--- a/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Thu Jun 20 18:53:57 2013 +0100
+++ b/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Fri Jul 05 15:54:42 2013 -0400
@@ -2,21 +2,23 @@
* reserved comment block
* DO NOT REMOVE OR ALTER!
*/
-/*
- * Copyright 2005 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
/*
* Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
@@ -29,7 +31,7 @@
* ===========================================================================
*/
/*
- * $Id: DOMXMLSignature.java,v 1.2 2008/07/24 15:20:32 mullan Exp $
+ * $Id: DOMXMLSignature.java 1333415 2012-05-03 12:03:51Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -40,7 +42,6 @@
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
-import java.io.*;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.Provider;
@@ -48,8 +49,7 @@
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
-import java.util.logging.Level;
-import java.util.logging.Logger;
+
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -67,11 +67,12 @@
public final class DOMXMLSignature extends DOMStructure
implements XMLSignature {
- private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom");
+ private static java.util.logging.Logger log =
+ java.util.logging.Logger.getLogger("org.jcp.xml.dsig.internal.dom");
private String id;
private SignatureValue sv;
private KeyInfo ki;
- private List objects;
+ private List<XMLObject> objects;
private SignedInfo si;
private Document ownerDoc = null;
private Element localSigElem = null;
@@ -79,7 +80,7 @@
private boolean validationStatus;
private boolean validated = false;
private KeySelectorResult ksr;
- private HashMap signatureIdMap;
+ private HashMap<String, XMLStructure> signatureIdMap;
static {
com.sun.org.apache.xml.internal.security.Init.init();
@@ -98,8 +99,9 @@
* omit)
* @throws NullPointerException if <code>si</code> is <code>null</code>
*/
- public DOMXMLSignature(SignedInfo si, KeyInfo ki, List objs, String id,
- String signatureValueId)
+ public DOMXMLSignature(SignedInfo si, KeyInfo ki,
+ List<? extends XMLObject> objs,
+ String id, String signatureValueId)
{
if (si == null) {
throw new NullPointerException("signedInfo cannot be null");
@@ -108,16 +110,16 @@
this.id = id;
this.sv = new DOMSignatureValue(signatureValueId);
if (objs == null) {
- this.objects = Collections.EMPTY_LIST;
+ this.objects = Collections.emptyList();
} else {
- List objsCopy = new ArrayList(objs);
- for (int i = 0, size = objsCopy.size(); i < size; i++) {
- if (!(objsCopy.get(i) instanceof XMLObject)) {
+ this.objects =
+ Collections.unmodifiableList(new ArrayList<XMLObject>(objs));
+ for (int i = 0, size = this.objects.size(); i < size; i++) {
+ if (!(this.objects.get(i) instanceof XMLObject)) {
throw new ClassCastException
("objs["+i+"] is not an XMLObject");
}
}
- this.objects = Collections.unmodifiableList(objsCopy);
}
this.ki = ki;
}
@@ -129,7 +131,9 @@
* @throws MarshalException if XMLSignature cannot be unmarshalled
*/
public DOMXMLSignature(Element sigElem, XMLCryptoContext context,
- Provider provider) throws MarshalException {
+ Provider provider)
+ throws MarshalException
+ {
localSigElem = sigElem;
ownerDoc = localSigElem.getOwnerDocument();
@@ -142,7 +146,7 @@
// unmarshal SignatureValue
Element sigValElem = DOMUtils.getNextSiblingElement(siElem);
- sv = new DOMSignatureValue(sigValElem);
+ sv = new DOMSignatureValue(sigValElem, context);
// unmarshal KeyInfo, if specified
Element nextSibling = DOMUtils.getNextSiblingElement(sigValElem);
@@ -153,12 +157,12 @@
// unmarshal Objects, if specified
if (nextSibling == null) {
- objects = Collections.EMPTY_LIST;
