils.addReturnToElement(this._constructionElement);
+ XMLUtils.addReturnToElement(this.constructionElement);
addTextElement(x509IssuerName, Constants._TAG_X509ISSUERNAME);
addTextElement(x509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER);
}
@@ -78,8 +71,7 @@ public class XMLX509IssuerSerial extends SignatureElementProxy
* @param x509IssuerName
* @param x509SerialNumber
*/
- public XMLX509IssuerSerial(Document doc, String x509IssuerName,
- String x509SerialNumber) {
+ public XMLX509IssuerSerial(Document doc, String x509IssuerName, String x509SerialNumber) {
this(doc, x509IssuerName, new BigInteger(x509SerialNumber));
}
@@ -90,10 +82,8 @@ public class XMLX509IssuerSerial extends SignatureElementProxy
* @param x509IssuerName
* @param x509SerialNumber
*/
- public XMLX509IssuerSerial(Document doc, String x509IssuerName,
- int x509SerialNumber) {
- this(doc, x509IssuerName,
- new BigInteger(Integer.toString(x509SerialNumber)));
+ public XMLX509IssuerSerial(Document doc, String x509IssuerName, int x509SerialNumber) {
+ this(doc, x509IssuerName, new BigInteger(Integer.toString(x509SerialNumber)));
}
/**
@@ -103,10 +93,11 @@ public class XMLX509IssuerSerial extends SignatureElementProxy
* @param x509certificate
*/
public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) {
-
- this(doc,
- RFC2253Parser.normalize(x509certificate.getIssuerDN().getName()),
- x509certificate.getSerialNumber());
+ this(
+ doc,
+ x509certificate.getIssuerX500Principal().getName(),
+ x509certificate.getSerialNumber()
+ );
}
/**
@@ -115,11 +106,11 @@ public class XMLX509IssuerSerial extends SignatureElementProxy
* @return the serial number
*/
public BigInteger getSerialNumber() {
-
- String text = this.getTextFromChildElement
- (Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS);
- if (log.isLoggable(java.util.logging.Level.FINE))
+ String text =
+ this.getTextFromChildElement(Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "X509SerialNumber text: " + text);
+ }
return new BigInteger(text);
}
@@ -139,27 +130,28 @@ public class XMLX509IssuerSerial extends SignatureElementProxy
* @return the issuer name
*/
public String getIssuerName() {
-
- return RFC2253Parser
- .normalize(this
- .getTextFromChildElement(Constants._TAG_X509ISSUERNAME,
- Constants.SignatureSpecNS));
+ return RFC2253Parser.normalize(
+ this.getTextFromChildElement(Constants._TAG_X509ISSUERNAME, Constants.SignatureSpecNS)
+ );
}
/** @inheritDoc */
public boolean equals(Object obj) {
-
- if (obj == null) {
- return false;
- }
- if (!this.getClass().getName().equals(obj.getClass().getName())) {
+ if (!(obj instanceof XMLX509IssuerSerial)) {
return false;
}
XMLX509IssuerSerial other = (XMLX509IssuerSerial) obj;
return this.getSerialNumber().equals(other.getSerialNumber())
- && this.getIssuerName().equals(other.getIssuerName());
+ && this.getIssuerName().equals(other.getIssuerName());
+ }
+
+ public int hashCode() {
+ int result = 17;
+ result = 31 * result + getSerialNumber().hashCode();
+ result = 31 * result + getIssuerName().hashCode();
+ return result;
}
/** @inheritDoc */
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java
index fbbb17e6a54..e4617daead9 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java
@@ -2,30 +2,28 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
-import java.io.IOException;
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
import java.security.cert.X509Certificate;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.Method;
+import java.util.Arrays;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
@@ -37,14 +35,13 @@ import org.w3c.dom.Element;
/**
* Handles SubjectKeyIdentifier (SKI) for X.509v3.
*
- * @author $Author: mullan $
- * @see Interface X509Extension
+ * @see
+ * Interface X509Extension
*/
-public class XMLX509SKI extends SignatureElementProxy
- implements XMLX509DataContent {
+public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataContent {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(XMLX509SKI.class.getName());
/**
@@ -53,7 +50,7 @@ public class XMLX509SKI extends SignatureElementProxy
* distinct keys used by the same subject to be differentiated
* (e.g., as key updating occurs).
*
- * A key identifer shall be unique with respect to all key identifiers
+ * A key identifier shall be unique with respect to all key identifiers
* for the subject with which it is used. This extension is always non-critical.
