author | mullan |
Fri, 21 Nov 2014 15:23:36 -0500 | |
changeset 27747 | 3a271dc8b758 |
parent 25859 | 3317bb8137f4 |
child 32003 | acb12269398a |
permissions | -rw-r--r-- |
2 | 1 |
/* |
1337 | 2 |
* reserved comment block |
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
2 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
21 |
* under the License. |
2 | 22 |
*/ |
1337 | 23 |
/* |
24970
094bfaa699c3
8046044: Fix raw and unchecked lint warnings in XML Signature Impl
mullan
parents:
23010
diff
changeset
|
24 |
* Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. |
1337 | 25 |
*/ |
2 | 26 |
/* |
27 |
* =========================================================================== |
|
28 |
* |
|
29 |
* (C) Copyright IBM Corp. 2003 All Rights Reserved. |
|
30 |
* |
|
31 |
* =========================================================================== |
|
32 |
*/ |
|
33 |
/* |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
34 |
* $Id: DOMReference.java 1334007 2012-05-04 14:59:46Z coheigea $ |
2 | 35 |
*/ |
36 |
package org.jcp.xml.dsig.internal.dom; |
|
37 |
||
38 |
import javax.xml.crypto.*; |
|
39 |
import javax.xml.crypto.dsig.*; |
|
40 |
import javax.xml.crypto.dom.DOMCryptoContext; |
|
41 |
import javax.xml.crypto.dom.DOMURIReference; |
|
42 |
||
43 |
import java.io.*; |
|
44 |
import java.net.URI; |
|
45 |
import java.net.URISyntaxException; |
|
46 |
import java.security.*; |
|
47 |
import java.util.*; |
|
48 |
import org.w3c.dom.Attr; |
|
49 |
import org.w3c.dom.Document; |
|
50 |
import org.w3c.dom.Element; |
|
51 |
import org.w3c.dom.Node; |
|
52 |
||
53 |
import org.jcp.xml.dsig.internal.DigesterOutputStream; |
|
18240 | 54 |
import com.sun.org.apache.xml.internal.security.algorithms.MessageDigestAlgorithm; |
2 | 55 |
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; |
56 |
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; |
|
57 |
import com.sun.org.apache.xml.internal.security.utils.Base64; |
|
58 |
import com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream; |
|
59 |
||
60 |
/** |
|
61 |
* DOM-based implementation of Reference. |
|
62 |
* |
|
63 |
* @author Sean Mullan |
|
64 |
* @author Joyce Leung |
|
65 |
*/ |
|
66 |
public final class DOMReference extends DOMStructure |
|
67 |
implements Reference, DOMURIReference { |
|
68 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
69 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
70 |
* The maximum number of transforms per reference, if secure validation is enabled. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
71 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
72 |
public static final int MAXIMUM_TRANSFORM_COUNT = 5; |
18240 | 73 |
|
1337 | 74 |
/** |
75 |
* Look up useC14N11 system property. If true, an explicit C14N11 transform |
|
76 |
* will be added if necessary when generating the signature. See section |
|
77 |
* 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info. |
|
78 |
* |
|
79 |
* If true, overrides the same property if set in the XMLSignContext. |
|
80 |
*/ |
|
81 |
private static boolean useC14N11 = |
|
82 |
AccessController.doPrivileged(new PrivilegedAction<Boolean>() { |
|
83 |
public Boolean run() { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
84 |
return Boolean.valueOf(Boolean.getBoolean |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
85 |
("com.sun.org.apache.xml.internal.security.useC14N11")); |
1337 | 86 |
} |
87 |
}); |
|
88 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
89 |
private static java.util.logging.Logger log = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
90 |
java.util.logging.Logger.getLogger("org.jcp.xml.dsig.internal.dom"); |
2 | 91 |
|
92 |
private final DigestMethod digestMethod; |
|
93 |
private final String id; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
94 |
private final List<Transform> transforms; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
95 |
private List<Transform> allTransforms; |
2 | 96 |
private final Data appliedTransformData; |
97 |
private Attr here; |
|
98 |
private final String uri; |
|
99 |
private final String type; |
|
100 |
private byte[] digestValue; |
|
101 |
private byte[] calcDigestValue; |
|
102 |
private Element refElem; |
|
103 |
private boolean digested = false; |
|
104 |
private boolean validated = false; |
|
105 |
private boolean validationStatus; |
|
106 |
private Data derefData; |
|
107 |
private InputStream dis; |
|
108 |
private MessageDigest md; |
|
1337 | 109 |
private Provider provider; |
2 | 110 |
|
111 |
/** |
|
112 |
* Creates a <code>Reference</code> from the specified parameters. |
|
113 |
* |
|
114 |
* @param uri the URI (may be null) |
|
115 |
* @param type the type (may be null) |
|
116 |
* @param dm the digest method |
|
117 |
* @param transforms a list of {@link Transform}s. The list |