+ objects = Collections.emptyList();
} else {
- List tempObjects = new ArrayList();
+ List<XMLObject> tempObjects = new ArrayList<XMLObject>();
while (nextSibling != null) {
- tempObjects.add
- (new DOMXMLObject(nextSibling, context, provider));
+ tempObjects.add(new DOMXMLObject(nextSibling,
+ context, provider));
nextSibling = DOMUtils.getNextSiblingElement(nextSibling);
}
objects = Collections.unmodifiableList(tempObjects);
@@ -190,41 +194,42 @@
}
public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
- throws MarshalException {
+ throws MarshalException
+ {
marshal(parent, null, dsPrefix, context);
}
public void marshal(Node parent, Node nextSibling, String dsPrefix,
- DOMCryptoContext context) throws MarshalException {
+ DOMCryptoContext context)
+ throws MarshalException
+ {
ownerDoc = DOMUtils.getOwnerDocument(parent);
-
- sigElem = DOMUtils.createElement
- (ownerDoc, "Signature", XMLSignature.XMLNS, dsPrefix);
+ sigElem = DOMUtils.createElement(ownerDoc, "Signature",
+ XMLSignature.XMLNS, dsPrefix);
// append xmlns attribute
if (dsPrefix == null || dsPrefix.length() == 0) {
- sigElem.setAttributeNS
- ("http://www.w3.org/2000/xmlns/", "xmlns", XMLSignature.XMLNS);
+ sigElem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns",
+ XMLSignature.XMLNS);
} else {
- sigElem.setAttributeNS
- ("http://www.w3.org/2000/xmlns/", "xmlns:" + dsPrefix,
- XMLSignature.XMLNS);
+ sigElem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:" +
+ dsPrefix, XMLSignature.XMLNS);
}
// create and append SignedInfo element
- ((DOMSignedInfo) si).marshal(sigElem, dsPrefix, context);
+ ((DOMSignedInfo)si).marshal(sigElem, dsPrefix, context);
// create and append SignatureValue element
- ((DOMSignatureValue) sv).marshal(sigElem, dsPrefix, context);
+ ((DOMSignatureValue)sv).marshal(sigElem, dsPrefix, context);
// create and append KeyInfo element if necessary
if (ki != null) {
- ((DOMKeyInfo) ki).marshal(sigElem, null, dsPrefix, context);
+ ((DOMKeyInfo)ki).marshal(sigElem, null, dsPrefix, context);
}
// create and append Object elements if necessary
for (int i = 0, size = objects.size(); i < size; i++) {
- ((DOMXMLObject) objects.get(i)).marshal(sigElem, dsPrefix, context);
+ ((DOMXMLObject)objects.get(i)).marshal(sigElem, dsPrefix, context);
}
// append Id attribute
@@ -234,8 +239,8 @@
}
public boolean validate(XMLValidateContext vc)
- throws XMLSignatureException {
-
+ throws XMLSignatureException
+ {
if (vc == null) {
throw new NullPointerException("validateContext is null");
}
@@ -258,20 +263,20 @@
}
// validate all References
- List refs = this.si.getReferences();
+ @SuppressWarnings("unchecked")
+ List<Reference> refs = this.si.getReferences();
boolean validateRefs = true;
for (int i = 0, size = refs.size(); validateRefs && i < size; i++) {
- Reference ref = (Reference) refs.get(i);
+ Reference ref = refs.get(i);
boolean refValid = ref.validate(vc);
- if (log.isLoggable(Level.FINE)) {
- log.log(Level.FINE, "Reference[" + ref.getURI() + "] is valid: "
- + refValid);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Reference[" + ref.getURI() + "] is valid: " + refValid);
}
validateRefs &= refValid;
}
if (!validateRefs) {
- if (log.isLoggable(Level.FINE)) {
- log.log(Level.FINE, "Couldn't validate the References");
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "Couldn't validate the References");
}
validationStatus = false;
validated = true;
@@ -281,27 +286,30 @@
// validate Manifests, if property set
boolean validateMans = true;
if (Boolean.TRUE.equals(vc.getProperty
- ("org.jcp.xml.dsig.validateManifests"))) {
-
+ ("org.jcp.xml.dsig.validateManifests")))
