author | mullan |
Thu, 25 Aug 2016 15:06:26 -0400 | |
changeset 40551 | 05eba5515cbb |
parent 32003 | acb12269398a |
permissions | -rw-r--r-- |
2 | 1 |
/* |
1337 | 2 |
* reserved comment block |
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
2 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
21 |
* under the License. |
2 | 22 |
*/ |
1337 | 23 |
/* |
40551
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
24 |
* Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved. |
1337 | 25 |
*/ |
2 | 26 |
/* |
27 |
* =========================================================================== |
|
28 |
* |
|
29 |
* (C) Copyright IBM Corp. 2003 All Rights Reserved. |
|
30 |
* |
|
31 |
* =========================================================================== |
|
32 |
*/ |
|
33 |
/* |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
34 |
* $Id: DOMReference.java 1334007 2012-05-04 14:59:46Z coheigea $ |
2 | 35 |
*/ |
36 |
package org.jcp.xml.dsig.internal.dom; |
|
37 |
||
38 |
import javax.xml.crypto.*; |
|
39 |
import javax.xml.crypto.dsig.*; |
|
40 |
import javax.xml.crypto.dom.DOMCryptoContext; |
|
41 |
import javax.xml.crypto.dom.DOMURIReference; |
|
42 |
||
43 |
import java.io.*; |
|
44 |
import java.net.URI; |
|
45 |
import java.net.URISyntaxException; |
|
46 |
import java.security.*; |
|
47 |
import java.util.*; |
|
48 |
import org.w3c.dom.Attr; |
|
49 |
import org.w3c.dom.Document; |
|
50 |
import org.w3c.dom.Element; |
|
51 |
import org.w3c.dom.Node; |
|
52 |
||
53 |
import org.jcp.xml.dsig.internal.DigesterOutputStream; |
|
54 |
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; |
|
55 |
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; |
|
56 |
import com.sun.org.apache.xml.internal.security.utils.Base64; |
|
57 |
import com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream; |
|
58 |
||
59 |
/** |
|
60 |
* DOM-based implementation of Reference. |
|
61 |
* |
|
62 |
* @author Sean Mullan |
|
63 |
* @author Joyce Leung |
|
64 |
*/ |
|
65 |
public final class DOMReference extends DOMStructure |
|
66 |
implements Reference, DOMURIReference { |
|
67 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
68 |
/** |
1337 | 69 |
* Look up useC14N11 system property. If true, an explicit C14N11 transform |
70 |
* will be added if necessary when generating the signature. See section |
|
71 |
* 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info. |
|
72 |
* |
|
73 |
* If true, overrides the same property if set in the XMLSignContext. |
|
74 |
*/ |
|
75 |
private static boolean useC14N11 = |
|
76 |
AccessController.doPrivileged(new PrivilegedAction<Boolean>() { |
|
77 |
public Boolean run() { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
78 |
return Boolean.valueOf(Boolean.getBoolean |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
79 |
("com.sun.org.apache.xml.internal.security.useC14N11")); |
1337 | 80 |
} |
81 |
}); |
|
82 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
83 |
private static java.util.logging.Logger log = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
84 |
java.util.logging.Logger.getLogger("org.jcp.xml.dsig.internal.dom"); |
2 | 85 |
|
86 |
private final DigestMethod digestMethod; |
|
87 |
private final String id; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
88 |
private final List<Transform> transforms; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
89 |
private List<Transform> allTransforms; |
2 | 90 |
private final Data appliedTransformData; |
91 |
private Attr here; |
|
92 |
private final String uri; |
|
93 |
private final String type; |
|
94 |
private byte[] digestValue; |
|
95 |
private byte[] calcDigestValue; |
|
96 |
private Element refElem; |
|
97 |
private boolean digested = false; |
|
98 |
private boolean validated = false; |
|
99 |
private boolean validationStatus; |
|
100 |
private Data derefData; |
|
101 |
private InputStream dis; |
|
102 |
private MessageDigest md; |
|
1337 | 103 |
private Provider provider; |
2 | 104 |
|
105 |
/** |
|
106 |
* Creates a <code>Reference</code> from the specified parameters. |
|
107 |
* |
|
108 |
* @param uri the URI (may be null) |
|
109 |
* @param type the type (may be null) |
|
110 |
* @param dm the digest method |
|
111 |
* @param transforms a list of {@link Transform}s. The list |
|
112 |
* is defensively copied to protect against subsequent modification. |
|
113 |
* May be <code>null</code> or empty. |
|
114 |
* @param id the reference ID (may be <code>null</code>) |
|
115 |
* @throws NullPointerException if <code>dm</code> is <code>null</code> |
|
116 |
* @throws ClassCastException if any of the <code>transforms</code> are |
|
117 |
* not of type <code>Transform</code> |
|
118 |
*/ |
|
119 |
