Java Code Examples for com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException

The following examples show how to use com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: jdk8u-dev-jdk   Source File: SignedInfo.java    License: GNU General Public License v2.0 6 votes vote down vote up
public String getInclusiveNamespaces() {
    String c14nMethodURI = c14nMethod.getAttributeNS(null, Constants._ATT_ALGORITHM);
    if (!(c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") ||
        c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) {
        return null;
    }

    Element inclusiveElement = XMLUtils.getNextElement(c14nMethod.getFirstChild());

    if (inclusiveElement != null) {
        try {
            String inclusiveNamespaces =
                new InclusiveNamespaces(
                    inclusiveElement,
                    InclusiveNamespaces.ExclusiveCanonicalizationNamespace
                ).getInclusiveNamespaces();
            return inclusiveNamespaces;
        } catch (XMLSecurityException e) {
            return null;
        }
    }
    return null;
}
 
Example 2
/**
 * Constructs {@link SignatureProperties} from {@link Element}
 * @param element <code>SignatureProperties</code> element
 * @param BaseURI the URI of the resource where the XML instance was stored
 * @throws XMLSecurityException
 */
public SignatureProperties(Element element, String BaseURI) throws XMLSecurityException {
    super(element, BaseURI);

    Attr attr = element.getAttributeNodeNS(null, "Id");
    if (attr != null) {
        element.setIdAttributeNode(attr, true);
    }

    int length = getLength();
    for (int i = 0; i < length; i++) {
        Element propertyElem =
            XMLUtils.selectDsNode(this.constructionElement, Constants._TAG_SIGNATUREPROPERTY, i);
        Attr propertyAttr = propertyElem.getAttributeNodeNS(null, "Id");
        if (propertyAttr != null) {
            propertyElem.setIdAttributeNode(propertyAttr, true);
        }
    }
}
 
Example 3
Source Project: TencentKona-8   Source File: ElementProxy.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Method guaranteeThatElementInCorrectSpace
 *
 * @throws XMLSecurityException
 */
void guaranteeThatElementInCorrectSpace() throws XMLSecurityException {

    String expectedLocalName = this.getBaseLocalName();
    String expectedNamespaceUri = this.getBaseNamespace();

    String actualLocalName = this.constructionElement.getLocalName();
    String actualNamespaceUri = this.constructionElement.getNamespaceURI();

    if(!expectedNamespaceUri.equals(actualNamespaceUri)
        && !expectedLocalName.equals(actualLocalName)) {
        Object exArgs[] = { actualNamespaceUri + ":" + actualLocalName,
                            expectedNamespaceUri + ":" + expectedLocalName};
        throw new XMLSecurityException("xml.WrongElement", exArgs);
    }
}
 
Example 4
Source Project: jdk1.8-source-analysis   Source File: ElementProxy.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Method setDefaultPrefix
 *
 * @param namespace
 * @param prefix
 * @throws XMLSecurityException
 * @throws SecurityException if a security manager is installed and the
 *    caller does not have permission to set the default prefix
 */
public static void setDefaultPrefix(String namespace, String prefix)
    throws XMLSecurityException {
    JavaUtils.checkRegisterPermission();
    if (prefixMappings.containsValue(prefix)) {
        String storedPrefix = prefixMappings.get(namespace);
        if (!storedPrefix.equals(prefix)) {
            Object exArgs[] = { prefix, namespace, storedPrefix };

            throw new XMLSecurityException("prefix.AlreadyAssigned", exArgs);
        }
    }

    if (Constants.SignatureSpecNS.equals(namespace)) {
        XMLUtils.setDsPrefix(prefix);
    }
    if (EncryptionConstants.EncryptionSpecNS.equals(namespace)) {
        XMLUtils.setXencPrefix(prefix);
    }
    prefixMappings.put(namespace, prefix);
}
 