*/
public static final String SKI_OID = "2.5.29.14";
@@ -77,7 +74,7 @@ public class XMLX509SKI extends SignatureElementProxy
* @throws XMLSecurityException
*/
public XMLX509SKI(Document doc, X509Certificate x509certificate)
- throws XMLSecurityException {
+ throws XMLSecurityException {
super(doc);
this.addBase64Text(XMLX509SKI.getSKIBytesFromCert(x509certificate));
}
@@ -89,8 +86,7 @@ public class XMLX509SKI extends SignatureElementProxy
* @param BaseURI
* @throws XMLSecurityException
*/
- public XMLX509SKI(Element element, String BaseURI)
- throws XMLSecurityException {
+ public XMLX509SKI(Element element, String BaseURI) throws XMLSecurityException {
super(element, BaseURI);
}
@@ -117,9 +113,8 @@ public class XMLX509SKI extends SignatureElementProxy
throws XMLSecurityException {
if (cert.getVersion() < 3) {
- Object exArgs[] = { new Integer(cert.getVersion()) };
- throw new XMLSecurityException("certificate.noSki.lowVersion",
- exArgs);
+ Object exArgs[] = { Integer.valueOf(cert.getVersion()) };
+ throw new XMLSecurityException("certificate.noSki.lowVersion", exArgs);
}
/*
@@ -137,7 +132,7 @@ public class XMLX509SKI extends SignatureElementProxy
* Strip away first four bytes from the extensionValue
* The first two bytes are the tag and length of the extensionValue
* OCTET STRING, and the next two bytes are the tag and length of
- * the skid OCTET STRING.
+ * the ski OCTET STRING.
*/
byte skidValue[] = new byte[extensionValue.length - 4];
@@ -152,23 +147,35 @@ public class XMLX509SKI extends SignatureElementProxy
/** @inheritDoc */
public boolean equals(Object obj) {
- if (obj == null) {
- return false;
- }
- if (!this.getClass().getName().equals(obj.getClass().getName())) {
+ if (!(obj instanceof XMLX509SKI)) {
return false;
}
XMLX509SKI other = (XMLX509SKI) obj;
try {
- return java.security.MessageDigest.isEqual(other.getSKIBytes(),
- this.getSKIBytes());
+ return Arrays.equals(other.getSKIBytes(), this.getSKIBytes());
} catch (XMLSecurityException ex) {
return false;
}
}
+ public int hashCode() {
+ int result = 17;
+ try {
+ byte[] bytes = getSKIBytes();
+ for (int i = 0; i < bytes.length; i++) {
+ result = 31 * result + bytes[i];
+ }
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, e.getMessage(), e);
+ }
+ }
+ return result;
+
+ }
+
/** @inheritDoc */
public String getBaseLocalName() {
return Constants._TAG_X509SKI;
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java
index 8d51da2e2fd..c183abbf8af 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.content.x509;
@@ -30,65 +32,57 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
- *
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
-public class XMLX509SubjectName extends SignatureElementProxy
- implements XMLX509DataContent {
+public class XMLX509SubjectName extends SignatureElementProxy implements XMLX509DataContent {
- /**
- * Constructor X509SubjectName
- *
- * @param element
- * @param BaseURI
- * @throws XMLSecurityException
- */
- public XMLX509SubjectName(Element element, String BaseURI)
- throws XMLSecurityException {
- super(element, BaseURI);
- }
+ /**
+ * Constructor X509SubjectName
+ *
+ * @param element
+ * @param BaseURI
+ * @throws XMLSecurityException
+ */
+ public XMLX509SubjectName(Element element, String BaseURI)
+ throws XMLSecurityException {
+ super(element, BaseURI);
+ }
- /**
- * Constructor X509SubjectName
- *
- * @param doc
- * @param X509SubjectNameString
- */
- public XMLX509SubjectName(Document doc, String X509SubjectNameString) {
+ /**
+ * Constructor X509SubjectName
+ *
+ * @param doc
+ * @param X509SubjectNameString
+ */
+ public XMLX509SubjectName(Document doc, String X509SubjectNameString) {
+ super(doc);
- super(doc);
+ this.addText(X509SubjectNameString);
+ }
- this.addText(X509SubjectNameString);
- }
+ /**
+ * Constructor XMLX509SubjectName
+ *
+ * @param doc
+ * @param x509certificate
+ */
+ public XMLX509SubjectName(Document doc, X509Certificate x509certificate) {
+ this(doc, x509certificate.getSubjectX500Principal().getName());
+ }
- /**
- * Constructor XMLX509SubjectName
- *
- * @param doc
- * @param x509certificate
- */
- public XMLX509SubjectName(Document doc, X509Certificate x509certificate) {
- this(doc,
- RFC2253Parser.normalize(x509certificate.getSubjectDN().getName()));
- }
-
- /**
- * Method getSubjectName
- *
- *
- * @return the subject name
- */
- public String getSubjectName() {
- return RFC2253Parser.normalize(this.getTextFromTextChild());
- }
+ /**
+ * Method getSubjectName
+ *
+ *
+ * @return the subject name
+ */
+ public String getSubjectName() {
+ return RFC2253Parser.normalize(this.getTextFromTextChild());
+ }
/** @inheritDoc */
public boolean equals(Object obj) {
- if (obj == null) {
- return false;
- }
-
- if (!this.getClass().getName().equals(obj.getClass().getName())) {
+ if (!(obj instanceof XMLX509SubjectName)) {
return false;
}
@@ -97,10 +91,16 @@ public class XMLX509SubjectName extends SignatureElementProxy
String thisSubject = this.getSubjectName();
return thisSubject.equals(otherSubject);
- }
+ }
- /** @inheritDoc */
- public String getBaseLocalName() {
- return Constants._TAG_X509SUBJECTNAME;
- }
+ public int hashCode() {
+ int result = 17;
+ result = 31 * result + this.getSubjectName().hashCode();
+ return result;
+ }
+
+ /** @inheritDoc */
+ public String getBaseLocalName() {
+ return Constants._TAG_X509SUBJECTNAME;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java
index 3b3508005cb..614a34f41e6 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java
@@ -2,88 +2,80 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver;
-
-
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
-
-/**
- *
- *
- * @author $Author: mullan $
- */
public class InvalidKeyResolverException extends XMLSecurityException {
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
- /**
- * Constructor InvalidKeyResolverException
- *
- */
- public InvalidKeyResolverException() {