public DOMReference(String uri, String type, DigestMethod dm, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
120 |
List<? extends Transform> transforms, String id, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
121 |
Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
122 |
{ |
1337 | 123 |
this(uri, type, dm, null, null, transforms, id, null, provider); |
2 | 124 |
} |
125 |
||
126 |
public DOMReference(String uri, String type, DigestMethod dm, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
127 |
List<? extends Transform> appliedTransforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
128 |
Data result, List<? extends Transform> transforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
129 |
String id, Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
130 |
{ |
1337 | 131 |
this(uri, type, dm, appliedTransforms, |
132 |
result, transforms, id, null, provider); |
|
133 |
} |
|
134 |
||
135 |
public DOMReference(String uri, String type, DigestMethod dm, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
136 |
List<? extends Transform> appliedTransforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
137 |
Data result, List<? extends Transform> transforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
138 |
String id, byte[] digestValue, Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
139 |
{ |
2 | 140 |
if (dm == null) { |
141 |
throw new NullPointerException("DigestMethod must be non-null"); |
|
142 |
} |
|
27747 | 143 |
List<Transform> tempList = |
144 |
Collections.checkedList(new ArrayList<Transform>(), |
|
145 |
Transform.class); |
|
146 |
if (appliedTransforms != null) { |
|
147 |
tempList.addAll(appliedTransforms); |
|
2 | 148 |
} |
27747 | 149 |
List<Transform> tempList2 = |
150 |
Collections.checkedList(new ArrayList<Transform>(), |
|
151 |
Transform.class); |
|
152 |
if (transforms != null) { |
|
153 |
tempList.addAll(transforms); |
|
154 |
tempList2.addAll(transforms); |
|
2 | 155 |
} |
27747 | 156 |
this.allTransforms = Collections.unmodifiableList(tempList); |
157 |
this.transforms = tempList2; |
|
2 | 158 |
this.digestMethod = dm; |
159 |
this.uri = uri; |
|
160 |
if ((uri != null) && (!uri.equals(""))) { |
|
161 |
try { |
|
162 |
new URI(uri); |
|
163 |
} catch (URISyntaxException e) { |
|
164 |
throw new IllegalArgumentException(e.getMessage()); |
|
165 |
} |
|
166 |
} |
|
167 |
this.type = type; |
|
168 |
this.id = id; |
|
169 |
if (digestValue != null) { |
|
22584
eed64ee05369
8032733: Fix cast lint warnings in client libraries
darcy
parents:
19051
diff
changeset
|
170 |
this.digestValue = digestValue.clone(); |
2 | 171 |
this.digested = true; |
172 |
} |
|
173 |
this.appliedTransformData = result; |
|
1337 | 174 |
this.provider = provider; |
2 | 175 |
} |
176 |
||
177 |
/** |
|
178 |
* Creates a <code>DOMReference</code> from an element. |
|
179 |
* |
|
180 |
* @param refElem a Reference element |
|
181 |
*/ |
|
1337 | 182 |
public DOMReference(Element refElem, XMLCryptoContext context, |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
183 |
Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
184 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
185 |
{ |
18240 | 186 |
boolean secVal = Utils.secureValidation(context); |
187 |
||
2 | 188 |
// unmarshal Transforms, if specified |
189 |
Element nextSibling = DOMUtils.getFirstChildElement(refElem); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
190 |
List<Transform> transforms = new ArrayList<Transform>(5); |
2 | 191 |
if (nextSibling.getLocalName().equals("Transforms")) { |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
192 |
Element transformElem = DOMUtils.getFirstChildElement(nextSibling, |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
193 |
"Transform"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
194 |
transforms.add(new DOMTransform(transformElem, context, provider)); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
195 |
transformElem = DOMUtils.getNextSiblingElement(transformElem); |
2 | 196 |
while (transformElem != null) { |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
197 |
String localName = transformElem.getLocalName(); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
198 |
if (!localName.equals("Transform")) { |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
199 |
throw new MarshalException( |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
200 |
"Invalid element name: " + localName + |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
201 |
", expected Transform"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
202 |
} |
1337 | 203 |
transforms.add |
204 |
(new DOMTransform(transformElem, context, provider)); |
|
40551
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
