ASF Bugzilla – Attachment 17918 Details for
Bug 39029
Stax verifier JSR105 implementation
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
First version
patch_stax.tar (text/plain), 80.00 KB, created by
Raul Benito
on 2006-03-19 12:16:31 UTC
(
hide
)
Description:
First version
Filename:
MIME Type:
Creator:
Raul Benito
Created:
2006-03-19 12:16:31 UTC
Size:
80.00 KB
patch
obsolete
>src/com/0000777000175000001440000000000010375671175011325 5ustar rauluserssrc/com/r_bg/0000777000175000001440000000000010375671175012236 5ustar rauluserssrc/com/r_bg/stax/0000777000175000001440000000000010407125064013200 5ustar rauluserssrc/com/r_bg/stax/c14n/0000777000175000001440000000000010376423345013755 5ustar rauluserssrc/com/r_bg/stax/c14n/C14nInclusive.java0000666000175000001440000000257710402626560017214 0ustar rauluserspackage com.r_bg.stax.c14n; > >import java.util.Iterator; >import java.util.SortedSet; >import java.util.TreeSet; > >import javax.xml.stream.XMLStreamReader; >/** > * TODO: Copy the already defined namespaces sadly stax doesnot give any way to obtain this > * so we are going to have stack for inclusive. > * @author raul > * > */ >public class C14nInclusive implements C14nAttributeHandler { > public String handleAttributes(XMLStreamReader in,StaxC14nHelper nsD) { > SortedSet args=new TreeSet(new AttributeCompartor(in)); > SortedSet nss=new TreeSet(new NsCompartor(in)); > String result=""; > int length=in.getNamespaceCount(); > for (int i=0;i<length;i++) { > if (!nsD.hasBeenRender(in.getNamespacePrefix(i),in.getNamespaceURI(i))) > nss.add(new Integer(i)); > } > Iterator it=nss.iterator(); > while (it.hasNext()) { > int arg=((Integer)it.next()).intValue(); > String prefix=in.getNamespacePrefix(arg); > if (prefix!="") { > prefix=" xmlns:"+prefix; > } else { > prefix=" xmlns"; > } > result+=prefix+"=\""+in.getNamespaceURI(arg)+"\""; > } > length=in.getAttributeCount(); > for (int i=0;i<length;i++) { > args.add(new Integer(i)); > } > it=args.iterator(); > for (int i=0;i<length;i++) { > int arg=((Integer)it.next()).intValue(); > result+=" "+C14n.writeAttribute(in,arg)+"=\""+in.getAttributeValue(arg)+"\""; > } > > return result; > } > >} >src/com/r_bg/stax/c14n/StaxC14nHelper.java0000644000175000001440000000304010376155266017322 0ustar rauluserspackage com.r_bg.stax.c14n; >/* > * Copyright 1999-2004 The Apache Software Foundation. > * > * Licensed under the Apache License, Version 2.0 (the "License"); > * you may not use this file except in compliance with the License. > * You may obtain a copy of the License at > * > * http://www.apache.org/licenses/LICENSE-2.0 > * > * Unless required by applicable law or agreed to in writing, software > * distributed under the License is distributed on an "AS IS" BASIS, > * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > * See the License for the specific language governing permissions and > * limitations under the License. > * > */ > > >import java.util.ArrayList; >import java.util.HashMap; >import java.util.List; > > > > >/** > * A stack based Symble Table. > *<br>For speed reasons all the symbols are introduced in the same map, > * and at the same time in a list so it can be removed when the frame is pop back. > * @author Raul Benito > **/ >public class StaxC14nHelper { > List levels=new ArrayList(); > //boolean needToClone=false; > HashMap currentRender=new HashMap(); > public StaxC14nHelper() { > currentRender.put("",""); > } > public void push() { > levels.add(currentRender.clone()); > } > public void pop() { > currentRender=(HashMap) levels.remove(levels.size()-1); > } > public boolean hasBeenRender(String prefix, String uri) { > String previousRendered=(String) currentRender.get(prefix); > if ((previousRendered!=null) && (previousRendered.equals(uri))) { > return true; > } > currentRender.put(prefix,uri); > return false; > } > >}src/com/r_bg/stax/c14n/C14n.java0000644000175000001440000000607110376430454015324 0ustar rauluserspackage com.r_bg.stax.c14n; > >import javax.xml.namespace.QName; >import javax.xml.stream.EventFilter; >import javax.xml.stream.StreamFilter; >import javax.xml.stream.XMLStreamException; >import javax.xml.stream.XMLStreamReader; >import javax.xml.stream.events.XMLEvent; > > >public class C14n implements EventFilter,StreamFilter { > String result=""; > public static String writePiData(XMLStreamReader in) { > String result=in.getPITarget(); > String data=in.getPIData(); > if (data!=null && data.length()!=0) > result+=" "+data; > > return result; > } > public static String obtainName(QName name) { > String prefix=name.getPrefix(); > if (prefix!=null && prefix.length()!=0) > prefix+=":"; > return prefix+name.getLocalPart(); > } > static String writeAttribute(XMLStreamReader in, int i) { > String result=in.getAttributePrefix(i); > if (result==null) { > result=""; > } else { > result+=":"; > } > result+=in.getAttributeLocalName(i); > return result; > } > public static String cannoicalizeWithoutComments(XMLStreamReader in, C14nAttributeHandler handler) throws XMLStreamException { > String result=""; > int type; > int beforeDocumentElement=1; > StaxC14nHelper nsD=new StaxC14nHelper(); > int number=0; > while ((type=in.getEventType())!=XMLStreamReader.END_DOCUMENT) { > switch (type) { > case XMLStreamReader.PROCESSING_INSTRUCTION: > if (beforeDocumentElement==-1) > result+="\n"; > result+="<?"+writePiData(in)+"?>"; > if (beforeDocumentElement==1) > result+="\n"; > break; > case XMLStreamReader.START_ELEMENT: > number++; > nsD.push(); > beforeDocumentElement=0; > result+="<"+obtainName(in.getName()); > result+=handler.handleAttributes(in,nsD)+">"; > break; > case XMLStreamReader.END_ELEMENT: > if (--number==0) { > beforeDocumentElement=-1; > } > result+="</"+obtainName(in.getName())+">"; > nsD.pop(); > break; > > case XMLStreamReader.CHARACTERS: > case XMLStreamReader.CDATA: > result+=in.getText(); > break; > > } > in.next(); > } > return result; > } > > int beforeDocumentElement=-1; > int number=0; > C14nAttributeHandler handler; > StaxC14nHelper nsD=new StaxC14nHelper(); > public C14n(C14nAttributeHandler handler) { > this.handler=handler; > } > public boolean accept(XMLEvent arg0) { > return false; > } > public boolean accept(XMLStreamReader in) { > int type=in.getEventType(); > switch (type) { > case XMLStreamReader.PROCESSING_INSTRUCTION: > if (beforeDocumentElement==-1) > result+="\n"; > result+="<?"+writePiData(in)+"?