8219013: Update Apache Santuario (XML Signature) to version 2.1.3
Reviewed-by: mullan
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java Tue May 07 10:21:04 2019 +0800
@@ -40,6 +40,7 @@
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import org.w3c.dom.Text;
public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
@@ -325,12 +326,13 @@
throw new IllegalArgumentException("element null");
}
- Text hmaclength =
- XMLUtils.selectDsNodeText(element.getFirstChild(), Constants._TAG_HMACOUTPUTLENGTH, 0);
-
- if (hmaclength != null) {
- this.HMACOutputLength = Integer.parseInt(hmaclength.getData());
- this.HMACOutputLengthSet = true;
+ Node n = XMLUtils.selectDsNode(element.getFirstChild(), Constants._TAG_HMACOUTPUTLENGTH, 0);
+ if (n != null) {
+ String hmacLength = XMLUtils.getFullTextChildrenFromNode(n);
+ if (hmacLength != null && !"".equals(hmacLength)) {
+ this.HMACOutputLength = Integer.parseInt(hmacLength);
+ this.HMACOutputLengthSet = true;
+ }
}
}
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java Tue May 07 10:21:04 2019 +0800
@@ -33,7 +33,6 @@
import java.security.SignatureException;
import java.security.interfaces.DSAKey;
import java.security.spec.AlgorithmParameterSpec;
-import java.util.Base64;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
@@ -41,6 +40,7 @@
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
public class SignatureDSA extends SignatureAlgorithmSpi {
@@ -109,7 +109,7 @@
throws XMLSignatureException {
try {
if (LOG.isDebugEnabled()) {
- LOG.debug("Called DSA.verify() on " + Base64.getMimeEncoder().encodeToString(signature));
+ LOG.debug("Called DSA.verify() on " + XMLUtils.encodeToString(signature));
}
byte[] jcebytes = JavaUtils.convertDsaXMLDSIGtoASN1(signature,
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java Tue May 07 10:21:04 2019 +0800
@@ -33,12 +33,12 @@
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
-import java.util.Base64;
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
/**
*
@@ -132,7 +132,7 @@
byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature);
if (LOG.isDebugEnabled()) {
- LOG.debug("Called ECDSA.verify() on " + Base64.getMimeEncoder().encodeToString(signature));
+ LOG.debug("Called ECDSA.verify() on " + XMLUtils.encodeToString(signature));
}
return this.signatureAlgorithm.verify(jcebytes);
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java Tue May 07 10:21:04 2019 +0800
@@ -331,7 +331,7 @@
ns.addMapping(NName, NValue, attribute);
}
} else if (XML_LANG_URI.equals(attribute.getNamespaceURI())
- && (!c14n11 || c14n11 && !"id".equals(NName))) {
+ && (!c14n11 || !"id".equals(NName))) {
xmlattrStack.addXmlnsAttr(attribute);
}
}
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java Tue May 07 10:21:04 2019 +0800
@@ -342,7 +342,7 @@
protected void circumventBugIfNeeded(XMLSignatureInput input)
throws CanonicalizationException, ParserConfigurationException,
IOException, SAXException {
- if (!input.isNeedsToBeExpanded() || inclusiveNSSet.isEmpty() || inclusiveNSSet.isEmpty()) {
+ if (!input.isNeedsToBeExpanded() || inclusiveNSSet.isEmpty()) {
return;
}
Document doc = null;
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java Tue May 07 10:21:04 2019 +0800
@@ -50,7 +50,6 @@
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy;
-import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Attr;
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java Tue May 07 10:21:04 2019 +0800
@@ -26,6 +26,7 @@
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.DSAKeyValue;
+import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.ECKeyValue;
import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.RSAKeyValue;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
@@ -107,9 +108,14 @@
appendSelf(rsa);
addReturnToSelf();
+ } else if (pk instanceof java.security.interfaces.ECPublicKey) {
+ ECKeyValue ec = new ECKeyValue(getDocument(), pk);
+
+ appendSelf(ec);
+ addReturnToSelf();
} else {
String error = "The given PublicKey type " + pk + " is not supported. Only DSAPublicKey and "
- + "RSAPublicKey types are currently supported";
+ + "RSAPublicKey and ECPublicKey types are currently supported";
throw new IllegalArgumentException(error);
}
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/ECKeyValue.java Tue May 07 10:21:04 2019 +0800
@@ -0,0 +1,366 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.keys.content.keyvalues;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.ECField;
+import java.security.spec.ECFieldFp;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPoint;
+import java.security.spec.ECPublicKeySpec;
+import java.security.spec.EllipticCurve;
+import java.security.spec.InvalidKeySpecException;
+import java.util.Arrays;
+
+import javax.xml.crypto.MarshalException;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.Text;
+
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.I18n;
+import com.sun.org.apache.xml.internal.security.utils.Signature11ElementProxy;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
+
+public class ECKeyValue extends Signature11ElementProxy implements KeyValueContent {
+
+ /* Supported curve, secp256r1 */
+ private static final Curve SECP256R1 = initializeCurve(
+ "secp256r1 [NIST P-256, X9.62 prime256v1]",
+ "1.2.840.10045.3.1.7",
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
+ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
+ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
+ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
+ 1
+ );
+
+ /* Supported curve secp384r1 */
+ private static final Curve SECP384R1 = initializeCurve(
+ "secp384r1 [NIST P-384]",
+ "1.3.132.0.34",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
+ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
+ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
+ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
+ 1
+ );
+
+ /* Supported curve secp521r1 */
+ private static final Curve SECP521R1 = initializeCurve(
+ "secp521r1 [NIST P-521]",
+ "1.3.132.0.35",
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
+ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
+ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
+ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
+ 1
+ );
+
+ private static Curve initializeCurve(String name, String oid,