Example 5
/**
 * Resolves the input from the given retrieval method
 * @return
 * @throws XMLSecurityException
 */
private static XMLSignatureInput resolveInput(
    RetrievalMethod rm, String baseURI, boolean secureValidation
) throws XMLSecurityException {
    Attr uri = rm.getURIAttr();
    // Apply the transforms
    Transforms transforms = rm.getTransforms();
    ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation);
    XMLSignatureInput resource = resRes.resolve(uri, baseURI, secureValidation);
    if (transforms != null) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "We have Transforms");
        }
        resource = transforms.performTransforms(resource);
    }
    return resource;
}
 
Example 6
/**
 * Validate the Element referred to by the KeyInfoReference.
 *
 * @param referentElement
 *
 * @throws XMLSecurityException
 */
private void validateReference(Element referentElement) throws XMLSecurityException {
    if (!XMLUtils.elementIsInSignatureSpace(referentElement, Constants._TAG_KEYINFO)) {
        Object exArgs[] = { new QName(referentElement.getNamespaceURI(), referentElement.getLocalName()) };
        throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.WrongType", exArgs);
    }

    KeyInfo referent = new KeyInfo(referentElement, "");
    if (referent.containsKeyInfoReference()) {
        if (secureValidation) {
            throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.ReferenceWithSecure");
        } else {
            // Don't support chains of references at this time. If do support in the future, this is where the code
            // would go to validate that don't have a cycle, resulting in an infinite loop. This may be unrealistic
            // to implement, and/or very expensive given remote URI references.
            throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.ReferenceWithoutSecure");
        }
    }

}
 
Example 7
/**
 * Method setDefaultPrefix
 *
 * @param namespace
 * @param prefix
 * @throws XMLSecurityException
 */
public static void setDefaultPrefix(String namespace, String prefix)
    throws XMLSecurityException {
    if (prefixMappings.containsValue(prefix)) {
        String storedPrefix = prefixMappings.get(namespace);
        if (!storedPrefix.equals(prefix)) {
            Object exArgs[] = { prefix, namespace, storedPrefix };

            throw new XMLSecurityException("prefix.AlreadyAssigned", exArgs);
        }
    }

    if (Constants.SignatureSpecNS.equals(namespace)) {
        XMLUtils.setDsPrefix(prefix);
    }
    if (EncryptionConstants.EncryptionSpecNS.equals(namespace)) {
        XMLUtils.setXencPrefix(prefix);
    }
    prefixMappings.put(namespace, prefix);
}
 
Example 8
Source Project: TencentKona-8   Source File: X509Data.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Constructor X509Data
 *
 * @param element
 * @param baseURI
 * @throws XMLSecurityException
 */
public X509Data(Element element, String baseURI) throws XMLSecurityException {
    super(element, baseURI);

    Node sibling = this.constructionElement.getFirstChild();
    while (sibling != null) {
        if (sibling.getNodeType() != Node.ELEMENT_NODE) {
            sibling = sibling.getNextSibling();
            continue;
        }
        return;
    }
    /* No Elements found */
    Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
    throw new XMLSecurityException("xml.WrongContent", exArgs);
}
 
Example 9
Source Project: jdk8u-jdk   Source File: ElementProxy.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Method guaranteeThatElementInCorrectSpace
 *
 * @throws XMLSecurityException
 */
void guaranteeThatElementInCorrectSpace() throws XMLSecurityException {

    String expectedLocalName = this.getBaseLocalName();
    String expectedNamespaceUri = this.getBaseNamespace();

    String actualLocalName = this.constructionElement.getLocalName();
    String actualNamespaceUri = this.constructionElement.getNamespaceURI();

    if(!expectedNamespaceUri.equals(actualNamespaceUri)
        && !expectedLocalName.equals(actualLocalName)) {
        Object exArgs[] = { actualNamespaceUri + ":" + actualLocalName,
                            expectedNamespaceUri + ":" + expectedLocalName};
        throw new XMLSecurityException("xml.WrongElement", exArgs);
    }
}
 
