author | juh |
Fri, 09 Jan 2015 11:58:34 -0800 | |
changeset 28308 | 5fdc6e6c0b97 |
parent 27747 | 3a271dc8b758 |
child 30690 | f6d8413a278c |
permissions | -rw-r--r-- |
2 | 1 |
/* |
1337 | 2 |
* reserved comment block |
3 |
* DO NOT REMOVE OR ALTER! |
|
2 | 4 |
*/ |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
1337 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
1337 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
21 |
* under the License. |
1337 | 22 |
*/ |
23 |
/* |
|
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
24 |
* Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved. |
1337 | 25 |
*/ |
26 |
/* |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
27 |
* $Id: DOMKeyValue.java 1333415 2012-05-03 12:03:51Z coheigea $ |
2 | 28 |
*/ |
29 |
package org.jcp.xml.dsig.internal.dom; |
|
30 |
||
31 |
import javax.xml.crypto.*; |
|
32 |
import javax.xml.crypto.dom.DOMCryptoContext; |
|
33 |
import javax.xml.crypto.dsig.*; |
|
34 |
import javax.xml.crypto.dsig.keyinfo.KeyValue; |
|
35 |
||
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
36 |
import java.io.IOException; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
37 |
import java.math.BigInteger; |
2 | 38 |
import java.security.KeyException; |
39 |
import java.security.KeyFactory; |
|
40 |
import java.security.NoSuchAlgorithmException; |
|
41 |
import java.security.PublicKey; |
|
42 |
import java.security.interfaces.DSAParams; |
|
43 |
import java.security.interfaces.DSAPublicKey; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
44 |
import java.security.interfaces.ECPublicKey; |
2 | 45 |
import java.security.interfaces.RSAPublicKey; |
46 |
import java.security.spec.DSAPublicKeySpec; |
|
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
47 |
import java.security.spec.ECField; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
48 |
import java.security.spec.ECFieldFp; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
49 |
import java.security.spec.ECParameterSpec; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
50 |
import java.security.spec.ECPoint; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
51 |
import java.security.spec.ECPublicKeySpec; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
52 |
import java.security.spec.EllipticCurve; |
2 | 53 |
import java.security.spec.InvalidKeySpecException; |
54 |
import java.security.spec.KeySpec; |
|
55 |
import java.security.spec.RSAPublicKeySpec; |
|
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
56 |
import java.util.Arrays; |
2 | 57 |
import org.w3c.dom.Document; |
58 |
import org.w3c.dom.Element; |
|
59 |
import org.w3c.dom.Node; |
|
60 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
61 |
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
62 |
import com.sun.org.apache.xml.internal.security.utils.Base64; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
63 |
|
2 | 64 |
/** |
65 |
* DOM-based implementation of KeyValue. |
|
66 |
* |
|
67 |
* @author Sean Mullan |
|
68 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
69 |
public abstract class DOMKeyValue extends DOMStructure implements KeyValue { |
2 | 70 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
71 |
private static final String XMLDSIG_11_XMLNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
72 |
= "http://www.w3.org/2009/xmldsig11#"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
73 |
private final PublicKey publicKey; |
2 | 74 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
75 |
public DOMKeyValue(PublicKey key) throws KeyException { |
2 | 76 |
if (key == null) { |
77 |
throw new NullPointerException("key cannot be null"); |
|
78 |
} |
|
79 |
this.publicKey = key; |
|
80 |
} |
|
81 |
||
82 |
/** |
|
83 |
* Creates a <code>DOMKeyValue</code> from an element. |
|
84 |
* |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
85 |
* @param kvtElem a KeyValue child element |
2 | 86 |
*/ |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
87 |
public DOMKeyValue(Element kvtElem) throws MarshalException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
88 |
this.publicKey = unmarshalKeyValue(kvtElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
89 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
90 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
91 |
static KeyValue unmarshal(Element kvElem) throws MarshalException { |
2 | 92 |
Element kvtElem = DOMUtils.getFirstChildElement(kvElem); |
93 |
if (kvtElem.getLocalName().equals("DSAKeyValue")) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
94 |
return new DSA(kvtElem); |
2 | 95 |
} else if (kvtElem.getLocalName().equals("RSAKeyValue")) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
96 |
return new RSA(kvtElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
97 |
} else if (kvtElem.getLocalName().equals("ECKeyValue")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
98 |
return new EC(kvtElem); |
2 | 99 |
} else { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
100 |
return new Unknown(kvtElem); |
2 | 101 |
} |
102 |
} |
|
103 |
||
104 |
public PublicKey getPublicKey() throws KeyException { |
|
105 |
if (publicKey == null) { |
|
106 |
throw new KeyException("can't convert KeyValue to PublicKey"); |
|
107 |
} else { |
|
108 |
return publicKey; |
|
109 |
} |
|
110 |
} |
|
111 |
||
112 |
public void marshal(Node parent, String dsPrefix, DOMCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
113 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
114 |
{ |
2 | 115 |
Document ownerDoc = DOMUtils.getOwnerDocument(parent); |
116 |
||
117 |
// create KeyValue element |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
118 |
Element kvElem = DOMUtils.createElement(ownerDoc, "KeyValue", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
119 |
XMLSignature.XMLNS, dsPrefix); |
2 | 120 |
marshalPublicKey(kvElem, ownerDoc, dsPrefix, context); |
121 |
||
122 |
parent.appendChild(kvElem); |
|
123 |
} |
|
124 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
125 |
abstract void marshalPublicKey(Node parent, Document doc, String dsPrefix, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
126 |
DOMCryptoContext context) throws MarshalException; |
2 | 127 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
128 |
abstract PublicKey unmarshalKeyValue(Element kvtElem) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
129 |
throws MarshalException; |
2 | 130 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
131 |
private static PublicKey generatePublicKey(KeyFactory kf, KeySpec keyspec) { |
2 | 132 |
try { |
133 |
return kf.generatePublic(keyspec); |
|
134 |
} catch (InvalidKeySpecException e) { |
|
135 |
//@@@ should dump exception to log |
|
136 |
return null; |
|
137 |
} |
|
138 |
} |
|
139 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
140 |
