src/com/0000777000175000001440000000000010375671175011325 5ustar rauluserssrc/com/r_bg/0000777000175000001440000000000010375671175012236 5ustar rauluserssrc/com/r_bg/stax/0000777000175000001440000000000010407125064013200 5ustar rauluserssrc/com/r_bg/stax/c14n/0000777000175000001440000000000010376423345013755 5ustar rauluserssrc/com/r_bg/stax/c14n/C14nInclusive.java0000666000175000001440000000257710402626560017214 0ustar rauluserspackage com.r_bg.stax.c14n; import java.util.Iterator; import java.util.SortedSet; import java.util.TreeSet; import javax.xml.stream.XMLStreamReader; /** * TODO: Copy the already defined namespaces sadly stax doesnot give any way to obtain this * so we are going to have stack for inclusive. * @author raul * */ public class C14nInclusive implements C14nAttributeHandler { public String handleAttributes(XMLStreamReader in,StaxC14nHelper nsD) { SortedSet args=new TreeSet(new AttributeCompartor(in)); SortedSet nss=new TreeSet(new NsCompartor(in)); String result=""; int length=in.getNamespaceCount(); for (int i=0;iFor speed reasons all the symbols are introduced in the same map, * and at the same time in a list so it can be removed when the frame is pop back. * @author Raul Benito **/ public class StaxC14nHelper { List levels=new ArrayList(); //boolean needToClone=false; HashMap currentRender=new HashMap(); public StaxC14nHelper() { currentRender.put("",""); } public void push() { levels.add(currentRender.clone()); } public void pop() { currentRender=(HashMap) levels.remove(levels.size()-1); } public boolean hasBeenRender(String prefix, String uri) { String previousRendered=(String) currentRender.get(prefix); if ((previousRendered!=null) && (previousRendered.equals(uri))) { return true; } currentRender.put(prefix,uri); return false; } }src/com/r_bg/stax/c14n/C14n.java0000644000175000001440000000607110376430454015324 0ustar rauluserspackage com.r_bg.stax.c14n; import javax.xml.namespace.QName; import javax.xml.stream.EventFilter; import javax.xml.stream.StreamFilter; import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamReader; import javax.xml.stream.events.XMLEvent; public class C14n implements EventFilter,StreamFilter { String result=""; public static String writePiData(XMLStreamReader in) { String result=in.getPITarget(); String data=in.getPIData(); if (data!=null && data.length()!=0) result+=" "+data; return result; } public static String obtainName(QName name) { String prefix=name.getPrefix(); if (prefix!=null && prefix.length()!=0) prefix+=":"; return prefix+name.getLocalPart(); } static String writeAttribute(XMLStreamReader in, int i) { String result=in.getAttributePrefix(i); if (result==null) { result=""; } else { result+=":"; } result+=in.getAttributeLocalName(i); return result; } public static String cannoicalizeWithoutComments(XMLStreamReader in, C14nAttributeHandler handler) throws XMLStreamException { String result=""; int type; int beforeDocumentElement=1; StaxC14nHelper nsD=new StaxC14nHelper(); int number=0; while ((type=in.getEventType())!=XMLStreamReader.END_DOCUMENT) { switch (type) { case XMLStreamReader.PROCESSING_INSTRUCTION: if (beforeDocumentElement==-1) result+="\n"; result+=""; if (beforeDocumentElement==1) result+="\n"; break; case XMLStreamReader.START_ELEMENT: number++; nsD.push(); beforeDocumentElement=0; result+="<"+obtainName(in.getName()); result+=handler.handleAttributes(in,nsD)+">"; break; case XMLStreamReader.END_ELEMENT: if (--number==0) { beforeDocumentElement=-1; } result+=""; nsD.pop(); break; case XMLStreamReader.CHARACTERS: case XMLStreamReader.CDATA: result+=in.getText(); break; } in.next(); } return result; } int beforeDocumentElement=-1; int number=0; C14nAttributeHandler handler; StaxC14nHelper nsD=new StaxC14nHelper(); public C14n(C14nAttributeHandler handler) { this.handler=handler; } public boolean accept(XMLEvent arg0) { return false; } public boolean accept(XMLStreamReader in) { int type=in.getEventType(); switch (type) { case XMLStreamReader.PROCESSING_INSTRUCTION: if (beforeDocumentElement==-1) result+="\n"; result+=""; if (beforeDocumentElement==1) result+="\n"; break; case XMLStreamReader.START_ELEMENT: number++; nsD.push(); beforeDocumentElement=0; result+="<"+obtainName(in.getName()); result+=handler.handleAttributes(in,nsD)+">"; break; case XMLStreamReader.END_ELEMENT: if (--number==0) { beforeDocumentElement=-1; } result+=""; nsD.pop(); break; case XMLStreamReader.CHARACTERS: case XMLStreamReader.CDATA: result+=in.getText(); break; } return true; } public String getResult() { return