>"; > if (beforeDocumentElement==1) > result+="\n"; > break; > case XMLStreamReader.START_ELEMENT: > number++; > nsD.push(); > beforeDocumentElement=0; > result+="<"+obtainName(in.getName()); > result+=handler.handleAttributes(in,nsD)+">"; > break; > case XMLStreamReader.END_ELEMENT: > if (--number==0) { > beforeDocumentElement=-1; > } > result+="</"+obtainName(in.getName())+">"; > nsD.pop(); > break; > > case XMLStreamReader.CHARACTERS: > case XMLStreamReader.CDATA: > result+=in.getText(); > break; > > } > return true; > } > public String getResult() { > return result; > } >} > > > > >src/com/r_bg/stax/c14n/C14nAttributeHandler.java0000644000175000001440000000027110376154764020511 0ustar rauluserspackage com.r_bg.stax.c14n; > >import javax.xml.stream.XMLStreamReader; > >public interface C14nAttributeHandler { > public String handleAttributes(XMLStreamReader in,StaxC14nHelper nsD); >} >src/com/r_bg/stax/c14n/NsComparator.java0000644000175000001440000000074310376423352017226 0ustar rauluserspackage com.r_bg.stax.c14n; > >import java.util.Comparator; > >import javax.xml.stream.XMLStreamReader; > >class NsCompartor implements Comparator { > XMLStreamReader in; > public NsCompartor(XMLStreamReader in) { > this.in=in; > } > public int compare(Object arg0, Object arg1) { > int first=((Integer)arg0).intValue(); > int second=((Integer)arg1).intValue(); > String uri1=in.getNamespacePrefix(first); > String uri2=in.getNamespacePrefix(second); > return uri1.compareTo(uri2); > } >}src/com/r_bg/stax/c14n/AttributeHandleExclusive.java0000644000175000001440000000275310402627041021557 0ustar rauluserspackage com.r_bg.stax.c14n; > >import java.util.HashSet; >import java.util.Iterator; >import java.util.Set; >import java.util.SortedSet; >import java.util.TreeSet; > >import javax.xml.namespace.NamespaceContext; >import javax.xml.stream.XMLStreamReader; > >public class AttributeHandleExclusive implements C14nAttributeHandler { > public String handleAttributes(XMLStreamReader in,StaxC14nHelper nsD) { > SortedSet args=new TreeSet(new AttributeCompartor(in)); > SortedSet nss=new TreeSet(); > Set prefixes=new HashSet(); > String result=""; > int length; > length=in.getAttributeCount(); > for (int i=0;i<length;i++) { > args.add(new Integer(i)); > String prefix=in.getAttributePrefix(i); > if (prefix!=null) > prefixes.add(prefix); > } > prefixes.add(in.getPrefix()==null? "" : in.getPrefix()); > Iterator it=prefixes.iterator(); > NamespaceContext nc=in.getNamespaceContext(); > while (it.hasNext()) { > String prefix=(String)it.next(); > if (!nsD.hasBeenRender(prefix,nc.getNamespaceURI(prefix))) > nss.add(prefix); > } > it=nss.iterator(); > while (it.hasNext()) { > String realPrefix=(String) it.next(); > String prefix=realPrefix; > if (prefix!="") { > prefix=" xmlns:"+prefix; > } else { > prefix=" xmlns"; > } > result+=prefix+"=\""+nc.getNamespaceURI(realPrefix)+"\""; > } > > it=args.iterator(); > for (int i=0;i<length;i++) { > int arg=((Integer)it.next()).intValue(); > result+=" "+C14n.writeAttribute(in,arg)+"=\""+in.getAttributeValue(arg)+"\""; > } > > return result; > } > > } > > > >src/com/r_bg/stax/c14n/AttributeComparator.java0000644000175000001440000000143610376423315020610 0ustar rauluserspackage com.r_bg.stax.c14n; > >import java.util.Comparator; > >import javax.xml.stream.XMLStreamReader; > >class AttributeCompartor implements Comparator { > XMLStreamReader in; > public AttributeCompartor(XMLStreamReader in) { > this.in=in; > } > public int compare(Object arg0, Object arg1) { > int first=((Integer)arg0).intValue(); > int second=((Integer)arg1).intValue(); > String uri1=in.getAttributeNamespace(first); > String uri2=in.getAttributeNamespace(second); > if (uri1==null) { > return (uri2!=null )? 1 : > in.getAttributeLocalName(first).compareTo(in.getAttributeLocalName(second)); > } > if (uri2==null) { > return -1; > } > int result=uri1.compareTo(uri2); > return (result!=0) ? result :in.getAttributeLocalName(first).compareTo(in.getAttributeLocalName(second)); > } >} >src/com/r_bg/stax/StaxProvider.java0000644000175000001440000000342310403116535016472 0ustar raulusers/* > * Copyright 2005 The Apache Software Foundation. > * > * Licensed under the Apache License, Version 2.0 (the "License"); > * you may not use this file except in compliance with the License. > * You may obtain a copy of the License at > * > * http://www.apache.org/licenses/LICENSE-2.0 > * > * Unless required by applicable law or agreed to in writing, software > * distributed under the License is distributed on an "AS IS" BASIS, > * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > * See the License for the specific language governing permissions and > * limitations under the License. > * > */ >/* > * =========================================================================== > * > * (C) Copyright IBM Corp. 2003 All Rights Reserved. > * > * =========================================================================== > */ >/* > * Portions copyright 2005 Sun Microsystems, Inc. All rights reserved. > */ >/* > * $Id: XMLDSigRI.java 375655 2006-02-07 18:35:54Z mullan $ > */ >package com.r_bg.stax; > >import java.util.*; >import java.security.*; > >import javax.xml.crypto.dsig.*; > >/** > * The XMLDSig RI Provider. > * > * @author Joyce Leung > */ > >/** > * Defines the XMLDSigRI provider. > */ > >public final class StaxProvider extends Provider { > > //static final long serialVersionUID = -5049765099299494554L; > > private static final String INFO = "XMLDSig " + > "(Stax XMLSignatureFactory; Stax KeyInfoFactory)"; > > public StaxProvider() { > /* We are the XMLDSig provider */ > super("XMLDSig", 1.0, INFO); > > final Map map = new HashMap(); > map.put("XMLSignatureFactory.Stax", > "com.r_bg.stax.StaxXMLSignatureFactory"); > AccessController.doPrivileged(new java.security.PrivilegedAction() { > public Object run() { > putAll(map); > return null; > } > }); > } >} >src/com/r_bg/stax/StaxSignatureVerifcator.java0000644000175000001440000000534410407126056020675 0ustar rauluserspackage com.r_bg.stax; > >import java.util.ArrayList; >import java.util.Arrays; >import java.util.List; > >import javax.xml.crypto.dsig.Reference; >import javax.xml.crypto.dsig.XMLSignatureException; >import javax.xml.stream.StreamFilter; >import javax.xml.stream.XMLStreamReader; > >import org.apache.xml.security.exceptions.Base64DecodingException; >import org.apache.xml.security.utils.Base64; > > >class IdWatcher implements StaxWatcher { > String uri; > DigestResultListener re; > String algorithm; > public IdWatcher(String uri, String algorithm, DigestResultListener reader) { > this.uri=uri; > this.algorithm=algorithm; > this.re=reader; > } > public