@Override |
2 | 141 |
public boolean equals(Object obj) { |
142 |
if (this == obj) { |
|
143 |
return true; |
|
144 |
} |
|
145 |
if (!(obj instanceof KeyValue)) { |
|
146 |
return false; |
|
147 |
} |
|
148 |
try { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
149 |
KeyValue kv = (KeyValue)obj; |
2 | 150 |
if (publicKey == null ) { |
151 |
if (kv.getPublicKey() != null) { |
|
152 |
return false; |
|
153 |
} |
|
154 |
} else if (!publicKey.equals(kv.getPublicKey())) { |
|
155 |
return false; |
|
156 |
} |
|
157 |
} catch (KeyException ke) { |
|
158 |
// no practical way to determine if the keys are equal |
|
159 |
return false; |
|
160 |
} |
|
161 |
||
162 |
return true; |
|
163 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
164 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
165 |
@Override |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
166 |
public int hashCode() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
167 |
int result = 17; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
168 |
if (publicKey != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
169 |
result = 31 * result + publicKey.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
170 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
171 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
172 |
return result; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
173 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
174 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
175 |
static final class RSA extends DOMKeyValue { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
176 |
// RSAKeyValue CryptoBinaries |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
177 |
private DOMCryptoBinary modulus, exponent; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
178 |
private KeyFactory rsakf; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
179 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
180 |
RSA(PublicKey key) throws KeyException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
181 |
super(key); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
182 |
RSAPublicKey rkey = (RSAPublicKey)key; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
183 |
exponent = new DOMCryptoBinary(rkey.getPublicExponent()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
184 |
modulus = new DOMCryptoBinary(rkey.getModulus()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
185 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
186 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
187 |
RSA(Element elem) throws MarshalException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
188 |
super(elem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
189 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
190 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
191 |
void marshalPublicKey(Node parent, Document doc, String dsPrefix, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
192 |
DOMCryptoContext context) throws MarshalException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
193 |
Element rsaElem = DOMUtils.createElement(doc, "RSAKeyValue", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
194 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
195 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
196 |
Element modulusElem = DOMUtils.createElement(doc, "Modulus", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
197 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
198 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
199 |
Element exponentElem = DOMUtils.createElement(doc, "Exponent", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
200 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
201 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
202 |
modulus.marshal(modulusElem, dsPrefix, context); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
203 |
exponent.marshal(exponentElem, dsPrefix, context); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
204 |
rsaElem.appendChild(modulusElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
205 |
rsaElem.appendChild(exponentElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
206 |
parent.appendChild(rsaElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
207 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
208 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
209 |
PublicKey unmarshalKeyValue(Element kvtElem) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
210 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
211 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
212 |
if (rsakf == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
213 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
214 |
rsakf = KeyFactory.getInstance("RSA"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
215 |
} catch (NoSuchAlgorithmException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
216 |
throw new RuntimeException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
217 |
("unable to create RSA KeyFactory: " + e.getMessage()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
218 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
219 |
} |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
220 |
Element modulusElem = DOMUtils.getFirstChildElement(kvtElem, |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
221 |
"Modulus"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
222 |
modulus = new DOMCryptoBinary(modulusElem.getFirstChild()); |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
223 |
Element exponentElem = DOMUtils.getNextSiblingElement(modulusElem, |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
224 |
"Exponent"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
225 |
exponent = new DOMCryptoBinary(exponentElem.getFirstChild()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
226 |
RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus.getBigNum(), |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
227 |
exponent.getBigNum()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
228 |
return generatePublicKey(rsakf, spec); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
229 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
230 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
231 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
232 |
static final class DSA extends DOMKeyValue { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
233 |
// DSAKeyValue CryptoBinaries |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
234 |
private DOMCryptoBinary p, q, g, y, j; //, seed, pgen; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
235 |
private KeyFactory dsakf; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
236 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
237 |