|
118 |
* is defensively copied to protect against subsequent modification. |
|
119 |
* May be <code>null</code> or empty. |
|
120 |
* @param id the reference ID (may be <code>null</code>) |
|
121 |
* @return a <code>Reference</code> |
|
122 |
* @throws NullPointerException if <code>dm</code> is <code>null</code> |
|
123 |
* @throws ClassCastException if any of the <code>transforms</code> are |
|
124 |
* not of type <code>Transform</code> |
|
125 |
*/ |
|
126 |
public DOMReference(String uri, String type, DigestMethod dm, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
127 |
List<? extends Transform> transforms, String id, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
128 |
Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
129 |
{ |
1337 | 130 |
this(uri, type, dm, null, null, transforms, id, null, provider); |
2 | 131 |
} |
132 |
||
133 |
public DOMReference(String uri, String type, DigestMethod dm, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
134 |
List<? extends Transform> appliedTransforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
135 |
Data result, List<? extends Transform> transforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
136 |
String id, Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
137 |
{ |
1337 | 138 |
this(uri, type, dm, appliedTransforms, |
139 |
result, transforms, id, null, provider); |
|
140 |
} |
|
141 |
||
142 |
public DOMReference(String uri, String type, DigestMethod dm, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
143 |
List<? extends Transform> appliedTransforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
144 |
Data result, List<? extends Transform> transforms, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
145 |
String id, byte[] digestValue, Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
146 |
{ |
2 | 147 |
if (dm == null) { |
148 |
throw new NullPointerException("DigestMethod must be non-null"); |
|
149 |
} |
|
27747 | 150 |
List<Transform> tempList = |
151 |
Collections.checkedList(new ArrayList<Transform>(), |
|
152 |
Transform.class); |
|
153 |
if (appliedTransforms != null) { |
|
154 |
tempList.addAll(appliedTransforms); |
|
2 | 155 |
} |
27747 | 156 |
List<Transform> tempList2 = |
157 |
Collections.checkedList(new ArrayList<Transform>(), |
|
158 |
Transform.class); |
|
159 |
if (transforms != null) { |
|
160 |
tempList.addAll(transforms); |
|
161 |
tempList2.addAll(transforms); |
|
2 | 162 |
} |
27747 | 163 |
this.allTransforms = Collections.unmodifiableList(tempList); |
164 |
this.transforms = tempList2; |
|
2 | 165 |
this.digestMethod = dm; |
166 |
this.uri = uri; |
|
167 |
if ((uri != null) && (!uri.equals(""))) { |
|
168 |
try { |
|
169 |
new URI(uri); |
|
170 |
} catch (URISyntaxException e) { |
|
171 |
throw new IllegalArgumentException(e.getMessage()); |
|
172 |
} |
|
173 |
} |
|
174 |
this.type = type; |
|
175 |
this.id = id; |
|
176 |
if (digestValue != null) { |
|
22584
eed64ee05369
8032733: Fix cast lint warnings in client libraries
darcy
parents:
19051
diff
changeset
|
177 |
this.digestValue = digestValue.clone(); |
2 | 178 |
this.digested = true; |
179 |
} |
|
180 |
this.appliedTransformData = result; |
|
1337 | 181 |
this.provider = provider; |
2 | 182 |
} |
183 |
||
184 |
/** |
|
185 |
* Creates a <code>DOMReference</code> from an element. |
|
186 |
* |
|
187 |
* @param refElem a Reference element |
|
188 |
*/ |
|
1337 | 189 |
public DOMReference(Element refElem, XMLCryptoContext context, |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
190 |
Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
191 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
192 |
{ |
18240 | 193 |
boolean secVal = Utils.secureValidation(context); |
194 |
||
2 | 195 |
// unmarshal Transforms, if specified |
196 |
Element nextSibling = DOMUtils.getFirstChildElement(refElem); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
197 |
List<Transform> transforms = new ArrayList<Transform>(5); |
2 | 198 |
if (nextSibling.getLocalName().equals("Transforms")) { |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
199 |
Element transformElem = DOMUtils.getFirstChildElement(nextSibling, |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
200 |
"Transform"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
201 |
transforms.add(new DOMTransform(transformElem, context, provider)); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
202 |
transformElem = DOMUtils.getNextSiblingElement(transformElem); |
2 | 203 |
while (transformElem != null) { |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
204 |
String localName = transformElem.getLocalName(); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
205 |
if (!localName.equals("Transform")) { |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