Example 10
Source Project: JDKSourceCode1.8   Source File: ElementCheckerImpl.java    License: MIT License 6 votes vote down vote up
public void guaranteeThatElementInCorrectSpace(
    ElementProxy expected, Element actual
) throws XMLSecurityException {

    String expectedLocalname = expected.getBaseLocalName();
    String expectedNamespace = expected.getBaseNamespace();

    String localnameIS = actual.getLocalName();
    String namespaceIS = actual.getNamespaceURI();
    if ((expectedNamespace != namespaceIS) ||
        !expectedLocalname.equals(localnameIS)) {
        Object exArgs[] = { namespaceIS + ":" + localnameIS,
                            expectedNamespace + ":" + expectedLocalname};
        throw new XMLSecurityException("xml.WrongElement", exArgs);
    }
}
 
Example 11
Source Project: jdk8u-jdk   Source File: Reference.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Build a {@link Reference} from an {@link Element}
 *
 * @param element <code>Reference</code> element
 * @param baseURI the URI of the resource where the XML instance was stored
 * @param manifest is the {@link Manifest} of {@link SignedInfo} in which the Reference occurs.
 * @param secureValidation whether secure validation is enabled or not
 * We need this because the Manifest has the individual {@link ResourceResolver}s which have
 * been set by the user
 * @throws XMLSecurityException
 */
protected Reference(Element element, String baseURI, Manifest manifest, boolean secureValidation)
    throws XMLSecurityException {
    super(element, baseURI);
    this.secureValidation = secureValidation;
    this.baseURI = baseURI;
    Element el = XMLUtils.getNextElement(element.getFirstChild());
    if (Constants._TAG_TRANSFORMS.equals(el.getLocalName())
        && Constants.SignatureSpecNS.equals(el.getNamespaceURI())) {
        transforms = new Transforms(el, this.baseURI);
        transforms.setSecureValidation(secureValidation);
        if (secureValidation && transforms.getLength() > MAXIMUM_TRANSFORM_COUNT) {
            Object exArgs[] = { transforms.getLength(), MAXIMUM_TRANSFORM_COUNT };

            throw new XMLSecurityException("signature.tooManyTransforms", exArgs);
        }
        el = XMLUtils.getNextElement(el.getNextSibling());
    }
    digestMethodElem = el;
    digestValueElement = XMLUtils.getNextElement(digestMethodElem.getNextSibling());
    this.manifest = manifest;
}
 
Example 12
/**
 * Constructor X509Data
 *
 * @param element
 * @param baseURI
 * @throws XMLSecurityException
 */
public X509Data(Element element, String baseURI) throws XMLSecurityException {
    super(element, baseURI);

    Node sibling = this.constructionElement.getFirstChild();
    while (sibling != null) {
        if (sibling.getNodeType() != Node.ELEMENT_NODE) {
            sibling = sibling.getNextSibling();
            continue;
        }
        return;
    }
    /* No Elements found */
    Object exArgs[] = { "Elements", Constants._TAG_X509DATA };
    throw new XMLSecurityException("xml.WrongContent", exArgs);
}
 
Example 13
/**
 * Resolves the input from the given retrieval method
 * @return
 * @throws XMLSecurityException
 */
private static XMLSignatureInput resolveInput(
    RetrievalMethod rm, String baseURI, boolean secureValidation
) throws XMLSecurityException {
    Attr uri = rm.getURIAttr();
    // Apply the transforms
    Transforms transforms = rm.getTransforms();
    ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation);
    XMLSignatureInput resource = resRes.resolve(uri, baseURI, secureValidation);
    if (transforms != null) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "We have Transforms");
        }
        resource = transforms.performTransforms(resource);
    }
    return resource;
}
 
Example 14
/** {@inheritDoc}. */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage)
    throws KeyResolverException {

