diff -r 2d131cf5db63 -r f47b920867e7 jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java --- a/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Thu Jun 20 18:53:57 2013 +0100 +++ b/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Fri Jul 05 15:54:42 2013 -0400 @@ -2,21 +2,23 @@ * reserved comment block * DO NOT REMOVE OR ALTER! */ -/* - * Copyright 2005 The Apache Software Foundation. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. */ /* * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. @@ -29,7 +31,7 @@ * =========================================================================== */ /* - * $Id: DOMXMLSignature.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + * $Id: DOMXMLSignature.java 1333415 2012-05-03 12:03:51Z coheigea $ */ package org.jcp.xml.dsig.internal.dom; @@ -40,7 +42,6 @@ import javax.xml.crypto.dsig.dom.DOMValidateContext; import javax.xml.crypto.dsig.keyinfo.KeyInfo; -import java.io.*; import java.security.InvalidKeyException; import java.security.Key; import java.security.Provider; @@ -48,8 +49,7 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.List; -import java.util.logging.Level; -import java.util.logging.Logger; + import org.w3c.dom.Attr; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -67,11 +67,12 @@ public final class DOMXMLSignature extends DOMStructure implements XMLSignature { - private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom"); + private static java.util.logging.Logger log = + java.util.logging.Logger.getLogger("org.jcp.xml.dsig.internal.dom"); private String id; private SignatureValue sv; private KeyInfo ki; - private List objects; + private List objects; private SignedInfo si; private Document ownerDoc = null; private Element localSigElem = null; @@ -79,7 +80,7 @@ private boolean validationStatus; private boolean validated = false; private KeySelectorResult ksr; - private HashMap signatureIdMap; + private HashMap signatureIdMap; static { com.sun.org.apache.xml.internal.security.Init.init(); @@ -98,8 +99,9 @@ * omit) * @throws NullPointerException if si is null */ - public DOMXMLSignature(SignedInfo si, KeyInfo ki, List objs, String id, - String signatureValueId) + public DOMXMLSignature(SignedInfo si, KeyInfo ki, + List objs, + String id, String signatureValueId) { if (si == null) { throw new NullPointerException("signedInfo cannot be null"); @@ -108,16 +110,16 @@ this.id = id; this.sv = new DOMSignatureValue(signatureValueId); if (objs == null) { - this.objects = Collections.EMPTY_LIST; + this.objects = Collections.emptyList(); } else { - List objsCopy = new ArrayList(objs); - for (int i = 0, size = objsCopy.size(); i < size; i++) { - if (!(objsCopy.get(i) instanceof XMLObject)) { + this.objects = + Collections.unmodifiableList(new ArrayList(objs)); + for (int i = 0, size = this.objects.size(); i < size; i++) { + if (!(this.objects.get(i) instanceof XMLObject)) { throw new ClassCastException ("objs["+i+"] is not an XMLObject"); } } - this.objects = Collections.unmodifiableList(objsCopy); } this.ki = ki; } @@ -129,7 +131,9 @@ * @throws MarshalException if XMLSignature cannot be unmarshalled */ public DOMXMLSignature(Element sigElem, XMLCryptoContext context, - Provider provider) throws MarshalException { + Provider provider) + throws MarshalException + { localSigElem = sigElem; ownerDoc = localSigElem.getOwnerDocument(); @@ -142,7 +146,7 @@ // unmarshal SignatureValue Element sigValElem = DOMUtils.getNextSiblingElement(siElem); - sv = new DOMSignatureValue(sigValElem); + sv = new DOMSignatureValue(sigValElem, context); // unmarshal KeyInfo, if specified Element nextSibling = DOMUtils.getNextSiblingElement(sigValElem); @@ -153,12 +157,12 @@ // unmarshal Objects, if specified if (nextSibling == null) { - objects = Collections.EMPTY_LIST; + objects = Collections.emptyList(); } else { - List tempObjects = new ArrayList(); + List tempObjects = new ArrayList(); while (nextSibling != null) { - tempObjects.add - (new DOMXMLObject(nextSibling, context, provider)); + tempObjects.add(new DOMXMLObject(nextSibling, + context, provider)); nextSibling = DOMUtils.getNextSiblingElement(nextSibling); } objects = Collections.unmodifiableList(tempObjects); @@ -190,41 +194,42 @@ } public void marshal(Node parent, String dsPrefix, DOMCryptoContext context) - throws MarshalException { + throws MarshalException + { marshal(parent, null, dsPrefix, context); } public void marshal(Node parent, Node nextSibling, String dsPrefix, - DOMCryptoContext context) throws MarshalException { + DOMCryptoContext context) + throws MarshalException + { ownerDoc = DOMUtils.getOwnerDocument(parent); - - sigElem = DOMUtils.createElement - (ownerDoc, "Signature", XMLSignature.XMLNS, dsPrefix); + sigElem = DOMUtils.createElement(ownerDoc, "Signature", + XMLSignature.XMLNS, dsPrefix); // append xmlns attribute if (dsPrefix == null || dsPrefix.length() == 0) { - sigElem.setAttributeNS - ("http://www.w3.org/2000/xmlns/", "xmlns", XMLSignature.XMLNS); + sigElem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", + XMLSignature.XMLNS); } else { - sigElem.setAttributeNS - ("http://www.w3.org/2000/xmlns/", "xmlns:" + dsPrefix, - XMLSignature.XMLNS); + sigElem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:" + + dsPrefix, XMLSignature.XMLNS); } // create and append SignedInfo element - ((DOMSignedInfo) si).marshal(sigElem, dsPrefix, context); + ((DOMSignedInfo)si).marshal(sigElem, dsPrefix, context); // create and append SignatureValue element - ((DOMSignatureValue) sv).marshal(sigElem, dsPrefix, context); + ((DOMSignatureValue)sv).marshal(sigElem, dsPrefix, context); // create and append KeyInfo element if necessary if (ki != null) { - ((DOMKeyInfo) ki).marshal(sigElem, null, dsPrefix, context); + ((DOMKeyInfo)ki).marshal(sigElem, null, dsPrefix, context); } // create and append Object elements if necessary for (int i = 0, size = objects.size(); i < size; i++) { - ((DOMXMLObject) objects.get(i)).marshal(sigElem, dsPrefix, context); + ((DOMXMLObject)objects.get(i)).marshal(sigElem, dsPrefix, context); } // append Id attribute @@ -234,8 +239,8 @@ } public boolean validate(XMLValidateContext vc) - throws XMLSignatureException { - + throws XMLSignatureException + { if (vc == null) { throw new NullPointerException("validateContext is null"); } @@ -258,20 +263,20 @@ } // validate all References - List refs = this.si.getReferences(); + @SuppressWarnings("unchecked") + List refs = this.si.getReferences(); boolean validateRefs = true; for (int i = 0, size = refs.size(); validateRefs && i < size; i++) { - Reference ref = (Reference) refs.get(i); + Reference ref = refs.get(i); boolean refValid = ref.validate(vc); - if (log.isLoggable(Level.FINE)) { - log.log(Level.FINE, "Reference[" + ref.getURI() + "] is valid: " - + refValid); + if (log.isLoggable(java.util.logging.Level.FINE)) { + log.log(java.util.logging.Level.FINE, "Reference[" + ref.getURI() + "] is valid: " + refValid); } validateRefs &= refValid; } if (!validateRefs) { - if (log.isLoggable(Level.FINE)) { - log.log(Level.FINE, "Couldn't validate the References"); + if (log.isLoggable(java.util.logging.Level.FINE)) { + log.log(java.util.logging.Level.FINE, "Couldn't validate the References"); } validationStatus = false; validated = true; @@ -281,27 +286,30 @@ // validate Manifests, if