author | weijun |
Tue, 19 Jun 2018 08:06:35 +0800 | |
changeset 50614 | 3810c9a2efa1 |
parent 47216 | 71c04702a3d5 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
2 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
21 |
* under the License. |
2 | 22 |
*/ |
23 |
package com.sun.org.apache.xml.internal.security.utils; |
|
24 |
||
25 |
import java.io.FileNotFoundException; |
|
26 |
import java.io.IOException; |
|
27 |
import java.io.InputStream; |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
28 |
import java.io.OutputStream; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
29 |
import java.nio.file.Files; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
30 |
import java.nio.file.Paths; |
27081 | 31 |
import java.security.SecurityPermission; |
2 | 32 |
|
33 |
/** |
|
34 |
* A collection of different, general-purpose methods for JAVA-specific things |
|
35 |
*/ |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
36 |
public final class JavaUtils { |
2 | 37 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
38 |
private static final com.sun.org.slf4j.internal.Logger LOG = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
39 |
com.sun.org.slf4j.internal.LoggerFactory.getLogger(JavaUtils.class); |
2 | 40 |
|
27081 | 41 |
private static final SecurityPermission REGISTER_PERMISSION = |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
42 |
new SecurityPermission("com.sun.org.apache.xml.internal.security.register"); |
27081 | 43 |
|
1337 | 44 |
private JavaUtils() { |
45 |
// we don't allow instantiation |
|
46 |
} |
|
2 | 47 |
|
1337 | 48 |
/** |
49 |
* Method getBytesFromFile |
|
50 |
* |
|
51 |
* @param fileName |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
52 |
* @return the bytes read from the file |
1337 | 53 |
* |
54 |
* @throws FileNotFoundException |
|
55 |
* @throws IOException |
|
56 |
*/ |
|
57 |
public static byte[] getBytesFromFile(String fileName) |
|
58 |
throws FileNotFoundException, IOException { |
|
59 |
||
60 |
byte refBytes[] = null; |
|
2 | 61 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
62 |
try (InputStream inputStream = Files.newInputStream(Paths.get(fileName)); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
63 |
UnsyncByteArrayOutputStream baos = new UnsyncByteArrayOutputStream()) { |
1337 | 64 |
byte buf[] = new byte[1024]; |
65 |
int len; |
|
2 | 66 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
67 |
while ((len = inputStream.read(buf)) > 0) { |
1337 | 68 |
baos.write(buf, 0, len); |
69 |
} |
|
2 | 70 |
|
1337 | 71 |
refBytes = baos.toByteArray(); |
72 |
} |
|
2 | 73 |
|
1337 | 74 |
return refBytes; |
75 |
} |
|
2 | 76 |
|
1337 | 77 |
/** |
78 |
* Method writeBytesToFilename |
|
79 |
* |
|
80 |
* @param filename |
|
81 |
* @param bytes |
|
82 |
*/ |
|
83 |
public static void writeBytesToFilename(String filename, byte[] bytes) { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
84 |
if (filename != null && bytes != null) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
85 |
try (OutputStream outputStream = Files.newOutputStream(Paths.get(filename))) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
86 |
outputStream.write(bytes); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
87 |
} catch (IOException ex) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
88 |
LOG.debug(ex.getMessage(), ex); |
1337 | 89 |
} |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
90 |
} else { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
91 |
LOG.debug("writeBytesToFilename got null byte[] pointed"); |
1337 | 92 |
} |
93 |
} |
|
2 | 94 |
|
1337 | 95 |
/** |
96 |
* This method reads all bytes from the given InputStream till EOF and |
|
97 |
* returns them as a byte array. |
|
98 |
* |
|
99 |
* @param inputStream |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
100 |
* @return the bytes read from the stream |
1337 | 101 |
* |
102 |
* @throws FileNotFoundException |
|
103 |
* @throws IOException |
|
104 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
105 |
public static byte[] getBytesFromStream(InputStream inputStream) throws IOException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
106 |
try (UnsyncByteArrayOutputStream baos = new UnsyncByteArrayOutputStream()) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
107 |
byte buf[] = new byte[4 * 1024]; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
108 |
int len; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
109 |
while ((len = inputStream.read(buf)) > 0) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
110 |
baos.write(buf, 0, len); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
111 |
} |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
112 |
return baos.toByteArray(); |
27081 | 113 |
} |
114 |
} |
|
115 |
||
116 |
/** |
|
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
117 |
* Converts an ASN.1 DSA value to a XML Signature DSA Value. |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
118 |
* |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
119 |
* The JCE DSA Signature algorithm creates ASN.1 encoded (r, s) value |
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
120 |
* pairs (see section 2.2.2 of RFC 3279); the XML Signature requires the |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
121 |
* core BigInteger values. |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
122 |
* |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
123 |
* @param asn1Bytes the ASN.1 encoded bytes |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
124 |
* @param size size of r and s in bytes |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
125 |
* @return the XML Signature encoded bytes |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
126 |
* @throws IOException if the bytes are not encoded correctly |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
127 |
* @see <A HREF="http://www.w3.org/TR/xmldsig-core1/#sec-DSA">6.4.1 DSA</A> |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
128 |
*/ |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
129 |
public static byte[] convertDsaASN1toXMLDSIG(byte[] asn1Bytes, int size) |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
130 |
throws IOException |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
131 |
{ |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
132 |
if (asn1Bytes[0] != 48 || asn1Bytes[1] != asn1Bytes.length - 2 |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
133 |
|| asn1Bytes[2] != 2) { |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
134 |
throw new IOException("Invalid ASN.1 format of DSA signature"); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
135 |
} |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
136 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
137 |
byte rLength = asn1Bytes[3]; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
138 |
int i; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
139 |
for (i = rLength; i > 0 && asn1Bytes[4 + rLength - i] == 0; i--); //NOPMD |
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
140 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
141 |
byte sLength = asn1Bytes[5 + rLength]; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
142 |
int j; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
