com.sun.org.apache.xml.internal.security.algorithms.MessageDigestAlgorithm Java Examples

The following examples show how to use com.sun.org.apache.xml.internal.security.algorithms.MessageDigestAlgorithm. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: Reference.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #2
Source File: XMLCipher.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Construct a Cipher object
 */
private Cipher constructCipher(String algorithm, String digestAlgorithm) throws XMLEncryptionException {
    String jceAlgorithm = JCEMapper.translateURItoJCEID(algorithm);
    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
    }

    Cipher c;
    try {
        if (requestedJCEProvider == null) {
            c = Cipher.getInstance(jceAlgorithm);
        } else {
            c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
        }
    } catch (NoSuchAlgorithmException nsae) {
        // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
        // Some JDKs don't support RSA/ECB/OAEPPadding
        if (XMLCipher.RSA_OAEP.equals(algorithm)
            && (digestAlgorithm == null
                || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm))) {
            try {
                if (requestedJCEProvider == null) {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
                } else {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
                }
            } catch (Exception ex) {
                throw new XMLEncryptionException("empty", ex);
            }
        } else {
            throw new XMLEncryptionException("empty", nsae);
        }
    } catch (NoSuchProviderException nspre) {
        throw new XMLEncryptionException("empty", nspre);
    } catch (NoSuchPaddingException nspae) {
        throw new XMLEncryptionException("empty", nspae);
    }

    return c;
}
 
Example #3
Source File: IntegrityHmac.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #4
Source File: Reference.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #5
Source File: Reference.java    From JDKSourceCode1.8 with MIT License 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #6
Source File: XMLCipher.java    From JDKSourceCode1.8 with MIT License 6 votes vote down vote up
/**
 * Construct a Cipher object
 */
private Cipher constructCipher(String algorithm, String digestAlgorithm) throws XMLEncryptionException {
    String jceAlgorithm = JCEMapper.translateURItoJCEID(algorithm);
    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
    }

    Cipher c;
    try {
        if (requestedJCEProvider == null) {
            c = Cipher.getInstance(jceAlgorithm);
        } else {
            c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
        }
    } catch (NoSuchAlgorithmException nsae) {
        // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
        // Some JDKs don't support RSA/ECB/OAEPPadding
        if (XMLCipher.RSA_OAEP.equals(algorithm)
            && (digestAlgorithm == null
                || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm))) {
            try {
                if (requestedJCEProvider == null) {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
                } else {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
                }
            } catch (Exception ex) {
                throw new XMLEncryptionException("empty", ex);
            }
        } else {
            throw new XMLEncryptionException("empty", nsae);
        }
    } catch (NoSuchProviderException nspre) {
        throw new XMLEncryptionException("empty", nspre);
    } catch (NoSuchPaddingException nspae) {
        throw new XMLEncryptionException("empty", nspae);
    }

    return c;
}
 
Example #7
Source File: IntegrityHmac.java    From JDKSourceCode1.8 with MIT License 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #8
Source File: Reference.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns {@link MessageDigestAlgorithm}
 *
 *
 * @return {@link MessageDigestAlgorithm}
 *
 * @throws XMLSignatureException
 */
public MessageDigestAlgorithm getMessageDigestAlgorithm() throws XMLSignatureException {
    if (digestMethodElem == null) {
        return null;
    }

    String uri = digestMethodElem.getAttributeNS(null, Constants._ATT_ALGORITHM);

    if (uri == null) {
        return null;
    }

    if (secureValidation && MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(uri)) {
        Object exArgs[] = { uri };

        throw new XMLSignatureException("signature.signatureAlgorithm", exArgs);
    }

    return MessageDigestAlgorithm.getInstance(this.doc, uri);
}
 
Example #9
Source File: Reference.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #10
Source File: IntegrityHmac.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #11
Source File: Reference.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns {@link MessageDigestAlgorithm}
 *
 *
 * @return {@link MessageDigestAlgorithm}
 *
 * @throws XMLSignatureException
 */
public MessageDigestAlgorithm getMessageDigestAlgorithm() throws XMLSignatureException {
    if (digestMethodElem == null) {
        return null;
    }