result; } } src/com/r_bg/stax/c14n/C14nAttributeHandler.java0000644000175000001440000000027110376154764020511 0ustar rauluserspackage com.r_bg.stax.c14n; import javax.xml.stream.XMLStreamReader; public interface C14nAttributeHandler { public String handleAttributes(XMLStreamReader in,StaxC14nHelper nsD); } src/com/r_bg/stax/c14n/NsComparator.java0000644000175000001440000000074310376423352017226 0ustar rauluserspackage com.r_bg.stax.c14n; import java.util.Comparator; import javax.xml.stream.XMLStreamReader; class NsCompartor implements Comparator { XMLStreamReader in; public NsCompartor(XMLStreamReader in) { this.in=in; } public int compare(Object arg0, Object arg1) { int first=((Integer)arg0).intValue(); int second=((Integer)arg1).intValue(); String uri1=in.getNamespacePrefix(first); String uri2=in.getNamespacePrefix(second); return uri1.compareTo(uri2); } }src/com/r_bg/stax/c14n/AttributeHandleExclusive.java0000644000175000001440000000275310402627041021557 0ustar rauluserspackage com.r_bg.stax.c14n; import java.util.HashSet; import java.util.Iterator; import java.util.Set; import java.util.SortedSet; import java.util.TreeSet; import javax.xml.namespace.NamespaceContext; import javax.xml.stream.XMLStreamReader; public class AttributeHandleExclusive implements C14nAttributeHandler { public String handleAttributes(XMLStreamReader in,StaxC14nHelper nsD) { SortedSet args=new TreeSet(new AttributeCompartor(in)); SortedSet nss=new TreeSet(); Set prefixes=new HashSet(); String result=""; int length; length=in.getAttributeCount(); for (int i=0;i signatures=new ArrayList(); List filters=new ArrayList(); List filterStart=new ArrayList(); List watchers=new ArrayList(); int level=0; public StaxSignatureVerifcator() { watchers.add(new SignatureWatcher()); } public void addSignature(XMLSignatureWorker s) { signatures.add(s); } public void insertWatch(IdWatcher watcher) { watchers.add(watcher); } public boolean accept(XMLStreamReader arg0) { if (arg0.getEventType()==XMLStreamReader.START_ELEMENT) { level++; for (StaxWatcher watcher : watchers) { StaxWorker sf=watcher.watch(arg0, this); if (sf!=null) { filters.add(sf); filterStart.add(level); } } } List added=filters; while (added.size()!=0) { List toAdd=new ArrayList(); List toAddStart=new ArrayList(); for (StaxWorker filter: added) { StaxWorker sf=filter.read(arg0); if (sf!=null) { toAdd.add(sf); toAddStart.add(level); } } added=toAdd; filters.addAll(toAdd); filterStart.addAll(toAddStart); } if (arg0.getEventType()==XMLStreamReader.END_ELEMENT) { do { int i=filterStart.lastIndexOf(level); if (i!=-1) { StaxWatcher watch=filters.remove(i).remove(); if (watch!=null) { watchers.add(watch); } filterStart.remove(i); } } while (filterStart.contains(level)); level--; } // TODO Auto-generated method stub return true; } public boolean getReferenceResult(int i) { // TODO Auto-generated method stub try { return ((Reference)signatures.get(0).getSignedInfo().getReferences().get(0)).validate(null); } catch (XMLSignatureException e) { // TODO Auto-generated catch block e.printStackTrace(); } return false; } } src/com/r_bg/stax/StaxWorker.java0000644000175000001440000000026110402650556016153 0ustar rauluserspackage com.r_bg.stax; import javax.xml.stream.XMLStreamReader; public interface StaxWorker { public StaxWorker read(XMLStreamReader reader); public StaxWatcher remove(); } src/com/r_bg/stax/StaxWatcher.java0000644000175000001440000000051110402650150016263 0ustar rauluserspackage com.r_bg.stax; import javax.xml.stream.XMLStreamReader; public interface StaxWatcher { /** * Insert a C14n if needed * @param reader * @return a StreamFilter to be notified for the life of the element and all * subelements. */ public StaxWorker watch(XMLStreamReader reader, StaxSignatureVerifcator sig); } src/com/r_bg/stax/StaxValidateContext.java0000644000175000001440000000451610407102325017776 0ustar rauluserspackage com.r_bg.stax; import javax.xml.crypto.KeySelector; import javax.xml.crypto.URIDereferencer; import javax.xml.crypto.dsig.XMLSignature; import javax.xml.crypto.dsig.XMLValidateContext; import javax.xml.stream.StreamFilter; import javax.xml.stream.XMLStreamReader; public class StaxValidateContext implements XMLValidateContext { XMLStreamReader reader; int signatureNumber=0; KeySelector ks=null; private StaxSignatureVerifcator sig; public static StaxValidateContext createEnvolopedValidator(XMLStreamReader reader) { return new StaxValidateContext(reader); } public void setSignatureNumber(int number) { signatureNumber=number; } protected StaxValidateContext(XMLStreamReader reader) { this.reader=reader; } public