    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
    }

    if (!engineCanResolve(element, baseURI, storage)) {
        return null;
    }

    try {
        KeyInfo referent = resolveReferentKeyInfo(element, baseURI, storage);
        if (referent != null) {
            return referent.getX509Certificate();
        }
    } catch (XMLSecurityException e) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
        }
    }

    return null;
}
 
Example 15
/** {@inheritDoc}. */
public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage)
    throws KeyResolverException {

    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName());
    }

    if (!engineCanResolve(element, baseURI, storage)) {
        return null;
    }

    try {
        KeyInfo referent = resolveReferentKeyInfo(element, baseURI, storage);
        if (referent != null) {
            return referent.getPublicKey();
        }
    } catch (XMLSecurityException e) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
        }
    }

    return null;
}
 
Example 16
Source Project: openjdk-8   Source File: Manifest.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * After verifying a {@link Manifest} or a {@link SignedInfo} using the
 * {@link Manifest#verifyReferences()} or {@link SignedInfo#verify()} methods,
 * the individual results can be retrieved with this method.
 *
 * @param index an index of into a {@link Manifest} or a {@link SignedInfo}
 * @return the results of reference validation at the specified index
 * @throws XMLSecurityException
 */
public boolean getVerificationResult(int index) throws XMLSecurityException {
    if ((index < 0) || (index > this.getLength() - 1)) {
        Object exArgs[] = { Integer.toString(index), Integer.toString(this.getLength()) };
        Exception e =
            new IndexOutOfBoundsException(
                I18n.translate("signature.Verification.IndexOutOfBounds", exArgs)
            );

        throw new XMLSecurityException("generic.EmptyMessage", e);
    }

    if (this.verificationResults == null) {
        try {
            this.verifyReferences();
        } catch (Exception ex) {
            throw new XMLSecurityException("generic.EmptyMessage", ex);
        }
    }

    return this.verificationResults[index];
}
 
Example 17
/**
 * Method engineResolveX509Certificate
 * @inheritDoc
 * @param element
 * @param BaseURI
 * @param storage
 *
 * @throws KeyResolverException
 */
public X509Certificate engineLookupResolveX509Certificate(
    Element element, String BaseURI, StorageResolver storage
) throws KeyResolverException {

    try {
        Element[] els =
            XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509CERTIFICATE);
        if ((els == null) || (els.length == 0)) {
            Element el =
                XMLUtils.selectDsNode(element.getFirstChild(), Constants._TAG_X509DATA, 0);
            if (el != null) {
                return engineLookupResolveX509Certificate(el, BaseURI, storage);
            }
            return null;
        }

        // populate Object array
        for (int i = 0; i < els.length; i++) {
            XMLX509Certificate xmlCert = new XMLX509Certificate(els[i], BaseURI);
            X509Certificate cert = xmlCert.getX509Certificate();
            if (cert != null) {
                return cert;
            }
        }
        return null;
    } catch (XMLSecurityException ex) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
        }
        throw new KeyResolverException("generic.EmptyMessage", ex);
    }
}
 
Example 18
Source Project: JDKSourceCode1.8   Source File: KeyInfo.java    License: MIT License 5 votes vote down vote up
/**
 * Constructor KeyInfo
 *
 * @param element
 * @param baseURI
 * @throws XMLSecurityException
 */
public KeyInfo(Element element, String baseURI) throws XMLSecurityException {
    super(element, baseURI);

    Attr attr = element.getAttributeNodeNS(null, "Id");
    if (attr != null) {
        element.setIdAttributeNode(attr, true);
    }
}
 
Example 19
Source Project: TencentKona-8   Source File: KeyInfo.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Method itemRetrievalMethod
 *
 * @param i
 *@return the asked RetrievalMethod element, null if the index is too big
 * @throws XMLSecurityException
 */
public RetrievalMethod itemRetrievalMethod(int i) throws XMLSecurityException {
    Element e =
        XMLUtils.selectDsNode(
            this.constructionElement.getFirstChild(), Constants._TAG_RETRIEVALMETHOD, i);

    if (e != null) {
        return new RetrievalMethod(e, this.baseURI);
    }
    return null;
}
 
