jdk-sandbox: comparison jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java

equal deleted inserted replaced

-:2d131cf5db63
+:f47b920867e7
 /*
 * reserved comment block
 * DO NOT REMOVE OR ALTER!
 */
-/*
+/**
-* Copyright 2005 The Apache Software Foundation.
+* Licensed to the Apache Software Foundation (ASF) under one
+* or more contributor license agreements. See the NOTICE file
+* distributed with this work for additional information
+* regarding copyright ownership. The ASF licenses this file
+* to you under the Apache License, Version 2.0 (the
+* "License"); you may not use this file except in compliance
+* with the License. You may obtain a copy of the License at
 *
-*  Licensed under the Apache License, Version 2.0 (the "License");
+* http://www.apache.org/licenses/LICENSE-2.0
-*  you may not use this file except in compliance with the License.
-*  You may obtain a copy of the License at
 *
-*      http://www.apache.org/licenses/LICENSE-2.0
+* Unless required by applicable law or agreed to in writing,
-*
+* software distributed under the License is distributed on an
-*  Unless required by applicable law or agreed to in writing, software
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-*  distributed under the License is distributed on an "AS IS" BASIS,
+* KIND, either express or implied. See the License for the
-*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* specific language governing permissions and limitations
-*  See the License for the specific language governing permissions and
+* under the License.
-*  limitations under the License.
-*
 */
 /*
 * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
 */
 /*
 * (C) Copyright IBM Corp. 2003 All Rights Reserved.
 *
 * ===========================================================================
 */
 /*
-* $Id: DOMXMLSignature.java,v 1.2 2008/07/24 15:20:32 mullan Exp $
+* $Id: DOMXMLSignature.java 1333415 2012-05-03 12:03:51Z coheigea $
 */
 package org.jcp.xml.dsig.internal.dom;
 import javax.xml.crypto.*;
 import javax.xml.crypto.dom.*;
 import javax.xml.crypto.dsig.*;
 import javax.xml.crypto.dsig.dom.DOMSignContext;
 import javax.xml.crypto.dsig.dom.DOMValidateContext;
 import javax.xml.crypto.dsig.keyinfo.KeyInfo;
-import java.io.*;
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.Provider;
 import java.util.Collections;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
-import java.util.logging.Level;
-import java.util.logging.Logger;
 import org.w3c.dom.Attr;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 * @author Joyce Leung
 */
 public final class DOMXMLSignature extends DOMStructure
 implements XMLSignature {
-private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom");
+private static java.util.logging.Logger log =
+java.util.logging.Logger.getLogger("org.jcp.xml.dsig.internal.dom");
 private String id;
 private SignatureValue sv;
 private KeyInfo ki;
-private List objects;
+private List<XMLObject> objects;
 private SignedInfo si;
 private Document ownerDoc = null;
 private Element localSigElem = null;
 private Element sigElem = null;
 private boolean validationStatus;
 private boolean validated = false;
 private KeySelectorResult ksr;
-private HashMap signatureIdMap;
+private HashMap<String, XMLStructure> signatureIdMap;
 static {
 com.sun.org.apache.xml.internal.security.Init.init();
 }
 * @param id an optional id (specify <code>null</code> to omit)