205 |
if (secVal && Policy.restrictNumTransforms(transforms.size())) { |
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
206 |
String error = "A maximum of " + Policy.maxTransforms() |
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
207 |
+ " transforms per Reference are allowed when" |
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
208 |
+ " secure validation is enabled"; |
18240 | 209 |
throw new MarshalException(error); |
210 |
} |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
211 |
transformElem = DOMUtils.getNextSiblingElement(transformElem); |
2 | 212 |
} |
213 |
nextSibling = DOMUtils.getNextSiblingElement(nextSibling); |
|
214 |
} |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
215 |
if (!nextSibling.getLocalName().equals("DigestMethod")) { |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
216 |
throw new MarshalException("Invalid element name: " + |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
217 |
nextSibling.getLocalName() + |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
218 |
", expected DigestMethod"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
219 |
} |
2 | 220 |
|
221 |
// unmarshal DigestMethod |
|
222 |
Element dmElem = nextSibling; |
|
223 |
this.digestMethod = DOMDigestMethod.unmarshal(dmElem); |
|
18240 | 224 |
String digestMethodAlgorithm = this.digestMethod.getAlgorithm(); |
40551
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
225 |
if (secVal && Policy.restrictAlg(digestMethodAlgorithm)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
226 |
throw new MarshalException( |
40551
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
227 |
"It is forbidden to use algorithm " + digestMethodAlgorithm + |
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
32003
diff
changeset
|
228 |
" when secure validation is enabled" |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
229 |
); |
18240 | 230 |
} |
2 | 231 |
|
232 |
// unmarshal DigestValue |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
233 |
Element dvElem = DOMUtils.getNextSiblingElement(dmElem, "DigestValue"); |
2 | 234 |
try { |
235 |
this.digestValue = Base64.decode(dvElem); |
|
236 |
} catch (Base64DecodingException bde) { |
|
237 |
throw new MarshalException(bde); |
|
238 |
} |
|
239 |
||
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
240 |
// check for extra elements |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
241 |
if (DOMUtils.getNextSiblingElement(dvElem) != null) { |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
242 |
throw new MarshalException( |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
243 |
"Unexpected element after DigestValue element"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
244 |
} |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
245 |
|
2 | 246 |
// unmarshal attributes |
247 |
this.uri = DOMUtils.getAttributeValue(refElem, "URI"); |
|
18240 | 248 |
|
249 |
Attr attr = refElem.getAttributeNodeNS(null, "Id"); |
|
250 |
if (attr != null) { |
|
251 |
this.id = attr.getValue(); |
|
252 |
refElem.setIdAttributeNode(attr, true); |
|
253 |
} else { |
|
254 |
this.id = null; |
|
255 |
} |
|
2 | 256 |
|
257 |
this.type = DOMUtils.getAttributeValue(refElem, "Type"); |
|
258 |
this.here = refElem.getAttributeNodeNS(null, "URI"); |
|
259 |
this.refElem = refElem; |
|
1337 | 260 |
this.transforms = transforms; |
2 | 261 |
this.allTransforms = transforms; |
262 |
this.appliedTransformData = null; |
|
1337 | 263 |
this.provider = provider; |
2 | 264 |
} |
265 |
||
266 |
public DigestMethod getDigestMethod() { |
|
267 |
return digestMethod; |
|
268 |
} |
|
269 |
||
270 |
public String getId() { |
|
271 |
return id; |
|
272 |
} |
|
273 |
||
274 |
public String getURI() { |
|
275 |
return uri; |
|
276 |
} |
|
277 |
||
278 |
public String getType() { |
|
279 |
return type; |
|
280 |
} |
|
281 |
||
24970
094bfaa699c3
8046044: Fix raw and unchecked lint warnings in XML Signature Impl
mullan
parents:
23010
diff
changeset
|
282 |
public List<Transform> getTransforms() { |
1337 | 283 |
return Collections.unmodifiableList(allTransforms); |
2 | 284 |
} |
285 |
||
286 |
public byte[] getDigestValue() { |
|
22584
eed64ee05369
8032733: Fix cast lint warnings in client libraries
darcy
parents:
19051
diff
changeset
|
287 |
return (digestValue == null ? null : digestValue.clone()); |
2 | 288 |
} |
289 |
||
290 |
public byte[] getCalculatedDigestValue() { |
|
291 |
return (calcDigestValue == null ? null |
|
22584
eed64ee05369
8032733: Fix cast lint warnings in client libraries
darcy
parents:
19051
diff
changeset
|
292 |
: calcDigestValue.clone()); |
2 | 293 |
} |
294 |
||
295 |
