author | mullan |
Fri, 21 Nov 2014 15:23:36 -0500 | |
changeset 27747 | 3a271dc8b758 |
parent 25859 | 3317bb8137f4 |
child 40551 | 05eba5515cbb |
permissions | -rw-r--r-- |
2 | 1 |
/* |
1337 | 2 |
* reserved comment block |
3 |
* DO NOT REMOVE OR ALTER! |
|
2 | 4 |
*/ |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
1337 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
1337 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
21 |
* under the License. |
1337 | 22 |
*/ |
23 |
/* |
|
27747 | 24 |
* Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. |
1337 | 25 |
*/ |
26 |
/* |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
27 |
* $Id: ApacheTransform.java 1333869 2012-05-04 10:42:44Z coheigea $ |
2 | 28 |
*/ |
29 |
package org.jcp.xml.dsig.internal.dom; |
|
30 |
||
31 |
import java.io.OutputStream; |
|
32 |
import java.security.InvalidAlgorithmParameterException; |
|
33 |
import java.security.spec.AlgorithmParameterSpec; |
|
34 |
import java.util.Set; |
|
35 |
import org.w3c.dom.Document; |
|
36 |
import org.w3c.dom.Element; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
37 |
import org.w3c.dom.Node; |
2 | 38 |
|
39 |
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; |
|
40 |
import com.sun.org.apache.xml.internal.security.transforms.Transform; |
|
18240 | 41 |
import com.sun.org.apache.xml.internal.security.transforms.Transforms; |
2 | 42 |
|
43 |
import javax.xml.crypto.*; |
|
44 |
import javax.xml.crypto.dom.DOMCryptoContext; |
|
45 |
import javax.xml.crypto.dsig.*; |
|
46 |
import javax.xml.crypto.dsig.spec.TransformParameterSpec; |
|
47 |
||
48 |
/** |
|
49 |
* This is a wrapper/glue class which invokes the Apache XML-Security |
|
50 |
* Transform. |
|
51 |
* |
|
52 |
* @author Sean Mullan |
|
53 |
* @author Erwin van der Koogh |
|
54 |
*/ |
|
55 |
public abstract class ApacheTransform extends TransformService { |
|
56 |
||
1337 | 57 |
static { |
58 |
com.sun.org.apache.xml.internal.security.Init.init(); |
|
59 |
} |
|
60 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
61 |
private static java.util.logging.Logger log = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
62 |
java.util.logging.Logger.getLogger("org.jcp.xml.dsig.internal.dom"); |
2 | 63 |
private Transform apacheTransform; |
64 |
protected Document ownerDoc; |
|
65 |
protected Element transformElem; |
|
66 |
protected TransformParameterSpec params; |
|
67 |
||
68 |
public final AlgorithmParameterSpec getParameterSpec() { |
|
69 |
return params; |
|
70 |
} |
|
71 |
||
72 |
public void init(XMLStructure parent, XMLCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
73 |
throws InvalidAlgorithmParameterException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
74 |
{ |
2 | 75 |
if (context != null && !(context instanceof DOMCryptoContext)) { |
76 |
throw new ClassCastException |
|
77 |
("context must be of type DOMCryptoContext"); |
|
78 |
} |
|
19204
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
79 |
if (parent == null) { |
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
80 |
throw new NullPointerException(); |
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
81 |
} |
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
82 |
if (!(parent instanceof javax.xml.crypto.dom.DOMStructure)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
83 |
throw new ClassCastException("parent must be of type DOMStructure"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
84 |
} |
2 | 85 |
transformElem = (Element) |
86 |
((javax.xml.crypto.dom.DOMStructure) parent).getNode(); |
|
87 |
ownerDoc = DOMUtils.getOwnerDocument(transformElem); |
|
88 |
} |
|
89 |
||
90 |
public void marshalParams(XMLStructure parent, XMLCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
91 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
92 |
{ |
2 | 93 |
if (context != null && !(context instanceof DOMCryptoContext)) { |
94 |
throw new ClassCastException |
|
95 |
("context must be of type DOMCryptoContext"); |
|
96 |
} |
|
19204
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
97 |
if (parent == null) { |
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
98 |
throw new NullPointerException(); |
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
99 |
} |
440d320f9144
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
mullan
parents:
18780
diff
changeset
|
100 |
if (!(parent instanceof javax.xml.crypto.dom.DOMStructure)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
101 |
throw new ClassCastException("parent must be of type DOMStructure"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
102 |
} |
2 | 103 |
transformElem = (Element) |
104 |
((javax.xml.crypto.dom.DOMStructure) parent).getNode(); |
|
105 |
ownerDoc = DOMUtils.getOwnerDocument(transformElem); |
|
106 |
} |
|
107 |
||
108 |
public Data transform(Data data, XMLCryptoContext xc) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
109 |
throws TransformException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
