@Override public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { for (Object o : keyInfo.getContent()) { if (o instanceof X509Data) { for (Object o2 : ((X509Data) o).getContent()) { if (o2 instanceof X509Certificate) { final X509Certificate cert = (X509Certificate) o2; return new KeySelectorResult() { public Key getKey() { return cert.getPublicKey(); } }; } } } } return null; }
/** * Marshals a {@link PGPData} * * @param xwriter * @param pgpData * @param dsPrefix * @param context * @throws MarshalException */ public static void marshalPGPData(XmlWriter xwriter, PGPData pgpData, String dsPrefix, XMLCryptoContext context) throws MarshalException { xwriter.writeStartElement(dsPrefix, "PGPData", XMLSignature.XMLNS); // create and append PGPKeyID element byte[] keyId = pgpData.getKeyId(); if (keyId != null) { xwriter.writeTextElement(dsPrefix, "PGPKeyID", XMLSignature.XMLNS, Base64.encode(keyId)); } // create and append PGPKeyPacket element byte[] keyPacket = pgpData.getKeyPacket(); if (keyPacket != null) { xwriter.writeTextElement(dsPrefix, "XMLSignature.XMLNS", XMLSignature.XMLNS, Base64.encode(keyPacket)); } // create and append any elements @SuppressWarnings("unchecked") List<XMLStructure> externalElements = pgpData.getExternalElements(); for (XMLStructure externalItem : externalElements) { xwriter.marshalStructure(externalItem, dsPrefix, context); } xwriter.writeEndElement(); // "PGPData" }
@Override public void marshal(XmlWriter xwriter, String dsPrefix, XMLCryptoContext context) throws MarshalException { xwriter.writeStartElement(dsPrefix, "RetrievalMethod", XMLSignature.XMLNS); // TODO - see whether it is important to capture the "here" attribute as part of the // marshalling - do any of the tests fail? // add URI and Type attributes here = xwriter.writeAttribute("", "", "URI", uri); xwriter.writeAttribute("", "", "Type", type); // add Transforms elements if (!transforms.isEmpty()) { xwriter.writeStartElement(dsPrefix, "Transforms", XMLSignature.XMLNS); for (Transform transform : transforms) { ((DOMTransform)transform).marshal(xwriter, dsPrefix, context); } xwriter.writeEndElement(); // "Transforms" } xwriter.writeEndElement(); // "RetrievalMethod" }
public XMLStructure dereferenceAsXMLStructure(XMLCryptoContext context) throws URIReferenceException { DocumentBuilder db = null; boolean secVal = Utils.secureValidation(context); try { ApacheData data = (ApacheData)dereference(context); db = XMLUtils.createDocumentBuilder(false, secVal); Document doc = db.parse(new ByteArrayInputStream (data.getXMLSignatureInput().getBytes())); Element kiElem = doc.getDocumentElement(); if (kiElem.getLocalName().equals("X509Data") && XMLSignature.XMLNS.equals(kiElem.getNamespaceURI())) { return new DOMX509Data(kiElem); } else { return null; // unsupported } } catch (Exception e) { throw new URIReferenceException(e); } finally { if (db != null) { XMLUtils.repoolDocumentBuilder(db); } } }
private static void marshalInternal(XmlWriter xwriter, KeyInfo ki, String dsPrefix, XMLCryptoContext context, boolean declareNamespace) throws MarshalException { xwriter.writeStartElement(dsPrefix, "KeyInfo", XMLSignature.XMLNS); if (declareNamespace) { xwriter.writeNamespace(dsPrefix, XMLSignature.XMLNS); } xwriter.writeIdAttribute("", "", "Id", ki.getId()); // create and append KeyInfoType elements List<XMLStructure> keyInfoTypes = getContent(ki); for (XMLStructure kiType : keyInfoTypes) { xwriter.marshalStructure(kiType, dsPrefix, context); } xwriter.writeEndElement(); // "KeyInfo" }
@Override public KeySelectorResult select(final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context) throws KeySelectorException { for (final Object object : keyInfo.getContent()) { final XMLStructure info = (XMLStructure) object; if (info instanceof X509Data) { final X509Data x509Data = (X509Data) info; for (final Object certificado : x509Data.getContent()) { if (certificado instanceof X509Certificate) { final X509Certificate x509Certificate = (X509Certificate) certificado; if (this.algEquals(method.getAlgorithm(), x509Certificate.getPublicKey().getAlgorithm())) { return new KeySelectorResult() { @Override public Key getKey() { return x509Certificate.getPublicKey(); } }; } } } } } throw new KeySelectorException("N\u00e3o foi localizada a chave do certificado."); }