public void marshal(Node parent, String dsPrefix, DOMCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
296 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
297 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
298 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
299 |
log.log(java.util.logging.Level.FINE, "Marshalling Reference"); |
2 | 300 |
} |
301 |
Document ownerDoc = DOMUtils.getOwnerDocument(parent); |
|
302 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
303 |
refElem = DOMUtils.createElement(ownerDoc, "Reference", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
304 |
XMLSignature.XMLNS, dsPrefix); |
2 | 305 |
|
306 |
// set attributes |
|
307 |
DOMUtils.setAttributeID(refElem, "Id", id); |
|
308 |
DOMUtils.setAttribute(refElem, "URI", uri); |
|
309 |
DOMUtils.setAttribute(refElem, "Type", type); |
|
310 |
||
311 |
// create and append Transforms element |
|
1337 | 312 |
if (!allTransforms.isEmpty()) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
313 |
Element transformsElem = DOMUtils.createElement(ownerDoc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
314 |
"Transforms", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
315 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
316 |
dsPrefix); |
2 | 317 |
refElem.appendChild(transformsElem); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
318 |
for (Transform transform : allTransforms) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
319 |
((DOMStructure)transform).marshal(transformsElem, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
320 |
dsPrefix, context); |
2 | 321 |
} |
322 |
} |
|
323 |
||
324 |
// create and append DigestMethod element |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
325 |
((DOMDigestMethod)digestMethod).marshal(refElem, dsPrefix, context); |
2 | 326 |
|
327 |
// create and append DigestValue element |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
328 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
329 |
log.log(java.util.logging.Level.FINE, "Adding digestValueElem"); |
2 | 330 |
} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
331 |
Element digestValueElem = DOMUtils.createElement(ownerDoc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
332 |
"DigestValue", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
333 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
334 |
dsPrefix); |
2 | 335 |
if (digestValue != null) { |
336 |
digestValueElem.appendChild |
|
337 |
(ownerDoc.createTextNode(Base64.encode(digestValue))); |
|
338 |
} |
|
339 |
refElem.appendChild(digestValueElem); |
|
340 |
||
341 |
parent.appendChild(refElem); |
|
342 |
here = refElem.getAttributeNodeNS(null, "URI"); |
|
343 |
} |
|
344 |
||
345 |
public void digest(XMLSignContext signContext) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
346 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
347 |
{ |
2 | 348 |
Data data = null; |
349 |
if (appliedTransformData == null) { |
|
350 |
data = dereference(signContext); |
|
351 |
} else { |
|
352 |
data = appliedTransformData; |
|
353 |
} |
|
354 |
digestValue = transform(data, signContext); |
|
355 |
||
356 |
// insert digestValue into DigestValue element |
|
357 |
String encodedDV = Base64.encode(digestValue); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
358 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
359 |
log.log(java.util.logging.Level.FINE, "Reference object uri = " + uri); |
2 | 360 |
} |
361 |
Element digestElem = DOMUtils.getLastChildElement(refElem); |
|
362 |
if (digestElem == null) { |
|
363 |
throw new XMLSignatureException("DigestValue element expected"); |
|
364 |
} |
|
365 |
DOMUtils.removeAllChildren(digestElem); |
|
366 |
digestElem.appendChild |
|
367 |
(refElem.getOwnerDocument().createTextNode(encodedDV)); |
|
368 |
||
369 |
digested = true; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
370 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
371 |
log.log(java.util.logging.Level.FINE, "Reference digesting completed"); |
2 | 372 |
} |
373 |
} |
|
374 |
||
375 |
public boolean validate(XMLValidateContext validateContext) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
376 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
377 |
{ |
2 | 378 |
if (validateContext == null) { |
379 |
throw new NullPointerException("validateContext cannot be null"); |
|
380 |
} |
|
381 |
if (validated) { |
|
382 |
return validationStatus; |
|
383 |
} |
|
384 |
Data data = dereference(validateContext); |
|
385 |
calcDigestValue = transform(data, validateContext); |
|
386 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
387 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
388 |
log.log(java.util.logging.Level.FINE, "Expected digest: " + Base64.encode(digestValue)); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