StaxWorker watch(XMLStreamReader reader, StaxSignatureVerifcator sig) { > if (uri.equals(reader.getAttributeValue(null, "Id"))) { > return new C14nWorker(re,algorithm); > } > return null; > } > >} > >public class StaxSignatureVerifcator implements StreamFilter{ > List<XMLSignatureWorker> signatures=new ArrayList<XMLSignatureWorker>(); > List<StaxWorker> filters=new ArrayList<StaxWorker>(); > List<Integer> filterStart=new ArrayList<Integer>(); > List<StaxWatcher> watchers=new ArrayList<StaxWatcher>(); > int level=0; > public StaxSignatureVerifcator() { > watchers.add(new SignatureWatcher()); > } > public void addSignature(XMLSignatureWorker s) { > signatures.add(s); > > } > public void insertWatch(IdWatcher watcher) { > watchers.add(watcher); > > } > public boolean accept(XMLStreamReader arg0) { > if (arg0.getEventType()==XMLStreamReader.START_ELEMENT) { > level++; > for (StaxWatcher watcher : watchers) { > StaxWorker sf=watcher.watch(arg0, this); > if (sf!=null) { > filters.add(sf); > filterStart.add(level); > } > } > } > List<StaxWorker> added=filters; > while (added.size()!=0) { > List<StaxWorker> toAdd=new ArrayList<StaxWorker>(); > List<Integer> toAddStart=new ArrayList<Integer>(); > for (StaxWorker filter: added) { > StaxWorker sf=filter.read(arg0); > if (sf!=null) { > toAdd.add(sf); > toAddStart.add(level); > } > } > added=toAdd; > filters.addAll(toAdd); > filterStart.addAll(toAddStart); > } > if (arg0.getEventType()==XMLStreamReader.END_ELEMENT) { > do { > int i=filterStart.lastIndexOf(level); > if (i!=-1) { > StaxWatcher watch=filters.remove(i).remove(); > if (watch!=null) { > watchers.add(watch); > } > filterStart.remove(i); > } > } while (filterStart.contains(level)); > level--; > } > // TODO Auto-generated method stub > return true; > } > > public boolean getReferenceResult(int i) { > // TODO Auto-generated method stub > try { > return ((Reference)signatures.get(0).getSignedInfo().getReferences().get(0)).validate(null); > } catch (XMLSignatureException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > return false; > } > >} >src/com/r_bg/stax/StaxWorker.java0000644000175000001440000000026110402650556016153 0ustar rauluserspackage com.r_bg.stax; > >import javax.xml.stream.XMLStreamReader; > >public interface StaxWorker { > public StaxWorker read(XMLStreamReader reader); > public StaxWatcher remove(); >} >src/com/r_bg/stax/StaxWatcher.java0000644000175000001440000000051110402650150016263 0ustar rauluserspackage com.r_bg.stax; > >import javax.xml.stream.XMLStreamReader; > >public interface StaxWatcher { > /** > * Insert a C14n if needed > * @param reader > * @return a StreamFilter to be notified for the life of the element and all > * subelements. > */ > public StaxWorker watch(XMLStreamReader reader, StaxSignatureVerifcator sig); >} >src/com/r_bg/stax/StaxValidateContext.java0000644000175000001440000000451610407102325017776 0ustar rauluserspackage com.r_bg.stax; > >import javax.xml.crypto.KeySelector; >import javax.xml.crypto.URIDereferencer; >import javax.xml.crypto.dsig.XMLSignature; >import javax.xml.crypto.dsig.XMLValidateContext; >import javax.xml.stream.StreamFilter; >import javax.xml.stream.XMLStreamReader; > >public class StaxValidateContext implements XMLValidateContext { > XMLStreamReader reader; > int signatureNumber=0; > KeySelector ks=null; > private StaxSignatureVerifcator sig; > public static StaxValidateContext createEnvolopedValidator(XMLStreamReader reader) { > return new StaxValidateContext(reader); > } > public void setSignatureNumber(int number) { > signatureNumber=number; > } > > protected StaxValidateContext(XMLStreamReader reader) { > this.reader=reader; > } > > public String getBaseURI() { > // TODO Auto-generated method stub > return null; > } > > public void setBaseURI(String baseURI) { > // TODO Auto-generated method stub > > } > > public KeySelector getKeySelector() { > return ks; > } > > public void setKeySelector(KeySelector ks) { > this.ks=ks; > } > > public URIDereferencer getURIDereferencer() { > // TODO Auto-generated method stub > return null; > } > > public void setURIDereferencer(URIDereferencer dereferencer) { > // TODO Auto-generated method stub > > } > > public String getNamespacePrefix(String namespaceURI, String defaultPrefix) { > // TODO Auto-generated method stub > return null; > } > > public String putNamespacePrefix(String namespaceURI, String prefix) { > // TODO Auto-generated method stub > return null; > } > > public String getDefaultNamespacePrefix() { > // TODO Auto-generated method stub > return null; > } > > public void setDefaultNamespacePrefix(String defaultPrefix) { > // TODO Auto-generated method stub > > } > > public Object setProperty(String name, Object value) { > // TODO Auto-generated method stub > return null; > } > > public Object getProperty(String name) { > // TODO Auto-generated method stub > return null; > } > > public Object get(Object key) { > // TODO Auto-generated method stub > return null; > } > > public Object put(Object key, Object value) { > // TODO Auto-generated method stub > return null; > } > > public StreamFilter getStreamReader() { > sig = new StaxSignatureVerifcator(); > // TODO Auto-generated method stub > return sig; > } > > protected XMLSignature getSignature() { > // TODO Auto-generated method stub > return sig.signatures.get(signatureNumber); > } > >} >src/com/r_bg/stax/C14nWorker.java0000644000175000001440000000257110407126117015743 0ustar rauluserspackage com.r_bg.stax; > >import java.security.MessageDigest; >import java.security.NoSuchAlgorithmException; > >import javax.xml.stream.XMLStreamReader; > >import org.apache.xml.security.algorithms.JCEMapper; >import org.apache.xml.security.algorithms.MessageDigestAlgorithm; >import org.apache.xml.security.utils.DigesterOutputStream; > >import sun.security.rsa.RSASignature.SHA1withRSA; > >import com.r_bg.stax.c14n.C14n; >import com.r_bg.stax.c14n.C14nAttributeHandler; >import com.r_bg.stax.c14n.C14nExcl; >import com.r_bg.stax.c14n.C14nIncl; >import com.r_bg.stax.c14n.C14nInclusive; >import com.sun.org.apache.xerces.internal.impl.dv.util.Base64; > >public class C14nWorker implements StaxWorker { > DigestResultListener re; > String algorithm; > C14n c14n=new C14n(new com.r_bg.stax.c14n.AttributeHandleExclusive()); > public C14nWorker(DigestResultListener re,String algorithm) { > this.re=re; > this.algorithm=algorithm; > } > > public StaxWorker read(XMLStreamReader reader) { > c14n.accept(reader); > return null; > } > > public StaxWatcher