 * @param signatureValueId an optional id (specify <code>null</code> to
 *  omit)
 * @throws NullPointerException if <code>si</code> is <code>null</code>
 */
-public DOMXMLSignature(SignedInfo si, KeyInfo ki, List objs, String id,
+public DOMXMLSignature(SignedInfo si, KeyInfo ki,
-String signatureValueId)
+List<? extends XMLObject> objs,
+String id, String signatureValueId)
 {
 if (si == null) {
 throw new NullPointerException("signedInfo cannot be null");
 }
 this.si = si;
 this.id = id;
 this.sv = new DOMSignatureValue(signatureValueId);
 if (objs == null) {
-this.objects = Collections.EMPTY_LIST;
+this.objects = Collections.emptyList();
 } else {
-List objsCopy = new ArrayList(objs);
+this.objects =
-for (int i = 0, size = objsCopy.size(); i < size; i++) {
+Collections.unmodifiableList(new ArrayList<XMLObject>(objs));
-if (!(objsCopy.get(i) instanceof XMLObject)) {
+for (int i = 0, size = this.objects.size(); i < size; i++) {
+if (!(this.objects.get(i) instanceof XMLObject)) {
 throw new ClassCastException
 ("objs["+i+"] is not an XMLObject");
 }
 }
-this.objects = Collections.unmodifiableList(objsCopy);
 }
 this.ki = ki;
 }
 /**
 *
 * @param sigElem Signature element
 * @throws MarshalException if XMLSignature cannot be unmarshalled
 */
 public DOMXMLSignature(Element sigElem, XMLCryptoContext context,
-Provider provider) throws MarshalException {
+Provider provider)
+throws MarshalException
+{
 localSigElem = sigElem;
 ownerDoc = localSigElem.getOwnerDocument();
 // get Id attribute, if specified
 id = DOMUtils.getAttributeValue(localSigElem, "Id");
 Element siElem = DOMUtils.getFirstChildElement(localSigElem);
 si = new DOMSignedInfo(siElem, context, provider);
 // unmarshal SignatureValue
 Element sigValElem = DOMUtils.getNextSiblingElement(siElem);
-sv = new DOMSignatureValue(sigValElem);
+sv = new DOMSignatureValue(sigValElem, context);
 // unmarshal KeyInfo, if specified
 Element nextSibling = DOMUtils.getNextSiblingElement(sigValElem);
 if (nextSibling != null && nextSibling.getLocalName().equals("KeyInfo")) {
 ki = new DOMKeyInfo(nextSibling, context, provider);
 nextSibling = DOMUtils.getNextSiblingElement(nextSibling);
 }
 // unmarshal Objects, if specified
 if (nextSibling == null) {
-objects = Collections.EMPTY_LIST;
+objects = Collections.emptyList();
 } else {
-List tempObjects = new ArrayList();
+List<XMLObject> tempObjects = new ArrayList<XMLObject>();
 while (nextSibling != null) {
-tempObjects.add
+tempObjects.add(new DOMXMLObject(nextSibling,
-(new DOMXMLObject(nextSibling, context, provider));
+context, provider));
 nextSibling = DOMUtils.getNextSiblingElement(nextSibling);
 }
 objects = Collections.unmodifiableList(tempObjects);
 }
 }
 public KeySelectorResult getKeySelectorResult() {
 return ksr;
 }
 public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
-throws MarshalException {
+throws MarshalException
+{
 marshal(parent, null, dsPrefix, context);
 }
 public void marshal(Node parent, Node nextSibling, String dsPrefix,
-DOMCryptoContext context) throws MarshalException {
+DOMCryptoContext context)
+throws MarshalException
+{
 ownerDoc = DOMUtils.getOwnerDocument(parent);
+sigElem = DOMUtils.createElement(ownerDoc, "Signature",
-sigElem = DOMUtils.createElement
+XMLSignature.XMLNS, dsPrefix);
-(ownerDoc, "Signature", XMLSignature.XMLNS, dsPrefix);
 // append xmlns attribute
 if (dsPrefix == null || dsPrefix.length() == 0) {
-sigElem.setAttributeNS