String getBaseURI() { // TODO Auto-generated method stub return null; } public void setBaseURI(String baseURI) { // TODO Auto-generated method stub } public KeySelector getKeySelector() { return ks; } public void setKeySelector(KeySelector ks) { this.ks=ks; } public URIDereferencer getURIDereferencer() { // TODO Auto-generated method stub return null; } public void setURIDereferencer(URIDereferencer dereferencer) { // TODO Auto-generated method stub } public String getNamespacePrefix(String namespaceURI, String defaultPrefix) { // TODO Auto-generated method stub return null; } public String putNamespacePrefix(String namespaceURI, String prefix) { // TODO Auto-generated method stub return null; } public String getDefaultNamespacePrefix() { // TODO Auto-generated method stub return null; } public void setDefaultNamespacePrefix(String defaultPrefix) { // TODO Auto-generated method stub } public Object setProperty(String name, Object value) { // TODO Auto-generated method stub return null; } public Object getProperty(String name) { // TODO Auto-generated method stub return null; } public Object get(Object key) { // TODO Auto-generated method stub return null; } public Object put(Object key, Object value) { // TODO Auto-generated method stub return null; } public StreamFilter getStreamReader() { sig = new StaxSignatureVerifcator(); // TODO Auto-generated method stub return sig; } protected XMLSignature getSignature() { // TODO Auto-generated method stub return sig.signatures.get(signatureNumber); } } src/com/r_bg/stax/C14nWorker.java0000644000175000001440000000257110407126117015743 0ustar rauluserspackage com.r_bg.stax; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.xml.stream.XMLStreamReader; import org.apache.xml.security.algorithms.JCEMapper; import org.apache.xml.security.algorithms.MessageDigestAlgorithm; import org.apache.xml.security.utils.DigesterOutputStream; import sun.security.rsa.RSASignature.SHA1withRSA; import com.r_bg.stax.c14n.C14n; import com.r_bg.stax.c14n.C14nAttributeHandler; import com.r_bg.stax.c14n.C14nExcl; import com.r_bg.stax.c14n.C14nIncl; import com.r_bg.stax.c14n.C14nInclusive; import com.sun.org.apache.xerces.internal.impl.dv.util.Base64; public class C14nWorker implements StaxWorker { DigestResultListener re; String algorithm; C14n c14n=new C14n(new com.r_bg.stax.c14n.AttributeHandleExclusive()); public C14nWorker(DigestResultListener re,String algorithm) { this.re=re; this.algorithm=algorithm; } public StaxWorker read(XMLStreamReader reader) { c14n.accept(reader); return null; } public StaxWatcher remove() { try { MessageDigest ms=MessageDigest.getInstance( JCEMapper.translateURItoJCEID(algorithm)); byte [] result=ms.digest(c14n.getResult().getBytes()); re.setResult(result); //System.out.println(Base64.encode(result)); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } return null; } } src/com/r_bg/stax/XMLSignatureWorker.java0000644000175000001440000001131610407125162017554 0ustar rauluserspackage com.r_bg.stax; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.util.ArrayList; import java.util.Arrays; import java.util.Iterator; import java.util.List; import javax.xml.crypto.Data; import javax.xml.crypto.KeySelector; import javax.xml.crypto.KeySelectorException; import javax.xml.crypto.KeySelectorResult; import javax.xml.crypto.MarshalException; import javax.xml.crypto.KeySelector.Purpose; import javax.xml.crypto.dsig.CanonicalizationMethod; import javax.xml.crypto.dsig.DigestMethod; import javax.xml.crypto.dsig.Reference; import javax.xml.crypto.dsig.SignatureMethod; import javax.xml.crypto.dsig.SignedInfo; import javax.xml.crypto.dsig.XMLSignContext; import javax.xml.crypto.dsig.XMLSignature; import javax.xml.crypto.dsig.XMLSignatureException; import javax.xml.crypto.dsig.XMLValidateContext; import javax.xml.crypto.dsig.keyinfo.KeyInfo; import javax.xml.stream.XMLStreamReader; import org.apache.xml.security.algorithms.JCEMapper; import org.apache.xml.security.algorithms.MessageDigestAlgorithm; import org.apache.xml.security.exceptions.Base64DecodingException; import org.apache.xml.security.utils.Base64; import com.r_bg.stax.c14n.AttributeHandleExclusive; import com.r_bg.stax.c14n.C14n; class Constants { public static final String DS_URI="http://www.w3.org/2000/09/xmldsig#"; } class SignatureWatcher implements StaxWatcher { public StaxWorker watch(XMLStreamReader reader, StaxSignatureVerifcator sig) { String name=reader.getLocalName(); String uri=reader.getNamespaceURI(); if (name.equals("Signature") && uri.equals(Constants.DS_URI)) { System.out.println("Signature!!!!!!"); XMLSignatureWorker