- super();
- }
+ /**
+ * Constructor InvalidKeyResolverException
+ *
+ */
+ public InvalidKeyResolverException() {
+ super();
+ }
- /**
- * Constructor InvalidKeyResolverException
- *
- * @param _msgID
- */
- public InvalidKeyResolverException(String _msgID) {
- super(_msgID);
- }
+ /**
+ * Constructor InvalidKeyResolverException
+ *
+ * @param msgID
+ */
+ public InvalidKeyResolverException(String msgID) {
+ super(msgID);
+ }
- /**
- * Constructor InvalidKeyResolverException
- *
- * @param _msgID
- * @param exArgs
- */
- public InvalidKeyResolverException(String _msgID, Object exArgs[]) {
- super(_msgID, exArgs);
- }
+ /**
+ * Constructor InvalidKeyResolverException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public InvalidKeyResolverException(String msgID, Object exArgs[]) {
+ super(msgID, exArgs);
+ }
- /**
- * Constructor InvalidKeyResolverException
- *
- * @param _msgID
- * @param _originalException
- */
- public InvalidKeyResolverException(String _msgID,
- Exception _originalException) {
- super(_msgID, _originalException);
- }
+ /**
+ * Constructor InvalidKeyResolverException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public InvalidKeyResolverException(String msgID, Exception originalException) {
+ super(msgID, originalException);
+ }
- /**
- * Constructor InvalidKeyResolverException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public InvalidKeyResolverException(String _msgID, Object exArgs[],
- Exception _originalException) {
- super(_msgID, exArgs, _originalException);
- }
+ /**
+ * Constructor InvalidKeyResolverException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public InvalidKeyResolverException(String msgID, Object exArgs[], Exception originalException) {
+ super(msgID, exArgs, originalException);
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
index 00c60165f8a..fe541ff044f 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
@@ -31,10 +31,13 @@ import java.util.concurrent.CopyOnWriteArrayList;
import javax.crypto.SecretKey;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.DEREncodedKeyValueResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.DSAKeyValueResolver;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.KeyInfoReferenceResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RSAKeyValueResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RetrievalMethodResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509CertificateResolver;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509DigestResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509IssuerSerialResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SKIResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SubjectNameResolver;
@@ -277,6 +280,9 @@ public class KeyResolver {
keyResolverList.add(new KeyResolver(new RetrievalMethodResolver()));
keyResolverList.add(new KeyResolver(new X509SubjectNameResolver()));
keyResolverList.add(new KeyResolver(new X509IssuerSerialResolver()));
+ keyResolverList.add(new KeyResolver(new DEREncodedKeyValueResolver()));
+ keyResolverList.add(new KeyResolver(new KeyInfoReferenceResolver()));
+ keyResolverList.add(new KeyResolver(new X509DigestResolver()));
resolverVector.addAll(keyResolverList);
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java
index f0069949b2f..028a0e9dec2 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java
@@ -2,90 +2,80 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver;
-
-
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
-
-/**
- *
- *
- *
- *
- * @author $Author: mullan $
- *
- */
public class KeyResolverException extends XMLSecurityException {
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
- /**
- * Constructor KeyResolverException
- *
- */
- public KeyResolverException() {
- super();
- }
+ /**
+ * Constructor KeyResolverException
+ *
+ */
+ public KeyResolverException() {
+ super();
+ }
- /**
- * Constructor KeyResolverException
- *
- * @param _msgID
- */
- public KeyResolverException(String _msgID) {
- super(_msgID);
- }
+ /**
+ * Constructor KeyResolverException
+ *
+ * @param msgID
+ */
+ public KeyResolverException(String msgID) {
+ super(msgID);
+ }
- /**
- * Constructor KeyResolverException
- *
- * @param _msgID
- * @param exArgs
- */
- public KeyResolverException(String _msgID, Object exArgs[]) {
- super(_msgID, exArgs);
- }
+ /**
+ * Constructor KeyResolverException
+ *
+ * @param msgID
+ * @param exArgs
+ */
+ public KeyResolverException(String msgID, Object exArgs[]) {
+ super(msgID, exArgs);
+ }
- /**
- * Constructor KeyResolverException
- *
- * @param _msgID
- * @param _originalException
- */
- public KeyResolverException(String _msgID, Exception _originalException) {
- super(_msgID, _originalException);
- }
+ /**
+ * Constructor KeyResolverException
+ *
+ * @param msgID
+ * @param originalException
+ */
+ public KeyResolverException(String msgID, Exception originalException) {
+ super(msgID, originalException);
+ }
- /**
- * Constructor KeyResolverException
- *
- * @param _msgID
- * @param exArgs
- * @param _originalException
- */
- public KeyResolverException(String _msgID, Object exArgs[],
- Exception _originalException) {
- super(_msgID, exArgs, _originalException);
- }
+ /**
+ * Constructor KeyResolverException
+ *
+ * @param msgID
+ * @param exArgs
+ * @param originalException
+ */
+ public KeyResolverException(String msgID, Object exArgs[], Exception originalException) {
+ super(msgID, exArgs, originalException);
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
index 3e5c82ccfe5..78622d79336 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
@@ -2,24 +2,27 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver;
+import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.HashMap;
@@ -30,78 +33,89 @@ import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import org.w3c.dom.Element;
/**
- * This class is abstract class for a child KeyInfo Elemnet.