+sigElem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns",
-("http://www.w3.org/2000/xmlns/", "xmlns", XMLSignature.XMLNS);
+XMLSignature.XMLNS);
 } else {
-sigElem.setAttributeNS
+sigElem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:" +
-("http://www.w3.org/2000/xmlns/", "xmlns:" + dsPrefix,
+dsPrefix, XMLSignature.XMLNS);
-XMLSignature.XMLNS);
 }
 // create and append SignedInfo element
-((DOMSignedInfo) si).marshal(sigElem, dsPrefix, context);
+((DOMSignedInfo)si).marshal(sigElem, dsPrefix, context);
 // create and append SignatureValue element
-((DOMSignatureValue) sv).marshal(sigElem, dsPrefix, context);
+((DOMSignatureValue)sv).marshal(sigElem, dsPrefix, context);
 // create and append KeyInfo element if necessary
 if (ki != null) {
-((DOMKeyInfo) ki).marshal(sigElem, null, dsPrefix, context);
+((DOMKeyInfo)ki).marshal(sigElem, null, dsPrefix, context);
 }
 // create and append Object elements if necessary
 for (int i = 0, size = objects.size(); i < size; i++) {
-((DOMXMLObject) objects.get(i)).marshal(sigElem, dsPrefix, context);
+((DOMXMLObject)objects.get(i)).marshal(sigElem, dsPrefix, context);
 }
 // append Id attribute
 DOMUtils.setAttributeID(sigElem, "Id", id);
 parent.insertBefore(sigElem, nextSibling);
 }
 public boolean validate(XMLValidateContext vc)
-throws XMLSignatureException {
+throws XMLSignatureException
+{
 if (vc == null) {
 throw new NullPointerException("validateContext is null");
 }
 if (!(vc instanceof DOMValidateContext)) {
 validated = true;
 return validationStatus;
 }
 // validate all References
-List refs = this.si.getReferences();
+@SuppressWarnings("unchecked")
+List<Reference> refs = this.si.getReferences();
 boolean validateRefs = true;
 for (int i = 0, size = refs.size(); validateRefs && i < size; i++) {
-Reference ref = (Reference) refs.get(i);
+Reference ref = refs.get(i);
 boolean refValid = ref.validate(vc);
-if (log.isLoggable(Level.FINE)) {
+if (log.isLoggable(java.util.logging.Level.FINE)) {
-log.log(Level.FINE, "Reference[" + ref.getURI() + "] is valid: "
+log.log(java.util.logging.Level.FINE, "Reference[" + ref.getURI() + "] is valid: " + refValid);
-+ refValid);
 }
 validateRefs &= refValid;
 }
 if (!validateRefs) {
-if (log.isLoggable(Level.FINE)) {
+if (log.isLoggable(java.util.logging.Level.FINE)) {
-log.log(Level.FINE, "Couldn't validate the References");
+log.log(java.util.logging.Level.FINE, "Couldn't validate the References");
 }
 validationStatus = false;
 validated = true;
 return validationStatus;
 }
 // validate Manifests, if property set
 boolean validateMans = true;
 if (Boolean.TRUE.equals(vc.getProperty
-("org.jcp.xml.dsig.validateManifests"))) {
+("org.jcp.xml.dsig.validateManifests")))
+{
 for (int i=0, size=objects.size(); validateMans && i < size; i++) {
-XMLObject xo = (XMLObject) objects.get(i);
+XMLObject xo = objects.get(i);
-List content = xo.getContent();
+@SuppressWarnings("unchecked")
+List<XMLStructure> content = xo.getContent();
 int csize = content.size();
 for (int j = 0; validateMans && j < csize; j++) {
-XMLStructure xs = (XMLStructure) content.get(j);
+XMLStructure xs = content.get(j);
 if (xs instanceof Manifest) {
-if (log.isLoggable(Level.FINE)) {
+if (log.isLoggable(java.util.logging.Level.FINE)) {
-log.log(Level.FINE, "validating manifest");
+log.log(java.util.logging.Level.FINE, "validating manifest");
 }
-Manifest man = (Manifest) xs;
+Manifest man = (Manifest)xs;
-List manRefs = man.getReferences();