+ String sfield, String a, String b,
+ String x, String y, String n, int h) {
+ BigInteger p = bigInt(sfield);
+ ECField field = new ECFieldFp(p);
+ EllipticCurve curve = new EllipticCurve(field, bigInt(a),
+ bigInt(b));
+ ECPoint g = new ECPoint(bigInt(x), bigInt(y));
+ return new Curve(name, oid, curve, g, bigInt(n), h);
+ }
+
+
+ /**
+ * Constructor DSAKeyValue
+ *
+ * @param element
+ * @param baseURI
+ * @throws XMLSecurityException
+ */
+ public ECKeyValue(Element element, String baseURI) throws XMLSecurityException {
+ super(element, baseURI);
+ }
+
+ /**
+ * Constructor DSAKeyValue
+ *
+ * @param doc
+ * @param key
+ * @throws IllegalArgumentException
+ */
+ public ECKeyValue(Document doc, Key key) throws IllegalArgumentException {
+ super(doc);
+
+ addReturnToSelf();
+
+ if (key instanceof ECPublicKey) {
+ ECParameterSpec ecParams = ((ECPublicKey)key).getParams();
+
+ // NamedCurve
+ String oid = getCurveOid(ecParams);
+ if (oid == null) {
+ throw new IllegalArgumentException("Invalid ECParameterSpec");
+ }
+
+ Element namedCurveElement = XMLUtils.createElementInSignature11Space(getDocument(), "NamedCurve");
+ namedCurveElement.setAttributeNS(null, "URI", "urn:oid:" + oid);
+ appendSelf(namedCurveElement);
+ addReturnToSelf();
+
+ // PublicKey
+ ECPoint ecPoint = ((ECPublicKey)key).getW();
+ byte[] secPublicKey = encodePoint(ecPoint, ecParams.getCurve());
+ String encoded = XMLUtils.encodeToString(secPublicKey);
+ Element publicKeyElement = XMLUtils.createElementInSignature11Space(getDocument(), "PublicKey");
+ Text text = getDocument().createTextNode(encoded);
+
+ publicKeyElement.appendChild(text);
+
+ appendSelf(publicKeyElement);
+ addReturnToSelf();
+
+ } else {
+ Object[] exArgs = { Constants._TAG_ECKEYVALUE, key.getClass().getName() };
+
+ throw new IllegalArgumentException(I18n.translate("KeyValue.IllegalArgument", exArgs));
+ }
+ }
+
+ /** {@inheritDoc} */
+ public PublicKey getPublicKey() throws XMLSecurityException {
+ try {
+ ECParameterSpec ecParams = null;
+ Element curElem = getFirstChildElement(getElement());
+ if (curElem == null) {
+ throw new MarshalException("KeyValue must contain at least one type");
+ }
+
+ if ("ECParameters".equals(curElem.getLocalName())
+ && Constants.SignatureSpec11NS.equals(curElem.getNamespaceURI())) {
+ throw new UnsupportedOperationException
+ ("ECParameters not supported");
+ } else if ("NamedCurve".equals(curElem.getLocalName())
+ && Constants.SignatureSpec11NS.equals(curElem.getNamespaceURI())) {
+ String uri = null;
+ if (curElem.hasAttributeNS(null, "URI")) {
+ uri = curElem.getAttributeNS(null, "URI");
+ }
+ // strip off "urn:oid"
+ if (uri.startsWith("urn:oid:")) {
+ String oid = uri.substring("urn:oid:".length());
+ ecParams = getECParameterSpec(oid);
+ if (ecParams == null) {
+ throw new MarshalException("Invalid curve OID");
+ }
+ } else {
+ throw new MarshalException("Invalid NamedCurve URI");
+ }
+ } else {
+ throw new MarshalException("Invalid ECKeyValue");
+ }
+ curElem = getNextSiblingElement(curElem, "PublicKey", Constants.SignatureSpec11NS);
+ ECPoint ecPoint = null;
+
+ try {
+ String content = XMLUtils.getFullTextChildrenFromNode(curElem);
+ ecPoint = decodePoint(XMLUtils.decode(content), ecParams.getCurve());
+ } catch (IOException ioe) {
+ throw new MarshalException("Invalid EC Point", ioe);
+ }
+
+ ECPublicKeySpec spec = new ECPublicKeySpec(ecPoint, ecParams);
+ return KeyFactory.getInstance("EC").generatePublic(spec);
+ } catch (NoSuchAlgorithmException ex) {
+ throw new XMLSecurityException(ex);
+ } catch (InvalidKeySpecException ex) {
+ throw new XMLSecurityException(ex);
+ } catch (MarshalException ex) {
+ throw new XMLSecurityException(ex);
+ }
+ }
+
+ /** {@inheritDoc} */
+ public String getBaseLocalName() {
+ return Constants._TAG_ECKEYVALUE;
+ }
+
+ private static Element getFirstChildElement(Node node) {
+ Node child = node.getFirstChild();
+ while (child != null && child.getNodeType() != Node.ELEMENT_NODE) {
+ child = child.getNextSibling();
+ }
+ return (Element)child;
+ }
+
+ private static Element getNextSiblingElement(Node node, String localName, String namespaceURI)
+ throws MarshalException
+ {
+ return verifyElement(getNextSiblingElement(node), localName, namespaceURI);
+ }
+
+ private static Element getNextSiblingElement(Node node) {
+ Node sibling = node.getNextSibling();
+ while (sibling != null && sibling.getNodeType() != Node.ELEMENT_NODE) {
+ sibling = sibling.getNextSibling();
+ }
+ return (Element)sibling;
+ }
+
+ private static Element verifyElement(Element elem, String localName, String namespaceURI)
+ throws MarshalException
+ {
+ if (elem == null) {
+ throw new MarshalException("Missing " + localName + " element");
+ }
+ String name = elem.getLocalName();
+ String namespace = elem.getNamespaceURI();
+ if (!name.equals(localName) || namespace == null && namespaceURI != null
+ || namespace != null && !namespace.equals(namespaceURI)) {
+ throw new MarshalException("Invalid element name: " +
+ namespace + ":" + name + ", expected " + namespaceURI + ":" + localName);
+ }
+ return elem;
+ }
+
+ private static String getCurveOid(ECParameterSpec params) {
+ // Check that the params represent one of the supported
+ // curves. If there is a match, return the object identifier
+ // of the curve.
+ Curve match;
+ if (matchCurve(params, SECP256R1)) {
+ match = SECP256R1;
+ } else if (matchCurve(params, SECP384R1)) {
+ match = SECP384R1;
+ } else if (matchCurve(params, SECP521R1)) {
+ match = SECP521R1;
+ } else {
+ return null;
+ }
+ return match.getObjectId();
+ }
+
+ private static boolean matchCurve(ECParameterSpec params, Curve curve) {
+ int fieldSize = params.getCurve().getField().getFieldSize();
+ return curve.getCurve().getField().getFieldSize() == fieldSize
+ && curve.getCurve().equals(params.getCurve())
+ && curve.getGenerator().equals(params.getGenerator())
+ && curve.getOrder().equals(params.getOrder())
+ && curve.getCofactor() == params.getCofactor();
+ }
+
+ private static ECPoint decodePoint(byte[] data, EllipticCurve curve)
+ throws IOException {
+ if (data.length == 0 || data[0] != 4) {
+ throw new IOException("Only uncompressed point format " +
+ "supported");
+ }
+ // Per ANSI X9.62, an encoded point is a 1 byte type followed by
+ // ceiling(LOG base 2 field-size / 8) bytes of x and the same of y.