+ * This class is an abstract class for a child KeyInfo Element.
*
- * If you want your KeyResolver, at first you must extend this class, and register
+ * If you want the your KeyResolver, at firstly you must extend this class, and register
* as following in config.xml
*
* <KeyResolver URI="http://www.w3.org/2000/09/xmldsig#KeyValue"
* JAVACLASS="MyPackage.MyKeyValueImpl"//gt;
*
- *
- * @author $Author: mullan $
- * @version $Revision: 1.5 $
*/
public abstract class KeyResolverSpi {
- /**
- * This method helps the {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver} to decide whether a
- * {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi} is able to perform the requested action.
- *
- * @param element
- * @param BaseURI
- * @param storage
- * @return
- */
- public boolean engineCanResolve(Element element, String BaseURI,
- StorageResolver storage) {
- throw new UnsupportedOperationException();
- }
- /**
- * Method engineResolvePublicKey
- *
- * @param element
- * @param BaseURI
- * @param storage
- * @return resolved public key from the registered from the element.
- *
- * @throws KeyResolverException
- */
- public PublicKey engineResolvePublicKey(
- Element element, String BaseURI, StorageResolver storage)
- throws KeyResolverException {
- throw new UnsupportedOperationException();
+ /** Field properties */
+ protected java.util.Mapdsig11:DEREncodedKeyValue element.
+ *
+ * @author Brent Putman (putmanb@georgetown.edu)
+ */
+public class DEREncodedKeyValueResolver extends KeyResolverSpi {
+
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(DEREncodedKeyValueResolver.class.getName());
+
+ /** {@inheritDoc}. */
+ public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
+ return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_DERENCODEDKEYVALUE);
+ }
+
+ /** {@inheritDoc}. */
+ public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
+ }
+
+ if (!engineCanResolve(element, baseURI, storage)) {
+ return null;
+ }
+
+ try {
+ DEREncodedKeyValue derKeyValue = new DEREncodedKeyValue(element, baseURI);
+ return derKeyValue.getPublicKey();
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ }
+ }
+
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+ return null;
+ }
+
+
+
+}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java
index 20bf7bad777..784d5fc874d 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java
@@ -2,30 +2,29 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
-
-
import java.security.PublicKey;
import java.security.cert.X509Certificate;
-
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.DSAKeyValue;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
@@ -34,66 +33,70 @@ import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element;
-
-/**
- *
- * @author $Author: mullan $
- */
public class DSAKeyValueResolver extends KeyResolverSpi {
- /**
- * Method engineResolvePublicKey
- *
- * @param element
- * @param BaseURI
- * @param storage
- * @return null if no {@link PublicKey} could be obtained
- */
- public PublicKey engineLookupAndResolvePublicKey(
- Element element, String BaseURI, StorageResolver storage) {
- if (element == null) {
- return null;
- }
- Element dsaKeyElement=null;
- boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element,
- Constants._TAG_KEYVALUE);
- if (isKeyValue) {
- dsaKeyElement =
- XMLUtils.selectDsNode(element.getFirstChild(),Constants._TAG_DSAKEYVALUE,0);
- } else if (XMLUtils.elementIsInSignatureSpace(element,
- Constants._TAG_DSAKEYVALUE)) {
- // this trick is needed to allow the RetrievalMethodResolver to eat a
- // ds:DSAKeyValue directly (without KeyValue)
- dsaKeyElement = element;
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(DSAKeyValueResolver.class.getName());
+
+
+ /**
+ * Method engineResolvePublicKey
+ *
+ * @param element
+ * @param BaseURI
+ * @param storage
+ * @return null if no {@link PublicKey} could be obtained
+ */
+ public PublicKey engineLookupAndResolvePublicKey(
+ Element element, String BaseURI, StorageResolver storage
+ ) {
+ if (element == null) {
+ return null;
+ }
+ Element dsaKeyElement = null;
+ boolean isKeyValue =
+ XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYVALUE);
+ if (isKeyValue) {
+ dsaKeyElement =
+ XMLUtils.selectDsNode(element.getFirstChild(), Constants._TAG_DSAKEYVALUE, 0);
+ } else if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_DSAKEYVALUE)) {
+ // this trick is needed to allow the RetrievalMethodResolver to eat a
+ // ds:DSAKeyValue directly (without KeyValue)
+ dsaKeyElement = element;
+ }
+
+ if (dsaKeyElement == null) {
+ return null;
+ }
+
+ try {
+ DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement, BaseURI);
+ PublicKey pk = dsaKeyValue.getPublicKey();
+
+ return pk;
+ } catch (XMLSecurityException ex) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
+ //do nothing
+ }
- if (dsaKeyElement == null) {
- return null;
- }
-
- try {
- DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement,
- BaseURI);
- PublicKey pk = dsaKeyValue.getPublicKey();
-