@Override public void marshalParams(XMLStructure parent, XMLCryptoContext context) throws MarshalException { LOG.debug("marshallParams(parent,context)"); DOMStructure domParent = (DOMStructure) parent; Node parentNode = domParent.getNode(); Element parentElement = (Element) parentNode; parentElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:mdssi", "http://schemas.openxmlformats.org/package/2006/digital-signature"); Document document = parentNode.getOwnerDocument(); for (String sourceId : this.sourceIds) { Element relationshipReferenceElement = document.createElementNS( "http://schemas.openxmlformats.org/package/2006/digital-signature", "mdssi:RelationshipReference"); relationshipReferenceElement.setAttribute("SourceId", sourceId); parentElement.appendChild(relationshipReferenceElement); } for (String sourceType : this.sourceTypes) { Element relationshipsGroupReferenceElement = document.createElementNS( "http://schemas.openxmlformats.org/package/2006/digital-signature", "mdssi:RelationshipsGroupReference"); relationshipsGroupReferenceElement.setAttribute("SourceType", sourceType); parentElement.appendChild(relationshipsGroupReferenceElement); } }
@Override public Data dereference(URIReference arg0, XMLCryptoContext arg1) throws URIReferenceException { String partPath = arg0.getURI().toString(); System.out.println(partPath + " in package ? " + odfDoc.getPackage().contains(partPath)); // see if our document contains this part, if not dereference using // default dereferencer if (!odfDoc.getPackage().contains(partPath)) { return defaultURIDereferencer.dereference(arg0, arg1); } // return part content as octet stream data InputStream is = odfDoc.getPackage().getInputStream(partPath); OctetStreamData retData = new OctetStreamData(is); return retData; }
@Override public KeySelectorResult select(final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context) throws KeySelectorException { for (final Object object : keyInfo.getContent()) { final XMLStructure info = (XMLStructure) object; if (info instanceof X509Data) { final X509Data x509Data = (X509Data) info; for (final Object certificado : x509Data.getContent()) { if (certificado instanceof X509Certificate) { final X509Certificate x509Certificate = (X509Certificate) certificado; if (this.algEquals(method.getAlgorithm(), x509Certificate.getPublicKey().getAlgorithm())) { return new KeySelectorResult() { @Override public Key getKey() { return x509Certificate.getPublicKey(); } }; } } } } } throw new KeySelectorException("Nao foi localizada a chave do certificado."); }
@Override public KeySelectorResult select ( final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context ) throws KeySelectorException { if ( keyInfo == null ) { throw new KeySelectorException ( "Null KeyInfo object!" ); } final SignatureMethod sm = (SignatureMethod)method; final List<?> list = keyInfo.getContent (); for ( int i = 0; i < list.size (); i++ ) { final XMLStructure xmlStructure = (XMLStructure)list.get ( i ); if ( xmlStructure instanceof KeyValue ) { try { final PublicKey pk = ( (KeyValue)xmlStructure ).getPublicKey (); // make sure algorithm is compatible with method if ( algEquals ( sm.getAlgorithm (), pk.getAlgorithm () ) ) { return new SimpleKeySelectorResult ( pk ); } } catch ( final KeyException ke ) { throw new KeySelectorException ( ke ); } } } throw new KeySelectorException ( "No KeyValue element found!" ); }
@Override public KeySelectorResult select ( final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context ) throws KeySelectorException { if ( keyInfo == null ) { throw new KeySelectorException ( "Null KeyInfo object!" ); } final SignatureMethod sm = (SignatureMethod)method; final List<?> list = keyInfo.getContent (); for ( final Object l : list ) { final XMLStructure xmlStructure = (XMLStructure)l; if ( xmlStructure instanceof X509Data ) { for ( final Object o : ( (X509Data)xmlStructure ).getContent () ) { KeySelectorResult result = null; if ( o instanceof X509Certificate ) { result = findPublicKey ( (X509Certificate)o, sm ); } if ( result != null ) { return result; } } } } throw new KeySelectorException ( "No KeyValue element found!" ); }