206 |
throw new MarshalException( |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
207 |
"Invalid element name: " + localName + |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
208 |
", expected Transform"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
209 |
} |
1337 | 210 |
transforms.add |
211 |
(new DOMTransform(transformElem, context, provider)); |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
212 |
if (secVal && (transforms.size() > MAXIMUM_TRANSFORM_COUNT)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
213 |
String error = "A maxiumum of " + MAXIMUM_TRANSFORM_COUNT + " " |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
214 |
+ "transforms per Reference are allowed with secure validation"; |
18240 | 215 |
throw new MarshalException(error); |
216 |
} |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
217 |
transformElem = DOMUtils.getNextSiblingElement(transformElem); |
2 | 218 |
} |
219 |
nextSibling = DOMUtils.getNextSiblingElement(nextSibling); |
|
220 |
} |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
221 |
if (!nextSibling.getLocalName().equals("DigestMethod")) { |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
222 |
throw new MarshalException("Invalid element name: " + |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
223 |
nextSibling.getLocalName() + |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
224 |
", expected DigestMethod"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
225 |
} |
2 | 226 |
|
227 |
// unmarshal DigestMethod |
|
228 |
Element dmElem = nextSibling; |
|
229 |
this.digestMethod = DOMDigestMethod.unmarshal(dmElem); |
|
18240 | 230 |
String digestMethodAlgorithm = this.digestMethod.getAlgorithm(); |
231 |
if (secVal |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
232 |
&& MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(digestMethodAlgorithm)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
233 |
throw new MarshalException( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
234 |
"It is forbidden to use algorithm " + digestMethod + " when secure validation is enabled" |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
235 |
); |
18240 | 236 |
} |
2 | 237 |
|
238 |
// unmarshal DigestValue |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
239 |
Element dvElem = DOMUtils.getNextSiblingElement(dmElem, "DigestValue"); |
2 | 240 |
try { |
241 |
this.digestValue = Base64.decode(dvElem); |
|
242 |
} catch (Base64DecodingException bde) { |
|
243 |
throw new MarshalException(bde); |
|
244 |
} |
|
245 |
||
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
246 |
// check for extra elements |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
247 |
if (DOMUtils.getNextSiblingElement(dvElem) != null) { |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
248 |
throw new MarshalException( |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
249 |
"Unexpected element after DigestValue element"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
250 |
} |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
251 |
|
2 | 252 |
// unmarshal attributes |
253 |
this.uri = DOMUtils.getAttributeValue(refElem, "URI"); |
|
18240 | 254 |
|
255 |
Attr attr = refElem.getAttributeNodeNS(null, "Id"); |
|
256 |
if (attr != null) { |
|
257 |
this.id = attr.getValue(); |
|
258 |
refElem.setIdAttributeNode(attr, true); |
|
259 |
} else { |
|
260 |
this.id = null; |
|
261 |
} |
|
2 | 262 |
|
263 |
this.type = DOMUtils.getAttributeValue(refElem, "Type"); |
|
264 |
this.here = refElem.getAttributeNodeNS(null, "URI"); |
|
265 |
this.refElem = refElem; |
|
1337 | 266 |
this.transforms = transforms; |
2 | 267 |
this.allTransforms = transforms; |
268 |
this.appliedTransformData = null; |
|
1337 | 269 |
this.provider = provider; |
2 | 270 |
} |
271 |
||
272 |
public DigestMethod getDigestMethod() { |
|
273 |
return digestMethod; |
|
274 |
} |
|
275 |
||
276 |
public String getId() { |
|
277 |
return id; |
|
278 |
} |
|
279 |
||
280 |
public String getURI() { |
|
281 |
return uri; |
|
282 |
} |
|
283 |
||
284 |
public String getType() { |
|
285 |
return type; |
|
286 |
} |
|
287 |
||
24970
094bfaa699c3
8046044: Fix raw and unchecked lint warnings in XML Signature Impl
mullan
parents:
23010
diff
changeset
|
288 |
public List<Transform> getTransforms() { |
1337 | 289 |
return Collections.unmodifiableList(allTransforms); |
2 | 290 |
} |
291 |
||
292 |
public byte[] getDigestValue() { |
|
22584
eed64ee05369
8032733: Fix cast lint warnings in client libraries
darcy
parents:
19051
diff
changeset
|
293 |
return (digestValue == null ? null : digestValue.clone()); |
2 | 294 |
} |
295 |
||
296 |
public byte[] getCalculatedDigestValue() { |
|
297 |
return (calcDigestValue == null ? null |
|
22584
eed64ee05369