- return pk;
- } catch (XMLSecurityException ex) {
- //do nothing
- }
-
- return null;
- }
+ return null;
+ }
- /** @inheritDoc */
- public X509Certificate engineLookupResolveX509Certificate(
- Element element, String BaseURI, StorageResolver storage) {
- return null;
- }
+ /** @inheritDoc */
+ public X509Certificate engineLookupResolveX509Certificate(
+ Element element, String BaseURI, StorageResolver storage
+ ) {
+ return null;
+ }
- /** @inheritDoc */
- public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
- Element element, String BaseURI, StorageResolver storage){
- return null;
- }
+ /** @inheritDoc */
+ public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
+ Element element, String BaseURI, StorageResolver storage
+ ) {
+ return null;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java
index 6adc050e893..a1be10b977f 100644
--- a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java
@@ -2,39 +2,43 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 1999-2004 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
import javax.crypto.SecretKey;
import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
+import com.sun.org.apache.xml.internal.security.encryption.XMLEncryptionException;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Element;
-
/**
* The EncryptedKeyResolver is not a generic resolver. It can
* only be for specific instantiations, as the key being unwrapped will
@@ -47,78 +51,100 @@ import org.w3c.dom.Element;
*
* @author Berin Lautenbach
*/
-
public class EncryptedKeyResolver extends KeyResolverSpi {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
- java.util.logging.Logger.getLogger(
- RSAKeyValueResolver.class.getName());
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(EncryptedKeyResolver.class.getName());
+ private Key kek;
+ private String algorithm;
+ private Listdsig11:KeyInfoReference element.
+ *
+ * @author Brent Putman (putmanb@georgetown.edu)
+ */
+public class KeyInfoReferenceResolver extends KeyResolverSpi {
+
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(KeyInfoReferenceResolver.class.getName());
+
+ /** {@inheritDoc}. */
+ public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
+ return XMLUtils.elementIsInSignature11Space(element, Constants._TAG_KEYINFOREFERENCE);
+ }
+
+ /** {@inheritDoc}. */
+ public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
+ }
+
+ if (!engineCanResolve(element, baseURI, storage)) {
+ return null;
+ }
+
+ try {
+ KeyInfo referent = resolveReferentKeyInfo(element, baseURI, storage);
+ if (referent != null) {
+ return referent.getPublicKey();
+ }
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ }
+ }
+
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
+ }
+
+ if (!engineCanResolve(element, baseURI, storage)) {
+ return null;
+ }
+
+ try {
+ KeyInfo referent = resolveReferentKeyInfo(element, baseURI, storage);
+ if (referent != null) {
+ return referent.getX509Certificate();
+ }
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ }
+ }
+
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
+ }
+
+ if (!engineCanResolve(element, baseURI, storage)) {
+ return null;
+ }
+
+ try {
+ KeyInfo referent = resolveReferentKeyInfo(element, baseURI, storage);
+ if (referent != null) {
+ return referent.getSecretKey();
+ }
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ }
+ }
+
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public PrivateKey engineLookupAndResolvePrivateKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
+ }
+
+ if (!engineCanResolve(element, baseURI, storage)) {
+ return null;
+ }
+
+ try {
+ KeyInfo referent = resolveReferentKeyInfo(element, baseURI, storage);
+ if (referent != null) {
+ return referent.getPrivateKey();
+ }
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ }
+ }
+
+ return null;
+ }
+
+ /**
+ * Resolve the KeyInfoReference Element's URI attribute into a KeyInfo instance.
+ *
+ * @param element
+ * @param baseURI
+ * @param storage
+ * @return the KeyInfo which is referred to by this KeyInfoReference, or null if can not be resolved
+ * @throws XMLSecurityException
+ */
+ private KeyInfo resolveReferentKeyInfo(Element element, String baseURI, StorageResolver storage) throws XMLSecurityException {
+ KeyInfoReference reference = new KeyInfoReference(element, baseURI);
+ Attr uriAttr = reference.getURIAttr();
+
+ XMLSignatureInput resource = resolveInput(uriAttr, baseURI, secureValidation);
+
+ Element referentElement = null;
+ try {
+ referentElement = obtainReferenceElement(resource);
+ } catch (Exception e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ }
+ return null;
+ }
+
+ if (referentElement == null) {
+ log.log(java.util.logging.Level.FINE, "De-reference of KeyInfoReference URI returned null: " + uriAttr.getValue());
+ return null;
+ }
+
+ validateReference(referentElement);
+
+ KeyInfo referent = new KeyInfo(referentElement, baseURI);
+ referent.addStorageResolver(storage);
+ return referent;
+ }
+
+ /**
+ * Validate the Element referred to by the KeyInfoReference.