remove() { > try { > MessageDigest ms=MessageDigest.getInstance( > JCEMapper.translateURItoJCEID(algorithm)); > byte [] result=ms.digest(c14n.getResult().getBytes()); > re.setResult(result); > //System.out.println(Base64.encode(result)); > } catch (NoSuchAlgorithmException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > return null; > > } > >} >src/com/r_bg/stax/XMLSignatureWorker.java0000644000175000001440000001131610407125162017554 0ustar rauluserspackage com.r_bg.stax; > >import java.io.ByteArrayInputStream; >import java.io.IOException; >import java.io.InputStream; >import java.security.InvalidKeyException; >import java.security.MessageDigest; >import java.security.NoSuchAlgorithmException; >import java.security.PublicKey; >import java.security.Signature; >import java.security.SignatureException; >import java.util.ArrayList; >import java.util.Arrays; >import java.util.Iterator; >import java.util.List; > >import javax.xml.crypto.Data; >import javax.xml.crypto.KeySelector; >import javax.xml.crypto.KeySelectorException; >import javax.xml.crypto.KeySelectorResult; >import javax.xml.crypto.MarshalException; >import javax.xml.crypto.KeySelector.Purpose; >import javax.xml.crypto.dsig.CanonicalizationMethod; >import javax.xml.crypto.dsig.DigestMethod; >import javax.xml.crypto.dsig.Reference; >import javax.xml.crypto.dsig.SignatureMethod; >import javax.xml.crypto.dsig.SignedInfo; >import javax.xml.crypto.dsig.XMLSignContext; >import javax.xml.crypto.dsig.XMLSignature; >import javax.xml.crypto.dsig.XMLSignatureException; >import javax.xml.crypto.dsig.XMLValidateContext; >import javax.xml.crypto.dsig.keyinfo.KeyInfo; >import javax.xml.stream.XMLStreamReader; > >import org.apache.xml.security.algorithms.JCEMapper; >import org.apache.xml.security.algorithms.MessageDigestAlgorithm; >import org.apache.xml.security.exceptions.Base64DecodingException; >import org.apache.xml.security.utils.Base64; > >import com.r_bg.stax.c14n.AttributeHandleExclusive; >import com.r_bg.stax.c14n.C14n; >class Constants { > public static final String DS_URI="http://www.w3.org/2000/09/xmldsig#"; >} > > > >class SignatureWatcher implements StaxWatcher { > public StaxWorker watch(XMLStreamReader reader, StaxSignatureVerifcator sig) { > String name=reader.getLocalName(); > String uri=reader.getNamespaceURI(); > if (name.equals("Signature") && > uri.equals(Constants.DS_URI)) { > System.out.println("Signature!!!!!!"); > XMLSignatureWorker s=new XMLSignatureWorker(); > sig.addSignature(s); > return s; > } > return null; > } >} > >public class XMLSignatureWorker implements StaxWorker,XMLSignature { > SignedInfoWorker si; > KeySelectorResult keySelectorResult=null; > SignedValueWorker signatureValue; > public StaxWorker read(XMLStreamReader reader) { > if ( (reader.getEventType()==XMLStreamReader.START_ELEMENT) && > Constants.DS_URI.equals(reader.getNamespaceURI() ) ) { > if (reader.getLocalName().equals("SignedInfo") ) { > si=new SignedInfoWorker(); > return si; > } > if (reader.getLocalName().equals("SignatureValue") ) { > signatureValue=new SignedValueWorker(); > return signatureValue; > } > } > return null; > } > public StaxWatcher remove() { > System.out.println("Signature finished!"); > return null; > } > public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException { > List<Reference> references=(List<Reference>)si.getReferences(); > boolean valid=true; > for (Reference ref : references){ > valid&=ref.validate(validateContext); > } > try { > KeySelector ks=validateContext.getKeySelector(); > keySelectorResult=ks.select(null, KeySelector.Purpose.VERIFY, > si.getSignatureMethod(), validateContext); > } catch (KeySelectorException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > try { > Signature sig=Signature.getInstance( > JCEMapper.translateURItoJCEID(si.getSignatureMethod().getAlgorithm())); > sig.initVerify((PublicKey) keySelectorResult.getKey()); > int available=si.getCanonicalizedData().available(); > byte [] input=new byte[available]; > si.getCanonicalizedData().read(input); > sig.update(input); > valid&=sig.verify(getSignatureValue().getValue()); > } catch (SignatureException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } catch (NoSuchAlgorithmException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } catch (InvalidKeyException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } catch (IOException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > return valid; > } > public KeyInfo getKeyInfo() { > // TODO Auto-generated method stub > return null; > } > public SignedInfo getSignedInfo() { > return si; > } > public List getObjects() { > // TODO Auto-generated method stub > return null; > } > public String getId() { > // TODO Auto-generated method stub > return null; > } > public SignatureValue getSignatureValue() { > return signatureValue; > } > public void sign(XMLSignContext signContext) throws MarshalException, XMLSignatureException { > // TODO Auto-generated method stub > > } > public KeySelectorResult getKeySelectorResult() { > return keySelectorResult; > } > public boolean isFeatureSupported(String feature) { > // TODO Auto-generated method stub > return false; > } > >} >src/com/r_bg/stax/DigestResultListener.java0000644000175000001440000000014310407125777020174 0ustar rauluserspackage com.r_bg.stax; > >interface DigestResultListener { > public void setResult(byte[] result); > >}src/com/r_bg/stax/StaxXMLSignatureFactory.java0000644000175000001440000001264610403136773020567 0ustar rauluserspackage com.r_bg.stax; > >import java.security.AccessController; >import java.security.InvalidAlgorithmParameterException; >import java.security.NoSuchAlgorithmException; >import java.security.PrivilegedAction; >import java.security.Provider; >import java.security.Security; >import java.util.List; > >import javax.xml.crypto.Data; >import javax.xml.crypto.MarshalException; >import javax.xml.crypto.URIDereferencer; >import javax.xml.crypto.XMLStructure; >import javax.xml.crypto.dsig.CanonicalizationMethod; >import javax.xml.crypto.dsig.DigestMethod; >import javax.xml.crypto.dsig.Manifest; >import javax.xml.crypto.dsig.Reference; >import javax.xml.crypto.dsig.SignatureMethod; >import javax.xml.crypto.dsig.SignatureProperties; >import javax.xml.crypto.dsig.SignatureProperty; >import javax.xml.crypto.dsig.SignedInfo; >import javax.xml.crypto.dsig.Transform; >import javax.xml.crypto.dsig.XMLObject; >import javax.xml.crypto.dsig.XMLSignature; >import javax.xml.crypto.dsig.XMLSignatureFactory; >import