Example 16 with XMLSignatureInput
use of com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput in project jdk8u_jdk by JetBrains.
the class RetrievalMethodResolver method resolveInput.
/**
* Resolves the input from the given retrieval method
* @return
* @throws XMLSecurityException
*/
private static XMLSignatureInput resolveInput(RetrievalMethod rm, String baseURI, boolean secureValidation) throws XMLSecurityException {
Attr uri = rm.getURIAttr();
// Apply the transforms
Transforms transforms = rm.getTransforms();
ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation);
XMLSignatureInput resource = resRes.resolve(uri, baseURI, secureValidation);
if (transforms != null) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "We have Transforms");
}
resource = transforms.performTransforms(resource);
}
return resource;
}
Also used :
Transforms(com.sun.org.apache.xml.internal.security.transforms.Transforms)
ResourceResolver(com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver)
XMLSignatureInput(com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)
Attr(org.w3c.dom.Attr)
Example 17 with XMLSignatureInput
use of com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput in project jdk8u_jdk by JetBrains.
the class RetrievalMethodResolver method engineLookupResolveX509Certificate.
/**
* Method engineResolveX509Certificate
* @inheritDoc
* @param element
* @param baseURI
* @param storage
*/
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) {
if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_RETRIEVALMETHOD)) {
return null;
}
try {
RetrievalMethod rm = new RetrievalMethod(element, baseURI);
String type = rm.getType();
XMLSignatureInput resource = resolveInput(rm, baseURI, secureValidation);
if (RetrievalMethod.TYPE_RAWX509.equals(type)) {
return getRawCertificate(resource);
}
Element e = obtainReferenceElement(resource);
// which points to this element
if (XMLUtils.elementIsInSignatureSpace(e, Constants._TAG_RETRIEVALMETHOD)) {
if (secureValidation) {
String error = "Error: It is forbidden to have one RetrievalMethod " + "point to another with secure validation";
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, error);
}
return null;
}
RetrievalMethod rm2 = new RetrievalMethod(e, baseURI);
XMLSignatureInput resource2 = resolveInput(rm2, baseURI, secureValidation);
Element e2 = obtainReferenceElement(resource2);
if (e2 == element) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Error: Can't have RetrievalMethods pointing to each other");
}
return null;
}
}
return resolveCertificate(e, baseURI, storage);
} catch (XMLSecurityException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
}
} catch (CertificateException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "CertificateException", ex);
}
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "IOException", ex);
}
} catch (ParserConfigurationException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e);
}
} catch (SAXException e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "SAXException", e);
}
}
return null;
}
Also used :
RetrievalMethod(com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod)
Element(org.w3c.dom.Element)
XMLSignatureInput(com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
SAXException(org.xml.sax.SAXException)
Example 18 with XMLSignatureInput
use of com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput in project jdk8u_jdk by JetBrains.
the class KeyInfoReferenceResolver method resolveReferentKeyInfo.
/**
* Resolve the KeyInfoReference Element's URI attribute into a KeyInfo instance.
*
* @param element
* @param baseURI
* @param storage
* @return the KeyInfo which is referred to by this KeyInfoReference, or null if can not be resolved
* @throws XMLSecurityException
*/
private KeyInfo resolveReferentKeyInfo(Element element, String baseURI, StorageResolver storage) throws XMLSecurityException {
KeyInfoReference reference = new KeyInfoReference(element, baseURI);
Attr uriAttr = reference.getURIAttr();
XMLSignatureInput resource = resolveInput(uriAttr, baseURI, secureValidation);
Element referentElement = null;
try {
referentElement = obtainReferenceElement(resource);
} catch (Exception e) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
}
return null;
}
if (referentElement == null) {
log.log(java.util.logging.Level.FINE, "De-reference of KeyInfoReference URI returned null: " + uriAttr.getValue());
return null;
}
validateReference(referentElement);
KeyInfo referent = new KeyInfo(referentElement, baseURI);
referent.addStorageResolver(storage);
return referent;
}
Also used :
KeyInfo(com.sun.org.apache.xml.internal.security.keys.KeyInfo)
Element(org.w3c.dom.Element)
KeyInfoReference(com.sun.org.apache.xml.internal.security.keys.content.KeyInfoReference)
XMLSignatureInput(com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)
Attr(org.w3c.dom.Attr)
IOException(java.io.IOException)
CanonicalizationException(com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException)
KeyResolverException(com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
SAXException(org.xml.sax.SAXException)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
Example 19 with XMLSignatureInput
use of com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput in project jdk8u_jdk by JetBrains.
the class TransformXSLT method enginePerformTransform.