+@SuppressWarnings("unchecked")
+List<Reference> manRefs = man.getReferences();
 int rsize = manRefs.size();
 for (int k = 0; validateMans && k < rsize; k++) {
-Reference ref = (Reference) manRefs.get(k);
+Reference ref = manRefs.get(k);
 boolean refValid = ref.validate(vc);
-if (log.isLoggable(Level.FINE)) {
+if (log.isLoggable(java.util.logging.Level.FINE)) {
-log.log(Level.FINE, "Manifest ref["
+log.log(java.util.logging.Level.FINE,
-+ ref.getURI() + "] is valid: " + refValid);
+"Manifest ref[" + ref.getURI() + "] is valid: " + refValid
+);
 }
 validateMans &= refValid;
 }
 }
 }
 validated = true;
 return validationStatus;
 }
 public void sign(XMLSignContext signContext)
-throws MarshalException, XMLSignatureException {
+throws MarshalException, XMLSignatureException
+{
 if (signContext == null) {
 throw new NullPointerException("signContext cannot be null");
 }
-DOMSignContext context = (DOMSignContext) signContext;
+DOMSignContext context = (DOMSignContext)signContext;
-if (context != null) {
+marshal(context.getParent(), context.getNextSibling(),
-marshal(context.getParent(), context.getNextSibling(),
 DOMUtils.getSignaturePrefix(context), context);
-}
 // generate references and signature value
-List allReferences = new ArrayList();
+List<Reference> allReferences = new ArrayList<Reference>();
 // traverse the Signature and register all objects with IDs that
 // may contain References
-signatureIdMap = new HashMap();
+signatureIdMap = new HashMap<String, XMLStructure>();
 signatureIdMap.put(id, this);
 signatureIdMap.put(si.getId(), si);
-List refs = si.getReferences();
+@SuppressWarnings("unchecked")
-for (int i = 0, size = refs.size(); i < size; i++) {
+List<Reference> refs = si.getReferences();
-Reference ref = (Reference) refs.get(i);
+for (Reference ref : refs) {
 signatureIdMap.put(ref.getId(), ref);
 }
-for (int i = 0, size = objects.size(); i < size; i++) {
+for (XMLObject obj : objects) {
-XMLObject obj = (XMLObject) objects.get(i);
 signatureIdMap.put(obj.getId(), obj);
-List content = obj.getContent();
+@SuppressWarnings("unchecked")
-for (int j = 0, csize = content.size(); j < csize; j++) {
+List<XMLStructure> content = obj.getContent();
-XMLStructure xs = (XMLStructure) content.get(j);
+for (XMLStructure xs : content) {
 if (xs instanceof Manifest) {
-Manifest man = (Manifest) xs;
+Manifest man = (Manifest)xs;
 signatureIdMap.put(man.getId(), man);
-List manRefs = man.getReferences();
+@SuppressWarnings("unchecked")
-for (int k = 0, msize = manRefs.size(); k < msize; k++) {
+List<Reference> manRefs = man.getReferences();
-Reference ref = (Reference) manRefs.get(k);
+for (Reference ref : manRefs) {
 allReferences.add(ref);
 signatureIdMap.put(ref.getId(), ref);
 }
 }
 }
 }
 // always add SignedInfo references after Manifest references so
 // that Manifest reference are digested first
-allReferences.addAll(si.getReferences());
+allReferences.addAll(refs);
 // generate/digest each reference
-for (int i = 0, size = allReferences.size(); i < size; i++) {
+for (Reference ref : allReferences) {
-DOMReference ref = (DOMReference) allReferences.get(i);
+digestReference((DOMReference)ref, signContext);
-digestReference(ref, signContext);
 }
 // do final sweep to digest any references that were skipped or missed
-for (int i = 0, size = allReferences.size(); i < size; i++) {
+for (Reference ref : allReferences) {
-DOMReference ref = (DOMReference) allReferences.get(i);
