Example 6 with XMLSecurityException
use of com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException in project jdk8u_jdk by JetBrains.
the class X509SubjectNameResolver method engineLookupResolveX509Certificate.
/**
* Method engineResolveX509Certificate
* @inheritDoc
* @param element
* @param baseURI
* @param storage
*
* @throws KeyResolverException
*/
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
}
Element[] x509childNodes = null;
XMLX509SubjectName[] x509childObject = null;
if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I can't");
}
return null;
}
x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509SUBJECTNAME);
if (!((x509childNodes != null) && (x509childNodes.length > 0))) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "I can't");
}
return null;
}
try {
if (storage == null) {
Object[] exArgs = { Constants._TAG_X509SUBJECTNAME };
KeyResolverException ex = new KeyResolverException("KeyResolver.needStorageResolver", exArgs);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "", ex);
}
throw ex;
}
x509childObject = new XMLX509SubjectName[x509childNodes.length];
for (int i = 0; i < x509childNodes.length; i++) {
x509childObject[i] = new XMLX509SubjectName(x509childNodes[i], baseURI);
}
Iterator<Certificate> storageIterator = storage.getIterator();
while (storageIterator.hasNext()) {
X509Certificate cert = (X509Certificate) storageIterator.next();
XMLX509SubjectName certSN = new XMLX509SubjectName(element.getOwnerDocument(), cert);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName());
}
for (int i = 0; i < x509childObject.length; i++) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Found Element SN: " + x509childObject[i].getSubjectName());
}
if (certSN.equals(x509childObject[i])) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
}
return cert;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "no match...");
}
}
}
return null;
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
}
throw new KeyResolverException("generic.EmptyMessage", ex);
}
}
Also used :
Element(org.w3c.dom.Element)
KeyResolverException(com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException)
XMLX509SubjectName(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName)
X509Certificate(java.security.cert.X509Certificate)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 7 with XMLSecurityException
use of com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException in project jdk8u_jdk by JetBrains.
the class Reference method getContentsAfterTransformation.
private XMLSignatureInput getContentsAfterTransformation(XMLSignatureInput input, OutputStream os) throws XMLSignatureException {
try {
Transforms transforms = this.getTransforms();
XMLSignatureInput output = null;
if (transforms != null) {
output = transforms.performTransforms(input, os);
//new XMLSignatureInput(output.getBytes());
this.transformsOutput = output;
//this.transformsOutput.setSourceURI(output.getSourceURI());
} else {
output = input;
}
return output;
} catch (ResourceResolverException ex) {
throw new XMLSignatureException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLSignatureException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
throw new XMLSignatureException("empty", ex);
} catch (TransformationException ex) {
throw new XMLSignatureException("empty", ex);
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}
}
Also used :
TransformationException(com.sun.org.apache.xml.internal.security.transforms.TransformationException)
CanonicalizationException(com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException)
InvalidCanonicalizerException(com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException)
Transforms(com.sun.org.apache.xml.internal.security.transforms.Transforms)
ResourceResolverException(com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
Example 8 with XMLSecurityException
use of com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException in project jdk8u_jdk by JetBrains.
the class Reference method getHTMLRepresentation.
/**
* Method getHTMLRepresentation
* @return The HTML of the transformation
* @throws XMLSignatureException
*/
public String getHTMLRepresentation() throws XMLSignatureException {
try {
XMLSignatureInput nodes = this.getNodesetBeforeFirstCanonicalization();
Transforms transforms = this.getTransforms();
Transform c14nTransform = null;
if (transforms != null) {
doTransforms: for (int i = 0; i < transforms.getLength(); i++) {
Transform t = transforms.item(i);
String uri = t.getURI();
if (uri.equals(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS) || uri.equals(Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS)) {
c14nTransform = t;
break doTransforms;
}
}
}
Set<String> inclusiveNamespaces = new HashSet<String>();
if (c14nTransform != null && (c14nTransform.length(InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES) == 1)) {
// there is one InclusiveNamespaces element
InclusiveNamespaces in = new InclusiveNamespaces(XMLUtils.selectNode(c14nTransform.getElement().getFirstChild(), InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES, 0), this.getBaseURI());
inclusiveNamespaces = InclusiveNamespaces.prefixStr2Set(in.getInclusiveNamespaces());
}
return nodes.getHTMLRepresentation(inclusiveNamespaces);
} catch (TransformationException ex) {
throw new XMLSignatureException("empty", ex);
} catch (InvalidTransformException ex) {
throw new XMLSignatureException("empty", ex);
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}
}
Also used :
InvalidTransformException(com.sun.org.apache.xml.internal.security.transforms.InvalidTransformException)
TransformationException(com.sun.org.apache.xml.internal.security.transforms.TransformationException)
Transforms(com.sun.org.apache.xml.internal.security.transforms.Transforms)
InclusiveNamespaces(com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces)
Transform(com.sun.org.apache.xml.internal.security.transforms.Transform)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
HashSet(java.util.HashSet)
Example 9 with XMLSecurityException
use of com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException in project jdk8u_jdk by JetBrains.
the class XMLSignature method checkSignatureValue.