    String uri = digestMethodElem.getAttributeNS(null, Constants._ATT_ALGORITHM);

    if (uri == null) {
        return null;
    }

    if (secureValidation && MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(uri)) {
        Object exArgs[] = { uri };

        throw new XMLSignatureException("signature.signatureAlgorithm", exArgs);
    }

    return MessageDigestAlgorithm.getInstance(this.doc, uri);
}
 
Example #12
Source File: IntegrityHmac.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #13
Source File: Reference.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #14
Source File: Reference.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #15
Source File: IntegrityHmac.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #16
Source File: Reference.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #17
Source File: IntegrityHmac.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #18
Source File: Reference.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns {@link MessageDigestAlgorithm}
 *
 *
 * @return {@link MessageDigestAlgorithm}
 *
 * @throws XMLSignatureException
 */
public MessageDigestAlgorithm getMessageDigestAlgorithm() throws XMLSignatureException {
    if (digestMethodElem == null) {
        return null;
    }

    String uri = digestMethodElem.getAttributeNS(null, Constants._ATT_ALGORITHM);

    if (uri == null) {
        return null;
    }

    if (secureValidation && MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(uri)) {
        Object exArgs[] = { uri };

        throw new XMLSignatureException("signature.signatureAlgorithm", exArgs);
    }

    return MessageDigestAlgorithm.getInstance(this.doc, uri);
}
 
Example #19
Source File: Reference.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #20
Source File: XMLCipher.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Construct a Cipher object
 */
private Cipher constructCipher(String algorithm, String digestAlgorithm) throws XMLEncryptionException {
    String jceAlgorithm = JCEMapper.translateURItoJCEID(algorithm);
    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
    }

    Cipher c;
    try {
        if (requestedJCEProvider == null) {
            c = Cipher.getInstance(jceAlgorithm);
        } else {
            c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
        }
    } catch (NoSuchAlgorithmException nsae) {
        // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
        // Some JDKs don't support RSA/ECB/OAEPPadding
        if (XMLCipher.RSA_OAEP.equals(algorithm)
            && (digestAlgorithm == null
                || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm))) {
            try {
                if (requestedJCEProvider == null) {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
                } else {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
                }
            } catch (Exception ex) {
                throw new XMLEncryptionException("empty", ex);
            }
        } else {
            throw new XMLEncryptionException("empty", nsae);
        }
    } catch (NoSuchProviderException nspre) {
        throw new XMLEncryptionException("empty", nspre);
    } catch (NoSuchPaddingException nspae) {
        throw new XMLEncryptionException("empty", nspae);
    }

    return c;
}
 
Example #21
Source File: IntegrityHmac.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #22
Source File: Reference.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns {@link MessageDigestAlgorithm}
 *
 *
 * @return {@link MessageDigestAlgorithm}
 *
 * @throws XMLSignatureException
 */
public MessageDigestAlgorithm getMessageDigestAlgorithm() throws XMLSignatureException {
    if (digestMethodElem == null) {
        return null;
    }

    String uri = digestMethodElem.getAttributeNS(null, Constants._ATT_ALGORITHM);

    if (uri == null) {
        return null;
    }

    if (secureValidation && MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(uri)) {
        Object exArgs[] = { uri };

        throw new XMLSignatureException("signature.signatureAlgorithm", exArgs);
    }

    return MessageDigestAlgorithm.getInstance(this.doc, uri);
}
 
Example #23
Source File: Reference.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #24
Source File: XMLCipher.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Construct a Cipher object
 */
private Cipher constructCipher(String algorithm, String digestAlgorithm) throws XMLEncryptionException {
    String jceAlgorithm = JCEMapper.translateURItoJCEID(algorithm);
    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
    }