389 |
log.log(java.util.logging.Level.FINE, "Actual digest: " + Base64.encode(calcDigestValue)); |
2 | 390 |
} |
391 |
||
392 |
validationStatus = Arrays.equals(digestValue, calcDigestValue); |
|
393 |
validated = true; |
|
394 |
return validationStatus; |
|
395 |
} |
|
396 |
||
397 |
public Data getDereferencedData() { |
|
398 |
return derefData; |
|
399 |
} |
|
400 |
||
401 |
public InputStream getDigestInputStream() { |
|
402 |
return dis; |
|
403 |
} |
|
404 |
||
405 |
private Data dereference(XMLCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
406 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
407 |
{ |
2 | 408 |
Data data = null; |
409 |
||
410 |
// use user-specified URIDereferencer if specified; otherwise use deflt |
|
411 |
URIDereferencer deref = context.getURIDereferencer(); |
|
412 |
if (deref == null) { |
|
413 |
deref = DOMURIDereferencer.INSTANCE; |
|
414 |
} |
|
415 |
try { |
|
416 |
data = deref.dereference(this, context); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
417 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
418 |
log.log(java.util.logging.Level.FINE, "URIDereferencer class name: " + deref.getClass().getName()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
419 |
log.log(java.util.logging.Level.FINE, "Data class name: " + data.getClass().getName()); |
2 | 420 |
} |
421 |
} catch (URIReferenceException ure) { |
|
422 |
throw new XMLSignatureException(ure); |
|
423 |
} |
|
424 |
||
425 |
return data; |
|
426 |
} |
|
427 |
||
428 |
private byte[] transform(Data dereferencedData, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
429 |
XMLCryptoContext context) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
430 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
431 |
{ |
2 | 432 |
if (md == null) { |
433 |
try { |
|
434 |
md = MessageDigest.getInstance |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
435 |
(((DOMDigestMethod)digestMethod).getMessageDigestAlgorithm()); |
2 | 436 |
} catch (NoSuchAlgorithmException nsae) { |
437 |
throw new XMLSignatureException(nsae); |
|
438 |
} |
|
439 |
} |
|
440 |
md.reset(); |
|
441 |
DigesterOutputStream dos; |
|
442 |
Boolean cache = (Boolean) |
|
443 |
context.getProperty("javax.xml.crypto.dsig.cacheReference"); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
444 |
if (cache != null && cache.booleanValue()) { |
2 | 445 |
this.derefData = copyDerefData(dereferencedData); |
446 |
dos = new DigesterOutputStream(md, true); |
|
447 |
} else { |
|
448 |
dos = new DigesterOutputStream(md); |
|
449 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
450 |
OutputStream os = null; |
2 | 451 |
Data data = dereferencedData; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
452 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
453 |
os = new UnsyncBufferedOutputStream(dos); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
454 |
for (int i = 0, size = transforms.size(); i < size; i++) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
455 |
DOMTransform transform = (DOMTransform)transforms.get(i); |
2 | 456 |
if (i < size - 1) { |
457 |
data = transform.transform(data, context); |
|
458 |
} else { |
|
459 |
data = transform.transform(data, context, os); |
|
460 |
} |
|
461 |
} |
|
462 |
||
463 |
if (data != null) { |
|
464 |
XMLSignatureInput xi; |
|
1337 | 465 |
// explicitly use C14N 1.1 when generating signature |
466 |
// first check system property, then context property |
|
467 |
boolean c14n11 = useC14N11; |
|
468 |
String c14nalg = CanonicalizationMethod.INCLUSIVE; |
|
469 |
if (context instanceof XMLSignContext) { |
|
470 |
if (!c14n11) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
471 |
Boolean prop = (Boolean)context.getProperty |
1337 | 472 |
("com.sun.org.apache.xml.internal.security.useC14N11"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
473 |
c14n11 = (prop != null && prop.booleanValue()); |
1337 | 474 |
if (c14n11) { |
475 |
c14nalg = "http://www.w3.org/2006/12/xml-c14n11"; |
|
476 |
} |
|
477 |
} else { |
|
478 |
c14nalg = "http://www.w3.org/2006/12/xml-c14n11"; |
|
479 |
} |
|
480 |
} |
|
2 | 481 |
if (data instanceof ApacheData) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
482 |
xi = ((ApacheData)data).getXMLSignatureInput(); |
2 | 483 |
} else if (data instanceof OctetStreamData) { |
484 |
xi = new XMLSignatureInput |
|
485 |
(((OctetStreamData)data).getOctetStream()); |
|
486 |
} else if (data instanceof NodeSetData) { |
|
1337 | 487 |
TransformService spi = null; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
488 |
if (provider == null) { |
1337 | 489 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