+if (((DOMReference)ref).isDigested()) {
-if (ref.isDigested()) {
 continue;
 }
-ref.digest(signContext);
+((DOMReference)ref).digest(signContext);
 }
 Key signingKey = null;
 KeySelectorResult ksr = null;
 try {
-ksr = signContext.getKeySelector().select
+ksr = signContext.getKeySelector().select(ki,
-(ki, KeySelector.Purpose.SIGN,
+KeySelector.Purpose.SIGN,
-si.getSignatureMethod(), signContext);
+si.getSignatureMethod(),
+signContext);
 signingKey = ksr.getKey();
 if (signingKey == null) {
 throw new XMLSignatureException("the keySelector did not " +
 "find a signing key");
 }
 } catch (KeySelectorException kse) {
 throw new XMLSignatureException("cannot find signing key", kse);
 }
 // calculate signature value
-byte[] val = null;
 try {
-val = ((DOMSignatureMethod) si.getSignatureMethod()).sign
+byte[] val = ((AbstractDOMSignatureMethod)
-(signingKey, (DOMSignedInfo) si, signContext);
+si.getSignatureMethod()).sign(signingKey, si, signContext);
+((DOMSignatureValue)sv).setValue(val);
 } catch (InvalidKeyException ike) {
 throw new XMLSignatureException(ike);
 }
-if (log.isLoggable(Level.FINE)) {
-log.log(Level.FINE, "SignatureValue = " + val);
-}
-((DOMSignatureValue) sv).setValue(val);
 this.localSigElem = sigElem;
 this.ksr = ksr;
 }
+@Override
 public boolean equals(Object o) {
 if (this == o) {
 return true;
 }
 if (!(o instanceof XMLSignature)) {
 return false;
 }
-XMLSignature osig = (XMLSignature) o;
+XMLSignature osig = (XMLSignature)o;
 boolean idEqual =
 (id == null ? osig.getId() == null : id.equals(osig.getId()));
 boolean keyInfoEqual =
-(ki == null ? osig.getKeyInfo() == null :
+(ki == null ? osig.getKeyInfo() == null
-ki.equals(osig.getKeyInfo()));
+: ki.equals(osig.getKeyInfo()));
 return (idEqual && keyInfoEqual &&
 sv.equals(osig.getSignatureValue()) &&
 si.equals(osig.getSignedInfo()) &&
 objects.equals(osig.getObjects()));
+}
+@Override
+public int hashCode() {
+int result = 17;
+if (id != null) {
+result = 31 * result + id.hashCode();
+}
+if (ki != null) {
+result = 31 * result + ki.hashCode();
+}
+result = 31 * result + sv.hashCode();
+result = 31 * result + si.hashCode();
+result = 31 * result + objects.hashCode();
+return result;
 }
 private void digestReference(DOMReference ref, XMLSignContext signContext)
-throws XMLSignatureException {
+throws XMLSignatureException
+{
 if (ref.isDigested()) {
 return;
 }
 // check dependencies
 String uri = ref.getURI();
 if (Utils.sameDocumentURI(uri)) {
 String id = Utils.parseIdFromSameDocumentURI(uri);
 if (id != null && signatureIdMap.containsKey(id)) {
-Object obj = signatureIdMap.get(id);
+XMLStructure xs = signatureIdMap.get(id);
-if (obj instanceof DOMReference) {
+if (xs instanceof DOMReference) {
-digestReference((DOMReference) obj, signContext);
+digestReference((DOMReference)xs, signContext);
-} else if (obj instanceof Manifest) {
+} else if (xs instanceof Manifest) {
-Manifest man = (Manifest) obj;
+Manifest man = (Manifest)xs;
 List manRefs = man.getReferences();
 for (int i = 0, size = manRefs.size(); i < size; i++) {
-digestReference
+digestReference((DOMReference)manRefs.get(i),
-((DOMReference) manRefs.get(i), signContext);
+signContext);
 }
 }
 }
 // if uri="" and there are XPath Transforms, there may be
 // reference dependencies in the XPath Transform - so be on
 // the safe side, and skip and do at end in the final sweep
 if (uri.length() == 0) {
-List transforms = ref.getTransforms();
