/*
 * reserved comment block
 * DO NOT REMOVE OR ALTER!
 */
Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
/** * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */
/* * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMXMLSignatureFactory.java 1854026 2019-02-21 09:30:01Z coheigea $ */ package org.jcp.xml.dsig.internal.dom; import javax.xml.crypto.*; import javax.xml.crypto.dom.DOMCryptoContext; import javax.xml.crypto.dsig.*; import javax.xml.crypto.dsig.dom.DOMValidateContext; import javax.xml.crypto.dsig.keyinfo.*; import javax.xml.crypto.dsig.spec.*; import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.util.List; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node;
DOM-based implementation of XMLSignatureFactory.
/** * DOM-based implementation of XMLSignatureFactory. * */
public final class DOMXMLSignatureFactory extends XMLSignatureFactory {
Initializes a new instance of this class.
/** * Initializes a new instance of this class. */
public DOMXMLSignatureFactory() {} public XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki) { return new DOMXMLSignature(si, ki, null, null, null); } @SuppressWarnings({ "unchecked", "rawtypes" }) public XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki, List objects, String id, String signatureValueId) { return new DOMXMLSignature(si, ki, objects, id, signatureValueId); } public Reference newReference(String uri, DigestMethod dm) { return newReference(uri, dm, null, null, null); } @SuppressWarnings({ "unchecked", "rawtypes" }) public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id) { return new DOMReference(uri, type, dm, transforms, id, getProvider()); } @Override @SuppressWarnings({ "unchecked", "rawtypes" }) public Reference newReference(String uri, DigestMethod dm, List appliedTransforms, Data result, List transforms, String type, String id) { if (appliedTransforms == null) { throw new NullPointerException("appliedTransforms cannot be null"); } if (appliedTransforms.isEmpty()) { throw new NullPointerException("appliedTransforms cannot be empty"); } if (result == null) { throw new NullPointerException("result cannot be null"); } return new DOMReference (uri, type, dm, appliedTransforms, result, transforms, id, getProvider()); } @SuppressWarnings({ "unchecked", "rawtypes" }) public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id, byte[] digestValue) { if (digestValue == null) { throw new NullPointerException("digestValue cannot be null"); } return new DOMReference (uri, type, dm, null, null, transforms, id, digestValue, getProvider()); } @SuppressWarnings({ "rawtypes" }) public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references) { return newSignedInfo(cm, sm, references, null); } @SuppressWarnings({ "unchecked", "rawtypes" }) public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references, String id) { return new DOMSignedInfo(cm, sm, references, id); } // Object factory methods @SuppressWarnings({ "unchecked", "rawtypes" }) public XMLObject newXMLObject(List content, String id, String mimeType, String encoding) { return new DOMXMLObject(content, id, mimeType, encoding); } @SuppressWarnings({ "rawtypes" }) public Manifest newManifest(List references) { return newManifest(references, null); } @SuppressWarnings({ "unchecked", "rawtypes" }) public Manifest newManifest(List references, String id) { return new DOMManifest(references, id); } @SuppressWarnings({ "unchecked", "rawtypes" }) public SignatureProperties newSignatureProperties(List props, String id) { return new DOMSignatureProperties(props, id); } @SuppressWarnings({ "unchecked", "rawtypes" }) public SignatureProperty newSignatureProperty (List info, String target, String id) { return new DOMSignatureProperty(info, target, id); } public XMLSignature unmarshalXMLSignature(XMLValidateContext context) throws MarshalException { if (context == null) { throw new NullPointerException("context cannot be null"); } return unmarshal(((DOMValidateContext) context).getNode(), context); } public XMLSignature unmarshalXMLSignature(XMLStructure xmlStructure) throws MarshalException { if (xmlStructure == null) { throw new NullPointerException("xmlStructure cannot be null"); } if (!