110 |
{ |
2 | 111 |
if (data == null) { |
112 |
throw new NullPointerException("data must not be null"); |
|
113 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
114 |
return transformIt(data, xc, (OutputStream)null); |
2 | 115 |
} |
116 |
||
117 |
public Data transform(Data data, XMLCryptoContext xc, OutputStream os) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
118 |
throws TransformException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
119 |
{ |
2 | 120 |
if (data == null) { |
121 |
throw new NullPointerException("data must not be null"); |
|
122 |
} |
|
123 |
if (os == null) { |
|
124 |
throw new NullPointerException("output stream must not be null"); |
|
125 |
} |
|
126 |
return transformIt(data, xc, os); |
|
127 |
} |
|
128 |
||
129 |
private Data transformIt(Data data, XMLCryptoContext xc, OutputStream os) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
130 |
throws TransformException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
131 |
{ |
2 | 132 |
if (ownerDoc == null) { |
133 |
throw new TransformException("transform must be marshalled"); |
|
134 |
} |
|
135 |
||
136 |
if (apacheTransform == null) { |
|
137 |
try { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
138 |
apacheTransform = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
139 |
new Transform(ownerDoc, getAlgorithm(), transformElem.getChildNodes()); |
2 | 140 |
apacheTransform.setElement(transformElem, xc.getBaseURI()); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
141 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
142 |
log.log(java.util.logging.Level.FINE, "Created transform for algorithm: " + |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
143 |
getAlgorithm()); |
2 | 144 |
} |
145 |
} catch (Exception ex) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
146 |
throw new TransformException("Couldn't find Transform for: " + |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
147 |
getAlgorithm(), ex); |
2 | 148 |
} |
149 |
} |
|
150 |
||
18240 | 151 |
if (Utils.secureValidation(xc)) { |
152 |
String algorithm = getAlgorithm(); |
|
153 |
if (Transforms.TRANSFORM_XSLT.equals(algorithm)) { |
|
154 |
throw new TransformException( |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
155 |
"Transform " + algorithm + " is forbidden when secure validation is enabled" |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
156 |
); |
18240 | 157 |
} |
158 |
} |
|
159 |
||
2 | 160 |
XMLSignatureInput in; |
161 |
if (data instanceof ApacheData) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
162 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
163 |
log.log(java.util.logging.Level.FINE, "ApacheData = true"); |
2 | 164 |
} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
165 |
in = ((ApacheData)data).getXMLSignatureInput(); |
2 | 166 |
} else if (data instanceof NodeSetData) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
167 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
168 |
log.log(java.util.logging.Level.FINE, "isNodeSet() = true"); |
2 | 169 |
} |
170 |
if (data instanceof DOMSubTreeData) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
171 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
172 |
log.log(java.util.logging.Level.FINE, "DOMSubTreeData = true"); |
2 | 173 |
} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
174 |
DOMSubTreeData subTree = (DOMSubTreeData)data; |
2 | 175 |
in = new XMLSignatureInput(subTree.getRoot()); |
176 |
in.setExcludeComments(subTree.excludeComments()); |
|
177 |
} else { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
178 |
Set<Node> nodeSet = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
179 |
Utils.toNodeSet(((NodeSetData)data).iterator()); |
2 | 180 |
in = new XMLSignatureInput(nodeSet); |
181 |
} |
|
182 |
} else { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
183 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
184 |
log.log(java.util.logging.Level.FINE, "isNodeSet() = false"); |
2 | 185 |
} |
186 |
try { |
|
187 |
in = new XMLSignatureInput |
|
188 |
(((OctetStreamData)data).getOctetStream()); |
|
189 |
} catch (Exception ex) { |
|
190 |
throw new TransformException(ex); |
|
191 |
} |
|
192 |
} |
|
193 |
||
194 |
try { |
|
195 |
if (os != null) { |
|
196 |
in = apacheTransform.performTransform(in, os); |
|
197 |
if (!in.isNodeSet() && !in.isElement()) { |
|
198 |
return null; |
|
199 |
} |
|
200 |
} else { |
|
201 |
in = apacheTransform.performTransform(in); |
|
202 |
} |
|
203 |
if (in.isOctetStream()) { |
|
204 |
return new ApacheOctetStreamData(in); |
|
205 |
} else { |
|
206 |
return new ApacheNodeSetData(in); |
|
207 |
} |
|
208 |
} catch (Exception ex) { |
|
209 |
throw new TransformException(ex); |
|
210 |
} |
|
211 |
} |
|
212 |
||
213 |
public final boolean isFeatureSupported(String feature) { |
|
214 |
if (feature == null) { |
|
215 |
throw new NullPointerException(); |
|
216 |
} else { |
|
217 |
return false; |
|
218 |
} |
|
219 |
} |
|
220 |
} |