143 |
for (j = sLength; j > 0 && asn1Bytes[6 + rLength + sLength - j] == 0; j--); //NOPMD |
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
144 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
145 |
if (i > size || asn1Bytes[4 + rLength] != 2 || j > size) { |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
146 |
throw new IOException("Invalid ASN.1 format of DSA signature"); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
147 |
} else { |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
148 |
byte[] xmldsigBytes = new byte[size * 2]; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
149 |
System.arraycopy(asn1Bytes, 4 + rLength - i, xmldsigBytes, |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
150 |
size - i, i); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
151 |
System.arraycopy(asn1Bytes, 6 + rLength + sLength - j, |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
152 |
xmldsigBytes, size * 2 - j, j); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
153 |
return xmldsigBytes; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
154 |
} |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
155 |
} |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
156 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
157 |
/** |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
158 |
* Converts an XML Signature DSA Value to a ASN.1 DSA value. |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
159 |
* |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
160 |
* The JCE DSA Signature algorithm creates ASN.1 encoded (r, s) value |
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
161 |
* pairs (see section 2.2.2 of RFC 3279); the XML Signature requires the |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
162 |
* core BigInteger values. |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
163 |
* |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
164 |
* @param xmldsigBytes the XML Signature encoded bytes |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
165 |
* @param size size of r and s in bytes |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
166 |
* @return the ASN.1 encoded bytes |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
167 |
* @throws IOException if the bytes are not encoded correctly |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
168 |
* @see <A HREF="http://www.w3.org/TR/xmldsig-core1/#sec-DSA">6.4.1 DSA</A> |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
169 |
*/ |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
170 |
public static byte[] convertDsaXMLDSIGtoASN1(byte[] xmldsigBytes, int size) |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
171 |
throws IOException |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
172 |
{ |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
173 |
int totalSize = size * 2; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
174 |
if (xmldsigBytes.length != totalSize) { |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
175 |
throw new IOException("Invalid XMLDSIG format of DSA signature"); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
176 |
} |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
177 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
178 |
int i; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
179 |
for (i = size; i > 0 && xmldsigBytes[size - i] == 0; i--); //NOPMD |
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
180 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
181 |
int j = i; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
182 |
if (xmldsigBytes[size - i] < 0) { |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
183 |
j++; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
184 |
} |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
185 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
186 |
int k; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
187 |
for (k = size; k > 0 && xmldsigBytes[totalSize - k] == 0; k--); //NOPMD |
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
188 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
189 |
int l = k; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
190 |
if (xmldsigBytes[totalSize - k] < 0) { |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
191 |
l++; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
192 |
} |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
193 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
194 |
byte[] asn1Bytes = new byte[6 + j + l]; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
195 |
asn1Bytes[0] = 48; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
196 |
asn1Bytes[1] = (byte)(4 + j + l); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
197 |
asn1Bytes[2] = 2; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
198 |
asn1Bytes[3] = (byte)j; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
199 |
System.arraycopy(xmldsigBytes, size - i, asn1Bytes, 4 + j - i, i); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
200 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
201 |
asn1Bytes[4 + j] = 2; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
202 |
asn1Bytes[5 + j] = (byte) l; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
203 |
System.arraycopy(xmldsigBytes, totalSize - k, asn1Bytes, |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
204 |
6 + j + l - k, k); |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
205 |
|
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
206 |
return asn1Bytes; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
18780
diff
changeset
|
207 |
} |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
208 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
209 |
/** |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
210 |
* Throws a {@code SecurityException} if a security manager is installed |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
211 |
* and the caller is not allowed to register an implementation of an |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
212 |
* algorithm, transform, or other security sensitive XML Signature function. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
213 |
* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
214 |
* @throws SecurityException if a security manager is installed and the |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
215 |
* caller has not been granted the |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
216 |
* {@literal "com.sun.org.apache.xml.internal.security.register"} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
217 |
* {@code SecurityPermission} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
218 |
*/ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
219 |
public static void checkRegisterPermission() { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
220 |
SecurityManager sm = System.getSecurityManager(); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
221 |
if (sm != null) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
222 |
sm.checkPermission(REGISTER_PERMISSION); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
223 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
224 |
} |
2 | 225 |
} |