s=new XMLSignatureWorker(); sig.addSignature(s); return s; } return null; } } public class XMLSignatureWorker implements StaxWorker,XMLSignature { SignedInfoWorker si; KeySelectorResult keySelectorResult=null; SignedValueWorker signatureValue; public StaxWorker read(XMLStreamReader reader) { if ( (reader.getEventType()==XMLStreamReader.START_ELEMENT) && Constants.DS_URI.equals(reader.getNamespaceURI() ) ) { if (reader.getLocalName().equals("SignedInfo") ) { si=new SignedInfoWorker(); return si; } if (reader.getLocalName().equals("SignatureValue") ) { signatureValue=new SignedValueWorker(); return signatureValue; } } return null; } public StaxWatcher remove() { System.out.println("Signature finished!"); return null; } public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException { List references=(List)si.getReferences(); boolean valid=true; for (Reference ref : references){ valid&=ref.validate(validateContext); } try { KeySelector ks=validateContext.getKeySelector(); keySelectorResult=ks.select(null, KeySelector.Purpose.VERIFY, si.getSignatureMethod(), validateContext); } catch (KeySelectorException e) { // TODO Auto-generated catch block e.printStackTrace(); } try { Signature sig=Signature.getInstance( JCEMapper.translateURItoJCEID(si.getSignatureMethod().getAlgorithm())); sig.initVerify((PublicKey) keySelectorResult.getKey()); int available=si.getCanonicalizedData().available(); byte [] input=new byte[available]; si.getCanonicalizedData().read(input); sig.update(input); valid&=sig.verify(getSignatureValue().getValue()); } catch (SignatureException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (InvalidKeyException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } return valid; } public KeyInfo getKeyInfo() { // TODO Auto-generated method stub return null; } public SignedInfo getSignedInfo() { return si; } public List getObjects() { // TODO Auto-generated method stub return null; } public String getId() { // TODO Auto-generated method stub return null; } public SignatureValue getSignatureValue() { return signatureValue; } public void sign(XMLSignContext signContext) throws MarshalException, XMLSignatureException { // TODO Auto-generated method stub } public KeySelectorResult getKeySelectorResult() { return keySelectorResult; } public boolean isFeatureSupported(String feature) { // TODO Auto-generated method stub return false; } } src/com/r_bg/stax/DigestResultListener.java0000644000175000001440000000014310407125777020174 0ustar rauluserspackage com.r_bg.stax; interface DigestResultListener { public void setResult(byte[] result); }src/com/r_bg/stax/StaxXMLSignatureFactory.java0000644000175000001440000001264610403136773020567 0ustar rauluserspackage com.r_bg.stax; import java.security.AccessController; import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.security.PrivilegedAction; import java.security.Provider; import java.security.Security; import java.util.List; import javax.xml.crypto.Data; import javax.xml.crypto.MarshalException; import javax.xml.crypto.URIDereferencer; import javax.xml.crypto.XMLStructure; import javax.xml.crypto.dsig.CanonicalizationMethod; import javax.xml.crypto.dsig.DigestMethod; import javax.xml.crypto.dsig.Manifest; import javax.xml.crypto.dsig.Reference; import javax.xml.crypto.dsig.SignatureMethod; import javax.xml.crypto.dsig.SignatureProperties; import javax.xml.crypto.dsig.SignatureProperty; import javax.xml.crypto.dsig.SignedInfo; import javax.xml.crypto.dsig.Transform; import javax.xml.crypto.dsig.XMLObject; import javax.xml.crypto.dsig.XMLSignature; import javax.xml.crypto.dsig.XMLSignatureFactory; import javax.xml.crypto.dsig.XMLValidateContext; import javax.xml.crypto.dsig.keyinfo.KeyInfo; import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec; import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec; import javax.xml.crypto.dsig.spec.TransformParameterSpec; import org.jcp.xml.dsig.internal.dom.XMLDSigRI; public class StaxXMLSignatureFactory extends XMLSignatureFactory { static { Security.addProvider(new StaxProvider()); }@Override public XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki) { // TODO Auto-generated method stub return null; } @Override public XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki, List objects, String id, String signatureValueId) { // TODO Auto-generated method stub return null; } @Override public Reference newReference(String uri, DigestMethod dm) { // TODO Auto-generated method stub return null; } @Override public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id) { // TODO