+ int n = (data.length - 1) / 2;
+ if (n != (curve.getField().getFieldSize() + 7) >> 3) {
+ throw new IOException("Point does not match field size");
+ }
+
+ byte[] xb = Arrays.copyOfRange(data, 1, 1 + n);
+ byte[] yb = Arrays.copyOfRange(data, n + 1, n + 1 + n);
+
+ return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb));
+ }
+
+ private static byte[] encodePoint(ECPoint point, EllipticCurve curve) {
+ // get field size in bytes (rounding up)
+ int n = (curve.getField().getFieldSize() + 7) >> 3;
+ byte[] xb = trimZeroes(point.getAffineX().toByteArray());
+ byte[] yb = trimZeroes(point.getAffineY().toByteArray());
+ if (xb.length > n || yb.length > n) {
+ throw new RuntimeException("Point coordinates do not " +
+ "match field size");
+ }
+ byte[] b = new byte[1 + (n << 1)];
+ b[0] = 4; // uncompressed
+ System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length);
+ System.arraycopy(yb, 0, b, b.length - yb.length, yb.length);
+ return b;
+ }
+
+ private static byte[] trimZeroes(byte[] b) {
+ int i = 0;
+ while (i < b.length - 1 && b[i] == 0) {
+ i++;
+ }
+ if (i == 0) {
+ return b;
+ }
+ return Arrays.copyOfRange(b, i, b.length);
+ }
+
+ private static ECParameterSpec getECParameterSpec(String oid) {
+ if (oid.equals(SECP256R1.getObjectId())) {
+ return SECP256R1;
+ } else if (oid.equals(SECP384R1.getObjectId())) {
+ return SECP384R1;
+ } else if (oid.equals(SECP521R1.getObjectId())) {
+ return SECP521R1;
+ } else {
+ return null;
+ }
+ }
+
+ static final class Curve extends ECParameterSpec {
+ private final String name;
+ private final String oid;
+
+ Curve(String name, String oid, EllipticCurve curve,
+ ECPoint g, BigInteger n, int h) {
+ super(curve, g, n, h);
+ this.name = name;
+ this.oid = oid;
+ }
+
+ private String getName() {
+ return name;
+ }
+
+ private String getObjectId() {
+ return oid;
+ }
+ }
+
+ private static BigInteger bigInt(String s) {
+ return new BigInteger(s, 16);
+ }
+}
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java Tue May 07 10:21:04 2019 +0800
@@ -24,18 +24,18 @@
import java.security.cert.X509Certificate;
import java.util.Arrays;
-import java.util.Base64;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
* Handles SubjectKeyIdentifier (SKI) for X.509v3.
*
- * @see <A HREF="http://docs.oracle.com/javase/1.5.0/docs/api/java/security/cert/X509Extension.html">
+ * @see <A HREF="http://docs.oracle.com/javase/8/docs/api/java/security/cert/X509Extension.html">
* Interface X509Extension</A>
*/
public class XMLX509SKI extends SignatureElementProxy implements XMLX509DataContent {
@@ -138,7 +138,7 @@
System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);
if (LOG.isDebugEnabled()) {
- LOG.debug("Base64 of SKI is " + Base64.getMimeEncoder().encodeToString(skidValue));
+ LOG.debug("Base64 of SKI is " + XMLUtils.encodeToString(skidValue));
}
return skidValue;
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java Tue May 07 10:21:04 2019 +0800
@@ -33,6 +33,7 @@
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.DEREncodedKeyValueResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.DSAKeyValueResolver;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.ECKeyValueResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.KeyInfoReferenceResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RSAKeyValueResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RetrievalMethodResolver;
@@ -295,6 +296,7 @@
keyResolverList.add(new KeyResolver(new DEREncodedKeyValueResolver()));
keyResolverList.add(new KeyResolver(new KeyInfoReferenceResolver()));
keyResolverList.add(new KeyResolver(new X509DigestResolver()));
+ keyResolverList.add(new KeyResolver(new ECKeyValueResolver()));
resolverVector.addAll(keyResolverList);
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/ECKeyValueResolver.java Tue May 07 10:21:04 2019 +0800
@@ -0,0 +1,97 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
+
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
+import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.ECKeyValue;
+import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
+import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
+import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
+import org.w3c.dom.Element;
+
+public class ECKeyValueResolver extends KeyResolverSpi {
+
+ private static final com.sun.org.slf4j.internal.Logger LOG =
+ com.sun.org.slf4j.internal.LoggerFactory.getLogger(ECKeyValueResolver.class);
+
+
+ /**
+ * Method engineResolvePublicKey
+ *
+ * @param element
+ * @param baseURI
+ * @param storage
+ * @return null if no {@link PublicKey} could be obtained
+ */
+ public PublicKey engineLookupAndResolvePublicKey(
+ Element element, String baseURI, StorageResolver storage
+ ) {
+ if (element == null) {
+ return null;
+ }
+ Element ecKeyElement = null;
+ boolean isKeyValue =
+ XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYVALUE);
+ if (isKeyValue) {
+ ecKeyElement =
+ XMLUtils.selectDs11Node(element.getFirstChild(), Constants._TAG_ECKEYVALUE, 0);
+ } else if (XMLUtils.elementIsInSignature11Space(element, Constants._TAG_ECKEYVALUE)) {
+ // this trick is needed to allow the RetrievalMethodResolver to eat a
+ // ds:ECKeyValue directly (without KeyValue)
+ ecKeyElement = element;
+ }
+
+ if (ecKeyElement == null) {
+ return null;
+ }
+
+ try {
+ ECKeyValue ecKeyValue = new ECKeyValue(ecKeyElement, baseURI);
+ return ecKeyValue.getPublicKey();
+ } catch (XMLSecurityException ex) {
+ LOG.debug(ex.getMessage(), ex);
+ //do nothing
+ }
+
+ return null;
+ }
+
+
+ /** {@inheritDoc} */
+ public X509Certificate engineLookupResolveX509Certificate(
+ Element element, String baseURI, StorageResolver storage
+ ) {
+ return null;
+ }
+
+ /** {@inheritDoc} */
+ public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
+ Element element, String baseURI, StorageResolver storage
+ ) {
+ return null;
+ }
+}
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java Tue May 07 10:21:04 2019 +0800
@@ -44,11 +44,12 @@
public PublicKey engineLookupAndResolvePublicKey(
Element element, String baseURI, StorageResolver storage
) {
- LOG.debug("Can I resolve {}", element.getTagName());
if (element == null) {
return null;
}
+ LOG.debug("Can I resolve {}", element.getTagName());
+
boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_KEYVALUE);
Element rsaKeyElement = null;
if (isKeyValue) {
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java Tue May 07 10:21:04 2019 +0800
@@ -35,12 +35,12 @@
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
-import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverException;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
/**
* This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s
@@ -207,7 +207,7 @@
System.out.println();
System.out.println("Base64(SKI())= \""
- + Base64.getMimeEncoder().encodeToString(ski) + "\"");
+ + XMLUtils.encodeToString(ski) + "\"");
System.out.println("cert.getSerialNumber()= \""
+ cert.getSerialNumber().toString() + "\"");
System.out.println("cert.getSubjectX500Principal().getName()= \""
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml Tue May 07 10:21:04 2019 +0800
@@ -643,6 +643,8 @@
DESCRIPTION="Uses an X509 SubjectName to retrieve a certificate from the storages" />
<Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509IssuerSerialResolver"
DESCRIPTION="Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the storages" />
+ <Resolver JAVACLASS="com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.ECKeyValueResolver"
+ DESCRIPTION="Can extract EC public keys" />
</KeyResolver>
<PrefixMappings>
@@ -665,5 +667,7 @@
prefix="ec" />
<PrefixMapping namespace="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"
prefix="xx" />
+ <PrefixMapping namespace="http://www.w3.org/2009/xmldsig11#"
+ prefix="dsig11" />
</PrefixMappings>
</Configuration>
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/Manifest.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/Manifest.java Tue May 07 10:21:04 2019 +0800
@@ -23,7 +23,10 @@
package com.sun.org.apache.xml.internal.security.signature;
import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -56,19 +59,24 @@
public class Manifest extends SignatureElementProxy {
/**
- * The maximum number of references per Manifest, if secure validation is enabled.