490 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
491 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
492 |
spi = TransformService.getInstance(c14nalg, "DOM", provider); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
493 |
} catch (NoSuchAlgorithmException nsae) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
494 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
495 |
} |
1337 | 496 |
} |
2 | 497 |
data = spi.transform(data, context); |
498 |
xi = new XMLSignatureInput |
|
499 |
(((OctetStreamData)data).getOctetStream()); |
|
500 |
} else { |
|
501 |
throw new XMLSignatureException("unrecognized Data type"); |
|
502 |
} |
|
1337 | 503 |
if (context instanceof XMLSignContext && c14n11 |
504 |
&& !xi.isOctetStream() && !xi.isOutputStreamSet()) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
505 |
TransformService spi = null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
506 |
if (provider == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
507 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
508 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
509 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
510 |
spi = TransformService.getInstance(c14nalg, "DOM", provider); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
511 |
} catch (NoSuchAlgorithmException nsae) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
512 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
513 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
514 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
515 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
516 |
DOMTransform t = new DOMTransform(spi); |
1337 | 517 |
Element transformsElem = null; |
518 |
String dsPrefix = DOMUtils.getSignaturePrefix(context); |
|
519 |
if (allTransforms.isEmpty()) { |
|
520 |
transformsElem = DOMUtils.createElement( |
|
521 |
refElem.getOwnerDocument(), |
|
522 |
"Transforms", XMLSignature.XMLNS, dsPrefix); |
|
523 |
refElem.insertBefore(transformsElem, |
|
524 |
DOMUtils.getFirstChildElement(refElem)); |
|
525 |
} else { |
|
526 |
transformsElem = DOMUtils.getFirstChildElement(refElem); |
|
527 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
528 |
t.marshal(transformsElem, dsPrefix, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
529 |
(DOMCryptoContext)context); |
1337 | 530 |
allTransforms.add(t); |
531 |
xi.updateOutputStream(os, true); |
|
532 |
} else { |
|
533 |
xi.updateOutputStream(os); |
|
534 |
} |
|
2 | 535 |
} |
536 |
os.flush(); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
537 |
if (cache != null && cache.booleanValue()) { |
2 | 538 |
this.dis = dos.getInputStream(); |
539 |
} |
|
540 |
return dos.getDigestValue(); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
541 |
} catch (NoSuchAlgorithmException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
542 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
543 |
} catch (TransformException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
544 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
545 |
} catch (MarshalException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
546 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
547 |
} catch (IOException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
548 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
549 |
} catch (com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException e) { |
2 | 550 |
throw new XMLSignatureException(e); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
551 |
} finally { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
552 |
if (os != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
553 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
554 |
os.close(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
555 |
} catch (IOException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
556 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
557 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
558 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
559 |
if (dos != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
560 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
561 |
dos.close(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
562 |
} catch (IOException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
563 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
564 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
565 |
} |
2 | 566 |
} |
567 |
} |
|
568 |
||
569 |
public Node getHere() { |
|
570 |
return here; |
|
571 |
} |
|
572 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
573 |
@Override |
2 | 574 |
public boolean equals(Object o) { |
575 |
if (this == o) { |
|
576 |
