author | mullan |
Thu, 25 Jul 2013 20:12:14 -0400 | |
changeset 19051 | 6c0cfc00b3ed |
parent 18780 | f47b920867e7 |
child 23010 | 6dadb192ad81 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
1337 | 2 |
* reserved comment block |
3 |
* DO NOT REMOVE OR ALTER! |
|
2 | 4 |
*/ |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
1337 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
1337 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
21 |
* under the License. |
1337 | 22 |
*/ |
23 |
/* |
|
5506 | 24 |
* Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. |
1337 | 25 |
*/ |
26 |
/* |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
27 |
* $Id: DOMManifest.java 1333415 2012-05-03 12:03:51Z coheigea $ |
2 | 28 |
*/ |
29 |
package org.jcp.xml.dsig.internal.dom; |
|
30 |
||
31 |
import javax.xml.crypto.*; |
|
32 |
import javax.xml.crypto.dom.DOMCryptoContext; |
|
33 |
import javax.xml.crypto.dsig.*; |
|
34 |
||
1337 | 35 |
import java.security.Provider; |
2 | 36 |
import java.util.*; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
37 |
|
18240 | 38 |
import org.w3c.dom.Attr; |
2 | 39 |
import org.w3c.dom.Document; |
40 |
import org.w3c.dom.Element; |
|
41 |
import org.w3c.dom.Node; |
|
42 |
||
43 |
/** |
|
44 |
* DOM-based implementation of Manifest. |
|
45 |
* |
|
46 |
* @author Sean Mullan |
|
47 |
*/ |
|
48 |
public final class DOMManifest extends DOMStructure implements Manifest { |
|
49 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
50 |
private final List<Reference> references; |
2 | 51 |
private final String id; |
52 |
||
53 |
/** |
|
54 |
* Creates a <code>DOMManifest</code> containing the specified |
|
55 |
* list of {@link Reference}s and optional id. |
|
56 |
* |
|
57 |
* @param references a list of one or more <code>Reference</code>s. The list |
|
58 |
* is defensively copied to protect against subsequent modification. |
|
59 |
* @param id the id (may be <code>null</code> |
|
60 |
* @throws NullPointerException if <code>references</code> is |
|
61 |
* <code>null</code> |
|
62 |
* @throws IllegalArgumentException if <code>references</code> is empty |
|
63 |
* @throws ClassCastException if <code>references</code> contains any |
|
64 |
* entries that are not of type {@link Reference} |
|
65 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
66 |
public DOMManifest(List<? extends Reference> references, String id) { |
2 | 67 |
if (references == null) { |
68 |
throw new NullPointerException("references cannot be null"); |
|
69 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
70 |
this.references = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
71 |
Collections.unmodifiableList(new ArrayList<Reference>(references)); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
72 |
if (this.references.isEmpty()) { |
2 | 73 |
throw new IllegalArgumentException("list of references must " + |
74 |
"contain at least one entry"); |
|
75 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
76 |
for (int i = 0, size = this.references.size(); i < size; i++) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
77 |
if (!(this.references.get(i) instanceof Reference)) { |
2 | 78 |
throw new ClassCastException |
79 |
("references["+i+"] is not a valid type"); |
|
80 |
} |
|
81 |
} |
|
82 |
this.id = id; |
|
83 |
} |
|
84 |
||
85 |
/** |
|
86 |
* Creates a <code>DOMManifest</code> from an element. |
|
87 |
* |
|
88 |
* @param manElem a Manifest element |
|
89 |
*/ |
|
1337 | 90 |
public DOMManifest(Element manElem, XMLCryptoContext context, |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
91 |
Provider provider) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
92 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
93 |
{ |
18240 | 94 |
Attr attr = manElem.getAttributeNodeNS(null, "Id"); |
95 |
if (attr != null) { |
|
96 |
this.id = attr.getValue(); |
|
97 |
manElem.setIdAttributeNode(attr, true); |
|
98 |
} else { |
|
99 |
this.id = null; |
|
100 |
} |
|
101 |
||
102 |
boolean secVal = Utils.secureValidation(context); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
103 |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
104 |
Element refElem = DOMUtils.getFirstChildElement(manElem, "Reference"); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
105 |
List<Reference> refs = new ArrayList<Reference>(); |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
106 |
refs.add(new DOMReference(refElem, context, provider)); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
107 |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
108 |
refElem = DOMUtils.getNextSiblingElement(refElem); |
2 | 109 |
while (refElem != null) { |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
110 |
String localName = refElem.getLocalName(); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
111 |
if (!localName.equals("Reference")) { |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
112 |
throw new MarshalException("Invalid element name: " + |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
113 |
localName + ", expected Reference"); |
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
114 |
} |
1337 | 115 |
refs.add(new DOMReference(refElem, context, provider)); |
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
116 |
if (secVal && (refs.size() > DOMSignedInfo.MAXIMUM_REFERENCE_COUNT)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
117 |
String error = "A maxiumum of " + DOMSignedInfo.MAXIMUM_REFERENCE_COUNT + " " |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
118 |
+ "references per Manifest are allowed with secure validation"; |
18240 | 119 |
throw new MarshalException(error); |
120 |
} |
|
19051
6c0cfc00b3ed
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
mullan
parents:
18780
diff
changeset
|
121 |
refElem = DOMUtils.getNextSiblingElement(refElem); |
2 | 122 |
} |
123 |
this.references = Collections.unmodifiableList(refs); |
|
124 |
} |
|
125 |
||
126 |
public String getId() { |
|
127 |
return id; |
|
128 |
} |
|
129 |
||
130 |
public List getReferences() { |
|
131 |
return references; |
|
132 |
} |
|
133 |
||
134 |
public void marshal(Node parent, String dsPrefix, DOMCryptoContext context) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
135 |
throws MarshalException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
136 |
{ |
2 | 137 |
Document ownerDoc = DOMUtils.getOwnerDocument(parent); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
138 |
Element manElem = DOMUtils.createElement(ownerDoc, "Manifest", |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
139 |
XMLSignature.XMLNS, dsPrefix); |
2 | 140 |
|
141 |
DOMUtils.setAttributeID(manElem, "Id", id); |
|
142 |
||
143 |
// add references |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
144 |
for (Reference ref : references) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
145 |
((DOMReference)ref).marshal(manElem, dsPrefix, context); |
2 | 146 |
} |
147 |
parent.appendChild(manElem); |
|
148 |
} |
|
149 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
150 |
@Override |
2 | 151 |
public boolean equals(Object o) { |
152 |
if (this == o) { |
|
153 |
return true; |
|
154 |
} |
|
155 |
||
156 |
if (!(o instanceof Manifest)) { |
|
157 |
return false; |
|
158 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
159 |
Manifest oman = (Manifest)o; |
2 | 160 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
161 |
boolean idsEqual = (id == null ? oman.getId() == null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
162 |
: id.equals(oman.getId())); |
2 | 163 |
|
164 |
return (idsEqual && references.equals(oman.getReferences())); |
|
165 |
} |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
166 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
167 |
@Override |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
168 |
public int hashCode() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
169 |
int result = 17; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
170 |
if (id != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
171 |
result = 31 * result + id.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
172 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
173 |
result = 31 * result + references.hashCode(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
174 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
175 |
return result; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
176 |
} |
2 | 177 |
} |