+ *
+ * @param referentElement
+ *
+ * @throws XMLSecurityException
+ */
+ private void validateReference(Element referentElement) throws XMLSecurityException {
+ if (!XMLUtils.elementIsInSignatureSpace(referentElement, Constants._TAG_KEYINFO)) {
+ Object exArgs[] = { new QName(referentElement.getNamespaceURI(), referentElement.getLocalName()) };
+ throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.WrongType", exArgs);
+ }
+
+ KeyInfo referent = new KeyInfo(referentElement, "");
+ if (referent.containsKeyInfoReference()) {
+ if (secureValidation) {
+ throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.ReferenceWithSecure");
+ } else {
+ // Don't support chains of references at this time. If do support in the future, this is where the code
+ // would go to validate that don't have a cycle, resulting in an infinite loop. This may be unrealistic
+ // to implement, and/or very expensive given remote URI references.
+ throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.ReferenceWithoutSecure");
+ }
+ }
+
+ }
+
+ /**
+ * Resolve the XML signature input represented by the specified URI.
+ *
+ * @param uri
+ * @param baseURI
+ * @param secureValidation
+ * @return
+ * @throws XMLSecurityException
+ */
+ private XMLSignatureInput resolveInput(Attr uri, String baseURI, boolean secureValidation)
+ throws XMLSecurityException {
+ ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation);
+ XMLSignatureInput resource = resRes.resolve(uri, baseURI, secureValidation);
+ return resource;
+ }
+
+ /**
+ * Resolve the Element effectively represented by the XML signature input source.
+ *
+ * @param resource
+ * @return
+ * @throws CanonicalizationException
+ * @throws ParserConfigurationException
+ * @throws IOException
+ * @throws SAXException
+ * @throws KeyResolverException
+ */
+ private Element obtainReferenceElement(XMLSignatureInput resource)
+ throws CanonicalizationException, ParserConfigurationException,
+ IOException, SAXException, KeyResolverException {
+
+ Element e;
+ if (resource.isElement()){
+ e = (Element) resource.getSubNode();
+ } else if (resource.isNodeSet()) {
+ log.log(java.util.logging.Level.FINE, "De-reference of KeyInfoReference returned an unsupported NodeSet");
+ return null;
+ } else {
+ // Retrieved resource is a byte stream
+ byte inputBytes[] = resource.getBytes();
+ e = getDocFromBytes(inputBytes);
+ }
+ return e;
+ }
+
+ /**
+ * Parses a byte array and returns the parsed Element.
+ *
+ * @param bytes
+ * @return the Document Element after parsing bytes
+ * @throws KeyResolverException if something goes wrong
+ */
+ private Element getDocFromBytes(byte[] bytes) throws KeyResolverException {
+ try {
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ Document doc = db.parse(new ByteArrayInputStream(bytes));
+ return doc.getDocumentElement();
+ } catch (SAXException ex) {
+ throw new KeyResolverException("empty", ex);
+ } catch (IOException ex) {
+ throw new KeyResolverException("empty", ex);
+ } catch (ParserConfigurationException ex) {
+ throw new KeyResolverException("empty", ex);
+ }
+ }
+
+}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/PrivateKeyResolver.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/PrivateKeyResolver.java
new file mode 100644
index 00000000000..708cda45049
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/PrivateKeyResolver.java
@@ -0,0 +1,353 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
+
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Enumeration;
+import javax.crypto.SecretKey;
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.keys.content.X509Data;
+import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
+import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509IssuerSerial;
+import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI;
+import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
+import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
+import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
+import org.w3c.dom.Element;
+
+/**
+ * Resolves a PrivateKey within a KeyStore based on the KeyInfo hints.
+ * For X509Data hints, the certificate associated with the private key entry must match.
+ * For a KeyName hint, the KeyName must match the alias of a PrivateKey entry within the KeyStore.
+ */
+public class PrivateKeyResolver extends KeyResolverSpi {
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(PrivateKeyResolver.class.getName());
+
+ private KeyStore keyStore;
+ private char[] password;
+
+ /**
+ * Constructor.
+ */
+ public PrivateKeyResolver(KeyStore keyStore, char[] password) {
+ this.keyStore = keyStore;
+ this.password = password;
+ }
+
+ /**
+ * This method returns whether the KeyResolverSpi is able to perform the requested action.
+ *
+ * @param element
+ * @param BaseURI
+ * @param storage
+ * @return whether the KeyResolverSpi is able to perform the requested action.