(xmlStructure instanceof javax.xml.crypto.dom.DOMStructure)) { throw new ClassCastException("xmlStructure must be of type DOMStructure"); } return unmarshal (((javax.xml.crypto.dom.DOMStructure) xmlStructure).getNode(), new UnmarshalContext()); } private static class UnmarshalContext extends DOMCryptoContext { UnmarshalContext() {} } private XMLSignature unmarshal(Node node, XMLCryptoContext context) throws MarshalException { node.normalize(); Element element = null; if (node.getNodeType() == Node.DOCUMENT_NODE) { element = ((Document) node).getDocumentElement(); } else if (node.getNodeType() == Node.ELEMENT_NODE) { element = (Element) node; } else { throw new MarshalException ("Signature element is not a proper Node"); } // check tag String tag = element.getLocalName(); String namespace = element.getNamespaceURI(); if (tag == null || namespace == null) { throw new MarshalException("Document implementation must " + "support DOM Level 2 and be namespace aware"); } if ("Signature".equals(tag) && XMLSignature.XMLNS.equals(namespace)) { try { return new DOMXMLSignature(element, context, getProvider()); } catch (MarshalException me) { throw me; } catch (Exception e) { throw new MarshalException(e); } } else { throw new MarshalException("Invalid Signature tag: " + namespace + ":" + tag); } } public boolean isFeatureSupported(String feature) { if (feature == null) { throw new NullPointerException(); } else { return false; } } public DigestMethod newDigestMethod(String algorithm, DigestMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { if (algorithm == null) { throw new NullPointerException(); } if (algorithm.equals(DigestMethod.SHA1)) { return new DOMDigestMethod.SHA1(params); } else if (algorithm.equals(DOMDigestMethod.SHA224)) { return new DOMDigestMethod.SHA224(params); } else if (algorithm.equals(DigestMethod.SHA256)) { return new DOMDigestMethod.SHA256(params); } else if (algorithm.equals(DOMDigestMethod.SHA384)) { return new DOMDigestMethod.SHA384(params); } else if (algorithm.equals(DigestMethod.SHA512)) { return new DOMDigestMethod.SHA512(params); } else if (algorithm.equals(DigestMethod.RIPEMD160)) { return new DOMDigestMethod.RIPEMD160(params); } else if (algorithm.equals(DOMDigestMethod.WHIRLPOOL)) { return new DOMDigestMethod.WHIRLPOOL(params); } else if (algorithm.equals(DOMDigestMethod.SHA3_224)) { return new DOMDigestMethod.SHA3_224(params); } else if (algorithm.equals(DOMDigestMethod.SHA3_256)) { return new DOMDigestMethod.SHA3_256(params); } else if (algorithm.equals(DOMDigestMethod.SHA3_384)) { return new DOMDigestMethod.SHA3_384(params); } else if (algorithm.equals(DOMDigestMethod.SHA3_512)) { return new DOMDigestMethod.SHA3_512(params); } else { throw new NoSuchAlgorithmException("unsupported algorithm"); } } public SignatureMethod newSignatureMethod(String algorithm, SignatureMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { if (algorithm == null) { throw new NullPointerException(); } if (algorithm.equals(SignatureMethod.RSA_SHA1)) { return new DOMSignatureMethod.SHA1withRSA(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA224)) { return new DOMSignatureMethod.SHA224withRSA(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA256)) { return new DOMSignatureMethod.SHA256withRSA(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA384)) { return new DOMSignatureMethod.SHA384withRSA(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA512)) { return new DOMSignatureMethod.SHA512withRSA(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_RIPEMD160)) { return new DOMSignatureMethod.RIPEMD160withRSA(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA1_MGF1)) { return new DOMSignatureMethod.SHA1withRSAandMGF1(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA224_MGF1)) { return new DOMSignatureMethod.SHA224withRSAandMGF1(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA256_MGF1)) { return new DOMSignatureMethod.SHA256withRSAandMGF1(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA384_MGF1)) { return