DSA(PublicKey key) throws KeyException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
238 |
super(key); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
239 |
DSAPublicKey dkey = (DSAPublicKey) key; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
240 |
DSAParams params = dkey.getParams(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
241 |
p = new DOMCryptoBinary(params.getP()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
242 |
q = new DOMCryptoBinary(params.getQ()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
243 |
g = new DOMCryptoBinary(params.getG()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
244 |
y = new DOMCryptoBinary(dkey.getY()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
245 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
246 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
247 |
DSA(Element elem) throws MarshalException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
248 |
super(elem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
249 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
250 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
251 |
void marshalPublicKey(Node parent, Document doc, String dsPrefix, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
252 |
DOMCryptoContext context) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
253 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
254 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
255 |
Element dsaElem = DOMUtils.createElement(doc, "DSAKeyValue", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
256 |
XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
257 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
258 |
// parameters J, Seed & PgenCounter are not included |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
259 |
Element pElem = DOMUtils.createElement(doc, "P", XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
260 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
261 |
Element qElem = DOMUtils.createElement(doc, "Q", XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
262 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
263 |
Element gElem = DOMUtils.createElement(doc, "G", XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
264 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
265 |
Element yElem = DOMUtils.createElement(doc, "Y", XMLSignature.XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
266 |
dsPrefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
267 |
p.marshal(pElem, dsPrefix, context); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
268 |
q.marshal(qElem, dsPrefix, context); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
269 |
g.marshal(gElem, dsPrefix, context); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
270 |
y.marshal(yElem, dsPrefix, context); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
271 |
dsaElem.appendChild(pElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
272 |
dsaElem.appendChild(qElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
273 |
dsaElem.appendChild(gElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
274 |
dsaElem.appendChild(yElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
275 |
parent.appendChild(dsaElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
276 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
277 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
278 |
PublicKey unmarshalKeyValue(Element kvtElem) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
279 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
280 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
281 |
if (dsakf == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
282 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
283 |
dsakf = KeyFactory.getInstance("DSA"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
284 |
} catch (NoSuchAlgorithmException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
285 |
throw new RuntimeException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
286 |
("unable to create DSA KeyFactory: " + e.getMessage()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
287 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
288 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
289 |
Element curElem = DOMUtils.getFirstChildElement(kvtElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
290 |
// check for P and Q |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
291 |
if (curElem.getLocalName().equals("P")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
292 |
p = new DOMCryptoBinary(curElem.getFirstChild()); |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
293 |
curElem = DOMUtils.getNextSiblingElement(curElem, "Q"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
294 |
q = new DOMCryptoBinary(curElem.getFirstChild()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
295 |
curElem = DOMUtils.getNextSiblingElement(curElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
296 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
297 |
if (curElem.getLocalName().equals("G")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
298 |
g = new DOMCryptoBinary(curElem.getFirstChild()); |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
299 |
curElem = DOMUtils.getNextSiblingElement(curElem, "Y"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
300 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
301 |
y = new DOMCryptoBinary(curElem.getFirstChild()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
302 |
curElem = DOMUtils.getNextSiblingElement(curElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
303 |
if (curElem != null && curElem.getLocalName().equals("J")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
304 |
j = new DOMCryptoBinary(curElem.getFirstChild()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
305 |
// curElem = DOMUtils.getNextSiblingElement(curElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
306 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
307 |
/* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
308 |
if (curElem != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
309 |
seed = new DOMCryptoBinary(curElem.getFirstChild()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
310 |
curElem = DOMUtils.getNextSiblingElement(curElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
311 |
pgen = new DOMCryptoBinary(curElem.getFirstChild()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
312 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
313 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
314 |
//@@@ do we care about j, pgenCounter or seed? |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
315 |
DSAPublicKeySpec spec = new DSAPublicKeySpec(y.getBigNum(), |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