+ * The default maximum number of references per Manifest, if secure validation is enabled.
*/
public static final int MAXIMUM_REFERENCE_COUNT = 30;
private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(Manifest.class);
+ private static Integer referenceCount =
+ AccessController.doPrivileged(
+ (PrivilegedAction<Integer>) () -> Integer.parseInt(System.getProperty("com.sun.org.apache.xml.internal.security.maxReferences",
+ Integer.toString(MAXIMUM_REFERENCE_COUNT))));
+
/** Field references */
private List<Reference> references;
private Element[] referencesEl;
/** Field verificationResults[] */
- private boolean[] verificationResults;
+ private List<VerifiedReference> verificationResults;
/** Field resolverProperties */
private Map<String, String> resolverProperties;
@@ -135,8 +143,8 @@
I18n.translate("xml.WrongContent", exArgs));
}
- if (secureValidation && le > MAXIMUM_REFERENCE_COUNT) {
- Object exArgs[] = { le, MAXIMUM_REFERENCE_COUNT };
+ if (secureValidation && le > referenceCount) {
+ Object exArgs[] = { le, referenceCount };
throw new XMLSecurityException("signature.tooManyReferences", exArgs);
}
@@ -317,13 +325,13 @@
if (referencesEl.length == 0) {
throw new XMLSecurityException("empty", new Object[]{"References are empty"});
}
- if (secureValidation && referencesEl.length > MAXIMUM_REFERENCE_COUNT) {
- Object exArgs[] = { referencesEl.length, MAXIMUM_REFERENCE_COUNT };
+ if (secureValidation && referencesEl.length > referenceCount) {
+ Object exArgs[] = { referencesEl.length, referenceCount };
throw new XMLSecurityException("signature.tooManyReferences", exArgs);
}
- this.verificationResults = new boolean[referencesEl.length];
+ this.verificationResults = new ArrayList<>(referencesEl.length);
boolean verify = true;
for (int i = 0; i < this.referencesEl.length; i++) {
Reference currentRef =
@@ -335,13 +343,13 @@
try {
boolean currentRefVerified = currentRef.verify();
- this.setVerificationResult(i, currentRefVerified);
-
if (!currentRefVerified) {
verify = false;
}
LOG.debug("The Reference has Type {}", currentRef.getType());
+ List<VerifiedReference> manifestReferences = Collections.emptyList();
+
// was verification successful till now and do we want to verify the Manifest?
if (verify && followManifests && currentRef.typeIsReferenceToManifest()) {
LOG.debug("We have to follow a nested Manifest");
@@ -393,6 +401,8 @@
} else {
LOG.debug("The nested Manifest was valid (good)");
}
+
+ manifestReferences = referencedManifest.getVerificationResults();
} catch (IOException ex) {
throw new ReferenceNotInitializedException(ex);
} catch (ParserConfigurationException ex) {
@@ -401,6 +411,8 @@
throw new ReferenceNotInitializedException(ex);
}
}
+
+ verificationResults.add(new VerifiedReference(currentRefVerified, currentRef.getURI(), manifestReferences));
} catch (ReferenceNotInitializedException ex) {
Object exArgs[] = { currentRef.getURI() };
@@ -414,20 +426,6 @@
}
/**
- * Method setVerificationResult
- *
- * @param index
- * @param verify
- */
- private void setVerificationResult(int index, boolean verify) {
- if (this.verificationResults == null) {
- this.verificationResults = new boolean[this.getLength()];
- }
-
- this.verificationResults[index] = verify;
- }
-
- /**
* After verifying a {@link Manifest} or a {@link SignedInfo} using the
* {@link Manifest#verifyReferences()} or {@link SignedInfo#verify()} methods,
* the individual results can be retrieved with this method.
@@ -455,14 +453,24 @@
}
}
- return this.verificationResults[index];
+ return ((ArrayList<VerifiedReference>)verificationResults).get(index).isValid();
+ }
+
+ /**
+ * Get the list of verification result objects
+ */
+ public List<VerifiedReference> getVerificationResults() {
+ if (verificationResults == null) {
+ return Collections.emptyList();
+ }
+ return Collections.unmodifiableList(verificationResults);
}
/**
* Adds Resource Resolver for retrieving resources at specified {@code URI} attribute
* in {@code reference} element
*
- * @param resolver {@link ResourceResolver} can provide the implemenatin subclass of
+ * @param resolver {@link ResourceResolver} can provide the implementation subclass of
* {@link ResourceResolverSpi} for retrieving resource.
*/
public void addResourceResolver(ResourceResolver resolver) {
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java Tue May 07 10:21:04 2019 +0800
@@ -26,7 +26,6 @@
import java.io.OutputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
-import java.util.Base64;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
@@ -396,7 +395,7 @@
n = n.getNextSibling();
}
- String base64codedValue = Base64.getMimeEncoder().encodeToString(digestValue);
+ String base64codedValue = XMLUtils.encodeToString(digestValue);
Text t = createText(base64codedValue);
digestValueElement.appendChild(t);
@@ -723,12 +722,17 @@
return getPreCalculatedDigest(input);
}
+ cacheDereferencedElement(input);
+
MessageDigestAlgorithm mda = this.getMessageDigestAlgorithm();
mda.reset();
try (DigesterOutputStream diOs = new DigesterOutputStream(mda);
OutputStream os = new UnsyncBufferedOutputStream(diOs)) {
- XMLSignatureInput output = this.dereferenceURIandPerformTransforms(os);
+
+ XMLSignatureInput output = this.getContentsAfterTransformation(input, os);
+ this.transformsOutput = output;
+
// if signing and c14n11 property == true explicitly add
// C14N11 transform if needed
if (Reference.useC14N11 && !validating && !output.isOutputStreamSet()
@@ -772,7 +776,7 @@
throws ReferenceNotInitializedException {
LOG.debug("Verifying element with pre-calculated digest");
String preCalculatedDigest = input.getPreCalculatedDigest();
- return Base64.getMimeDecoder().decode(preCalculatedDigest);
+ return XMLUtils.decode(preCalculatedDigest);
}
/**
@@ -789,8 +793,8 @@
"signature.Verification.NoSignatureElement", exArgs
);
}
- String content = XMLUtils.getFullTextChildrenFromElement(digestValueElement);
- return Base64.getMimeDecoder().decode(content);
+ String content = XMLUtils.getFullTextChildrenFromNode(digestValueElement);
+ return XMLUtils.decode(content);
}
@@ -809,8 +813,8 @@
if (!equal) {
LOG.warn("Verification failed for URI \"" + this.getURI() + "\"");
- LOG.warn("Expected Digest: " + Base64.getMimeEncoder().encodeToString(elemDig));
- LOG.warn("Actual Digest: " + Base64.getMimeEncoder().encodeToString(calcDig));
+ LOG.warn("Expected Digest: " + XMLUtils.encodeToString(elemDig));
+ LOG.warn("Actual Digest: " + XMLUtils.encodeToString(calcDig));
} else {
LOG.debug("Verification successful for URI \"{}\"", this.getURI());
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/VerifiedReference.java Tue May 07 10:21:04 2019 +0800
@@ -0,0 +1,64 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package com.sun.org.apache.xml.internal.security.signature;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Holds the result of a Reference validation.