8032733: Fix cast lint warnings in client libraries
darcy
parents:
19051
diff
changeset
|
298 |
: calcDigestValue.clone()); |
2 | 299 |
} |
300 |
||
301 |
public void marshal(Node parent, String dsPrefix, DOMCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
302 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
303 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
304 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
305 |
log.log(java.util.logging.Level.FINE, "Marshalling Reference"); |
2 | 306 |
} |
307 |
Document ownerDoc = DOMUtils.getOwnerDocument(parent); |
|
308 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
309 |
refElem = DOMUtils.createElement(ownerDoc, "Reference", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
310 |
XMLSignature.XMLNS, dsPrefix); |
2 | 311 |
|
312 |
// set attributes |
|
313 |
DOMUtils.setAttributeID(refElem, "Id", id); |
|
314 |
DOMUtils.setAttribute(refElem, "URI", uri); |
|
315 |
DOMUtils.setAttribute(refElem, "Type", type); |
|
316 |
||
317 |
// create and append Transforms element |
|
1337 | 318 |
if (!allTransforms.isEmpty()) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
319 |
Element transformsElem = DOMUtils.createElement(ownerDoc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
320 |
"Transforms", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
321 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
322 |
dsPrefix); |
2 | 323 |
refElem.appendChild(transformsElem); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
324 |
for (Transform transform : allTransforms) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
325 |
((DOMStructure)transform).marshal(transformsElem, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
326 |
dsPrefix, context); |
2 | 327 |
} |
328 |
} |
|
329 |
||
330 |
// create and append DigestMethod element |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
331 |
((DOMDigestMethod)digestMethod).marshal(refElem, dsPrefix, context); |
2 | 332 |
|
333 |
// create and append DigestValue element |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
334 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
335 |
log.log(java.util.logging.Level.FINE, "Adding digestValueElem"); |
2 | 336 |
} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
337 |
Element digestValueElem = DOMUtils.createElement(ownerDoc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
338 |
"DigestValue", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
339 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
340 |
dsPrefix); |
2 | 341 |
if (digestValue != null) { |
342 |
digestValueElem.appendChild |
|
343 |
(ownerDoc.createTextNode(Base64.encode(digestValue))); |
|
344 |
} |
|
345 |
refElem.appendChild(digestValueElem); |
|
346 |
||
347 |
parent.appendChild(refElem); |
|
348 |
here = refElem.getAttributeNodeNS(null, "URI"); |
|
349 |
} |
|
350 |
||
351 |
public void digest(XMLSignContext signContext) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
352 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
353 |
{ |
2 | 354 |
Data data = null; |
355 |
if (appliedTransformData == null) { |
|
356 |
data = dereference(signContext); |
|
357 |
} else { |
|
358 |
data = appliedTransformData; |
|
359 |
} |
|
360 |
digestValue = transform(data, signContext); |
|
361 |
||
362 |
// insert digestValue into DigestValue element |
|
363 |
String encodedDV = Base64.encode(digestValue); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
364 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
365 |
log.log(java.util.logging.Level.FINE, "Reference object uri = " + uri); |
2 | 366 |
} |
367 |
Element digestElem = DOMUtils.getLastChildElement(refElem); |
|
368 |
if (digestElem == null) { |
|
369 |
throw new XMLSignatureException("DigestValue element expected"); |
|
370 |
} |
|
371 |
DOMUtils.removeAllChildren(digestElem); |
|
372 |
digestElem.appendChild |
|
373 |
(refElem.getOwnerDocument().createTextNode(encodedDV)); |
|
374 |
||
375 |
digested = true; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
376 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
377 |
log.log(java.util.logging.Level.FINE, "Reference digesting completed"); |
2 | 378 |
} |
379 |
} |
|
380 |
||
381 |
public boolean validate(XMLValidateContext validateContext) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
382 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
383 |
{ |
2 | 384 |
if (validateContext == null) { |
385 |
throw new NullPointerException("validateContext cannot be null"); |
|
386 |
} |
|
387 |
if (validated) { |
|
388 |
return validationStatus; |
|
389 |
} |
|
390 |
Data data = dereference(validateContext); |
|
391 |
calcDigestValue = transform(data, validateContext); |
|
392 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