javax.xml.crypto.dsig.XMLValidateContext; >import javax.xml.crypto.dsig.keyinfo.KeyInfo; >import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; >import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec; >import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec; >import javax.xml.crypto.dsig.spec.TransformParameterSpec; > >import org.jcp.xml.dsig.internal.dom.XMLDSigRI; > >public class StaxXMLSignatureFactory extends XMLSignatureFactory { > static { > > Security.addProvider(new StaxProvider()); > > }@Override > public XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki) { > // TODO Auto-generated method stub > return null; > } > > @Override > public XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki, List objects, String id, String signatureValueId) { > // TODO Auto-generated method stub > return null; > } > > @Override > public Reference newReference(String uri, DigestMethod dm) { > // TODO Auto-generated method stub > return null; > } > > @Override > public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id) { > // TODO Auto-generated method stub > return null; > } > > @Override > public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id, byte[] digestValue) { > // TODO Auto-generated method stub > return null; > } > > @Override > public Reference newReference(String uri, DigestMethod dm, List appliedTransforms, Data result, List transforms, String type, String id) { > // TODO Auto-generated method stub > return null; > } > > @Override > public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references) { > // TODO Auto-generated method stub > return null; > } > > @Override > public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references, String id) { > // TODO Auto-generated method stub > return null; > } > > @Override > public XMLObject newXMLObject(List content, String id, String mimeType, String encoding) { > // TODO Auto-generated method stub > return null; > } > > @Override > public Manifest newManifest(List references) { > // TODO Auto-generated method stub > return null; > } > > @Override > public Manifest newManifest(List references, String id) { > // TODO Auto-generated method stub > return null; > } > > @Override > public SignatureProperty newSignatureProperty(List content, String target, String id) { > // TODO Auto-generated method stub > return null; > } > > @Override > public SignatureProperties newSignatureProperties(List properties, String id) { > // TODO Auto-generated method stub > return null; > } > > @Override > public DigestMethod newDigestMethod(String algorithm, DigestMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { > // TODO Auto-generated method stub > return null; > } > > @Override > public SignatureMethod newSignatureMethod(String algorithm, SignatureMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { > // TODO Auto-generated method stub > return null; > } > > @Override > public Transform newTransform(String algorithm, TransformParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { > // TODO Auto-generated method stub > return null; > } > > @Override > public Transform newTransform(String algorithm, XMLStructure params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { > // TODO Auto-generated method stub > return null; > } > > @Override > public CanonicalizationMethod newCanonicalizationMethod(String algorithm, C14NMethodParameterSpec params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { > // TODO Auto-generated method stub > return null; > } > > @Override > public CanonicalizationMethod newCanonicalizationMethod(String algorithm, XMLStructure params) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { > // TODO Auto-generated method stub > return null; > } > > @Override > public XMLSignature unmarshalXMLSignature(XMLValidateContext context) throws MarshalException { > // TODO Auto-generated method stub > return ((StaxValidateContext)context).getSignature(); > } > > @Override > public XMLSignature unmarshalXMLSignature(XMLStructure xmlStructure) throws MarshalException { > // TODO Auto-generated method stub > return null; > } > > @Override > public boolean isFeatureSupported(String feature) { > // TODO Auto-generated method stub > return false; > } > > @Override > public URIDereferencer getURIDereferencer() { > // TODO Auto-generated method stub > return null; > } > >} >src/com/r_bg/stax/SignatureMethodWorker.java0000644000175000001440000000170610407064063020340 0ustar rauluserspackage com.r_bg.stax; > >import java.security.spec.AlgorithmParameterSpec; > >import javax.xml.crypto.dsig.SignatureMethod; >import javax.xml.stream.XMLStreamReader; > >public class SignatureMethodWorker implements StaxWorker, SignatureMethod { > > private String sighantureMethod; > > public StaxWorker read(XMLStreamReader reader) { > if (reader.getEventType()==XMLStreamReader.START_ELEMENT && Constants.DS_URI.equals(reader.getNamespaceURI())) { > if ("SignatureMethod".equals(reader.getLocalName())) { > sighantureMethod=reader.getAttributeValue(null, "Algorithm"); > }; > } > return null; > } > > public StaxWatcher remove() { > // TODO Auto-generated method stub > return null; > } > > public AlgorithmParameterSpec getParameterSpec() { > // TODO Auto-generated method stub > return null; > } > > public boolean isFeatureSupported(String feature) { > // TODO Auto-generated method stub > return false; > } > > public String getAlgorithm() { > return sighantureMethod; > } > >} >src/com/r_bg/stax/SignedValueWorker.java0000644000175000001440000000241710407102723017440 0ustar rauluserspackage com.r_bg.stax; > >import javax.xml.crypto.dsig.XMLSignatureException; >import javax.xml.crypto.dsig.XMLValidateContext; >import javax.xml.crypto.dsig.XMLSignature.SignatureValue; >import javax.xml.stream.XMLStreamReader; > >import org.apache.xml.security.exceptions.Base64DecodingException; >import org.apache.xml.security.utils.Base64; > >public class SignedValueWorker implements StaxWorker, SignatureValue { > String data; > public SignedValueWorker() { > } > > public StaxWorker read(XMLStreamReader reader) { > if (reader.getEventType()==XMLStreamReader.CHARACTERS) { > data=reader.getText(); > } > return null; > } > > public StaxWatcher remove() { > //System.out.println("Signature Value:"+data); > return null; > } > > public String getId() { > // TODO Auto-generated method stub > return null; > } > > public byte[] getValue() { > System.out.println("SignedInfo:"+data); > try { > return Base64.decode(data); > } catch (Base64DecodingException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > return null; > } > > public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException { > // TODO Auto-generated method stub > return false; > } > > public boolean isFeatureSupported(String feature) { > // TODO Auto-generated method stub > return false; > } > >} >src/com/r_bg/stax/SignedInfoWorker.java0000644000175000001440000000352110407125022017251 0ustar rauluserspackage com.r_bg.stax; > >import java.io.ByteArrayInputStream; >import java.io.InputStream; >import java.util.ArrayList; >import java.util.List; > >import javax.xml.crypto.dsig.CanonicalizationMethod; >import javax.xml.crypto.dsig.SignatureMethod; >import javax.xml.crypto.dsig.SignedInfo; >import javax.xml.stream.XMLStreamReader; > >import com.r_bg.stax.c14n.AttributeHandleExclusive; >import com.r_bg.stax.c14n.C14n; > >public class SignedInfoWorker implements StaxWorker, SignedInfo { > // FIXME: Only exclusive C14n > C14n c14n=new C14n(new AttributeHandleExclusive() ); > List<ReferenceWorker> references=new ArrayList<ReferenceWorker>(); > private SignatureMethodWorker smw; > public StaxWorker read(XMLStreamReader reader) { > c14n.accept(reader); > if (reader.getEventType()==XMLStreamReader.START_ELEMENT && Constants.DS_URI.equals(reader.getNamespaceURI())) { > if ("SignatureMethod".equals(reader.getLocalName())) { > smw=new SignatureMethodWorker(); > return smw; > } > if (reader.getLocalName().equals("Reference") ) { > ReferenceWorker r=new ReferenceWorker(); > references.add(r); > return r; > } > } > return null; > } > > public StaxWatcher remove() { > //System.out.println("C14n------\n"+c14n.getResult()+"\n\\C14n-------"); > return null; > } > > public CanonicalizationMethod getCanonicalizationMethod() { > // TODO Auto-generated method stub > return null; > } > > public SignatureMethod getSignatureMethod() { > return smw; > } > > public List getReferences() { > // TODO Auto-generated method stub > return references; > } > > public String getId() { > // TODO Auto-generated method stub > return null; > } > > public InputStream getCanonicalizedData() { > //FIXME: Only exclusive C14n > return new ByteArrayInputStream(c14n.getResult().getBytes()); > } > > public boolean isFeatureSupported(String feature) { > // TODO Auto-generated method stub > return false; > } > >}src/com/r_bg/stax/ReferenceWorker.java0000644000175000001440000000645710407126146017145 0ustar rauluserspackage com.r_bg.stax; > >import java.io.InputStream; >import java.security.spec.AlgorithmParameterSpec; >import java.util.Arrays; >import java.util.List; > >import javax.xml.crypto.Data; >import javax.xml.crypto.dsig.DigestMethod; >import javax.xml.crypto.dsig.Reference; >import javax.xml.crypto.dsig.XMLSignatureException; >import javax.xml.crypto.dsig.XMLValidateContext; >import javax.xml.stream.XMLStreamReader; > >import org.apache.xml.security.exceptions.Base64DecodingException; >import org.apache.xml.security.utils.Base64; > >class ReferenceWorker implements StaxWorker, Reference, DigestResultListener { > boolean readDigestValue=false; > String uri; > String c14nType; > byte[] digestValue; > byte[] calculateDigestValue; > boolean correct=false; > private DigestMethod digestMethod; > public StaxWorker read(XMLStreamReader reader) { > if (reader.getEventType()==XMLStreamReader.START_ELEMENT && Constants.DS_URI.equals(reader.getNamespaceURI())) { > String name=reader.getLocalName(); > if (name.equals("Reference") ) { > uri=reader.getAttributeValue(null,"URI"); > } > if (name.equals("DigestValue")) { > readDigestValue=true; > } > if ("DigestMethod".equals(name)) { > final String mda=reader.getAttributeValue(null, "Algorithm"); > digestMethod=new DigestMethod() { > > public AlgorithmParameterSpec getParameterSpec() { > return null; > } > > public boolean isFeatureSupported(String feature) { > // TODO Auto-generated method stub > return false; > } > > public String getAlgorithm() { > return mda; > } > > }; > } > } > if (reader.getEventType()==XMLStreamReader.END_ELEMENT && > Constants.DS_URI.equals(reader.getNamespaceURI())) { > if (reader.getLocalName().equals("DigestValue")) { > readDigestValue=false; > } > } > if (reader.getEventType()==XMLStreamReader.CHARACTERS) { > if (readDigestValue) > try { > digestValue=Base64.decode(reader.getText()); > } catch (Base64DecodingException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > } > // TODO Auto-generated method stub > return null; > } > public StaxWatcher remove() { > //System.out.println("Reference removed"); > return new IdWatcher(uri.substring(1),getDigestMethod().getAlgorithm(),this); > } > /* (non-Javadoc) > * @see com.r_bg.stax.DigestResultListener#setResult(byte[]) > */ > public void setResult(byte[] result) { > calculateDigestValue=result; > correct=Arrays.equals(result, digestValue); > > } > public List getTransforms() { > // TODO Auto-generated method stub > return null; > } > public DigestMethod getDigestMethod() { > return digestMethod; > } > public String getId() { > // TODO Auto-generated method stub > return null; > } > public byte[] getDigestValue() { > return digestValue; > } > public byte[] getCalculatedDigestValue() { > return calculateDigestValue; > } > public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException { > return correct; > } > public Data getDereferencedData() { > // TODO Auto-generated method stub > return null; > } > public InputStream getDigestInputStream() { > // TODO Auto-generated method stub > return null; > } > public String getURI() { > return uri; > } > public String getType() { > // TODO Auto-generated method stub > return null; > } > public boolean isFeatureSupported(String feature) { > // TODO Auto-generated method stub > return false; > } > >}src_unitTests/com/0000777000175000001440000000000010375671233013402 5ustar rauluserssrc_unitTests/com/r_bg/0000777000175000001440000000000010375671233014313 5ustar rauluserssrc_unitTests/com/r_bg/stax/0000777000175000001440000000000010400407252015255 5ustar rauluserssrc_unitTests/com/r_bg/stax/c14n/0000777000175000001440000000000010376156232016035 5ustar rauluserssrc_unitTests/com/r_bg/stax/c14n/C14nIncl.java0000666000175000001440000001514610376430361020220 0ustar rauluserspackage com.r_bg.stax.c14n; > >import java.io.ByteArrayInputStream; > >import javax.xml.stream.XMLInputFactory; >import javax.xml.stream.XMLStreamException; >import javax.xml.stream.XMLStreamReader; > >import junit.framework.TestCase; > >public class C14nIncl extends TestCase { > > public static void main(String[] args) { > } > public static void testRfc3_1() throws Exception { > String in="<?xml version=\"1.0\"?