property set boolean validateMans = true; if (Boolean.TRUE.equals(vc.getProperty - ("org.jcp.xml.dsig.validateManifests"))) { - + ("org.jcp.xml.dsig.validateManifests"))) + { for (int i=0, size=objects.size(); validateMans && i < size; i++) { - XMLObject xo = (XMLObject) objects.get(i); - List content = xo.getContent(); + XMLObject xo = objects.get(i); + @SuppressWarnings("unchecked") + List content = xo.getContent(); int csize = content.size(); for (int j = 0; validateMans && j < csize; j++) { - XMLStructure xs = (XMLStructure) content.get(j); + XMLStructure xs = content.get(j); if (xs instanceof Manifest) { - if (log.isLoggable(Level.FINE)) { - log.log(Level.FINE, "validating manifest"); + if (log.isLoggable(java.util.logging.Level.FINE)) { + log.log(java.util.logging.Level.FINE, "validating manifest"); } - Manifest man = (Manifest) xs; - List manRefs = man.getReferences(); + Manifest man = (Manifest)xs; + @SuppressWarnings("unchecked") + List manRefs = man.getReferences(); int rsize = manRefs.size(); for (int k = 0; validateMans && k < rsize; k++) { - Reference ref = (Reference) manRefs.get(k); + Reference ref = manRefs.get(k); boolean refValid = ref.validate(vc); - if (log.isLoggable(Level.FINE)) { - log.log(Level.FINE, "Manifest ref[" - + ref.getURI() + "] is valid: " + refValid); + if (log.isLoggable(java.util.logging.Level.FINE)) { + log.log(java.util.logging.Level.FINE, + "Manifest ref[" + ref.getURI() + "] is valid: " + refValid + ); } validateMans &= refValid; } @@ -316,41 +324,39 @@ } public void sign(XMLSignContext signContext) - throws MarshalException, XMLSignatureException { + throws MarshalException, XMLSignatureException + { if (signContext == null) { throw new NullPointerException("signContext cannot be null"); } - DOMSignContext context = (DOMSignContext) signContext; - if (context != null) { - marshal(context.getParent(), context.getNextSibling(), + DOMSignContext context = (DOMSignContext)signContext; + marshal(context.getParent(), context.getNextSibling(), DOMUtils.getSignaturePrefix(context), context); - } // generate references and signature value - List allReferences = new ArrayList(); + List allReferences = new ArrayList(); // traverse the Signature and register all objects with IDs that // may contain References - signatureIdMap = new HashMap(); + signatureIdMap = new HashMap(); signatureIdMap.put(id, this); signatureIdMap.put(si.getId(), si); - List refs = si.getReferences(); - for (int i = 0, size = refs.size(); i < size; i++) { - Reference ref = (Reference) refs.get(i); + @SuppressWarnings("unchecked") + List refs = si.getReferences(); + for (Reference ref : refs) { signatureIdMap.put(ref.getId(), ref); } - for (int i = 0, size = objects.size(); i < size; i++) { - XMLObject obj = (XMLObject) objects.get(i); + for (XMLObject obj : objects) { signatureIdMap.put(obj.getId(), obj); - List content = obj.getContent(); - for (int j = 0, csize = content.size(); j < csize; j++) { - XMLStructure xs = (XMLStructure) content.get(j); + @SuppressWarnings("unchecked") + List content = obj.getContent(); + for (XMLStructure xs : content) { if (xs instanceof Manifest) { - Manifest man = (Manifest) xs; + Manifest man = (Manifest)xs; signatureIdMap.put(man.getId(), man); - List manRefs = man.getReferences(); - for (int k = 0, msize = manRefs.size(); k < msize; k++) { - Reference ref = (Reference) manRefs.get(k); + @SuppressWarnings("unchecked") + List manRefs = man.getReferences(); + for (Reference ref : manRefs) { allReferences.add(ref); signatureIdMap.put(ref.getId(), ref); } @@ -359,56 +365,51 @@ } // always add SignedInfo references after Manifest references so // that