316 |
p.getBigNum(), |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
317 |
q.getBigNum(), |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
318 |
g.getBigNum()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
319 |
return generatePublicKey(dsakf, spec); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
320 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
321 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
322 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
323 |
static final class EC extends DOMKeyValue { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
324 |
// ECKeyValue CryptoBinaries |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
325 |
private byte[] ecPublicKey; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
326 |
private KeyFactory eckf; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
327 |
private ECParameterSpec ecParams; |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
328 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
329 |
// The supported curve, secp256r1 |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
330 |
private static final Curve SECP256R1; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
331 |
static { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
332 |
final String name, oid, sfield, a, b, x, y, n; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
333 |
name = "secp256r1 [NIST P-256, X9.62 prime256v1]"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
334 |
oid = "1.2.840.10045.3.1.7"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
335 |
sfield = |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
336 |
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
337 |
a = |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
338 |
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
339 |
b = |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
340 |
"5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
341 |
x = |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
342 |
"6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
343 |
y = |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
344 |
"4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
345 |
n = |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
346 |
"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
347 |
final int h = 1; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
348 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
349 |
BigInteger p = bigInt(sfield); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
350 |
ECField field = new ECFieldFp(p); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
351 |
EllipticCurve curve = new EllipticCurve(field, bigInt(a), |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
352 |
bigInt(b)); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
353 |
ECPoint g = new ECPoint(bigInt(x), bigInt(y)); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
354 |
SECP256R1 = new Curve(name, oid, curve, g, bigInt(n), h); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
355 |
} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
356 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
357 |
EC(PublicKey key) throws KeyException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
358 |
super(key); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
359 |
ECPublicKey ecKey = (ECPublicKey)key; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
360 |
ECPoint ecPoint = ecKey.getW(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
361 |
ecParams = ecKey.getParams(); |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
362 |
ecPublicKey = encodePoint(ecPoint, ecParams.getCurve()); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
363 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
364 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
365 |
EC(Element dmElem) throws MarshalException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
366 |
super(dmElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
367 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
368 |
|
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
369 |
private static ECPoint decodePoint(byte[] data, EllipticCurve curve) |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
370 |
throws IOException { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
371 |
if ((data.length == 0) || (data[0] != 4)) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
372 |
throw new IOException("Only uncompressed point format " + |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
373 |
"supported"); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
374 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
375 |
// Per ANSI X9.62, an encoded point is a 1 byte type followed by |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
376 |
// ceiling(log base 2 field-size / 8) bytes of x and the same of y. |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
377 |
int n = (data.length - 1) / 2; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
378 |
if (n != ((curve.getField().getFieldSize() + 7) >> 3)) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
379 |
throw new IOException("Point does not match field size"); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
380 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
381 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
382 |
byte[] xb = Arrays.copyOfRange(data, 1, 1 + n); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
383 |
byte[] yb = Arrays.copyOfRange(data, n + 1, n + 1 + n); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
384 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
385 |
return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb)); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
386 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
387 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
388 |
private static byte[] encodePoint(ECPoint point, EllipticCurve curve) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
389 |
// get field size in bytes (rounding up) |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
390 |
int n = (curve.getField().getFieldSize() + 7) >> 3; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
391 |
byte[] xb = trimZeroes(point.getAffineX().toByteArray()); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
392 |
byte[] yb = trimZeroes(point.getAffineY().toByteArray()); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
393 |
if ((xb.length > n) || (yb.length > n)) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
394 |
throw new RuntimeException("Point coordinates do not " + |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
395 |
"match field size"); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