+@SuppressWarnings("unchecked")
-for (int i = 0, size = transforms.size(); i < size; i++) {
+List<Transform> transforms = ref.getTransforms();
-Transform transform = (Transform) transforms.get(i);
+for (Transform transform : transforms) {
 String transformAlg = transform.getAlgorithm();
 if (transformAlg.equals(Transform.XPATH) ||
 transformAlg.equals(Transform.XPATH2)) {
 return;
 }
 }
 ref.digest(signContext);
 }
 public class DOMSignatureValue extends DOMStructure
-implements SignatureValue {
+implements SignatureValue
+{
 private String id;
 private byte[] value;
 private String valueBase64;
 private Element sigValueElem;
 private boolean validated = false;
 DOMSignatureValue(String id) {
 this.id = id;
 }
-DOMSignatureValue(Element sigValueElem) throws MarshalException {
+DOMSignatureValue(Element sigValueElem, XMLCryptoContext context)
+throws MarshalException
+{
 try {
 // base64 decode signatureValue
 value = Base64.decode(sigValueElem);
 } catch (Base64DecodingException bde) {
 throw new MarshalException(bde);
 public String getId() {
 return id;
 }
 public byte[] getValue() {
-return (value == null) ? null : (byte[]) value.clone();
+return (value == null) ? null : (byte[])value.clone();
 }
 public boolean validate(XMLValidateContext validateContext)
-throws XMLSignatureException {
+throws XMLSignatureException
+{
 if (validateContext == null) {
 throw new NullPointerException("context cannot be null");
 }
 if (validated) {
 try {
 ksResult = validateContext.getKeySelector().select
 (ki, KeySelector.Purpose.VERIFY, sm, validateContext);
 validationKey = ksResult.getKey();
 if (validationKey == null) {
-throw new XMLSignatureException("the keyselector did " +
+throw new XMLSignatureException("the keyselector did not " +
-"not find a validation key");
+"find a validation key");
 }
 } catch (KeySelectorException kse) {
 throw new XMLSignatureException("cannot find validation " +
 "key", kse);
 }
 // canonicalize SignedInfo and verify signature
 try {
-validationStatus = ((DOMSignatureMethod) sm).verify
+validationStatus = ((AbstractDOMSignatureMethod)sm).verify
-(validationKey, (DOMSignedInfo) si, value, validateContext);
+(validationKey, si, value, validateContext);
 } catch (Exception e) {
 throw new XMLSignatureException(e);
 }
 validated = true;
 ksr = ksResult;
 return validationStatus;
 }
+@Override
 public boolean equals(Object o) {
 if (this == o) {
 return true;
 }
 if (!(o instanceof SignatureValue)) {
 return false;
 }
-SignatureValue osv = (SignatureValue) o;
+SignatureValue osv = (SignatureValue)o;
 boolean idEqual =
 (id == null ? osv.getId() == null : id.equals(osv.getId()));
 //XXX compare signature values?
 return idEqual;
 }
+@Override
+public int hashCode() {
+int result = 17;
+if (id != null) {
+result = 31 * result + id.hashCode();
+}
+return result;
+}
 public void marshal(Node parent, String dsPrefix,
-DOMCryptoContext context) throws MarshalException {
+DOMCryptoContext context)
+throws MarshalException
+{
 // create SignatureValue element
-sigValueElem = DOMUtils.createElement
+sigValueElem = DOMUtils.createElement(ownerDoc, "SignatureValue",
-(ownerDoc, "SignatureValue", XMLSignature.XMLNS, dsPrefix);
+XMLSignature.XMLNS, dsPrefix);
 if (valueBase64 != null) {
 sigValueElem.appendChild(ownerDoc.createTextNode(valueBase64));
 }
 // append Id attribute, if specified

changeset 18780	f47b920867e7
parent 18240	cda839ac048f
child 19051	6c0cfc00b3ed