Example 20
Source Project: jdk8u60   Source File: X509Data.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Method itemCRL
 *
 * @param i
 * @return the X509CRL, null if not present
 * @throws XMLSecurityException
 */
public XMLX509CRL itemCRL(int i) throws XMLSecurityException {

    Element e =
        XMLUtils.selectDsNode(
            this.constructionElement.getFirstChild(), Constants._TAG_X509CRL, i);

    if (e != null) {
        return new XMLX509CRL(e, this.baseURI);
    }
    return null;
}
 
Example 21
Source Project: jdk8u-jdk   Source File: ElementProxy.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * This method registers the default prefixes.
 */
public static void registerDefaultPrefixes() throws XMLSecurityException {
    setDefaultPrefix("http://www.w3.org/2000/09/xmldsig#", "ds");
    setDefaultPrefix("http://www.w3.org/2001/04/xmlenc#", "xenc");
    setDefaultPrefix("http://www.w3.org/2009/xmlenc11#", "xenc11");
    setDefaultPrefix("http://www.xmlsecurity.org/experimental#", "experimental");
    setDefaultPrefix("http://www.w3.org/2002/04/xmldsig-filter2", "dsig-xpath-old");
    setDefaultPrefix("http://www.w3.org/2002/06/xmldsig-filter2", "dsig-xpath");
    setDefaultPrefix("http://www.w3.org/2001/10/xml-exc-c14n#", "ec");
    setDefaultPrefix(
        "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter", "xx"
    );
}
 
Example 22
Source Project: jdk8u-jdk   Source File: KeyInfo.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Method itemKeyValue
 *
 * @param i
 * @return the asked KeyValue element, null if the index is too big
 * @throws XMLSecurityException
 */
public KeyValue itemKeyValue(int i) throws XMLSecurityException {
    Element e =
        XMLUtils.selectDsNode(
            this.constructionElement.getFirstChild(), Constants._TAG_KEYVALUE, i);

    if (e != null) {
        return new KeyValue(e, this.baseURI);
    }
    return null;
}
 
Example 23
Source Project: jdk8u60   Source File: XMLSignature.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 *  Creates a XMLSignature in a Document
 * @param doc
 * @param baseURI
 * @param SignatureMethodElem
 * @param CanonicalizationMethodElem
 * @throws XMLSecurityException
 */
public XMLSignature(
    Document doc,
    String baseURI,
    Element SignatureMethodElem,
    Element CanonicalizationMethodElem
) throws XMLSecurityException {
    super(doc);

    String xmlnsDsPrefix = getDefaultPrefix(Constants.SignatureSpecNS);
    if (xmlnsDsPrefix == null || xmlnsDsPrefix.length() == 0) {
        this.constructionElement.setAttributeNS(
            Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS
        );
    } else {
        this.constructionElement.setAttributeNS(
            Constants.NamespaceSpecNS, "xmlns:" + xmlnsDsPrefix, Constants.SignatureSpecNS
        );
    }
    XMLUtils.addReturnToElement(this.constructionElement);

    this.baseURI = baseURI;
    this.signedInfo =
        new SignedInfo(this.doc, SignatureMethodElem, CanonicalizationMethodElem);

    this.constructionElement.appendChild(this.signedInfo.getElement());
    XMLUtils.addReturnToElement(this.constructionElement);

    // create an empty SignatureValue; this is filled by setSignatureValueElement
    signatureValueElement =
        XMLUtils.createElementInSignatureSpace(this.doc, Constants._TAG_SIGNATUREVALUE);

    this.constructionElement.appendChild(signatureValueElement);
    XMLUtils.addReturnToElement(this.constructionElement);
}
 