Manifest reference are digested first - allReferences.addAll(si.getReferences()); + allReferences.addAll(refs); // generate/digest each reference - for (int i = 0, size = allReferences.size(); i < size; i++) { - DOMReference ref = (DOMReference) allReferences.get(i); - digestReference(ref, signContext); + for (Reference ref : allReferences) { + digestReference((DOMReference)ref, signContext); } // do final sweep to digest any references that were skipped or missed - for (int i = 0, size = allReferences.size(); i < size; i++) { - DOMReference ref = (DOMReference) allReferences.get(i); - if (ref.isDigested()) { + for (Reference ref : allReferences) { + if (((DOMReference)ref).isDigested()) { continue; } - ref.digest(signContext); + ((DOMReference)ref).digest(signContext); } Key signingKey = null; KeySelectorResult ksr = null; try { - ksr = signContext.getKeySelector().select - (ki, KeySelector.Purpose.SIGN, - si.getSignatureMethod(), signContext); + ksr = signContext.getKeySelector().select(ki, + KeySelector.Purpose.SIGN, + si.getSignatureMethod(), + signContext); signingKey = ksr.getKey(); if (signingKey == null) { throw new XMLSignatureException("the keySelector did not " + - "find a signing key"); + "find a signing key"); } } catch (KeySelectorException kse) { throw new XMLSignatureException("cannot find signing key", kse); } // calculate signature value - byte[] val = null; try { - val = ((DOMSignatureMethod) si.getSignatureMethod()).sign - (signingKey, (DOMSignedInfo) si, signContext); + byte[] val = ((AbstractDOMSignatureMethod) + si.getSignatureMethod()).sign(signingKey, si, signContext); + ((DOMSignatureValue)sv).setValue(val); } catch (InvalidKeyException ike) { throw new XMLSignatureException(ike); } - if (log.isLoggable(Level.FINE)) { - log.log(Level.FINE, "SignatureValue = " + val); - } - ((DOMSignatureValue) sv).setValue(val); - this.localSigElem = sigElem; this.ksr = ksr; } + @Override public boolean equals(Object o) { if (this == o) { return true; @@ -417,22 +418,39 @@ if (!(o instanceof XMLSignature)) { return false; } - XMLSignature osig = (XMLSignature) o; + XMLSignature osig = (XMLSignature)o; boolean idEqual = (id == null ? osig.getId() == null : id.equals(osig.getId())); boolean keyInfoEqual = - (ki == null ? osig.getKeyInfo() == null : - ki.equals(osig.getKeyInfo())); + (ki == null ? osig.getKeyInfo() == null + : ki.equals(osig.getKeyInfo())); return (idEqual && keyInfoEqual && - sv.equals(osig.getSignatureValue()) && - si.equals(osig.getSignedInfo()) && - objects.equals(osig.getObjects())); + sv.equals(osig.getSignatureValue()) && + si.equals(osig.getSignedInfo()) && + objects.equals(osig.getObjects())); + } + + @Override + public int hashCode() { + int result = 17; + if (id != null) { + result = 31 * result + id.hashCode(); + } + if (ki != null) { + result = 31 * result + ki.hashCode(); + } + result = 31 * result + sv.hashCode(); + result = 31 * result + si.hashCode(); + result = 31 * result + objects.hashCode(); + + return result; } private void digestReference(DOMReference ref, XMLSignContext signContext) - throws XMLSignatureException { + throws XMLSignatureException + { if (ref.isDigested()) { return; } @@ -441,15 +459,15 @@ if (Utils.sameDocumentURI(uri)) { String id = Utils.parseIdFromSameDocumentURI(uri); if (id != null && signatureIdMap.containsKey(id)) { - Object obj = signatureIdMap.get(id); - if (obj instanceof DOMReference) { - digestReference((DOMReference) obj, signContext); - } else if (obj instanceof Manifest) { - Manifest man = (Manifest) obj; + XMLStructure xs = signatureIdMap.get(id); + if (xs instanceof DOMReference) { + digestReference((DOMReference)xs, signContext); + } else