396 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
397 |
byte[] b = new byte[1 + (n << 1)]; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
398 |
b[0] = 4; // uncompressed |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
399 |
System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
400 |
System.arraycopy(yb, 0, b, b.length - yb.length, yb.length); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
401 |
return b; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
402 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
403 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
404 |
private static byte[] trimZeroes(byte[] b) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
405 |
int i = 0; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
406 |
while ((i < b.length - 1) && (b[i] == 0)) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
407 |
i++; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
408 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
409 |
if (i == 0) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
410 |
return b; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
411 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
412 |
return Arrays.copyOfRange(b, i, b.length); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
413 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
414 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
415 |
private static String getCurveOid(ECParameterSpec params) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
416 |
// Check that the params represent the secp256r1 curve |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
417 |
// If so, return the object identifier of the curve |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
418 |
int fieldSize = params.getCurve().getField().getFieldSize(); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
419 |
if (SECP256R1.getCurve().getField().getFieldSize() == fieldSize |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
420 |
&& SECP256R1.getCurve().equals(params.getCurve()) |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
421 |
&& SECP256R1.getGenerator().equals(params.getGenerator()) |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
422 |
&& SECP256R1.getOrder().equals(params.getOrder()) |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
423 |
&& SECP256R1.getCofactor() == params.getCofactor()) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
424 |
return SECP256R1.getObjectId(); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
425 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
426 |
return null; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
427 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
428 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
429 |
private static ECParameterSpec getECParameterSpec(String oid) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
430 |
if (oid.equals(SECP256R1.getObjectId())) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
431 |
return SECP256R1; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
432 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
433 |
return null; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
434 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
435 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
436 |
void marshalPublicKey(Node parent, Document doc, String dsPrefix, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
437 |
DOMCryptoContext context) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
438 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
439 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
440 |
String prefix = DOMUtils.getNSPrefix(context, XMLDSIG_11_XMLNS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
441 |
Element ecKeyValueElem = DOMUtils.createElement(doc, "ECKeyValue", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
442 |
XMLDSIG_11_XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
443 |
prefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
444 |
Element namedCurveElem = DOMUtils.createElement(doc, "NamedCurve", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
445 |
XMLDSIG_11_XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
446 |
prefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
447 |
Element publicKeyElem = DOMUtils.createElement(doc, "PublicKey", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
448 |
XMLDSIG_11_XMLNS, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
449 |
prefix); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
450 |
Object[] args = new Object[] { ecParams }; |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
451 |
String oid = getCurveOid(ecParams); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
452 |
if (oid == null) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
453 |
throw new MarshalException("Invalid ECParameterSpec"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
454 |
} |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
455 |
DOMUtils.setAttribute(namedCurveElem, "URI", "urn:oid:" + oid); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
456 |
String qname = (prefix == null || prefix.length() == 0) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
457 |
? "xmlns" : "xmlns:" + prefix; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
458 |
namedCurveElem.setAttributeNS("http://www.w3.org/2000/xmlns/", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
459 |
qname, XMLDSIG_11_XMLNS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
460 |
ecKeyValueElem.appendChild(namedCurveElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
461 |
String encoded = Base64.encode(ecPublicKey); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
462 |
publicKeyElem.appendChild |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
463 |
(DOMUtils.getOwnerDocument(publicKeyElem).createTextNode(encoded)); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
464 |
ecKeyValueElem.appendChild(publicKeyElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
465 |
parent.appendChild(ecKeyValueElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
466 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
467 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
468 |
PublicKey unmarshalKeyValue(Element kvtElem) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
469 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
470 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
471 |
if (eckf == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
472 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
473 |
eckf = KeyFactory.getInstance("EC"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
474 |
} catch (NoSuchAlgorithmException e) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
475 |