return true; |
|
577 |
} |
|
578 |
||
579 |
if (!(o instanceof Reference)) { |
|
580 |
return false; |
|
581 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
582 |
Reference oref = (Reference)o; |
2 | 583 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
584 |
boolean idsEqual = (id == null ? oref.getId() == null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
585 |
: id.equals(oref.getId())); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
586 |
boolean urisEqual = (uri == null ? oref.getURI() == null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
587 |
: uri.equals(oref.getURI())); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
588 |
boolean typesEqual = (type == null ? oref.getType() == null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
589 |
: type.equals(oref.getType())); |
2 | 590 |
boolean digestValuesEqual = |
591 |
Arrays.equals(digestValue, oref.getDigestValue()); |
|
592 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
593 |
return digestMethod.equals(oref.getDigestMethod()) && idsEqual && |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
594 |
urisEqual && typesEqual && |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
595 |
allTransforms.equals(oref.getTransforms()) && digestValuesEqual; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
596 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
597 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
598 |
@Override |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
599 |
public int hashCode() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
600 |
int result = 17; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
601 |
if (id != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
602 |
result = 31 * result + id.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
603 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
604 |
if (uri != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
605 |
result = 31 * result + uri.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
606 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
607 |
if (type != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
608 |
result = 31 * result + type.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
609 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
610 |
if (digestValue != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
611 |
result = 31 * result + Arrays.hashCode(digestValue); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
612 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
613 |
result = 31 * result + digestMethod.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
614 |
result = 31 * result + allTransforms.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
615 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
616 |
return result; |
2 | 617 |
} |
618 |
||
619 |
boolean isDigested() { |
|
620 |
return digested; |
|
621 |
} |
|
622 |
||
623 |
private static Data copyDerefData(Data dereferencedData) { |
|
624 |
if (dereferencedData instanceof ApacheData) { |
|
625 |
// need to make a copy of the Data |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
626 |
ApacheData ad = (ApacheData)dereferencedData; |
2 | 627 |
XMLSignatureInput xsi = ad.getXMLSignatureInput(); |
628 |
if (xsi.isNodeSet()) { |
|
629 |
try { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
630 |
final Set<Node> s = xsi.getNodeSet(); |
27747 | 631 |
return new NodeSetData<Node>() { |
24970
094bfaa699c3
8046044: Fix raw and unchecked lint warnings in XML Signature Impl
mullan
parents:
23010
diff
changeset
|
632 |
public Iterator<Node> iterator() { return s.iterator(); } |
2 | 633 |
}; |
634 |
} catch (Exception e) { |
|
635 |
// log a warning |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
636 |
log.log(java.util.logging.Level.WARNING, "cannot cache dereferenced data: " + e); |
2 | 637 |
return null; |
638 |
} |
|
639 |
} else if (xsi.isElement()) { |
|
640 |
return new DOMSubTreeData |
|
641 |
(xsi.getSubNode(), xsi.isExcludeComments()); |
|
642 |
} else if (xsi.isOctetStream() || xsi.isByteArray()) { |
|
643 |
try { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
644 |
return new OctetStreamData |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
645 |
(xsi.getOctetStream(), xsi.getSourceURI(), |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
646 |
xsi.getMIMEType()); |
2 | 647 |
} catch (IOException ioe) { |
648 |
// log a warning |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
649 |
log.log(java.util.logging.Level.WARNING, "cannot cache dereferenced data: " + ioe); |
2 | 650 |
return null; |
651 |
} |
|
652 |
} |
|
653 |
} |
|
654 |
return dereferencedData; |
|
655 |
} |
|
656 |
} |