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, OutputStream baos, Transform transformObject) throws IOException, TransformationException {
try {
Element transformElement = transformObject.getElement();
Element xsltElement = XMLUtils.selectNode(transformElement.getFirstChild(), XSLTSpecNS, "stylesheet", 0);
if (xsltElement == null) {
Object[] exArgs = { "xslt:stylesheet", "Transform" };
throw new TransformationException("xml.WrongContent", exArgs);
}
TransformerFactory tFactory = TransformerFactory.newInstance();
// Process XSLT stylesheets in a secure manner
tFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
/*
* This transform requires an octet stream as input. If the actual
* input is an XPath node-set, then the signature application should
* attempt to convert it to octets (apply Canonical XML]) as described
* in the Reference Processing Model (section 4.3.3.2).
*/
Source xmlSource = new StreamSource(new ByteArrayInputStream(input.getBytes()));
Source stylesheet;
/*
* This complicated transformation of the stylesheet itself is necessary
* because of the need to get the pure style sheet. If we simply say
* Source stylesheet = new DOMSource(this.xsltElement);
* whereby this.xsltElement is not the rootElement of the Document,
* this causes problems;
* so we convert the stylesheet to byte[] and use this as input stream
*/
{
ByteArrayOutputStream os = new ByteArrayOutputStream();
Transformer transformer = tFactory.newTransformer();
DOMSource source = new DOMSource(xsltElement);
StreamResult result = new StreamResult(os);
transformer.transform(source, result);
stylesheet = new StreamSource(new ByteArrayInputStream(os.toByteArray()));
}
Transformer transformer = tFactory.newTransformer(stylesheet);
// implementations.
try {
transformer.setOutputProperty("{http://xml.apache.org/xalan}line-separator", "\n");
} catch (Exception e) {
log.log(java.util.logging.Level.WARNING, "Unable to set Xalan line-separator property: " + e.getMessage());
}
if (baos == null) {
ByteArrayOutputStream baos1 = new ByteArrayOutputStream();
StreamResult outputTarget = new StreamResult(baos1);
transformer.transform(xmlSource, outputTarget);
return new XMLSignatureInput(baos1.toByteArray());
}
StreamResult outputTarget = new StreamResult(baos);
transformer.transform(xmlSource, outputTarget);
XMLSignatureInput output = new XMLSignatureInput((byte[]) null);
output.setOutputStream(baos);
return output;
} catch (XMLSecurityException ex) {
Object[] exArgs = { ex.getMessage() };
throw new TransformationException("generic.EmptyMessage", exArgs, ex);
} catch (TransformerConfigurationException ex) {
Object[] exArgs = { ex.getMessage() };
throw new TransformationException("generic.EmptyMessage", exArgs, ex);
} catch (TransformerException ex) {
Object[] exArgs = { ex.getMessage() };
throw new TransformationException("generic.EmptyMessage", exArgs, ex);
}
}
Also used :
TransformationException(com.sun.org.apache.xml.internal.security.transforms.TransformationException)
DOMSource(javax.xml.transform.dom.DOMSource)
TransformerFactory(javax.xml.transform.TransformerFactory)
Transformer(javax.xml.transform.Transformer)
StreamResult(javax.xml.transform.stream.StreamResult)
TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException)
Element(org.w3c.dom.Element)
StreamSource(javax.xml.transform.stream.StreamSource)
XMLSignatureInput(com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
DOMSource(javax.xml.transform.dom.DOMSource)
StreamSource(javax.xml.transform.stream.StreamSource)
Source(javax.xml.transform.Source)
TransformerException(javax.xml.transform.TransformerException)
TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException)
IOException(java.io.IOException)
TransformationException(com.sun.org.apache.xml.internal.security.transforms.TransformationException)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
TransformerException(javax.xml.transform.TransformerException)
Example 20 with XMLSignatureInput
use of com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput in project jdk8u_jdk by JetBrains.
the class ResolverDirectHTTP method engineResolveURI.