393 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
394 |
log.log(java.util.logging.Level.FINE, "Expected digest: " + Base64.encode(digestValue)); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
395 |
log.log(java.util.logging.Level.FINE, "Actual digest: " + Base64.encode(calcDigestValue)); |
2 | 396 |
} |
397 |
||
398 |
validationStatus = Arrays.equals(digestValue, calcDigestValue); |
|
399 |
validated = true; |
|
400 |
return validationStatus; |
|
401 |
} |
|
402 |
||
403 |
public Data getDereferencedData() { |
|
404 |
return derefData; |
|
405 |
} |
|
406 |
||
407 |
public InputStream getDigestInputStream() { |
|
408 |
return dis; |
|
409 |
} |
|
410 |
||
411 |
private Data dereference(XMLCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
412 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
413 |
{ |
2 | 414 |
Data data = null; |
415 |
||
416 |
// use user-specified URIDereferencer if specified; otherwise use deflt |
|
417 |
URIDereferencer deref = context.getURIDereferencer(); |
|
418 |
if (deref == null) { |
|
419 |
deref = DOMURIDereferencer.INSTANCE; |
|
420 |
} |
|
421 |
try { |
|
422 |
data = deref.dereference(this, context); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
423 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
424 |
log.log(java.util.logging.Level.FINE, "URIDereferencer class name: " + deref.getClass().getName()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
425 |
log.log(java.util.logging.Level.FINE, "Data class name: " + data.getClass().getName()); |
2 | 426 |
} |
427 |
} catch (URIReferenceException ure) { |
|
428 |
throw new XMLSignatureException(ure); |
|
429 |
} |
|
430 |
||
431 |
return data; |
|
432 |
} |
|
433 |
||
434 |
private byte[] transform(Data dereferencedData, |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
435 |
XMLCryptoContext context) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
436 |
throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
437 |
{ |
2 | 438 |
if (md == null) { |
439 |
try { |
|
440 |
md = MessageDigest.getInstance |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
441 |
(((DOMDigestMethod)digestMethod).getMessageDigestAlgorithm()); |
2 | 442 |
} catch (NoSuchAlgorithmException nsae) { |
443 |
throw new XMLSignatureException(nsae); |
|
444 |
} |
|
445 |
} |
|
446 |
md.reset(); |
|
447 |
DigesterOutputStream dos; |
|
448 |
Boolean cache = (Boolean) |
|
449 |
context.getProperty("javax.xml.crypto.dsig.cacheReference"); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
450 |
if (cache != null && cache.booleanValue()) { |
2 | 451 |
this.derefData = copyDerefData(dereferencedData); |
452 |
dos = new DigesterOutputStream(md, true); |
|
453 |
} else { |
|
454 |
dos = new DigesterOutputStream(md); |
|
455 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
456 |
OutputStream os = null; |
2 | 457 |
Data data = dereferencedData; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
458 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
459 |
os = new UnsyncBufferedOutputStream(dos); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
460 |
for (int i = 0, size = transforms.size(); i < size; i++) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
461 |
DOMTransform transform = (DOMTransform)transforms.get(i); |
2 | 462 |
if (i < size - 1) { |
463 |
data = transform.transform(data, context); |
|
464 |
} else { |
|
465 |
data = transform.transform(data, context, os); |
|
466 |
} |
|
467 |
} |
|
468 |
||
469 |
if (data != null) { |
|
470 |
XMLSignatureInput xi; |
|
1337 | 471 |
// explicitly use C14N 1.1 when generating signature |
472 |
// first check system property, then context property |
|
473 |
boolean c14n11 = useC14N11; |
|
474 |
String c14nalg = CanonicalizationMethod.INCLUSIVE; |
|
475 |
if (context instanceof XMLSignContext) { |
|
476 |
if (!c14n11) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
477 |
Boolean prop = (Boolean)context.getProperty |
1337 | 478 |
("com.sun.org.apache.xml.internal.security.useC14N11"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
479 |
c14n11 = (prop != null && prop.booleanValue()); |
1337 | 480 |
if (c14n11) { |
481 |
c14nalg = "http://www.w3.org/2006/12/xml-c14n11"; |
|
482 |
} |
|
483 |
} else { |
|
484 |
c14nalg = "http://www.w3.org/2006/12/xml-c14n11"; |
|
485 |
} |
|
486 |
} |
|
2 | 487 |
if (data instanceof ApacheData) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
488 |
xi = ((ApacheData)data).getXMLSignatureInput(); |
2 | 489 |
} else if (data instanceof OctetStreamData) { |
490 |
xi = new XMLSignatureInput |
|
491 |
(((OctetStreamData)data).getOctetStream()); |
|
492 |
} else if (data instanceof NodeSetData) { |
|
1337 | 493 |
TransformService spi = null; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
494 |
if (provider == null) { |