>\n" + > "\n" + > "<?xml-stylesheet href=\"doc.xsl\"\n" + > " type=\"text/xsl\" ?>\n" + > "\n" + > "<!DOCTYPE doc SYSTEM \"doc.dtd\">\n" + > "\n" + > "<doc>Hello, world!<!-- Comment 1 --></doc>\n" + > "\n" + > "<?pi-without-data ?>\n" + > "\n" + > "<!-- Comment 2 -->\n" + > "\n" + > "<!-- Comment 3 -->"; > String outWithoutComments="<?xml-stylesheet href=\"doc.xsl\"\n" + > " type=\"text/xsl\" ?>\n" + > "<doc>Hello, world!</doc>\n" + > "<?pi-without-data?>"; > String outWithComments="<?xml-stylesheet href=\"doc.xsl\"\n" + > " type=\"text/xsl\" ?>\n" + > "<doc>Hello, world!<!-- Comment 1 --></doc>\n" + > "<?pi-without-data?>\n" + > "<!-- Comment 2 -->\n" + > "<!-- Comment 3 -->"; > XMLInputFactory im=XMLInputFactory.newInstance(); > im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, > C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); > > } > public static void testRfc3_2() throws Exception { > String in="<doc>\n" + > " <clean> </clean>\n" + > " <dirty> A B </dirty>\n" + > " <mixed>\n" + > " A\n" + > " <clean> </clean>\n" + > " B\n" + > " <dirty> A B </dirty>\n" + > " C\n" + > " </mixed>\n" + > "</doc>"; > String outWithoutComments="<doc>\n" + > " <clean> </clean>\n" + > " <dirty> A B </dirty>\n" + > " <mixed>\n" + > " A\n" + > " <clean> </clean>\n" + > " B\n" + > " <dirty> A B </dirty>\n" + > " C\n" + > " </mixed>\n" + > "</doc>"; > XMLInputFactory im=XMLInputFactory.newInstance(); > im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, > C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); > > } > public static void testOrderInAttributes() throws Exception { > String in="<!DOCTYPE doc [<!ATTLIST e9 attr CDATA \"default\">]>\n" + > "<doc xmlns:b=\"http://www.ietf.org\">" + > " <doc2 xmlns:a=\"http://www.w3.org\">" + > " <doc3 xmlns=\"http://example.org\">\n" + > " <e3 name = \"elem3\" id=\"elem3\" />\n" + > " <e5 a:attr=\"out\" b:attr=\"sorted\" attr2=\"all\" attr=\"I\'m\"\n" + > " />\n" + > "</doc3></doc2></doc>"; > String outWithoutComments="<doc xmlns:b=\"http://www.ietf.org\"> <doc2 xmlns:a=\"http://www.w3.org\"> <doc3 xmlns=\"http://example.org\">\n" + > " <e3 id=\"elem3\" name=\"elem3\"></e3>\n" + > " <e5 attr=\"I\'m\" attr2=\"all\" b:attr=\"sorted\" a:attr=\"out\"></e5>\n" + > "</doc3></doc2></doc>"; > XMLInputFactory im=XMLInputFactory.newInstance(); > im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, > C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); > > } > public static void testOrderBetwenAttributesAndNss() throws Exception { > String in="<!DOCTYPE doc [<!ATTLIST e9 attr CDATA \"default\">]>\n" + > "<doc>\n"+ > " <e3 name = \"elem3\" xmlns=\"http://a.com/\" id=\"elem3\" />\n" + > "</doc>"; > String outWithoutComments="<doc>\n"+ > " <e3 xmlns=\"http://a.com/\" id=\"elem3\" name=\"elem3\"></e3>\n" + > "</doc>"; > XMLInputFactory im=XMLInputFactory.newInstance(); > im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > > assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, > C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); > > } > public static void testRfc3_3() throws Exception { > String in="<!DOCTYPE doc [<!ATTLIST e9 attr CDATA \"default\">]>\n" + > "<doc>\n" + > " <e1 />\n" + > " <e2 ></e2>\n" + > " <e3 name = \"elem3\" id=\"elem3\" />\n" + > " <e4 name=\"elem4\" id=\"elem4\" ></e4>\n" + > " <e5 a:attr=\"out\" b:attr=\"sorted\" attr2=\"all\" attr=\"I\'m\"\n" + > " xmlns:b=\"http://www.ietf.org\"\n" + > " xmlns:a=\"http://www.w3.org\"\n" + > " xmlns=\"http://example.org\"/>\n" + > " <e6 xmlns=\"\" xmlns:a=\"http://www.w3.org\">\n" + > " <e7 xmlns=\"http://www.ietf.org\">\n" + > " <e8 xmlns=\"\" xmlns:a=\"http://www.w3.org\">\n" + > " <e9 xmlns=\"\" xmlns:a=\"http://www.ietf.org\"/>\n" + > " </e8>\n" + > " </e7>\n" + > " </e6>\n" + > "</doc>"; > String outWithoutComments="<doc>\n" + > " <e1></e1>\n" + > " <e2></e2>\n" + > " <e3 id=\"elem3\" name=\"elem3\"></e3>\n" + > " <e4 id=\"elem4\" name=\"elem4\"></e4>\n" + > " <e5 xmlns=\"http://example.org\" xmlns:a=\"http://www.w3.org\" xmlns:b=\"http://www.ietf.org\" attr=\"I\'m\" attr2=\"all\" b:attr=\"sorted\" a:attr=\"out\"></e5>\n" + > " <e6 xmlns:a=\"http://www.w3.org\">\n" + > " <e7 xmlns=\"http://www.ietf.org\">\n" + > " <e8 xmlns=\"\">\n" + > " <e9 xmlns:a=\"http://www.ietf.org\" attr=\"default\"></e9>\n" + > " </e8>\n" + > " </e7>\n" + > " </e6>\n" + > "</doc>"; > XMLInputFactory im=XMLInputFactory.newInstance(); > //im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, > C14n.cannoicalizeWithoutComments(reader,new C14nInclusive())); > C14n c=new C14n(new C14nInclusive()); > reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > reader=im.createFilteredReader(reader,c); > while ((reader.getEventType())!=XMLStreamReader.END_DOCUMENT) { > reader.next(); > } > assertEquals("Output not like stated in 3.1 rfc",outWithoutComments, > c.getResult()); > > > > } > > > protected void setUp() throws Exception { > super.setUp(); > } > >} >src_unitTests/com/r_bg/stax/c14n/C14nExcl.java0000644000175000001440000000162610376430011020210 0ustar rauluserspackage com.r_bg.stax.c14n; > >import java.io.ByteArrayInputStream; > >import javax.xml.stream.XMLInputFactory; >import javax.xml.stream.XMLStreamException; >import javax.xml.stream.XMLStreamReader; > >import junit.framework.TestCase; > >public class C14nExcl extends TestCase { > public void testStandard() throws Exception { > String in="<doc xmlns:a=\"http://a\">\n" + > " <a:a xmlns=\"http://a\">\n" + > " <b/>\n" + > " </a:a>\n" + > "</doc>"; > String out="<doc>\n" + > " <a:a xmlns:a=\"http://a\">\n" + > " <b xmlns=\"http://a\"></b>\n" + > " </a:a>\n" + > "</doc>"; > XMLInputFactory im=XMLInputFactory.newInstance(); > im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > assertEquals("mismath",out, > C14n.cannoicalizeWithoutComments(reader,new AttributeHandleExclusive())); > } >} >src_unitTests/com/r_bg/stax/XMLSignatureTest.java0000644000175000001440000001713510407075060021312 0ustar rauluserspackage com.r_bg.stax; > >import java.io.ByteArrayInputStream; >import java.math.BigInteger; >import java.security.KeyFactory; >import java.security.NoSuchAlgorithmException; >import java.security.PublicKey; >import java.security.interfaces.RSAPublicKey; >import java.security.spec.InvalidKeySpecException; >import java.security.spec.RSAPublicKeySpec; > >import javax.xml.crypto.KeySelector; >import javax.xml.crypto.XMLStructure; >import javax.xml.crypto.dsig.Reference; >import javax.xml.crypto.dsig.XMLSignature; >import