+ */
+public class VerifiedReference {
+
+ private final boolean valid;
+ private final String uri;
+ private final List<VerifiedReference> manifestReferences;
+
+ /**
+ * @param valid Whether this Reference was successfully validated or not
+ * @param uri The URI of this Reference
+ * @param manifestReferences If this reference is a reference to a Manifest, this holds the list
+ * of verified referenes associated with this Manifest
+ */
+ public VerifiedReference(boolean valid, String uri, List<VerifiedReference> manifestReferences) {
+ this.valid = valid;
+ this.uri = uri;
+ if (manifestReferences != null) {
+ this.manifestReferences = manifestReferences;
+ } else {
+ this.manifestReferences = Collections.emptyList();
+ }
+ }
+
+ public boolean isValid() {
+ return valid;
+ }
+
+ public String getUri() {
+ return uri;
+ }
+
+ public List<VerifiedReference> getManifestReferences() {
+ return Collections.unmodifiableList(manifestReferences);
+ }
+}
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java Tue May 07 10:21:04 2019 +0800
@@ -27,7 +27,6 @@
import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
-import java.util.Base64;
import javax.crypto.SecretKey;
@@ -504,8 +503,8 @@
* @throws XMLSignatureException If there is no content
*/
public byte[] getSignatureValue() throws XMLSignatureException {
- String content = XMLUtils.getFullTextChildrenFromElement(signatureValueElement);
- return Base64.getMimeDecoder().decode(content);
+ String content = XMLUtils.getFullTextChildrenFromNode(signatureValueElement);
+ return XMLUtils.decode(content);
}
/**
@@ -520,7 +519,7 @@
signatureValueElement.removeChild(signatureValueElement.getFirstChild());
}
- String base64codedValue = Base64.getMimeEncoder().encodeToString(bytes);
+ String base64codedValue = XMLUtils.encodeToString(bytes);
if (base64codedValue.length() > 76 && !XMLUtils.ignoreLineBreaks()) {
base64codedValue = "\n" + base64codedValue + "\n";
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java Tue May 07 10:21:04 2019 +0800
@@ -24,7 +24,6 @@
import java.io.IOException;
import java.io.OutputStream;
-import java.util.Base64;
import javax.xml.parsers.ParserConfigurationException;
@@ -109,12 +108,12 @@
StringBuilder sb = new StringBuilder();
traverseElement((Element)el, sb);
if (os == null) {
- byte[] decodedBytes = Base64.getMimeDecoder().decode(sb.toString());
+ byte[] decodedBytes = XMLUtils.decode(sb.toString());
XMLSignatureInput output = new XMLSignatureInput(decodedBytes);
output.setSecureValidation(secureValidation);
return output;
}
- byte[] bytes = Base64.getMimeDecoder().decode(sb.toString());
+ byte[] bytes = XMLUtils.decode(sb.toString());
os.write(bytes);
XMLSignatureInput output = new XMLSignatureInput((byte[])null);
output.setSecureValidation(secureValidation);
@@ -125,17 +124,17 @@
if (input.isOctetStream() || input.isNodeSet()) {
if (os == null) {
byte[] base64Bytes = input.getBytes();
- byte[] decodedBytes = Base64.getMimeDecoder().decode(base64Bytes);
+ byte[] decodedBytes = XMLUtils.decode(base64Bytes);
XMLSignatureInput output = new XMLSignatureInput(decodedBytes);
output.setSecureValidation(secureValidation);
return output;
}
if (input.isByteArray() || input.isNodeSet()) {
- byte[] bytes = Base64.getMimeDecoder().decode(input.getBytes());
+ byte[] bytes = XMLUtils.decode(input.getBytes());
os.write(bytes);
} else {
byte[] inputBytes = JavaUtils.getBytesFromStream(input.getOctetStreamReal());
- byte[] bytes = Base64.getMimeDecoder().decode(inputBytes);
+ byte[] bytes = XMLUtils.decode(inputBytes);
os.write(bytes);
}
XMLSignatureInput output = new XMLSignatureInput((byte[])null);
@@ -153,7 +152,7 @@
Element rootNode = doc.getDocumentElement();
StringBuilder sb = new StringBuilder();
traverseElement(rootNode, sb);
- byte[] decodedBytes = Base64.getMimeDecoder().decode(sb.toString());
+ byte[] decodedBytes = XMLUtils.decode(sb.toString());
XMLSignatureInput output = new XMLSignatureInput(decodedBytes);
output.setSecureValidation(secureValidation);
return output;
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXSLT.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXSLT.java Tue May 07 10:21:04 2019 +0800
@@ -84,7 +84,10 @@
Element xsltElement =
XMLUtils.selectNode(transformElement.getFirstChild(), XSLTSpecNS, "stylesheet", 0);
-
+ if (xsltElement == null) {
+ xsltElement =
+ XMLUtils.selectNode(transformElement.getFirstChild(), XSLTSpecNS, "transform", 0);
+ }
if (xsltElement == null) {
Object exArgs[] = { "xslt:stylesheet", "Transform" };
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPathFilterCHGPContainer.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPathFilterCHGPContainer.java Tue May 07 10:21:04 2019 +0800
@@ -30,6 +30,7 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import org.w3c.dom.Text;
/**
* Implements the parameters for a custom Transform which has a better performance
@@ -204,7 +205,7 @@
getElement().getFirstChild(), this.getBaseNamespace(), type, 0
);
- return XMLUtils.getFullTextChildrenFromElement(xElem);
+ return XMLUtils.getFullTextChildrenFromNode(xElem);
}
/**
@@ -258,11 +259,23 @@
return null;
}
- return XMLUtils.selectNodeText(
+ return selectNodeText(
getFirstChild(), this.getBaseNamespace(), type, 0
);
}
+ private static Text selectNodeText(Node sibling, String uri, String nodeName, int number) {
+ Node n = XMLUtils.selectNode(sibling, uri, nodeName, number);
+ if (n == null) {
+ return null;
+ }
+ n = n.getFirstChild();
+ while (n != null && n.getNodeType() != Node.TEXT_NODE) {
+ n = n.getNextSibling();
+ }
+ return (Text)n;
+ }
+
/**
* Method getHereContextNodeIncludeButSearch
*
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/Constants.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/Constants.java Tue May 07 10:21:04 2019 +0800
@@ -210,6 +210,9 @@
/** Tag of Element J **/
public static final String _TAG_J = "J";
+ /** Tag of Element ECKeyValue **/
+ public static final String _TAG_ECKEYVALUE = "ECKeyValue";
+
/** Tag of Element Seed **/
public static final String _TAG_SEED = "Seed";
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java Tue May 07 10:21:04 2019 +0800
@@ -24,7 +24,6 @@
import java.math.BigInteger;
import java.util.concurrent.ConcurrentHashMap;
-import java.util.Base64;
import java.util.Map;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
@@ -267,7 +266,7 @@
Element e = XMLUtils.createElementInSignatureSpace(getDocument(), localname);
byte[] bytes = XMLUtils.getBytes(bi, bi.bitLength());
- String encodedInt = Base64.getMimeEncoder().encodeToString(bytes);
+ String encodedInt = XMLUtils.encodeToString(bytes);
Document doc = e.getOwnerDocument();
Text text = doc.createTextNode(encodedInt);
@@ -292,7 +291,7 @@
public void addBase64Element(byte[] bytes, String localname) {
if (bytes != null) {
Element el = XMLUtils.createElementInSignatureSpace(getDocument(), localname);
- Text text = getDocument().createTextNode(Base64.getMimeEncoder().encodeToString(bytes));