    Cipher c;
    try {
        if (requestedJCEProvider == null) {
            c = Cipher.getInstance(jceAlgorithm);
        } else {
            c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
        }
    } catch (NoSuchAlgorithmException nsae) {
        // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
        // Some JDKs don't support RSA/ECB/OAEPPadding
        if (XMLCipher.RSA_OAEP.equals(algorithm)
            && (digestAlgorithm == null
                || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm))) {
            try {
                if (requestedJCEProvider == null) {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
                } else {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
                }
            } catch (Exception ex) {
                throw new XMLEncryptionException("empty", ex);
            }
        } else {
            throw new XMLEncryptionException("empty", nsae);
        }
    } catch (NoSuchProviderException nspre) {
        throw new XMLEncryptionException("empty", nspre);
    } catch (NoSuchPaddingException nspae) {
        throw new XMLEncryptionException("empty", nspae);
    }

    return c;
}
 
Example #25
Source File: IntegrityHmac.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #26
Source File: Reference.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns {@link MessageDigestAlgorithm}
 *
 *
 * @return {@link MessageDigestAlgorithm}
 *
 * @throws XMLSignatureException
 */
public MessageDigestAlgorithm getMessageDigestAlgorithm() throws XMLSignatureException {
    if (digestMethodElem == null) {
        return null;
    }

    String uri = digestMethodElem.getAttributeNS(null, Constants._ATT_ALGORITHM);

    if (uri == null) {
        return null;
    }

    if (secureValidation && MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(uri)) {
        Object exArgs[] = { uri };

        throw new XMLSignatureException("signature.signatureAlgorithm", exArgs);
    }

    return MessageDigestAlgorithm.getInstance(this.doc, uri);
}
 
Example #27
Source File: Reference.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}
 
Example #28
Source File: XMLCipher.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Construct a Cipher object
 */
private Cipher constructCipher(String algorithm, String digestAlgorithm) throws XMLEncryptionException {
    String jceAlgorithm = JCEMapper.translateURItoJCEID(algorithm);
    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm);
    }

    Cipher c;
    try {
        if (requestedJCEProvider == null) {
            c = Cipher.getInstance(jceAlgorithm);
        } else {
            c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
        }
    } catch (NoSuchAlgorithmException nsae) {
        // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
        // Some JDKs don't support RSA/ECB/OAEPPadding
        if (XMLCipher.RSA_OAEP.equals(algorithm)
            && (digestAlgorithm == null
                || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm))) {
            try {
                if (requestedJCEProvider == null) {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
                } else {
                    c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
                }
            } catch (Exception ex) {
                throw new XMLEncryptionException("empty", ex);
            }
        } else {
            throw new XMLEncryptionException("empty", nsae);
        }
    } catch (NoSuchProviderException nspre) {
        throw new XMLEncryptionException("empty", nspre);
    } catch (NoSuchPaddingException nspae) {
        throw new XMLEncryptionException("empty", nspae);
    }

    return c;
}
 
Example #29
Source File: IntegrityHmac.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Proxy method for {@link java.security.Signature#verify(byte[])}
 * which is executed on the internal {@link java.security.Signature} object.
 *
 * @param signature
 * @return true if the signature is correct
 * @throws XMLSignatureException
 */
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
    try {
        if (this.HMACOutputLengthSet && this.HMACOutputLength < getDigestLength()) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "HMACOutputLength must not be less than " + getDigestLength());
            }
            Object[] exArgs = { String.valueOf(getDigestLength()) };
            throw new XMLSignatureException("algorithms.HMACOutputLengthMin", exArgs);
        } else {
            byte[] completeResult = this.macAlgorithm.doFinal();
            return MessageDigestAlgorithm.isEqual(completeResult, signature);
        }
    } catch (IllegalStateException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}
 
Example #30
Source File: Reference.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Tests reference validation is success or false
 *
 * @return true if reference validation is success, otherwise false
 * @throws ReferenceNotInitializedException
 * @throws XMLSecurityException
 */
public boolean verify()
    throws ReferenceNotInitializedException, XMLSecurityException {
    byte[] elemDig = this.getDigestValue();
    byte[] calcDig = this.calculateDigest(true);
    boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig);

    if (!equal) {
        log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\"");
        log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig));
        log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig));
    } else {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Verification successful for URI \"" + this.getURI() + "\"");
        }
    }

    return equal;
}