/**
* Method resolve
*
* @param uri
* @param baseURI
*
* @throws ResourceResolverException
* @return
* $todo$ calculate the correct URI from the attribute and the baseURI
*/
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException {
try {
// calculate new URI
URI uriNew = getNewURI(context.uriToResolve, context.baseUri);
URL url = uriNew.toURL();
URLConnection urlConnection;
urlConnection = openConnection(url);
// check if Basic authentication is required
String auth = urlConnection.getHeaderField("WWW-Authenticate");
if (auth != null && auth.startsWith("Basic")) {
// do http basic authentication
String user = engineGetProperty(ResolverDirectHTTP.properties[ResolverDirectHTTP.HttpBasicUser]);
String pass = engineGetProperty(ResolverDirectHTTP.properties[ResolverDirectHTTP.HttpBasicPass]);
if ((user != null) && (pass != null)) {
urlConnection = openConnection(url);
String password = user + ":" + pass;
String encodedPassword = Base64.encode(password.getBytes("ISO-8859-1"));
// set authentication property in the http header
urlConnection.setRequestProperty("Authorization", "Basic " + encodedPassword);
}
}
String mimeType = urlConnection.getHeaderField("Content-Type");
InputStream inputStream = urlConnection.getInputStream();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buf = new byte[4096];
int read = 0;
int summarized = 0;
while ((read = inputStream.read(buf)) >= 0) {
baos.write(buf, 0, read);
summarized += read;
}
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Fetched " + summarized + " bytes from URI " + uriNew.toString());
}
XMLSignatureInput result = new XMLSignatureInput(baos.toByteArray());
result.setSourceURI(uriNew.toString());
result.setMIMEType(mimeType);
return result;
} catch (URISyntaxException ex) {
throw new ResourceResolverException("generic.EmptyMessage", ex, context.attr, context.baseUri);
} catch (MalformedURLException ex) {
throw new ResourceResolverException("generic.EmptyMessage", ex, context.attr, context.baseUri);
} catch (IOException ex) {
throw new ResourceResolverException("generic.EmptyMessage", ex, context.attr, context.baseUri);
} catch (IllegalArgumentException e) {
throw new ResourceResolverException("generic.EmptyMessage", e, context.attr, context.baseUri);
}
}
Also used :
MalformedURLException(java.net.MalformedURLException)
InputStream(java.io.InputStream)
XMLSignatureInput(com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
URISyntaxException(java.net.URISyntaxException)
ResourceResolverException(com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException)
IOException(java.io.IOException)
URI(java.net.URI)
URL(java.net.URL)
URLConnection(java.net.URLConnection)
Aggregations
XMLSignatureInput (com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput)24
Element (org.w3c.dom.Element)11
XMLSecurityException (com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)6
IOException (java.io.IOException)6
Node (org.w3c.dom.Node)6
ResourceResolverException (com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException)5
CanonicalizationException (com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException)4
ResourceResolver (com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver)4
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)4
Attr (org.w3c.dom.Attr)4
SAXException (org.xml.sax.SAXException)4
Base64DecodingException (com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException)3
TransformationException (com.sun.org.apache.xml.internal.security.transforms.TransformationException)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)3
URISyntaxException (java.net.URISyntaxException)3
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
InvalidCanonicalizerException (com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException)2
RetrievalMethod (com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod)2
Transform (com.sun.org.apache.xml.internal.security.transforms.Transform)2
InclusiveNamespaces (com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces)2