+ Text text = getDocument().createTextNode(XMLUtils.encodeToString(bytes));
el.appendChild(text);
@@ -326,8 +325,8 @@
public void addBase64Text(byte[] bytes) {
if (bytes != null) {
Text t = XMLUtils.ignoreLineBreaks()
- ? createText(Base64.getMimeEncoder().encodeToString(bytes))
- : createText("\n" + Base64.getMimeEncoder().encodeToString(bytes) + "\n");
+ ? createText(XMLUtils.encodeToString(bytes))
+ : createText("\n" + XMLUtils.encodeToString(bytes) + "\n");
appendSelf(t);
}
}
@@ -367,11 +366,11 @@
public BigInteger getBigIntegerFromChildElement(
String localname, String namespace
) {
- return new BigInteger(1, Base64.getMimeDecoder().decode(
- XMLUtils.selectNodeText(
- getFirstChild(), namespace, localname, 0
- ).getNodeValue()
- ));
+ Node n = XMLUtils.selectNode(getFirstChild(), namespace, localname, 0);
+ if (n != null) {
+ return new BigInteger(1, XMLUtils.decode(XMLUtils.getFullTextChildrenFromNode(n)));
+ }
+ return null;
}
/**
@@ -396,7 +395,7 @@
* @throws XMLSecurityException
*/
public byte[] getBytesFromTextChild() throws XMLSecurityException {
- return Base64.getMimeDecoder().decode(getTextFromTextChild());
+ return XMLUtils.decode(getTextFromTextChild());
}
/**
@@ -406,7 +405,7 @@
* element
*/
public String getTextFromTextChild() {
- return XMLUtils.getFullTextChildrenFromElement(getElement());
+ return XMLUtils.getFullTextChildrenFromNode(getElement());
}
/**
@@ -498,8 +497,9 @@
if (Constants.SignatureSpecNS.equals(namespace)) {
XMLUtils.setDsPrefix(prefix);
- }
- if (EncryptionConstants.EncryptionSpecNS.equals(namespace)) {
+ } else if (Constants.SignatureSpec11NS.equals(namespace)) {
+ XMLUtils.setDs11Prefix(prefix);
+ } else if (EncryptionConstants.EncryptionSpecNS.equals(namespace)) {
XMLUtils.setXencPrefix(prefix);
}
prefixMappings.put(namespace, prefix);
@@ -519,6 +519,7 @@
setNamespacePrefix(
"http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter", "xx"
);
+ setNamespacePrefix("http://www.w3.org/2009/xmldsig11#", "dsig11");
}
/**
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/Signature11ElementProxy.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/Signature11ElementProxy.java Tue May 07 10:21:04 2019 +0800
@@ -47,6 +47,13 @@
setDocument(doc);
setElement(XMLUtils.createElementInSignature11Space(doc, this.getBaseLocalName()));
+
+ String prefix = ElementProxy.getDefaultPrefix(getBaseNamespace());
+ if (prefix == null || prefix.length() == 0) {
+ getElement().setAttributeNS(Constants.NamespaceSpecNS, "xmlns", getBaseNamespace());
+ } else {
+ getElement().setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + prefix, getBaseNamespace());
+ }
}
/**
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java Tue May 07 10:21:04 2019 +0800
@@ -254,16 +254,21 @@
}
}
+ @Deprecated
+ public static String getFullTextChildrenFromElement(Element element) {
+ return getFullTextChildrenFromNode(element);
+ }
+
/**
- * Method getFullTextChildrenFromElement
+ * Method getFullTextChildrenFromNode
*
- * @param element
+ * @param node
* @return the string of children
*/
- public static String getFullTextChildrenFromElement(Element element) {
+ public static String getFullTextChildrenFromNode(Node node) {
StringBuilder sb = new StringBuilder();
- Node child = element.getFirstChild();
+ Node child = node.getFirstChild();
while (child != null) {
if (child.getNodeType() == Node.TEXT_NODE) {
sb.append(((Text)child).getData());
@@ -682,7 +687,7 @@
while (sibling != null) {
if (sibling.getNamespaceURI() != null && sibling.getNamespaceURI().equals(uri)
&& sibling.getLocalName().equals(nodeName)) {
- if (number == 0){
+ if (number == 0) {
return (Element)sibling;
}
number--;
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java Tue May 07 10:21:04 2019 +0800
@@ -97,7 +97,7 @@
LOG.debug("check resolvability by class {}", resolverTmp.getClass().getName());
- if (resolverTmp != null && resolverTmp.canResolve(context)) {
+ if (resolverTmp.canResolve(context)) {
// Check to see whether the Resolver is allowed
if (context.secureValidation
&& (resolverTmp.resolverSpi instanceof ResolverLocalFilesystem
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP.java Tue May 07 10:21:04 2019 +0800
@@ -33,9 +33,9 @@
import java.net.URL;
import java.net.URLConnection;
import java.nio.charset.StandardCharsets;
-import java.util.Base64;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
+import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverContext;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException;
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi;
@@ -57,7 +57,7 @@
* </PRE>
*
* @see <A HREF="http://www.javaworld.com/javaworld/javatips/jw-javatip42_p.html">Java Tip 42: Write Java apps that work with proxy-based firewalls</A>
- * @see <A HREF="http://docs.oracle.com/javase/1.4.2/docs/guide/net/properties.html">SUN J2SE docs for network properties</A>
+ * @see <A HREF="https://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.html">JDK docs for network properties</A>
* @see <A HREF="http://metalab.unc.edu/javafaq/javafaq.html#proxy">The JAVA FAQ Question 9.5: How do I make Java work with a proxy server?</A>
*/
public class ResolverDirectHTTP extends ResourceResolverSpi {
@@ -122,7 +122,7 @@
urlConnection = openConnection(url);
String password = user + ":" + pass;
- String encodedPassword = Base64.getMimeEncoder().encodeToString(password.getBytes(StandardCharsets.ISO_8859_1));
+ String encodedPassword = XMLUtils.encodeToString(password.getBytes(StandardCharsets.ISO_8859_1));
// set authentication property in the http header
urlConnection.setRequestProperty("Authorization",
@@ -187,7 +187,7 @@
if (proxyUser != null && proxyPass != null) {
String password = proxyUser + ":" + proxyPass;
- String authString = "Basic " + Base64.getMimeEncoder().encodeToString(password.getBytes(StandardCharsets.ISO_8859_1));
+ String authString = "Basic " + XMLUtils.encodeToString(password.getBytes(StandardCharsets.ISO_8859_1));
urlConnection.setRequestProperty("Proxy-Authorization", authString);
}
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: ApacheCanonicalizer.java 1785016 2017-03-01 18:23:48Z coheigea $
+ * $Id: ApacheCanonicalizer.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: ApacheOctetStreamData.java 1667527 2015-03-18 12:54:20Z mullan $
+ * $Id: ApacheOctetStreamData.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: ApacheTransform.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: ApacheTransform.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14NMethod.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14NMethod.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMCanonicalXMLC14NMethod.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMCanonicalXMLC14NMethod.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMCryptoBinary.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMCryptoBinary.java Tue May 07 10:21:04 2019 +0800
@@ -1,3 +1,7 @@
+/*
+ * reserved comment block
+ * DO NOT REMOVE OR ALTER!