Auto-generated method stub return null; } @Override public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id, byte[] digestValue) { // TODO Auto-generated method stub return null; } @Override public Reference newReference(String uri, DigestMethod dm, List appliedTransforms, Data result, List transforms, String type, String id) { // TODO Auto-generated method stub return null; } @Override public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references) { // TODO Auto-generated method stub return null; } @Override public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references, String id) { // TODO Auto-generated method stub return null; } @Override public XMLObject newXMLObject(List content, String id, String mimeType, String encoding) { // TODO Auto-generated method stub return null; } @Override public Manifest newManifest(List references) { // TODO Auto-generated method stub return null; } @Override public Manifest newManifest(List references, String id) { // TODO Auto-generated method stub return null; } @Override public SignatureProperty newSignatureProperty(List content, String target, String id) { // TODO Auto-generated method stub return null; } @Override public SignatureProperties newSignatureProperties(List properties, String id) { // TODO Auto-generated method stub return null; } @Override public DigestMethod newDigestMethod(String algorithm, DigestMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { // TODO Auto-generated method stub return null; } @Override public SignatureMethod newSignatureMethod(String algorithm, SignatureMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { // TODO Auto-generated method stub return null; } @Override public Transform newTransform(String algorithm, TransformParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { // TODO Auto-generated method stub return null; } @Override public Transform newTransform(String algorithm, XMLStructure params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { // TODO Auto-generated method stub return null; } @Override public CanonicalizationMethod newCanonicalizationMethod(String algorithm, C14NMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { // TODO Auto-generated method stub return null; } @Override public CanonicalizationMethod newCanonicalizationMethod(String algorithm, XMLStructure params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { // TODO Auto-generated method stub return null; } @Override public XMLSignature unmarshalXMLSignature(XMLValidateContext context) throws MarshalException { // TODO Auto-generated method stub return ((StaxValidateContext)context).getSignature(); } @Override public XMLSignature unmarshalXMLSignature(XMLStructure xmlStructure) throws MarshalException { // TODO Auto-generated method stub return null; } @Override public boolean isFeatureSupported(String feature) { // TODO Auto-generated method stub return false; } @Override public URIDereferencer getURIDereferencer() { // TODO Auto-generated method stub return null; } } src/com/r_bg/stax/SignatureMethodWorker.java0000644000175000001440000000170610407064063020340 0ustar rauluserspackage com.r_bg.stax; import java.security.spec.AlgorithmParameterSpec; import javax.xml.crypto.dsig.SignatureMethod; import javax.xml.stream.XMLStreamReader; public class SignatureMethodWorker implements StaxWorker, SignatureMethod { private String sighantureMethod; public StaxWorker read(XMLStreamReader reader) { if (reader.getEventType()==XMLStreamReader.START_ELEMENT && Constants.DS_URI.equals(reader.getNamespaceURI())) { if ("SignatureMethod".equals(reader.getLocalName())) { sighantureMethod=reader.getAttributeValue(null, "Algorithm"); }; } return null; } public StaxWatcher remove() { // TODO Auto-generated method stub return null; } public AlgorithmParameterSpec getParameterSpec() { // TODO Auto-generated method stub return null; } public boolean isFeatureSupported(String feature) { // TODO Auto-generated method stub return false; } public String getAlgorithm() { return sighantureMethod; } } src/com/r_bg/stax/SignedValueWorker.java0000644000175000001440000000241710407102723017440 0ustar rauluserspackage com.r_bg.stax; import javax.xml.crypto.dsig.XMLSignatureException; import javax.xml.crypto.dsig.XMLValidateContext; import javax.xml.crypto.dsig.XMLSignature.SignatureValue; import javax.xml.stream.XMLStreamReader; import org.apache.xml.security.exceptions.Base64DecodingException; import org.apache.xml.security.utils.Base64; public class SignedValueWorker implements StaxWorker, SignatureValue { String data; public SignedValueWorker() { } public StaxWorker read(XMLStreamReader reader) { if (reader.getEventType()==XMLStreamReader.CHARACTERS) { data=reader.getText(); } return null; } public StaxWatcher remove() { //System.out.println("Signature Value:"+data); return null; } public String getId() { // TODO Auto-generated method stub return null; } public byte[] getValue() { System.out.println("SignedInfo:"+data); try { return Base64.decode(data); } catch (Base64DecodingException e) { // TODO Auto-generated catch block e.printStackTrace(); } return null; } public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException { // TODO Auto-generated method stub return false; } public boolean isFeatureSupported(String feature) { // TODO Auto-generated method stub return false; } } src/com/r_bg/stax/SignedInfoWorker.java0000644000175000001440000000352110407125022017251 0ustar rauluserspackage com.r_bg.stax; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.util.ArrayList; import java.util.List; import javax.xml.crypto.dsig.CanonicalizationMethod; import javax.xml.crypto.dsig.SignatureMethod; import javax.xml.crypto.dsig.SignedInfo; import javax.xml.stream.XMLStreamReader; import com.r_bg.stax.c14n.AttributeHandleExclusive; import com.r_bg.stax.c14n.C14n; public class SignedInfoWorker implements StaxWorker, SignedInfo { // FIXME: Only exclusive C14n C14n c14n=new C14n(new AttributeHandleExclusive() ); List references=new ArrayList(); private SignatureMethodWorker smw; public StaxWorker read(XMLStreamReader reader) { c14n.accept(reader); if (reader.getEventType()==XMLStreamReader.START_ELEMENT && Constants.DS_URI.equals(reader.getNamespaceURI())) { if ("SignatureMethod".equals(reader.getLocalName())) { smw=new SignatureMethodWorker(); return smw; } if (reader.getLocalName().equals("Reference") ) { ReferenceWorker r=new ReferenceWorker(); references.add(r); return r; } } return null; } public StaxWatcher remove() { //System.out.println("C14n------\n"+c14n.getResult()+"\n\\C14n-------"); return null; } public CanonicalizationMethod getCanonicalizationMethod() { // TODO Auto-generated method stub return null; } public SignatureMethod getSignatureMethod() { return smw; } public List getReferences() { // TODO Auto-generated method stub return references; } public String getId() { // TODO Auto-generated method stub return null; } public InputStream getCanonicalizedData() { //FIXME: Only exclusive C14n return new ByteArrayInputStream(c14n.getResult().getBytes()); } public boolean isFeatureSupported(String feature) { // TODO Auto-generated method stub return false; } }src/com/r_bg/stax/ReferenceWorker.java0000644000175000001440000000645710407126146017145 0ustar rauluserspackage com.r_bg.stax; import java.io.InputStream; import java.security.spec.AlgorithmParameterSpec; import java.util.Arrays; import java.util.List; import javax.xml.crypto.Data; import javax.xml.crypto.dsig.DigestMethod; import javax.xml.crypto.dsig.Reference; import javax.xml.crypto.dsig.XMLSignatureException; import javax.xml.crypto.dsig.XMLValidateContext; import javax.xml.stream.XMLStreamReader; import org.apache.xml.security.exceptions.Base64DecodingException; import org.apache.xml.security.utils.Base64; class ReferenceWorker implements StaxWorker, Reference, DigestResultListener { boolean readDigestValue=false; String uri; String c14nType; byte[] digestValue; byte[] calculateDigestValue; boolean correct=false; private DigestMethod digestMethod; public StaxWorker read(XMLStreamReader reader) { if (reader.getEventType()==XMLStreamReader.START_ELEMENT && Constants.DS_URI.equals(reader.getNamespaceURI())) { String name=reader.getLocalName(); if (name.equals("Reference") ) { uri=reader.getAttributeValue(null,"URI"); } if (name.equals("DigestValue")) { readDigestValue=true; } if ("DigestMethod".equals(name)) { final String mda=reader.getAttributeValue(null, "Algorithm"); digestMethod=new DigestMethod() { public AlgorithmParameterSpec getParameterSpec() { return null; } public boolean isFeatureSupported(String feature) { // TODO Auto-generated method stub return false; } public String getAlgorithm() { return mda; } }; } } if (reader.getEventType()==XMLStreamReader.END_ELEMENT && Constants.DS_URI.equals(reader.getNamespaceURI())) { if (reader.getLocalName().equals("DigestValue")) { readDigestValue=false; } } if (reader.getEventType()==XMLStreamReader.CHARACTERS) { if (readDigestValue) try { digestValue=Base64.decode(reader.getText()); } catch (Base64DecodingException e) { // TODO Auto-generated catch block e.printStackTrace(); } } // TODO