+ {
for (int i=0, size=objects.size(); validateMans && i < size; i++) {
- XMLObject xo = (XMLObject) objects.get(i);
- List content = xo.getContent();
+ XMLObject xo = objects.get(i);
+ @SuppressWarnings("unchecked")
+ List<XMLStructure> content = xo.getContent();
int csize = content.size();
for (int j = 0; validateMans && j < csize; j++) {
- XMLStructure xs = (XMLStructure) content.get(j);
+ XMLStructure xs = content.get(j);
if (xs instanceof Manifest) {
- if (log.isLoggable(Level.FINE)) {
- log.log(Level.FINE, "validating manifest");
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE, "validating manifest");
}
- Manifest man = (Manifest) xs;
- List manRefs = man.getReferences();
+ Manifest man = (Manifest)xs;
+ @SuppressWarnings("unchecked")
+ List<Reference> manRefs = man.getReferences();
int rsize = manRefs.size();
for (int k = 0; validateMans && k < rsize; k++) {
- Reference ref = (Reference) manRefs.get(k);
+ Reference ref = manRefs.get(k);
boolean refValid = ref.validate(vc);
- if (log.isLoggable(Level.FINE)) {
- log.log(Level.FINE, "Manifest ref["
- + ref.getURI() + "] is valid: " + refValid);
+ if (log.isLoggable(java.util.logging.Level.FINE)) {
+ log.log(java.util.logging.Level.FINE,
+ "Manifest ref[" + ref.getURI() + "] is valid: " + refValid
+ );
}
validateMans &= refValid;
}
@@ -316,41 +324,39 @@
}
public void sign(XMLSignContext signContext)
- throws MarshalException, XMLSignatureException {
+ throws MarshalException, XMLSignatureException
+ {
if (signContext == null) {
throw new NullPointerException("signContext cannot be null");
}
- DOMSignContext context = (DOMSignContext) signContext;
- if (context != null) {
- marshal(context.getParent(), context.getNextSibling(),
+ DOMSignContext context = (DOMSignContext)signContext;
+ marshal(context.getParent(), context.getNextSibling(),
DOMUtils.getSignaturePrefix(context), context);
- }
// generate references and signature value
- List allReferences = new ArrayList();
+ List<Reference> allReferences = new ArrayList<Reference>();
// traverse the Signature and register all objects with IDs that
// may contain References
- signatureIdMap = new HashMap();
+ signatureIdMap = new HashMap<String, XMLStructure>();
signatureIdMap.put(id, this);
signatureIdMap.put(si.getId(), si);
- List refs = si.getReferences();
- for (int i = 0, size = refs.size(); i < size; i++) {
- Reference ref = (Reference) refs.get(i);
+ @SuppressWarnings("unchecked")
+ List<Reference> refs = si.getReferences();
+ for (Reference ref : refs) {
signatureIdMap.put(ref.getId(), ref);
}
- for (int i = 0, size = objects.size(); i < size; i++) {
- XMLObject obj = (XMLObject) objects.get(i);
+ for (XMLObject obj : objects) {
signatureIdMap.put(obj.getId(), obj);
- List content = obj.getContent();
- for (int j = 0, csize = content.size(); j < csize; j++) {
- XMLStructure xs = (XMLStructure) content.get(j);
+ @SuppressWarnings("unchecked")
+ List<XMLStructure> content = obj.getContent();
+ for (XMLStructure xs : content) {
if (xs instanceof Manifest) {
- Manifest man = (Manifest) xs;
+ Manifest man = (Manifest)xs;
signatureIdMap.put(man.getId(), man);
- List manRefs = man.getReferences();
- for (int k = 0, msize = manRefs.size(); k < msize; k++) {
- Reference ref = (Reference) manRefs.get(k);
+ @SuppressWarnings("unchecked")
+ List<Reference> manRefs = man.getReferences();
+ for (Reference ref : manRefs) {
allReferences.add(ref);
signatureIdMap.put(ref.getId(), ref);
}
@@ -359,56 +365,51 @@
}
// always add SignedInfo references after Manifest references so
// that Manifest reference are digested first
- allReferences.addAll(si.getReferences());