+ */
+ public boolean engineCanResolve(Element element, String BaseURI, StorageResolver storage) {
+ if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)
+ || XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Method engineLookupAndResolvePublicKey
+ *
+ * @param element
+ * @param BaseURI
+ * @param storage
+ * @return null if no {@link PublicKey} could be obtained
+ * @throws KeyResolverException
+ */
+ public PublicKey engineLookupAndResolvePublicKey(
+ Element element, String BaseURI, StorageResolver storage
+ ) throws KeyResolverException {
+ return null;
+ }
+
+ /**
+ * Method engineResolveX509Certificate
+ * @inheritDoc
+ * @param element
+ * @param BaseURI
+ * @param storage
+ * @throws KeyResolverException
+ */
+ public X509Certificate engineLookupResolveX509Certificate(
+ Element element, String BaseURI, StorageResolver storage
+ ) throws KeyResolverException {
+ return null;
+ }
+
+ /**
+ * Method engineResolveSecretKey
+ *
+ * @param element
+ * @param BaseURI
+ * @param storage
+ * @return resolved SecretKey key or null if no {@link SecretKey} could be obtained
+ *
+ * @throws KeyResolverException
+ */
+ public SecretKey engineResolveSecretKey(
+ Element element, String BaseURI, StorageResolver storage
+ ) throws KeyResolverException {
+ return null;
+ }
+
+ /**
+ * Method engineResolvePrivateKey
+ * @inheritDoc
+ * @param element
+ * @param baseURI
+ * @param storage
+ * @return resolved PrivateKey key or null if no {@link PrivateKey} could be obtained
+ * @throws KeyResolverException
+ */
+ public PrivateKey engineLookupAndResolvePrivateKey(
+ Element element, String baseURI, StorageResolver storage
+ ) throws KeyResolverException {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
+ }
+
+ if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
+ PrivateKey privKey = resolveX509Data(element, baseURI);
+ if (privKey != null) {
+ return privKey;
+ }
+ } else if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYNAME)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve KeyName?");
+ String keyName = element.getFirstChild().getNodeValue();
+
+ try {
+ Key key = keyStore.getKey(keyName, password);
+ if (key instanceof PrivateKey) {
+ return (PrivateKey) key;
+ }
+ } catch (Exception e) {
+ log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
+ }
+ }
+
+ log.log(java.util.logging.Level.FINE, "I can't");
+ return null;
+ }
+
+ private PrivateKey resolveX509Data(Element element, String baseURI) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve X509Data?");
+
+ try {
+ X509Data x509Data = new X509Data(element, baseURI);
+
+ int len = x509Data.lengthSKI();
+ for (int i = 0; i < len; i++) {
+ XMLX509SKI x509SKI = x509Data.itemSKI(i);
+ PrivateKey privKey = resolveX509SKI(x509SKI);
+ if (privKey != null) {
+ return privKey;
+ }
+ }
+
+ len = x509Data.lengthIssuerSerial();
+ for (int i = 0; i < len; i++) {
+ XMLX509IssuerSerial x509Serial = x509Data.itemIssuerSerial(i);
+ PrivateKey privKey = resolveX509IssuerSerial(x509Serial);
+ if (privKey != null) {
+ return privKey;
+ }
+ }
+
+ len = x509Data.lengthSubjectName();
+ for (int i = 0; i < len; i++) {
+ XMLX509SubjectName x509SubjectName = x509Data.itemSubjectName(i);
+ PrivateKey privKey = resolveX509SubjectName(x509SubjectName);
+ if (privKey != null) {
+ return privKey;
+ }
+ }
+
+ len = x509Data.lengthCertificate();
+ for (int i = 0; i < len; i++) {
+ XMLX509Certificate x509Cert = x509Data.itemCertificate(i);
+ PrivateKey privKey = resolveX509Certificate(x509Cert);
+ if (privKey != null) {
+ return privKey;
+ }
+ }
+ } catch (XMLSecurityException e) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ } catch (KeyStoreException e) {
+ log.log(java.util.logging.Level.FINE, "KeyStoreException", e);
+ }
+
+ return null;
+ }
+
+ /*
+ * Search for a private key entry in the KeyStore with the same Subject Key Identifier
+ */
+ private PrivateKey resolveX509SKI(XMLX509SKI x509SKI) throws XMLSecurityException, KeyStoreException {
+ log.log(java.util.logging.Level.FINE, "Can I resolve X509SKI?");
+
+ Enumerationds:X509Certificate Element.
*
- * @author $Author: mullan $
+ * @author $Author: coheigea $
*/
public class X509CertificateResolver extends KeyResolverSpi {
- /** {@link java.util.logging} logging facility */
- static java.util.logging.Logger log =
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(X509CertificateResolver.class.getName());
+ /**
+ * Method engineResolvePublicKey
+ * @inheritDoc
+ * @param element
+ * @param BaseURI
+ * @param storage
+ *
+ * @throws KeyResolverException
+ */
+ public PublicKey engineLookupAndResolvePublicKey(
+ Element element, String BaseURI, StorageResolver storage
+ ) throws KeyResolverException {
+ X509Certificate cert =
+ this.engineLookupResolveX509Certificate(element, BaseURI, storage);
- /**
- * Method engineResolvePublicKey
- * @inheritDoc
- * @param element
- * @param BaseURI
- * @param storage
- *
- * @throws KeyResolverException
- */
- public PublicKey engineLookupAndResolvePublicKey(
- Element element, String BaseURI, StorageResolver storage)
- throws KeyResolverException {
+ if (cert != null) {
+ return cert.getPublicKey();
+ }
- X509Certificate cert = this.engineLookupResolveX509Certificate(element,
- BaseURI, storage);
+ return null;
+ }
- if (cert != null) {
- return cert.getPublicKey();
- }
+ /**
+ * Method engineResolveX509Certificate
+ * @inheritDoc
+ * @param element
+ * @param BaseURI
+ * @param storage
+ *
+ * @throws KeyResolverException
+ */
+ public X509Certificate engineLookupResolveX509Certificate(
+ Element element, String BaseURI, StorageResolver storage