/**
* Verifies if the signature is valid by redigesting all References,
* comparing those against the stored DigestValues and then checking to see
* if the Signatures match on the SignedInfo.
*
* @param pk {@link java.security.PublicKey} part of the keypair or
* {@link javax.crypto.SecretKey} that was used to sign
* @return true if the signature is valid, false otherwise
* @throws XMLSignatureException
*/
public boolean checkSignatureValue(Key pk) throws XMLSignatureException {
//check to see if the key is not null
if (pk == null) {
Object[] exArgs = { "Didn't get a key" };
throw new XMLSignatureException("empty", exArgs);
}
// References inside a Manifest.
try {
SignedInfo si = this.getSignedInfo();
//create a SignatureAlgorithms from the SignatureMethod inside
//SignedInfo. This is used to validate the signature.
SignatureAlgorithm sa = si.getSignatureAlgorithm();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "signatureMethodURI = " + sa.getAlgorithmURI());
log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString());
log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName());
log.log(java.util.logging.Level.FINE, "PublicKey = " + pk);
}
byte[] sigBytes = null;
try {
sa.initVerify(pk);
// Get the canonicalized (normalized) SignedInfo
SignerOutputStream so = new SignerOutputStream(sa);
OutputStream bos = new UnsyncBufferedOutputStream(so);
si.signInOctetStream(bos);
bos.close();
// retrieve the byte[] from the stored signature
sigBytes = this.getSignatureValue();
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
// Impossible...
} catch (XMLSecurityException ex) {
throw ex;
}
// the bytes that were stored in the signature.
if (!sa.verify(sigBytes)) {
log.log(java.util.logging.Level.WARNING, "Signature verification failed.");
return false;
}
return si.verify(this.followManifestsDuringValidation);
} catch (XMLSignatureException ex) {
throw ex;
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}
}
Also used :
SignerOutputStream(com.sun.org.apache.xml.internal.security.utils.SignerOutputStream)
SignerOutputStream(com.sun.org.apache.xml.internal.security.utils.SignerOutputStream)
UnsyncBufferedOutputStream(com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream)
OutputStream(java.io.OutputStream)
SignatureAlgorithm(com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm)
IOException(java.io.IOException)
UnsyncBufferedOutputStream(com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
Example 10 with XMLSecurityException
use of com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException in project jdk8u_jdk by JetBrains.
the class RetrievalMethodResolver method engineLookupAndResolvePublicKey.
/**
* Method engineResolvePublicKey
* @inheritDoc
* @param element
* @param baseURI
* @param storage
*/
public PublicKey engineLookupAndResolvePublicKey(Element element, String baseURI, StorageResolver storage) {
if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_RETRIEVALMETHOD)) {
return null;
}
try {
// Create a retrieval method over the given element
RetrievalMethod rm = new RetrievalMethod(element, baseURI);
String type = rm.getType();
XMLSignatureInput resource = resolveInput(rm, baseURI, secureValidation);
if (RetrievalMethod.TYPE_RAWX509.equals(type)) {
// a raw certificate, direct parsing is done!
X509Certificate cert = getRawCertificate(resource);
if (cert != null) {
return cert.getPublicKey();
}
return null;
}
Element e = obtainReferenceElement(resource);
// which points to this element
if (XMLUtils.elementIsInSignatureSpace(e, Constants._TAG_RETRIEVALMETHOD)) {
if (secureValidation) {
String error = "Error: It is forbidden to have one RetrievalMethod " + "point to another with secure validation";
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, error);
}
return null;
}
RetrievalMethod rm2 = new RetrievalMethod(e, baseURI);
XMLSignatureInput resource2 = resolveInput(rm2, baseURI, secureValidation);
Element e2 = obtainReferenceElement(resource2);
if (e2 == element) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Error: Can't have RetrievalMethods pointing to each other");
}
return null;
}
}
return resolveKey(e, baseURI, storage);
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
}
} catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "CertificateException", ex);
}
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "IOException", ex);
}
} catch (ParserConfigurationException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e);
}
} catch (SAXException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "SAXException", e);
}
}
return null;
}
Also used :
RetrievalMethod(com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod)
Element(org.w3c.dom.Element)
XMLSignatureInput(com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
X509Certificate(java.security.cert.X509Certificate)
XMLX509Certificate(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
SAXException(org.xml.sax.SAXException)
Aggregations
XMLSecurityException (com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)32
Element (org.w3c.dom.Element)15
IOException (java.io.IOException)11
X509Certificate (java.security.cert.X509Certificate)9
CanonicalizationException (com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException)8
KeyResolverException (com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException)8
PublicKey (java.security.PublicKey)7
XMLSignatureInput (com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)6
Certificate (java.security.cert.Certificate)6
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)6
SAXException (org.xml.sax.SAXException)6
InvalidCanonicalizerException (com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException)5
XMLX509Certificate (com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate)5
TransformationException (com.sun.org.apache.xml.internal.security.transforms.TransformationException)5
Transforms (com.sun.org.apache.xml.internal.security.transforms.Transforms)4
InclusiveNamespaces (com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces)4
XMLX509SKI (com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI)3
UnsyncBufferedOutputStream (com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream)3
OutputStream (java.io.OutputStream)3
KeyFactory (java.security.KeyFactory)3