Example 24
Source Project: openjdk-jdk9   Source File: XMLSignature.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Constructor XMLSignature
 *
 * @param doc
 * @param baseURI
 * @param signatureMethodURI
 * @param hmacOutputLength
 * @param canonicalizationMethodURI
 * @throws XMLSecurityException
 */
public XMLSignature(
    Document doc,
    String baseURI,
    String signatureMethodURI,
    int hmacOutputLength,
    String canonicalizationMethodURI
) throws XMLSecurityException {
    super(doc);

    String xmlnsDsPrefix = getDefaultPrefix(Constants.SignatureSpecNS);
    if (xmlnsDsPrefix == null || xmlnsDsPrefix.length() == 0) {
        this.constructionElement.setAttributeNS(
            Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS
        );
    } else {
        this.constructionElement.setAttributeNS(
            Constants.NamespaceSpecNS, "xmlns:" + xmlnsDsPrefix, Constants.SignatureSpecNS
        );
    }
    XMLUtils.addReturnToElement(this.constructionElement);

    this.baseURI = baseURI;
    this.signedInfo =
        new SignedInfo(
            this.doc, signatureMethodURI, hmacOutputLength, canonicalizationMethodURI
        );

    this.constructionElement.appendChild(this.signedInfo.getElement());
    XMLUtils.addReturnToElement(this.constructionElement);

    // create an empty SignatureValue; this is filled by setSignatureValueElement
    signatureValueElement =
        XMLUtils.createElementInSignatureSpace(this.doc, Constants._TAG_SIGNATUREVALUE);

    this.constructionElement.appendChild(signatureValueElement);
    XMLUtils.addReturnToElement(this.constructionElement);
}
 
Example 25
protected XMLSignatureInput enginePerformTransform(
    XMLSignatureInput input, OutputStream os, Transform transformObject
) throws CanonicalizationException {
    try {
        String inclusiveNamespaces = null;

        if (transformObject.length(
            InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
            InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES) == 1
        ) {
            Element inclusiveElement =
                XMLUtils.selectNode(
                    transformObject.getElement().getFirstChild(),
                    InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
                    InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,
                    0
                );

            inclusiveNamespaces =
                new InclusiveNamespaces(
                    inclusiveElement, transformObject.getBaseURI()
                ).getInclusiveNamespaces();
        }

        Canonicalizer20010315ExclWithComments c14n =
            new Canonicalizer20010315ExclWithComments();
        if (os != null) {
            c14n.setWriter(os);
        }
        byte[] result = c14n.engineCanonicalize(input, inclusiveNamespaces);
        XMLSignatureInput output = new XMLSignatureInput(result);

        return output;
    } catch (XMLSecurityException ex) {
        throw new CanonicalizationException("empty", ex);
    }
}
 
Example 26
protected XMLSignatureInput enginePerformTransform(
    XMLSignatureInput input, OutputStream os, Transform transformObject
) throws CanonicalizationException {
    try {
        String inclusiveNamespaces = null;

        if (transformObject.length(
            InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
            InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES) == 1
        ) {
            Element inclusiveElement =
                XMLUtils.selectNode(
                    transformObject.getElement().getFirstChild(),
                    InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
                    InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,
                    0
                );

            inclusiveNamespaces =
                new InclusiveNamespaces(
                    inclusiveElement, transformObject.getBaseURI()
                ).getInclusiveNamespaces();
        }

        Canonicalizer20010315ExclWithComments c14n =
            new Canonicalizer20010315ExclWithComments();
        if (os != null) {
            c14n.setWriter(os);
        }
        byte[] result = c14n.engineCanonicalize(input, inclusiveNamespaces);
        XMLSignatureInput output = new XMLSignatureInput(result);

        return output;
    } catch (XMLSecurityException ex) {
        throw new CanonicalizationException("empty", ex);
    }
}
 