+ ) throws KeyResolverException {
- return null;
- }
-
- /**
- * Method engineResolveX509Certificate
- * @inheritDoc
- * @param element
- * @param BaseURI
- * @param storage
- *
- * @throws KeyResolverException
- */
- public X509Certificate engineLookupResolveX509Certificate(
- Element element, String BaseURI, StorageResolver storage)
- throws KeyResolverException {
-
- try {
- Element[] els=XMLUtils.selectDsNodes(element.getFirstChild(),
- Constants._TAG_X509CERTIFICATE);
- if ((els == null) || (els.length == 0)) {
- Element el=XMLUtils.selectDsNode(element.getFirstChild(),
- Constants._TAG_X509DATA,0);
- if (el!=null) {
- return engineLookupResolveX509Certificate(el, BaseURI, storage);
- }
- return null;
- }
-
- // populate Object array
- for (int i = 0; i < els.length; i++) {
- XMLX509Certificate xmlCert=new XMLX509Certificate(els[i], BaseURI);
- X509Certificate cert = xmlCert.getX509Certificate();
- if (cert!=null) {
- return cert;
+ try {
+ Element[] els =
+ XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509CERTIFICATE);
+ if ((els == null) || (els.length == 0)) {
+ Element el =
+ XMLUtils.selectDsNode(element.getFirstChild(), Constants._TAG_X509DATA, 0);
+ if (el != null) {
+ return engineLookupResolveX509Certificate(el, BaseURI, storage);
+ }
+ return null;
}
- }
- return null;
- } catch (XMLSecurityException ex) {
- log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
- throw new KeyResolverException("generic.EmptyMessage", ex);
- }
- }
+ // populate Object array
+ for (int i = 0; i < els.length; i++) {
+ XMLX509Certificate xmlCert = new XMLX509Certificate(els[i], BaseURI);
+ X509Certificate cert = xmlCert.getX509Certificate();
+ if (cert != null) {
+ return cert;
+ }
+ }
+ return null;
+ } catch (XMLSecurityException ex) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
+ }
+ throw new KeyResolverException("generic.EmptyMessage", ex);
+ }
+ }
- /**
- * Method engineResolveSecretKey
- * @inheritDoc
- * @param element
- * @param BaseURI
- * @param storage
- *
- */
- public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
- Element element, String BaseURI, StorageResolver storage)
- {
- return null;
- }
+ /**
+ * Method engineResolveSecretKey
+ * @inheritDoc
+ * @param element
+ * @param BaseURI
+ * @param storage
+ */
+ public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
+ Element element, String BaseURI, StorageResolver storage
+ ) {
+ return null;
+ }
}
diff --git a/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509DigestResolver.java b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509DigestResolver.java
new file mode 100644
index 00000000000..c1b44e68a86
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509DigestResolver.java
@@ -0,0 +1,164 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
+
+import java.security.PublicKey;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Iterator;
+
+import javax.crypto.SecretKey;
+
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.keys.content.X509Data;
+import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Digest;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
+import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
+import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
+import org.w3c.dom.Element;
+
+/**
+ * KeyResolverSpi implementation which resolves public keys and X.509 certificates from a
+ * dsig11:X509Digest element.
+ *
+ * @author Brent Putman (putmanb@georgetown.edu)
+ */
+public class X509DigestResolver extends KeyResolverSpi {
+
+ /** {@link org.apache.commons.logging} logging facility */
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger(X509DigestResolver.class.getName());
+
+ /** {@inheritDoc}. */
+ public boolean engineCanResolve(Element element, String baseURI, StorageResolver storage) {
+ if (XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
+ try {
+ X509Data x509Data = new X509Data(element, baseURI);
+ return x509Data.containsDigest();
+ } catch (XMLSecurityException e) {
+ return false;
+ }
+ } else {
+ return false;
+ }
+ }
+
+ /** {@inheritDoc}. */
+ public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+
+ X509Certificate cert = this.engineLookupResolveX509Certificate(element, baseURI, storage);
+
+ if (cert != null) {
+ return cert.getPublicKey();
+ }
+
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
+ }
+
+ if (!engineCanResolve(element, baseURI, storage)) {
+ return null;
+ }
+
+ try {
+ return resolveCertificate(element, baseURI, storage);
+ } catch (XMLSecurityException e) {
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
+ }
+ }
+
+ return null;
+ }
+
+ /** {@inheritDoc}. */
+ public SecretKey engineLookupAndResolveSecretKey(Element element, String baseURI, StorageResolver storage)
+ throws KeyResolverException {
+ return null;
+ }
+
+ /**
+ * Resolves from the storage resolver the actual certificate represented by the digest.
+ *
+ * @param element
+ * @param baseURI
+ * @param storage
+ * @return
+ * @throws XMLSecurityException
+ */
+ private X509Certificate resolveCertificate(Element element, String baseURI, StorageResolver storage)
+ throws XMLSecurityException {
+
+ XMLX509Digest x509Digests[] = null;
+
+ Element x509childNodes[] = XMLUtils.selectDs11Nodes(element.getFirstChild(), Constants._TAG_X509DIGEST);
+
+ if (x509childNodes == null || x509childNodes.length <= 0) {
+ return null;
+ }
+
+ try {
+ checkStorage(storage);
+
+ x509Digests = new XMLX509Digest[x509childNodes.length];
+
+ for (int i = 0; i < x509childNodes.length; i++) {
+ x509Digests[i] = new XMLX509Digest(x509childNodes[i], baseURI);
+ }
+
+ Iterator