+ */
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
@@ -17,7 +21,7 @@
* under the License.
*/
/*
- * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
* $Id$
@@ -33,16 +37,16 @@
import org.w3c.dom.Text;
/**
- * A DOM-based representation of the XML <code>CryptoBinary</code> simple type
+ * A DOM-based representation of the XML {@code CryptoBinary} simple type
* as defined in the W3C specification for XML-Signature Syntax and Processing.
* The XML Schema Definition is defined as:
*
- * <xmp>
+ * <pre>{@code
* <simpleType name="CryptoBinary">
* <restriction base = "base64Binary">
* </restriction>
* </simpleType>
- * </xmp>
+ * }</pre>
*
* @author Sean Mullan
*/
@@ -52,11 +56,11 @@
private final String value;
/**
- * Create a <code>DOMCryptoBinary</code> instance from the specified
- * <code>BigInteger</code>
+ * Create a {@code DOMCryptoBinary} instance from the specified
+ * {@code BigInteger}
*
* @param bigNum the arbitrary-length integer
- * @throws NullPointerException if <code>bigNum</code> is <code>null</code>
+ * @throws NullPointerException if {@code bigNum} is {@code null}
*/
public DOMCryptoBinary(BigInteger bigNum) {
if (bigNum == null) {
@@ -69,7 +73,7 @@
}
/**
- * Creates a <code>DOMCryptoBinary</code> from a node.
+ * Creates a {@code DOMCryptoBinary} from a node.
*
* @param cbNode a CryptoBinary text node
* @throws MarshalException if value cannot be decoded (invalid format)
@@ -84,9 +88,9 @@
}
/**
- * Returns the <code>BigInteger</code> that this object contains.
+ * Returns the {@code BigInteger} that this object contains.
*
- * @return the <code>BigInteger</code> that this object contains
+ * @return the {@code BigInteger} that this object contains
*/
public BigInteger getBigNum() {
return bigNum;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMDigestMethod.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMDigestMethod.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMDigestMethod.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMDigestMethod.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMEnvelopedTransform.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMEnvelopedTransform.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMEnvelopedTransform.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMEnvelopedTransform.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMExcC14NMethod.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMExcC14NMethod.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMExcC14NMethod.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMExcC14NMethod.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMHMACSignatureMethod.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMHMACSignatureMethod.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMKeyInfo.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMKeyInfo.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMKeyInfoFactory.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMKeyInfoFactory.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyName.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyName.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMKeyName.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMKeyName.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java Tue May 07 10:21:04 2019 +0800
@@ -21,18 +21,13 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMKeyValue.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMKeyValue.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
-import javax.xml.crypto.*;
-import javax.xml.crypto.dom.DOMCryptoContext;
-import javax.xml.crypto.dsig.*;
-import javax.xml.crypto.dsig.keyinfo.KeyValue;
-
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyException;
@@ -55,6 +50,11 @@
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
+import javax.xml.crypto.MarshalException;
+import javax.xml.crypto.dom.DOMCryptoContext;
+import javax.xml.crypto.dsig.XMLSignature;
+import javax.xml.crypto.dsig.keyinfo.KeyValue;
+
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -500,7 +500,7 @@
throw new MarshalException("Invalid ECParameterSpec");
}
DOMUtils.setAttribute(namedCurveElem, "URI", "urn:oid:" + oid);
- String qname = (prefix == null || prefix.length() == 0)
+ String qname = prefix == null || prefix.length() == 0
? "xmlns" : "xmlns:" + prefix;
namedCurveElem.setAttributeNS("http://www.w3.org/2000/xmlns/",
qname, XMLDSIG_11_XMLNS);
@@ -554,7 +554,7 @@
ECPoint ecPoint = null;
try {
- String content = XMLUtils.getFullTextChildrenFromElement(curElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(curElem);
ecPoint = decodePoint(XMLUtils.decode(content),
ecParams.getCurve());
} catch (IOException ioe) {
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMManifest.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMManifest.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMPGPData.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMPGPData.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -56,7 +56,7 @@
* and optional list of external elements.
*
* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
- * <a href="http://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
+ * <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
* array is cloned to prevent subsequent modification.
* @param other a list of {@link XMLStructure}s representing elements from
* an external namespace. The list is defensively copied to prevent
@@ -94,10 +94,10 @@
* optional key packet and list of external elements.
*
* @param keyId a PGP public key id as defined in section 11.2 of
- * <a href="http://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
+ * <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
* array is cloned to prevent subsequent modification.
* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
- * <a href="http://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a> (may
+ * <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a> (may
* be {@code null}). The array is cloned to prevent subsequent
* modification.
* @param other a list of {@link XMLStructure}s representing elements from
@@ -157,10 +157,10 @@
String localName = childElem.getLocalName();
String namespace = childElem.getNamespaceURI();
if ("PGPKeyID".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
- String content = XMLUtils.getFullTextChildrenFromElement(childElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(childElem);
pgpKeyId = XMLUtils.decode(content);
} else if ("PGPKeyPacket".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
- String content = XMLUtils.getFullTextChildrenFromElement(childElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(childElem);
pgpKeyPacket = XMLUtils.decode(content);
} else {
other.add
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java Tue May 07 10:21:04 2019 +0800
@@ -21,7 +21,7 @@
* under the License.
*/
/*
- * Portions copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Portions copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
* ===========================================================================
@@ -31,7 +31,7 @@
* ===========================================================================
*/
/*
- * $Id: DOMReference.java 1803518 2017-07-31 11:02:52Z coheigea $
+ * $Id: DOMReference.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -56,7 +56,6 @@
import org.jcp.xml.dsig.internal.DigesterOutputStream;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
import com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream;
-import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
/**
* DOM-based implementation of Reference.