Example 27
Source Project: JDKSourceCode1.8   Source File: ElementProxy.java    License: MIT License 5 votes vote down vote up
/**
 * Method getBytesFromChildElement
 * @deprecated
 * @param localname
 * @param namespace
 * @return the bytes
 * @throws XMLSecurityException
 */
@Deprecated
public byte[] getBytesFromChildElement(String localname, String namespace)
    throws XMLSecurityException {
    Element e =
        XMLUtils.selectNode(
            this.constructionElement.getFirstChild(), namespace, localname, 0
        );

    return Base64.decode(e);
}
 
Example 28
Source Project: openjdk-8   Source File: PrivateKeyResolver.java    License: GNU General Public License v2.0 5 votes vote down vote up
private PrivateKey resolveX509SKI(XMLX509SKI x509SKI) throws XMLSecurityException, KeyStoreException {
    log.log(java.util.logging.Level.FINE, "Can I resolve X509SKI?");

    Enumeration<String> aliases = keyStore.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (keyStore.isKeyEntry(alias)) {

            Certificate cert = keyStore.getCertificate(alias);
            if (cert instanceof X509Certificate) {
                XMLX509SKI certSKI = new XMLX509SKI(x509SKI.getDocument(), (X509Certificate) cert);

                if (certSKI.equals(x509SKI)) {
                    log.log(java.util.logging.Level.FINE, "match !!! ");

                    try {
                        Key key = keyStore.getKey(alias, password);
                        if (key instanceof PrivateKey) {
                            return (PrivateKey) key;
                        }
                    } catch (Exception e) {
                        log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
                        // Keep searching
                    }
                }
            }
        }
    }

    return null;
}
 
Example 29
/**
 * Adds an xmlns: definition to the Element. This can be called as follows:
 *
 * <PRE>
 * // set namespace with ds prefix
 * xpathContainer.setXPathNamespaceContext("ds", "http://www.w3.org/2000/09/xmldsig#");
 * xpathContainer.setXPathNamespaceContext("xmlns:ds", "http://www.w3.org/2000/09/xmldsig#");
 * </PRE>
 *
 * @param prefix
 * @param uri
 * @throws XMLSecurityException
 */
public void setXPathNamespaceContext(String prefix, String uri)
    throws XMLSecurityException {
    String ns;

    if ((prefix == null) || (prefix.length() == 0)) {
        throw new XMLSecurityException("defaultNamespaceCannotBeSetHere");
    } else if (prefix.equals("xmlns")) {
        throw new XMLSecurityException("defaultNamespaceCannotBeSetHere");
    } else if (prefix.startsWith("xmlns:")) {
        ns = prefix;//"xmlns:" + prefix.substring("xmlns:".length());
    } else {
        ns = "xmlns:" + prefix;
    }

    Attr a = this.constructionElement.getAttributeNodeNS(Constants.NamespaceSpecNS, ns);

    if (a != null) {
        if (!a.getNodeValue().equals(uri)) {
            Object exArgs[] = { ns, this.constructionElement.getAttributeNS(null, ns) };

            throw new XMLSecurityException("namespacePrefixAlreadyUsedByOtherURI", exArgs);
        }
        return;
    }

    this.constructionElement.setAttributeNS(Constants.NamespaceSpecNS, ns, uri);
}
 
Example 30
Source Project: JDKSourceCode1.8   Source File: KeyInfo.java    License: MIT License 5 votes vote down vote up
/**
 * Method itemDEREncodedKeyValue
 *
 * @param i
 * @return the asked DEREncodedKeyValue element, null if the index is too big
 * @throws XMLSecurityException
 */
public DEREncodedKeyValue itemDEREncodedKeyValue(int i) throws XMLSecurityException {
    Element e =
        XMLUtils.selectDs11Node(
            this.constructionElement.getFirstChild(), Constants._TAG_DERENCODEDKEYVALUE, i);

    if (e != null) {
        return new DEREncodedKeyValue(e, this.baseURI);
    }
    return null;
}