1337 | 495 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
496 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
497 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
498 |
spi = TransformService.getInstance(c14nalg, "DOM", provider); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
499 |
} catch (NoSuchAlgorithmException nsae) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
500 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
501 |
} |
1337 | 502 |
} |
2 | 503 |
data = spi.transform(data, context); |
504 |
xi = new XMLSignatureInput |
|
505 |
(((OctetStreamData)data).getOctetStream()); |
|
506 |
} else { |
|
507 |
throw new XMLSignatureException("unrecognized Data type"); |
|
508 |
} |
|
1337 | 509 |
if (context instanceof XMLSignContext && c14n11 |
510 |
&& !xi.isOctetStream() && !xi.isOutputStreamSet()) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
511 |
TransformService spi = null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
512 |
if (provider == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
513 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
514 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
515 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
516 |
spi = TransformService.getInstance(c14nalg, "DOM", provider); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
517 |
} catch (NoSuchAlgorithmException nsae) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
518 |
spi = TransformService.getInstance(c14nalg, "DOM"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
519 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
520 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
521 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
522 |
DOMTransform t = new DOMTransform(spi); |
1337 | 523 |
Element transformsElem = null; |
524 |
String dsPrefix = DOMUtils.getSignaturePrefix(context); |
|
525 |
if (allTransforms.isEmpty()) { |
|
526 |
transformsElem = DOMUtils.createElement( |
|
527 |
refElem.getOwnerDocument(), |
|
528 |
"Transforms", XMLSignature.XMLNS, dsPrefix); |
|
529 |
refElem.insertBefore(transformsElem, |
|
530 |
DOMUtils.getFirstChildElement(refElem)); |
|
531 |
} else { |
|
532 |
transformsElem = DOMUtils.getFirstChildElement(refElem); |
|
533 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
534 |
t.marshal(transformsElem, dsPrefix, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
535 |
(DOMCryptoContext)context); |
1337 | 536 |
allTransforms.add(t); |
537 |
xi.updateOutputStream(os, true); |
|
538 |
} else { |
|
539 |
xi.updateOutputStream(os); |
|
540 |
} |
|
2 | 541 |
} |
542 |
os.flush(); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
543 |
if (cache != null && cache.booleanValue()) { |
2 | 544 |
this.dis = dos.getInputStream(); |
545 |
} |
|
546 |
return dos.getDigestValue(); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
547 |
} catch (NoSuchAlgorithmException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
548 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
549 |
} catch (TransformException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
550 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
551 |
} catch (MarshalException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
552 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
553 |
} catch (IOException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
554 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
555 |
} catch (com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException e) { |
2 | 556 |
throw new XMLSignatureException(e); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
557 |
} finally { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
558 |
if (os != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
559 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
560 |
os.close(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
561 |
} catch (IOException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
562 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
563 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
564 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
565 |
if (dos != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
566 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
567 |
dos.close(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
568 |
} catch (IOException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
569 |
throw new XMLSignatureException(e); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
570 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
571 |
} |
2 | 572 |
} |
573 |
} |
|
574 |
||
575 |
public Node getHere() { |
|
576 |
return here; |
|
577 |
} |
|
578 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
579 |
@Override |
2 | 580 |