new DOMSignatureMethod.SHA384withRSAandMGF1(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_SHA512_MGF1)) { return new DOMSignatureMethod.SHA512withRSAandMGF1(params); } else if (algorithm.equals(DOMSignatureMethod.RSA_RIPEMD160_MGF1)) { return new DOMSignatureMethod.RIPEMD160withRSAandMGF1(params); } else if (algorithm.equals(SignatureMethod.DSA_SHA1)) { return new DOMSignatureMethod.SHA1withDSA(params); } else if (algorithm.equals(DOMSignatureMethod.DSA_SHA256)) { return new DOMSignatureMethod.SHA256withDSA(params); } else if (algorithm.equals(SignatureMethod.HMAC_SHA1)) { return new DOMHMACSignatureMethod.SHA1(params); } else if (algorithm.equals(DOMHMACSignatureMethod.HMAC_SHA224)) { return new DOMHMACSignatureMethod.SHA224(params); } else if (algorithm.equals(DOMHMACSignatureMethod.HMAC_SHA256)) { return new DOMHMACSignatureMethod.SHA256(params); } else if (algorithm.equals(DOMHMACSignatureMethod.HMAC_SHA384)) { return new DOMHMACSignatureMethod.SHA384(params); } else if (algorithm.equals(DOMHMACSignatureMethod.HMAC_SHA512)) { return new DOMHMACSignatureMethod.SHA512(params); } else if (algorithm.equals(DOMHMACSignatureMethod.HMAC_RIPEMD160)) { return new DOMHMACSignatureMethod.RIPEMD160(params); } else if (algorithm.equals(DOMSignatureMethod.ECDSA_SHA1)) { return new DOMSignatureMethod.SHA1withECDSA(params); } else if (algorithm.equals(DOMSignatureMethod.ECDSA_SHA224)) { return new DOMSignatureMethod.SHA224withECDSA(params); } else if (algorithm.equals(DOMSignatureMethod.ECDSA_SHA256)) { return new DOMSignatureMethod.SHA256withECDSA(params); } else if (algorithm.equals(DOMSignatureMethod.ECDSA_SHA384)) { return new DOMSignatureMethod.SHA384withECDSA(params); } else if (algorithm.equals(DOMSignatureMethod.ECDSA_SHA512)) { return new DOMSignatureMethod.SHA512withECDSA(params); } else if (algorithm.equals(DOMSignatureMethod.ECDSA_RIPEMD160)) { return new DOMSignatureMethod.RIPEMD160withECDSA(params); }else { throw new NoSuchAlgorithmException("unsupported algorithm"); } } public Transform newTransform(String algorithm, TransformParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { TransformService spi; if (getProvider() == null) { spi = TransformService.getInstance(algorithm, "DOM"); } else { try { spi = TransformService.getInstance(algorithm, "DOM", getProvider()); } catch (NoSuchAlgorithmException nsae) { spi = TransformService.getInstance(algorithm, "DOM"); } } spi.init(params); return new DOMTransform(spi); } public Transform newTransform(String algorithm, XMLStructure params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { TransformService spi; if (getProvider() == null) { spi = TransformService.getInstance(algorithm, "DOM"); } else { try { spi = TransformService.getInstance(algorithm, "DOM", getProvider()); } catch (NoSuchAlgorithmException nsae) { spi = TransformService.getInstance(algorithm, "DOM"); } } if (params == null) { spi.init(null); } else { spi.init(params, null); } return new DOMTransform(spi); } public CanonicalizationMethod newCanonicalizationMethod(String algorithm, C14NMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { TransformService spi; if (getProvider() == null) { spi = TransformService.getInstance(algorithm, "DOM"); } else { try { spi = TransformService.getInstance(algorithm, "DOM", getProvider()); } catch (NoSuchAlgorithmException nsae) { spi = TransformService.getInstance(algorithm, "DOM"); } } spi.init(params); return new DOMCanonicalizationMethod(spi); } public CanonicalizationMethod newCanonicalizationMethod(String algorithm, XMLStructure params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { TransformService spi; if (getProvider() == null) { spi = TransformService.getInstance(algorithm, "DOM"); } else { try { spi = TransformService.getInstance(algorithm, "DOM", getProvider()); } catch (NoSuchAlgorithmException nsae) { spi = TransformService.getInstance(algorithm, "DOM"); } } if (params == null) { spi.init(null); } else { spi.init(params, null); } return new DOMCanonicalizationMethod(spi); } public URIDereferencer getURIDereferencer() { return DOMURIDereferencer.INSTANCE; } }