+ allReferences.addAll(refs);
// generate/digest each reference
- for (int i = 0, size = allReferences.size(); i < size; i++) {
- DOMReference ref = (DOMReference) allReferences.get(i);
- digestReference(ref, signContext);
+ for (Reference ref : allReferences) {
+ digestReference((DOMReference)ref, signContext);
}
// do final sweep to digest any references that were skipped or missed
- for (int i = 0, size = allReferences.size(); i < size; i++) {
- DOMReference ref = (DOMReference) allReferences.get(i);
- if (ref.isDigested()) {
+ for (Reference ref : allReferences) {
+ if (((DOMReference)ref).isDigested()) {
continue;
}
- ref.digest(signContext);
+ ((DOMReference)ref).digest(signContext);
}
Key signingKey = null;
KeySelectorResult ksr = null;
try {
- ksr = signContext.getKeySelector().select
- (ki, KeySelector.Purpose.SIGN,
- si.getSignatureMethod(), signContext);
+ ksr = signContext.getKeySelector().select(ki,
+ KeySelector.Purpose.SIGN,
+ si.getSignatureMethod(),
+ signContext);
signingKey = ksr.getKey();
if (signingKey == null) {
throw new XMLSignatureException("the keySelector did not " +
- "find a signing key");
+ "find a signing key");
}
} catch (KeySelectorException kse) {
throw new XMLSignatureException("cannot find signing key", kse);
}
// calculate signature value
- byte[] val = null;
try {
- val = ((DOMSignatureMethod) si.getSignatureMethod()).sign
- (signingKey, (DOMSignedInfo) si, signContext);
+ byte[] val = ((AbstractDOMSignatureMethod)
+ si.getSignatureMethod()).sign(signingKey, si, signContext);
+ ((DOMSignatureValue)sv).setValue(val);
} catch (InvalidKeyException ike) {
throw new XMLSignatureException(ike);
}
- if (log.isLoggable(Level.FINE)) {
- log.log(Level.FINE, "SignatureValue = " + val);
- }
- ((DOMSignatureValue) sv).setValue(val);
-
this.localSigElem = sigElem;
this.ksr = ksr;
}
+ @Override
public boolean equals(Object o) {
if (this == o) {
return true;
@@ -417,22 +418,39 @@
if (!(o instanceof XMLSignature)) {
return false;
}
- XMLSignature osig = (XMLSignature) o;
+ XMLSignature osig = (XMLSignature)o;
boolean idEqual =
(id == null ? osig.getId() == null : id.equals(osig.getId()));
boolean keyInfoEqual =
- (ki == null ? osig.getKeyInfo() == null :
- ki.equals(osig.getKeyInfo()));
+ (ki == null ? osig.getKeyInfo() == null
+ : ki.equals(osig.getKeyInfo()));
return (idEqual && keyInfoEqual &&
- sv.equals(osig.getSignatureValue()) &&
- si.equals(osig.getSignedInfo()) &&
- objects.equals(osig.getObjects()));
+ sv.equals(osig.getSignatureValue()) &&
+ si.equals(osig.getSignedInfo()) &&
+ objects.equals(osig.getObjects()));
+ }
+
+ @Override
+ public int hashCode() {
+ int result = 17;
+ if (id != null) {
+ result = 31 * result + id.hashCode();
+ }
+ if (ki != null) {
+ result = 31 * result + ki.hashCode();
+ }
+ result = 31 * result + sv.hashCode();
+ result = 31 * result + si.hashCode();
+ result = 31 * result + objects.hashCode();
+
+ return result;
}
private void digestReference(DOMReference ref, XMLSignContext signContext)
- throws XMLSignatureException {
+ throws XMLSignatureException
+ {
if (ref.isDigested()) {
return;
}
@@ -441,15 +459,15 @@
if (Utils.sameDocumentURI(uri)) {
String id = Utils.parseIdFromSameDocumentURI(uri);
if (id != null && signatureIdMap.containsKey(id)) {
- Object obj = signatureIdMap.get(id);
- if (obj instanceof DOMReference) {
- digestReference((DOMReference) obj, signContext);
- } else if (obj instanceof Manifest) {
- Manifest man = (Manifest) obj;
+ XMLStructure xs = signatureIdMap.get(id);
+ if (xs instanceof DOMReference) {
+ digestReference((DOMReference)xs, signContext);