public boolean equals(Object o) { |
581 |
if (this == o) { |
|
582 |
return true; |
|
583 |
} |
|
584 |
||
585 |
if (!(o instanceof Reference)) { |
|
586 |
return false; |
|
587 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
588 |
Reference oref = (Reference)o; |
2 | 589 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
590 |
boolean idsEqual = (id == null ? oref.getId() == null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
591 |
: id.equals(oref.getId())); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
592 |
boolean urisEqual = (uri == null ? oref.getURI() == null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
593 |
: uri.equals(oref.getURI())); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
594 |
boolean typesEqual = (type == null ? oref.getType() == null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
595 |
: type.equals(oref.getType())); |
2 | 596 |
boolean digestValuesEqual = |
597 |
Arrays.equals(digestValue, oref.getDigestValue()); |
|
598 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
599 |
return digestMethod.equals(oref.getDigestMethod()) && idsEqual && |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
600 |
urisEqual && typesEqual && |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
601 |
allTransforms.equals(oref.getTransforms()) && digestValuesEqual; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
602 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
603 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
604 |
@Override |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
605 |
public int hashCode() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
606 |
int result = 17; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
607 |
if (id != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
608 |
result = 31 * result + id.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
609 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
610 |
if (uri != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
611 |
result = 31 * result + uri.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
612 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
613 |
if (type != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
614 |
result = 31 * result + type.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
615 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
616 |
if (digestValue != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
617 |
result = 31 * result + Arrays.hashCode(digestValue); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
618 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
619 |
result = 31 * result + digestMethod.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
620 |
result = 31 * result + allTransforms.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
621 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
622 |
return result; |
2 | 623 |
} |
624 |
||
625 |
boolean isDigested() { |
|
626 |
return digested; |
|
627 |
} |
|
628 |
||
629 |
private static Data copyDerefData(Data dereferencedData) { |
|
630 |
if (dereferencedData instanceof ApacheData) { |
|
631 |
// need to make a copy of the Data |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
632 |
ApacheData ad = (ApacheData)dereferencedData; |
2 | 633 |
XMLSignatureInput xsi = ad.getXMLSignatureInput(); |
634 |
if (xsi.isNodeSet()) { |
|
635 |
try { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
636 |
final Set<Node> s = xsi.getNodeSet(); |
27747 | 637 |
return new NodeSetData<Node>() { |
24970
094bfaa699c3
8046044: Fix raw and unchecked lint warnings in XML Signature Impl
mullan
parents:
23010
diff
changeset
|
638 |
public Iterator<Node> iterator() { return s.iterator(); } |
2 | 639 |
}; |
640 |
} catch (Exception e) { |
|
641 |
// log a warning |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
642 |
log.log(java.util.logging.Level.WARNING, "cannot cache dereferenced data: " + e); |
2 | 643 |
return null; |
644 |
} |
|
645 |
} else if (xsi.isElement()) { |
|
646 |
return new DOMSubTreeData |
|
647 |
(xsi.getSubNode(), xsi.isExcludeComments()); |
|
648 |
} else if (xsi.isOctetStream() || xsi.isByteArray()) { |
|
649 |
try { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
650 |
return new OctetStreamData |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
651 |
(xsi.getOctetStream(), xsi.getSourceURI(), |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
652 |
xsi.getMIMEType()); |
2 | 653 |
} catch (IOException ioe) { |
654 |
// log a warning |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
655 |
log.log(java.util.logging.Level.WARNING, "cannot cache dereferenced data: " + ioe); |
2 | 656 |
return null; |
657 |
} |
|
658 |
} |
|
659 |
} |
|
660 |
return dereferencedData; |
|
661 |
} |
|
662 |
} |