throw new RuntimeException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
476 |
("unable to create EC KeyFactory: " + e.getMessage()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
477 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
478 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
479 |
ECParameterSpec ecParams = null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
480 |
Element curElem = DOMUtils.getFirstChildElement(kvtElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
481 |
if (curElem.getLocalName().equals("ECParameters")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
482 |
throw new UnsupportedOperationException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
483 |
("ECParameters not supported"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
484 |
} else if (curElem.getLocalName().equals("NamedCurve")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
485 |
String uri = DOMUtils.getAttributeValue(curElem, "URI"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
486 |
// strip off "urn:oid" |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
487 |
if (uri.startsWith("urn:oid:")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
488 |
String oid = uri.substring(8); |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
489 |
ecParams = getECParameterSpec(oid); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
490 |
if (ecParams == null) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
491 |
throw new MarshalException("Invalid curve OID"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
492 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
493 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
494 |
throw new MarshalException("Invalid NamedCurve URI"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
495 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
496 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
497 |
throw new MarshalException("Invalid ECKeyValue"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
498 |
} |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
499 |
curElem = DOMUtils.getNextSiblingElement(curElem, "PublicKey"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
500 |
ECPoint ecPoint = null; |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
501 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
502 |
try { |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
503 |
ecPoint = decodePoint(Base64.decode(curElem), |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
504 |
ecParams.getCurve()); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
505 |
} catch (Base64DecodingException bde) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
506 |
throw new MarshalException("Invalid EC PublicKey", bde); |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
507 |
} catch (IOException ioe) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
508 |
throw new MarshalException("Invalid EC Point", ioe); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
509 |
} |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
510 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
511 |
ECPublicKeySpec spec = new ECPublicKeySpec(ecPoint, ecParams); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
512 |
return generatePublicKey(eckf, spec); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
513 |
} |
28308
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
514 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
515 |
static final class Curve extends ECParameterSpec { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
516 |
private final String name; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
517 |
private final String oid; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
518 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
519 |
Curve(String name, String oid, EllipticCurve curve, |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
520 |
ECPoint g, BigInteger n, int h) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
521 |
super(curve, g, n, h); |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
522 |
this.name = name; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
523 |
this.oid = oid; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
524 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
525 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
526 |
private String getName() { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
527 |
return name; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
528 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
529 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
530 |
private String getObjectId() { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
531 |
return oid; |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
532 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
533 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
534 |
} |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
535 |
|
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
536 |
private static BigInteger bigInt(String s) { |
5fdc6e6c0b97
8046724: XML Signature ECKeyValue elements cannot be marshalled or unmarshalled
juh
parents:
27747
diff
changeset
|
537 |
return new BigInteger(s, 16); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
538 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
539 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
540 |
static final class Unknown extends DOMKeyValue { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
541 |
private javax.xml.crypto.dom.DOMStructure externalPublicKey; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
542 |
Unknown(Element elem) throws MarshalException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
543 |
super(elem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
544 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
545 |
PublicKey unmarshalKeyValue(Element kvElem) throws MarshalException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
546 |
externalPublicKey = new javax.xml.crypto.dom.DOMStructure(kvElem); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
547 |
return null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
548 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
549 |
void marshalPublicKey(Node parent, Document doc, String dsPrefix, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
550 |
DOMCryptoContext context) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
551 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
552 |
{ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
553 |
parent.appendChild(externalPublicKey.getNode()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
554 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
5506
diff
changeset
|
555 |
} |
2 | 556 |
} |