@@ -244,7 +243,7 @@
// unmarshal DigestValue
Element dvElem = DOMUtils.getNextSiblingElement(dmElem, "DigestValue", XMLSignature.XMLNS);
- String content = XMLUtils.getFullTextChildrenFromElement(dvElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(dvElem);
this.digestValue = XMLUtils.decode(content);
// check for extra elements
@@ -311,6 +310,7 @@
refElem = DOMUtils.createElement(ownerDoc, "Reference",
XMLSignature.XMLNS, dsPrefix);
+
// set attributes
DOMUtils.setAttributeID(refElem, "Id", id);
DOMUtils.setAttribute(refElem, "URI", uri);
@@ -341,7 +341,6 @@
if (digestValue != null) {
digestValueElem.appendChild
(ownerDoc.createTextNode(XMLUtils.encodeToString(digestValue)));
-
}
refElem.appendChild(digestValueElem);
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java Tue May 07 10:21:04 2019 +0800
@@ -21,7 +21,7 @@
* under the License.
*/
/*
- * Portions copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Portions copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
* ===========================================================================
@@ -31,7 +31,7 @@
* ===========================================================================
*/
/*
- * $Id: DOMRetrievalMethod.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMRetrievalMethod.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureMethod.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureMethod.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMSignatureMethod.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMSignatureMethod.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMSignatureProperties.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMSignatureProperties.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMSignatureProperty.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMSignatureProperty.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMSignedInfo.java 1820179 2018-01-04 19:09:52Z mullan $
+ * $Id: DOMSignedInfo.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMStructure.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMStructure.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMStructure.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMStructure.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMTransform.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMTransform.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMTransform.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMTransform.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMURIDereferencer.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMURIDereferencer.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMUtils.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMUtils.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -92,7 +92,7 @@
public static Element createElement(Document doc, String tag,
String nsURI, String prefix)
{
- String qName = (prefix == null || prefix.length() == 0)
+ String qName = prefix == null || prefix.length() == 0
? tag : prefix + ":" + tag;
return doc.createElementNS(nsURI, qName);
}
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMX509Data.java 1789702 2017-03-31 15:15:04Z coheigea $
+ * $Id: DOMX509Data.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -33,12 +33,13 @@
import java.security.cert.*;
import java.util.*;
-import javax.xml.crypto.*;
+import javax.security.auth.x500.X500Principal;
+import javax.xml.crypto.MarshalException;
+import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dom.DOMCryptoContext;
-import javax.xml.crypto.dsig.*;
+import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
-import javax.security.auth.x500.X500Principal;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -115,7 +116,7 @@
} else if ("X509SubjectName".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
newContent.add(childElem.getFirstChild().getNodeValue());
} else if ("X509SKI".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
- String content = XMLUtils.getFullTextChildrenFromElement(childElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(childElem);
newContent.add(XMLUtils.decode(content));
} else if ("X509CRL".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
newContent.add(unmarshalX509CRL(childElem));
@@ -132,6 +133,7 @@
return content;
}
+ @Override
public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
throws MarshalException
{
@@ -241,7 +243,7 @@
if (cf == null) {
cf = CertificateFactory.getInstance("X.509");
}
- String content = XMLUtils.getFullTextChildrenFromElement(elem);
+ String content = XMLUtils.getFullTextChildrenFromNode(elem);
return new ByteArrayInputStream(XMLUtils.decode(content));
} catch (CertificateException e) {
throw new MarshalException("Cannot create CertificateFactory", e);
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMX509IssuerSerial.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMX509IssuerSerial.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMXMLObject.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMXMLObject.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Tue May 07 10:21:04 2019 +0800
@@ -21,7 +21,7 @@
* under the License.
*/
/*
- * Portions copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Portions copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
* ===========================================================================
@@ -31,7 +31,7 @@
* ===========================================================================
*/
/*
- * $Id: DOMXMLSignature.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMXMLSignature.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -508,7 +508,7 @@
throws MarshalException
{
// base64 decode signatureValue
- String content = XMLUtils.getFullTextChildrenFromElement(sigValueElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(sigValueElem);
value = XMLUtils.decode(content);
Attr attr = sigValueElem.getAttributeNodeNS(null, "Id");
@@ -612,6 +612,7 @@
DOMCryptoContext context)
throws MarshalException
{
+ // create SignatureValue element
sigValueElem = DOMUtils.createElement(ownerDoc, "SignatureValue",
XMLSignature.XMLNS, dsPrefix);
if (valueBase64 != null) {
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMXMLSignatureFactory.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMXMLSignatureFactory.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -255,8 +255,6 @@
return new DOMSignatureMethod.SHA384withRSA(params);
} else if (algorithm.equals(DOMSignatureMethod.RSA_SHA512)) {
return new DOMSignatureMethod.SHA512withRSA(params);
- } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA512)) {
- return new DOMSignatureMethod.SHA512withRSA(params);
} else if (algorithm.equals(DOMSignatureMethod.RSA_RIPEMD160)) {
return new DOMSignatureMethod.RIPEMD160withRSA(params);
} else if (algorithm.equals(DOMSignatureMethod.RSA_SHA1_MGF1)) {
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathFilter2Transform.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathFilter2Transform.java Tue May 07 10:21:04 2019 +0800
@@ -28,10 +28,10 @@
* ===========================================================================
*/
/*
- * Portions copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Portions copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMXPathFilter2Transform.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMXPathFilter2Transform.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathTransform.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathTransform.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMXPathTransform.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMXPathTransform.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXSLTTransform.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXSLTTransform.java Tue May 07 10:21:04 2019 +0800
@@ -21,10 +21,10 @@
* under the License.
*/
/*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: DOMXSLTTransform.java 1788465 2017-03-24 15:10:51Z coheigea $
+ * $Id: DOMXSLTTransform.java 1854026 2019-02-21 09:30:01Z coheigea $
*/
package org.jcp.xml.dsig.internal.dom;
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java Tue May 07 10:21:04 2019 +0800
@@ -28,10 +28,10 @@
* ===========================================================================
*/
/*
- * Portions copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Portions copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
*/
/*
- * $Id: XMLDSigRI.java 1804972 2017-08-14 09:59:23Z coheigea $
+ * $Id: XMLDSigRI.java 1833618 2018-06-15 17:36:20Z mullan $
*/
package org.jcp.xml.dsig.internal.dom;
@@ -123,7 +123,7 @@
} else if (algo.equals(Transform.XSLT)) {
return new DOMXSLTTransform();
}
- }
+ }
} catch (Exception ex) {
throw new NoSuchAlgorithmException("Error constructing " +
type + " for " + algo + " using XMLDSig", ex);
--- a/src/java.xml.crypto/share/legal/santuario.md Tue May 07 00:58:10 2019 +0000
+++ b/src/java.xml.crypto/share/legal/santuario.md Tue May 07 10:21:04 2019 +0800
@@ -1,10 +1,10 @@
-## Apache Santuario v2.1.1
+## Apache Santuario v2.1.3
### Apache Santuario Notice
<pre>
Apache Santuario - XML Security for Java
- Copyright 1999-2018 The Apache Software Foundation
+ Copyright 1999-2019 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).