if (xs instanceof Manifest) { + Manifest man = (Manifest)xs; List manRefs = man.getReferences(); for (int i = 0, size = manRefs.size(); i < size; i++) { - digestReference - ((DOMReference) manRefs.get(i), signContext); + digestReference((DOMReference)manRefs.get(i), + signContext); } } } @@ -457,9 +475,9 @@ // reference dependencies in the XPath Transform - so be on // the safe side, and skip and do at end in the final sweep if (uri.length() == 0) { - List transforms = ref.getTransforms(); - for (int i = 0, size = transforms.size(); i < size; i++) { - Transform transform = (Transform) transforms.get(i); + @SuppressWarnings("unchecked") + List transforms = ref.getTransforms(); + for (Transform transform : transforms) { String transformAlg = transform.getAlgorithm(); if (transformAlg.equals(Transform.XPATH) || transformAlg.equals(Transform.XPATH2)) { @@ -472,8 +490,8 @@ } public class DOMSignatureValue extends DOMStructure - implements SignatureValue { - + implements SignatureValue + { private String id; private byte[] value; private String valueBase64; @@ -485,7 +503,9 @@ this.id = id; } - DOMSignatureValue(Element sigValueElem) throws MarshalException { + DOMSignatureValue(Element sigValueElem, XMLCryptoContext context) + throws MarshalException + { try { // base64 decode signatureValue value = Base64.decode(sigValueElem); @@ -508,12 +528,12 @@ } public byte[] getValue() { - return (value == null) ? null : (byte[]) value.clone(); + return (value == null) ? null : (byte[])value.clone(); } public boolean validate(XMLValidateContext validateContext) - throws XMLSignatureException { - + throws XMLSignatureException + { if (validateContext == null) { throw new NullPointerException("context cannot be null"); } @@ -531,18 +551,18 @@ (ki, KeySelector.Purpose.VERIFY, sm, validateContext); validationKey = ksResult.getKey(); if (validationKey == null) { - throw new XMLSignatureException("the keyselector did " + - "not find a validation key"); + throw new XMLSignatureException("the keyselector did not " + + "find a validation key"); } } catch (KeySelectorException kse) { throw new XMLSignatureException("cannot find validation " + - "key", kse); + "key", kse); } // canonicalize SignedInfo and verify signature try { - validationStatus = ((DOMSignatureMethod) sm).verify - (validationKey, (DOMSignedInfo) si, value, validateContext); + validationStatus = ((AbstractDOMSignatureMethod)sm).verify + (validationKey, si, value, validateContext); } catch (Exception e) { throw new XMLSignatureException(e); } @@ -552,6 +572,7 @@ return validationStatus; } + @Override public boolean equals(Object o) { if (this == o) { return true; @@ -560,7 +581,7 @@ if (!(o instanceof SignatureValue)) { return false; } - SignatureValue osv = (SignatureValue) o; + SignatureValue osv = (SignatureValue)o; boolean idEqual = (id == null ? osv.getId() == null : id.equals(osv.getId())); @@ -569,12 +590,23 @@ return idEqual; } - public void marshal(Node parent, String dsPrefix, - DOMCryptoContext context) throws MarshalException { + @Override + public int hashCode() { + int result = 17; + if (id != null) { + result = 31 * result + id.hashCode(); + } + return result; + } + + public void marshal(Node parent, String dsPrefix, + DOMCryptoContext context) + throws MarshalException + { // create SignatureValue element - sigValueElem = DOMUtils.createElement - (ownerDoc, "SignatureValue", XMLSignature.XMLNS, dsPrefix); + sigValueElem = DOMUtils.createElement(ownerDoc, "SignatureValue", + XMLSignature.XMLNS, dsPrefix); if (valueBase64 != null) { sigValueElem.appendChild(ownerDoc.createTextNode(valueBase64)); }