@Override public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext context) throws KeySelectorException { if (keyInfo == null) { throw new KeySelectorException("Null KeyInfo object!"); } @SuppressWarnings("unchecked") List<XMLStructure> list = keyInfo.getContent(); for (XMLStructure xmlStructure : list) { if (xmlStructure instanceof X509Data) { X509Data x509Data = (X509Data) xmlStructure; @SuppressWarnings("rawtypes") List content = x509Data.getContent(); for (int i = 0; i < content.size(); i++) { Object x509Content = content.get(i); if (x509Content instanceof X509Certificate) { X509Certificate certificate = (X509Certificate) x509Content; try { return getPublicKeyFromKeystore(certificate, (SignatureMethod) algorithmMethod); } catch (KeyStoreException e) { throw new KeySelectorException(e); } } } } } throw new KeySelectorException("No X509Data element found."); }
@Override public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext context) throws KeySelectorException { if (keyInfo == null) { throw new KeySelectorException("Null KeyInfo object!"); } @SuppressWarnings("unchecked") List<XMLStructure> list = keyInfo.getContent(); for (XMLStructure xmlStructure : list) { if (xmlStructure instanceof KeyValue) { PublicKey publicKey = null; try { publicKey = ((KeyValue) xmlStructure).getPublicKey(); } catch (KeyException ke) { throw new KeySelectorException(ke); } if (algorithmCompatibleWithMethod( algorithmMethod.getAlgorithm(), publicKey.getAlgorithm())) { return new SimpleKeySelectorResult(publicKey); } } } throw new KeySelectorException("No RSA/DSA KeyValue element found"); }
public Data dereference(final URIReference ref, XMLCryptoContext ctx) throws URIReferenceException { String uri = ref.getURI(); if (uri.equals(STYLESHEET) || uri.equals(STYLESHEET_B64)) { try { FileInputStream fis = new FileInputStream(new File (DATA_DIR, uri.substring(uri.lastIndexOf('/')))); return new OctetStreamData(fis,ref.getURI(),ref.getType()); } catch (Exception e) { throw new URIReferenceException(e); } } // fallback on builtin deref return defaultUd.dereference(ref, ctx); }
@Override public Data dereference(final URIReference ref, XMLCryptoContext ctx) throws URIReferenceException { // return static content return new OctetStreamData(new ByteArrayInputStream( "<test>test</test>".getBytes()), ref.getURI(), ref.getType()); }
@Override public void marshalObject(XmlWriter xwriter, KeyValue toMarshal, String dsPrefix, XMLCryptoContext context) throws MarshalException { // Since DOMKeyValue allows for deserializing unrecognized keys, and that // capability isn't available via the KeyValue interface, this must continue // to cast to DOMKeyValue. DOMKeyValue<?> dkv = (DOMKeyValue<?>) toMarshal; dkv.marshal( xwriter, dsPrefix, context); }
/** * Creates a <code>DOMTransform</code> from an element. It unmarshals any * algorithm-specific input parameters. * * @param transElem a Transform element */ public DOMTransform(Element transElem, XMLCryptoContext context, Provider provider) throws MarshalException { String algorithm = DOMUtils.getAttributeValue(transElem, "Algorithm"); if (provider == null) { try { spi = TransformService.getInstance(algorithm, "DOM"); } catch (NoSuchAlgorithmException e1) { throw new MarshalException(e1); } } else { try { spi = TransformService.getInstance(algorithm, "DOM", provider); } catch (NoSuchAlgorithmException nsae) { try { spi = TransformService.getInstance(algorithm, "DOM"); } catch (NoSuchAlgorithmException e2) { throw new MarshalException(e2); } } } try { spi.init(new javax.xml.crypto.dom.DOMStructure(transElem), context); } catch (InvalidAlgorithmParameterException iape) { throw new MarshalException(iape); } }
/** * This method marshals any algorithm-specific parameters. */ public void marshal(XmlWriter xwriter, String dsPrefix, XMLCryptoContext context) throws MarshalException { String parentLocalName = xwriter.getCurrentLocalName(); String localName = parentLocalName.equals("Transforms") ? "Transform" : "CanonicalizationMethod"; xwriter.writeStartElement(dsPrefix, localName, XMLSignature.XMLNS); xwriter.writeAttribute("", "", "Algorithm", getAlgorithm()); javax.xml.crypto.XMLStructure xmlStruct = xwriter.getCurrentNodeAsStructure(); spi.marshalParams(xmlStruct, context); xwriter.writeEndElement(); // "Transforms" or "CanonicalizationMethod" }
@Override public void marshalStructure(XMLStructure toMarshal, String dsPrefix, XMLCryptoContext context) throws MarshalException { // look for the first isInstance match, and marshal to that. for (int idx = 0 ; idx < m_marshallers.size() ; idx++) { @SuppressWarnings("unchecked") XmlWriter.ToMarshal<XMLStructure> marshaller = (ToMarshal<XMLStructure>) m_marshallers.get(idx); if (marshaller.clazzToMatch.isInstance(toMarshal)) { marshaller.marshalObject(this, toMarshal, dsPrefix, context); return; } } throw new IllegalArgumentException("Unable to marshal unexpected object of class " + toMarshal.getClass().toString()); }