Auto-generated method stub return null; } public StaxWatcher remove() { //System.out.println("Reference removed"); return new IdWatcher(uri.substring(1),getDigestMethod().getAlgorithm(),this); } /* (non-Javadoc) * @see com.r_bg.stax.DigestResultListener#setResult(byte[]) */ public void setResult(byte[] result) { calculateDigestValue=result; correct=Arrays.equals(result, digestValue); } public List getTransforms() { // TODO Auto-generated method stub return null; } public DigestMethod getDigestMethod() { return digestMethod; } public String getId() { // TODO Auto-generated method stub return null; } public byte[] getDigestValue() { return digestValue; } public byte[] getCalculatedDigestValue() { return calculateDigestValue; } public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException { return correct; } public Data getDereferencedData() { // TODO Auto-generated method stub return null; } public InputStream getDigestInputStream() { // TODO Auto-generated method stub return null; } public String getURI() { return uri; } public String getType() { // TODO Auto-generated method stub return null; } public boolean isFeatureSupported(String feature) { // TODO Auto-generated method stub return false; } }src_unitTests/com/0000777000175000001440000000000010375671233013402 5ustar rauluserssrc_unitTests/com/r_bg/0000777000175000001440000000000010375671233014313 5ustar rauluserssrc_unitTests/com/r_bg/stax/0000777000175000001440000000000010400407252015255 5ustar rauluserssrc_unitTests/com/r_bg/stax/c14n/0000777000175000001440000000000010376156232016035 5ustar rauluserssrc_unitTests/com/r_bg/stax/c14n/C14nIncl.java0000666000175000001440000001514610376430361020220 0ustar rauluserspackage com.r_bg.stax.c14n; import java.io.ByteArrayInputStream; import javax.xml.stream.XMLInputFactory; import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamReader; import junit.framework.TestCase; public class C14nIncl extends TestCase { public static void main(String[] args) { } public static void testRfc3_1() throws Exception { String in="\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "Hello, world!\n" + "\n" + "\n" + "\n" + "\n" + "\n" + ""; String outWithoutComments="\n" + "Hello, world!\n" + ""; String outWithComments="\n" + "Hello, world!\n" + "\n" + "\n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); } public static void testRfc3_2() throws Exception { String in="\n" + " \n" + " A B \n" + " \n" + " A\n" + " \n" + " B\n" + " A B \n" + " C\n" + " \n" + ""; String outWithoutComments="\n" + " \n" + " A B \n" + " \n" + " A\n" + " \n" + " B\n" + " A B \n" + " C\n" + " \n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); } public static void testOrderInAttributes() throws Exception { String in="]>\n" + "" + " " + " \n" + " \n" + " \n" + ""; String outWithoutComments=" \n" + " \n" + " \n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); } public static void testOrderBetwenAttributesAndNss() throws Exception { String in="]>\n" + "\n"+ " \n" + ""; String outWithoutComments="\n"+ " \n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); } public static void testRfc3_3() throws Exception { String in="]>\n" + "\n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + ""; String outWithoutComments="\n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + " \n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); //im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); C14n c=new C14n(new C14nInclusive()); reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); reader=im.createFilteredReader(reader,c); while ((reader.getEventType())!=XMLStreamReader.END_DOCUMENT) { reader.next(); } assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, c.getResult()); } protected void setUp() throws Exception { super.setUp(); } } src_unitTests/com/r_bg/stax/c14n/C14nExcl.java0000644000175000001440000000162610376430011020210 0ustar rauluserspackage com.r_bg.stax.c14n; import java.io.ByteArrayInputStream; import javax.xml.stream.XMLInputFactory; import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamReader; import junit.framework.TestCase; public class C14nExcl extends TestCase { public void testStandard() throws Exception { String in="\n" + " \n" + " \n" + " \n" + ""; String out="\n" + " \n" + " \n" + " \n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); assertEquals("mismath",out, C14n.cannoicalizeWithoutComments(reader,new AttributeHandleExclusive())); } } src_unitTests/com/r_bg/stax/XMLSignatureTest.java0000644000175000001440000001713510407075060021312 0ustar rauluserspackage