javax.xml.crypto.dsig.XMLSignatureFactory; >import javax.xml.crypto.dsig.XMLValidateContext; >import javax.xml.stream.XMLInputFactory; >import javax.xml.stream.XMLStreamException; >import javax.xml.stream.XMLStreamReader; > >import org.apache.xml.security.Init; >import org.apache.xml.security.exceptions.Base64DecodingException; >import org.apache.xml.security.exceptions.XMLSecurityException; >import org.apache.xml.security.utils.Base64; >import org.apache.xml.security.utils.Constants; > >import sun.security.rsa.RSAKeyFactory; > >import junit.framework.TestCase; > >public class XMLSignatureTest extends TestCase { > /** @inheritDoc */ > public static PublicKey getPublicKey(String data,String exp) { > try { > KeyFactory rsaFactory = KeyFactory.getInstance("RSA"); > // KeyFactory rsaFactory = KeyFactory.getInstance(JCE_RSA); > RSAPublicKeySpec rsaKeyspec = > new RSAPublicKeySpec(new BigInteger(1, Base64.decode(data.getBytes())), > new BigInteger(1, Base64.decode(exp.getBytes())) ); > PublicKey pk = rsaFactory.generatePublic(rsaKeyspec); > > return pk; > } catch (NoSuchAlgorithmException ex) { > ex.printStackTrace(); > } catch (InvalidKeySpecException ex) { > ex.printStackTrace(); > } catch (Base64DecodingException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > return null; > } > public void testEnvelopedSignature() throws Exception { > String in="<RootObject><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\n" + > "<ds:SignedInfo>\n" + > "<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></ds:CanonicalizationMethod>\n" + > "<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"></ds:SignatureMethod>\n" + > "<ds:Reference URI=\"#1\">\n" + > "<ds:Transforms>\n" + > "<ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></ds:Transform>\n" + > "</ds:Transforms>\n" + > "<ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"></ds:DigestMethod>\n" + > "<ds:DigestValue>oMQoFufPA7Un6cfz0GaEOJpE4Z8=</ds:DigestValue>\n" + > "</ds:Reference>\n" + > "</ds:SignedInfo>\n" + > "<ds:SignatureValue>\n" + > "AhyiFQ6hucykYJOJDBV3wbPBe2TAURXXfCUD7BmSAecT+izT9fHFsxRVez3s+6hYSgtaVhmeVgbd\n" + > "ZEOMPFihBGldi1NV73Z/tpXxqNvY+/NwQmmasQp9gzFHxYF2cqi8m7sAHM03BIC1YoBctxVw/jxV\n" + > "ClhLJuTSHoKwlzKH24g=\n" + > "</ds:SignatureValue>\n" + > "<ds:KeyInfo>\n" + > "<ds:KeyValue>\n" + > "<ds:RSAKeyValue>\n" + > "<ds:Modulus>\n" + > "skqbW7oBwM1lCWNwC1obkgj4VV58G1AX7ERMWEIrQQlZ8uFdQ3FNkgMdtmx/XUjNF+zXTDmxe+K/\n" + > "lne+0KDwLWskqhS6gnkQmxZoR4FUovqRngoqU6bnnn0pM9gF/AI/vcdu7aowbF9S7TVlSw7IpxIQ\n" + > "VjevEfohDpn/+oxljm0=\n" + > "</ds:Modulus>\n" + > "<ds:Exponent>AQAB</ds:Exponent>\n" + > "</ds:RSAKeyValue>\n" + > "</ds:KeyValue>\n" + > "</ds:KeyInfo>\n" + > "<ds:Object Id=\"1\"><UnderObject>A text in a box<OtherObject><OtherObject2></OtherObject2><OtherObject6></OtherObject6><OtherObject></OtherObject></OtherObject></UnderObject></ds:Object>\n" + > "</ds:Signature></RootObject>"; > XMLInputFactory im=XMLInputFactory.newInstance(); > im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > StaxValidateContext stx = StaxValidateContext.createEnvolopedValidator(reader); > reader=im.createFilteredReader(reader, stx.getStreamReader()); > while ((reader.getEventType())!=XMLStreamReader.END_DOCUMENT) { > reader.next(); > } > XMLSignatureFactory fac=XMLSignatureFactory.getInstance("Stax"); > stx.setSignatureNumber(0); > XMLSignature sig=fac.unmarshalXMLSignature(stx); > assertTrue("Signature reference must be right", > ((Reference)sig.getSignedInfo().getReferences().get(0)).validate(stx)); > RSAPublicKey pl=(RSAPublicKey) getPublicKey( > "skqbW7oBwM1lCWNwC1obkgj4VV58G1AX7ERMWEIrQQlZ8uFdQ3FNkgMdtmx/XUjNF+zXTDmxe+K/\n" + > "lne+0KDwLWskqhS6gnkQmxZoR4FUovqRngoqU6bnnn0pM9gF/AI/vcdu7aowbF9S7TVlSw7IpxIQ\n" + > "VjevEfohDpn/+oxljm0=\n" , > "AQAB" > ); > stx.setKeySelector(KeySelector.singletonKeySelector(pl)); > assertTrue("Signature must be right", > sig.validate(stx)); > } > public void testTamperedEnvelopedSignature() throws Exception { > String in="<RootObject><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\n" + > "<ds:SignedInfo>\n" + > "<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></ds:CanonicalizationMethod>\n" + > "<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"></ds:SignatureMethod>\n" + > "<ds:Reference URI=\"#1\">\n" + > "<ds:Transforms>\n" + > "<ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></ds:Transform>\n" + > "</ds:Transforms>\n" + > "<ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"></ds:DigestMethod>\n" + > "<ds:DigestValue>oMQoFufPA7Un6cfz0GaEOJpE4Z8=</ds:DigestValue>\n" + > "</ds:Reference>\n" + > "</ds:SignedInfo>\n" + > "<ds:SignatureValue>\n" + > "AhyiFQ6hucykYJOJDBV3wbPBe2TAURXXfCUD7BmSAecT+izT9fHFsxRVez3s+6hYSgtaVhmeVgbd\n" + > "ZEOMPFihBGldi1NV73Z/tpXxqNvY+/NwQmmasQp9gzFHxYF2cqi8m7sAHM03BIC1YoBctxVw/jxV\n" + > "ClhLJuTSHoKwlzKH24g=\n" + > "</ds:SignatureValue>\n" + > "<ds:KeyInfo>\n" + > "<ds:KeyValue>\n" + > "<ds:RSAKeyValue>\n" + > "<ds:Modulus>\n" + > "skqbW7oBwM1lCWNwC1obkgj4VV58G1AX7ERMWEIrQQlZ8uFdQ3FNkgMdtmx/XUjNF+zXTDmxe+K/\n" + > "lne+0KDwLWskqhS6gnkQmxZoR4FUovqRngoqU6bnnn0pM9gF/AI/vcdu7aowbF9S7TVlSw7IpxIQ\n" + > "VjevEfohDpn/+oxljm0=\n" + > "</ds:Modulus>\n" + > "<ds:Exponent>AQAB</ds:Exponent>\n" + > "</ds:RSAKeyValue>\n" + > "</ds:KeyValue>\n" + > "</ds:KeyInfo>\n" + > "<ds:Object Id=\"1\"><UnderObject>a text in a box<OtherObject><OtherObject2></OtherObject2><OtherObject6></OtherObject6><OtherObject></OtherObject></OtherObject></UnderObject></ds:Object>\n" + > "</ds:Signature></RootObject>"; > XMLInputFactory im=XMLInputFactory.newInstance(); > im.setProperty("javax.xml.stream.supportDTD", new Boolean(false)); > XMLStreamReader reader=im.createXMLStreamReader(new ByteArrayInputStream(in.getBytes())); > StaxValidateContext stx = StaxValidateContext.createEnvolopedValidator(reader); > reader=im.createFilteredReader(reader, stx.getStreamReader()); > while ((reader.getEventType())!=XMLStreamReader.END_DOCUMENT) { > reader.next(); > } > XMLSignatureFactory fac=XMLSignatureFactory.getInstance("Stax" ); > stx.setSignatureNumber(0); > XMLSignature sig=fac.unmarshalXMLSignature(stx); > assertFalse("Signature must be wrong", > ((Reference)sig.getSignedInfo().getReferences().get(0)).validate(stx)); > } > > static { > Init.init(); > > StaxXMLSignatureFactory.getInstance("Stax", new StaxProvider()); > > }; > >} >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=17918">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 39029
:
17918
|
18360
|
19265