/** * Creates a <code>DOMKeyInfo</code> from XML. * * @param kiElem KeyInfo element */ public DOMKeyInfo(Element kiElem, XMLCryptoContext context, Provider provider) throws MarshalException { id = DOMUtils.getIdAttributeValue(kiElem, "Id"); // get all children nodes List<XMLStructure> content = new ArrayList<XMLStructure>(); Node firstChild = kiElem.getFirstChild(); if (firstChild == null) { throw new MarshalException("KeyInfo must contain at least one type"); } while (firstChild != null) { if (firstChild.getNodeType() == Node.ELEMENT_NODE) { Element childElem = (Element)firstChild; String localName = childElem.getLocalName(); String namespace = childElem.getNamespaceURI(); if (localName.equals("X509Data") && XMLSignature.XMLNS.equals(namespace)) { content.add(new DOMX509Data(childElem)); } else if (localName.equals("KeyName") && XMLSignature.XMLNS.equals(namespace)) { content.add(new DOMKeyName(childElem)); } else if (localName.equals("KeyValue") && XMLSignature.XMLNS.equals(namespace)) { content.add(DOMKeyValue.unmarshal(childElem)); } else if (localName.equals("RetrievalMethod") && XMLSignature.XMLNS.equals(namespace)) { content.add(new DOMRetrievalMethod(childElem, context, provider)); } else if (localName.equals("PGPData") && XMLSignature.XMLNS.equals(namespace)) { content.add(new DOMPGPData(childElem)); } else { //may be MgmtData, SPKIData or element from other namespace content.add(new javax.xml.crypto.dom.DOMStructure(childElem)); } } firstChild = firstChild.getNextSibling(); } keyInfoTypes = Collections.unmodifiableList(content); }
@Override public void marshal(XMLStructure parent, XMLCryptoContext context) throws MarshalException { if (parent == null) { throw new NullPointerException("parent is null"); } if (!(parent instanceof javax.xml.crypto.dom.DOMStructure)) { throw new ClassCastException("parent must be of type DOMStructure"); } internalMarshal( (javax.xml.crypto.dom.DOMStructure) parent, context); }
private void internalMarshal(javax.xml.crypto.dom.DOMStructure parent, XMLCryptoContext context) throws MarshalException { Node pNode = parent.getNode(); String dsPrefix = DOMUtils.getSignaturePrefix(context); Node nextSibling = null; if (context instanceof DOMSignContext) { nextSibling = ((DOMSignContext)context).getNextSibling(); } XmlWriterToTree xwriter = new XmlWriterToTree(Marshaller.getMarshallers(), pNode, nextSibling); marshalInternal(xwriter, this, dsPrefix, context, true); }
public Data dereference(final URIReference ref, XMLCryptoContext ctx) throws URIReferenceException { dereferenced = true; // fallback return ud.dereference(ref, ctx); }
public Data dereference(URIReference ref, XMLCryptoContext ctxt) { return new NodeSetData() { public Iterator<Node> iterator() { return Collections.singletonList(data).iterator(); } }; }
public Data dereference(URIReference uriReference, XMLCryptoContext context) throws URIReferenceException { String uri = uriReference.getURI(); if (uriMap.containsKey(uri)) { try { FileInputStream fis = new FileInputStream(uriMap.get(uri)); return new OctetStreamData( fis, uriReference.getURI(), uriReference.getType()); } catch (Exception e) { throw new URIReferenceException(e); } } // fallback on builtin deref return ud.dereference(uriReference, context); }
protected void setCryptoContextProperties(XMLCryptoContext cryptoContext) { Map<String, ? extends Object> props = getConfiguration().getCryptoContextProperties(); if (props == null) { return; } for (String prop : props.keySet()) { Object val = props.get(prop); cryptoContext.setProperty(prop, val); LOG.debug("Context property {} set to value {}", prop, val); } }
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { if (keyInfo == null) { throw new KeySelectorException("Null KeyInfo object!"); } SignatureMethod sm = (SignatureMethod) method; @SuppressWarnings("rawtypes") List list = keyInfo.getContent(); for (int i = 0; i < list.size(); i++) { XMLStructure xmlStructure = (XMLStructure) list.get(i); if (xmlStructure instanceof KeyValue) { PublicKey pk = null; try { pk = ((KeyValue) xmlStructure).getPublicKey(); } catch (KeyException ke) { throw new KeySelectorException(ke); } // make sure algorithm is compatible with method if (algEquals(sm.getAlgorithm(), pk.getAlgorithm())) { return new SimpleKeySelectorResult(pk); } } } throw new KeySelectorException("No KeyValue element found!"); }