com.r_bg.stax; import java.io.ByteArrayInputStream; import java.math.BigInteger; import java.security.KeyFactory; import java.security.NoSuchAlgorithmException; import java.security.PublicKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.RSAPublicKeySpec; import javax.xml.crypto.KeySelector; import javax.xml.crypto.XMLStructure; import javax.xml.crypto.dsig.Reference; import javax.xml.crypto.dsig.XMLSignature; import javax.xml.crypto.dsig.XMLSignatureFactory; import javax.xml.crypto.dsig.XMLValidateContext; import javax.xml.stream.XMLInputFactory; import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamReader; import org.apache.xml.security.Init; import org.apache.xml.security.exceptions.Base64DecodingException; import org.apache.xml.security.exceptions.XMLSecurityException; import org.apache.xml.security.utils.Base64; import org.apache.xml.security.utils.Constants; import sun.security.rsa.RSAKeyFactory; import junit.framework.TestCase; public class XMLSignatureTest extends TestCase { /** @inheritDoc */ public static PublicKey getPublicKey(String data,String exp) { try { KeyFactory rsaFactory = KeyFactory.getInstance("RSA"); // KeyFactory rsaFactory = KeyFactory.getInstance(JCE_RSA); RSAPublicKeySpec rsaKeyspec = new RSAPublicKeySpec(new BigInteger(1, Base64.decode(data.getBytes())), new BigInteger(1, Base64.decode(exp.getBytes())) ); PublicKey pk = rsaFactory.generatePublic(rsaKeyspec); return pk; } catch (NoSuchAlgorithmException ex) { ex.printStackTrace(); } catch (InvalidKeySpecException ex) { ex.printStackTrace(); } catch (Base64DecodingException e) { // TODO Auto-generated catch block e.printStackTrace(); } return null; } public void testEnvelopedSignature() throws Exception { String in="\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "oMQoFufPA7Un6cfz0GaEOJpE4Z8=\n" + "\n" + "\n" + "\n" + "AhyiFQ6hucykYJOJDBV3wbPBe2TAURXXfCUD7BmSAecT+izT9fHFsxRVez3s+6hYSgtaVhmeVgbd\n" + "ZEOMPFihBGldi1NV73Z/tpXxqNvY+/NwQmmasQp9gzFHxYF2cqi8m7sAHM03BIC1YoBctxVw/jxV\n" + "ClhLJuTSHoKwlzKH24g=\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "skqbW7oBwM1lCWNwC1obkgj4VV58G1AX7ERMWEIrQQlZ8uFdQ3FNkgMdtmx/XUjNF+zXTDmxe+K/\n" + "lne+0KDwLWskqhS6gnkQmxZoR4FUovqRngoqU6bnnn0pM9gF/AI/vcdu7aowbF9S7TVlSw7IpxIQ\n" + "VjevEfohDpn/+oxljm0=\n" + "\n" + "AQAB\n" + "\n" + "\n" + "\n" + "A text in a box\n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); StaxValidateContext stx = StaxValidateContext.createEnvolopedValidator(reader); reader=im.createFilteredReader(reader, stx.getStreamReader()); while ((reader.getEventType())!=XMLStreamReader.END_DOCUMENT) { reader.next(); } XMLSignatureFactory fac=XMLSignatureFactory.getInstance("Stax"); stx.setSignatureNumber(0); XMLSignature sig=fac.unmarshalXMLSignature(stx); assertTrue("Signature reference must be right", ((Reference)sig.getSignedInfo().getReferences().get(0)).validate(stx)); RSAPublicKey pl=(RSAPublicKey) getPublicKey( "skqbW7oBwM1lCWNwC1obkgj4VV58G1AX7ERMWEIrQQlZ8uFdQ3FNkgMdtmx/XUjNF+zXTDmxe+K/\n" + "lne+0KDwLWskqhS6gnkQmxZoR4FUovqRngoqU6bnnn0pM9gF/AI/vcdu7aowbF9S7TVlSw7IpxIQ\n" + "VjevEfohDpn/+oxljm0=\n" , "AQAB" ); stx.setKeySelector(KeySelector.singletonKeySelector(pl)); assertTrue("Signature must be right", sig.validate(stx)); } public void testTamperedEnvelopedSignature() throws Exception { String in="\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "oMQoFufPA7Un6cfz0GaEOJpE4Z8=\n" + "\n" + "\n" + "\n" + "AhyiFQ6hucykYJOJDBV3wbPBe2TAURXXfCUD7BmSAecT+izT9fHFsxRVez3s+6hYSgtaVhmeVgbd\n" + "ZEOMPFihBGldi1NV73Z/tpXxqNvY+/NwQmmasQp9gzFHxYF2cqi8m7sAHM03BIC1YoBctxVw/jxV\n" + "ClhLJuTSHoKwlzKH24g=\n" + "\n" + "\n" + "\n" + "\n" + "\n" + "skqbW7oBwM1lCWNwC1obkgj4VV58G1AX7ERMWEIrQQlZ8uFdQ3FNkgMdtmx/XUjNF+zXTDmxe+K/\n" + "lne+0KDwLWskqhS6gnkQmxZoR4FUovqRngoqU6bnnn0pM9gF/AI/vcdu7aowbF9S7TVlSw7IpxIQ\n" + "VjevEfohDpn/+oxljm0=\n" + "\n" + "AQAB\n" + "\n" + "\n" + "\n" + "a text in a box\n" + ""; XMLInputFactory im=XMLInputFactory.newInstance(); im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); StaxValidateContext stx = StaxValidateContext.createEnvolopedValidator(reader); reader=im.createFilteredReader(reader, stx.getStreamReader()); while ((reader.getEventType())!=XMLStreamReader.END_DOCUMENT) { reader.next(); } XMLSignatureFactory fac=XMLSignatureFactory.getInstance("Stax" ); stx.setSignatureNumber(0); XMLSignature sig=fac.unmarshalXMLSignature(stx); assertFalse("Signature must be wrong", ((Reference)sig.getSignedInfo().getReferences().get(0)).validate(stx)); } static { Init.init(); StaxXMLSignatureFactory.getInstance("Stax", new StaxProvider()); }; }