+ } else if (xs instanceof Manifest) {
+ Manifest man = (Manifest)xs;
List manRefs = man.getReferences();
for (int i = 0, size = manRefs.size(); i < size; i++) {
- digestReference
- ((DOMReference) manRefs.get(i), signContext);
+ digestReference((DOMReference)manRefs.get(i),
+ signContext);
}
}
}
@@ -457,9 +475,9 @@
// reference dependencies in the XPath Transform - so be on
// the safe side, and skip and do at end in the final sweep
if (uri.length() == 0) {
- List transforms = ref.getTransforms();
- for (int i = 0, size = transforms.size(); i < size; i++) {
- Transform transform = (Transform) transforms.get(i);
+ @SuppressWarnings("unchecked")
+ List<Transform> transforms = ref.getTransforms();
+ for (Transform transform : transforms) {
String transformAlg = transform.getAlgorithm();
if (transformAlg.equals(Transform.XPATH) ||
transformAlg.equals(Transform.XPATH2)) {
@@ -472,8 +490,8 @@
}
public class DOMSignatureValue extends DOMStructure
- implements SignatureValue {
-
+ implements SignatureValue
+ {
private String id;
private byte[] value;
private String valueBase64;
@@ -485,7 +503,9 @@
this.id = id;
}
- DOMSignatureValue(Element sigValueElem) throws MarshalException {
+ DOMSignatureValue(Element sigValueElem, XMLCryptoContext context)
+ throws MarshalException
+ {
try {
// base64 decode signatureValue
value = Base64.decode(sigValueElem);
@@ -508,12 +528,12 @@
}
public byte[] getValue() {
- return (value == null) ? null : (byte[]) value.clone();
+ return (value == null) ? null : (byte[])value.clone();
}
public boolean validate(XMLValidateContext validateContext)
- throws XMLSignatureException {
-
+ throws XMLSignatureException
+ {
if (validateContext == null) {
throw new NullPointerException("context cannot be null");
}
@@ -531,18 +551,18 @@
(ki, KeySelector.Purpose.VERIFY, sm, validateContext);
validationKey = ksResult.getKey();
if (validationKey == null) {
- throw new XMLSignatureException("the keyselector did " +
- "not find a validation key");
+ throw new XMLSignatureException("the keyselector did not " +
+ "find a validation key");
}
} catch (KeySelectorException kse) {
throw new XMLSignatureException("cannot find validation " +
- "key", kse);
+ "key", kse);
}
// canonicalize SignedInfo and verify signature
try {
- validationStatus = ((DOMSignatureMethod) sm).verify
- (validationKey, (DOMSignedInfo) si, value, validateContext);
+ validationStatus = ((AbstractDOMSignatureMethod)sm).verify
+ (validationKey, si, value, validateContext);
} catch (Exception e) {
throw new XMLSignatureException(e);
}
@@ -552,6 +572,7 @@
return validationStatus;
}
+ @Override
public boolean equals(Object o) {
if (this == o) {
return true;
@@ -560,7 +581,7 @@
if (!(o instanceof SignatureValue)) {
return false;
}
- SignatureValue osv = (SignatureValue) o;
+ SignatureValue osv = (SignatureValue)o;
boolean idEqual =
(id == null ? osv.getId() == null : id.equals(osv.getId()));
@@ -569,12 +590,23 @@
return idEqual;
}
- public void marshal(Node parent, String dsPrefix,
- DOMCryptoContext context) throws MarshalException {
+ @Override
+ public int hashCode() {
+ int result = 17;
+ if (id != null) {
+ result = 31 * result + id.hashCode();
+ }
+ return result;
+ }
+
+ public void marshal(Node parent, String dsPrefix,
+ DOMCryptoContext context)
+ throws MarshalException
+ {
// create SignatureValue element
- sigValueElem = DOMUtils.createElement
- (ownerDoc, "SignatureValue", XMLSignature.XMLNS, dsPrefix);
+ sigValueElem = DOMUtils.createElement(ownerDoc, "SignatureValue",
+ XMLSignature.XMLNS, dsPrefix);
if (valueBase64 != null) {
sigValueElem.appendChild(ownerDoc.createTextNode(valueBase64));
}