57 private static Map<String, Class<? extends SignatureAlgorithmSpi>> algorithmHash =
58 new ConcurrentHashMap<String, Class<? extends SignatureAlgorithmSpi>>();
59
60 /** Field signatureAlgorithm */
61 private final SignatureAlgorithmSpi signatureAlgorithm;
62
63 private final String algorithmURI;
64
65 /**
66 * Constructor SignatureAlgorithm
67 *
68 * @param doc
69 * @param algorithmURI
70 * @throws XMLSecurityException
71 */
72 public SignatureAlgorithm(Document doc, String algorithmURI) throws XMLSecurityException {
73 super(doc, algorithmURI);
74 this.algorithmURI = algorithmURI;
75
76 signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
77 signatureAlgorithm.engineGetContextFromElement(this._constructionElement);
78 }
79
80 /**
81 * Constructor SignatureAlgorithm
82 *
83 * @param doc
84 * @param algorithmURI
85 * @param hmacOutputLength
86 * @throws XMLSecurityException
87 */
88 public SignatureAlgorithm(
89 Document doc, String algorithmURI, int hmacOutputLength
90 ) throws XMLSecurityException {
91 super(doc, algorithmURI);
92 this.algorithmURI = algorithmURI;
93
94 signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
95 signatureAlgorithm.engineGetContextFromElement(this._constructionElement);
96
97 signatureAlgorithm.engineSetHMACOutputLength(hmacOutputLength);
98 ((IntegrityHmac)signatureAlgorithm).engineAddContextToElement(_constructionElement);
99 }
100
101 /**
102 * Constructor SignatureAlgorithm
103 *
104 * @param element
105 * @param baseURI
106 * @throws XMLSecurityException
107 */
108 public SignatureAlgorithm(Element element, String baseURI) throws XMLSecurityException {
109 this(element, baseURI, false);
110 }
111
112 /**
113 * Constructor SignatureAlgorithm
114 *
115 * @param element
116 * @param baseURI
117 * @param secureValidation
118 * @throws XMLSecurityException
119 */
120 public SignatureAlgorithm(
121 Element element, String baseURI, boolean secureValidation
122 ) throws XMLSecurityException {
123 super(element, baseURI);
124 algorithmURI = this.getURI();
125
126 Attr attr = element.getAttributeNodeNS(null, "Id");
127 if (attr != null) {
128 element.setIdAttributeNode(attr, true);
129 }
130
131 if (secureValidation && (XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5.equals(algorithmURI)
132 || XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5.equals(algorithmURI))) {
133 Object exArgs[] = { algorithmURI };
134
135 throw new XMLSecurityException("signature.signatureAlgorithm", exArgs);
136 }
137
138 signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
139 signatureAlgorithm.engineGetContextFromElement(this._constructionElement);
140 }
141
142 /**
143 * Get a SignatureAlgorithmSpi object corresponding to the algorithmURI argument
144 */
145 private static SignatureAlgorithmSpi getSignatureAlgorithmSpi(String algorithmURI)
146 throws XMLSignatureException {
147 try {
148 Class<? extends SignatureAlgorithmSpi> implementingClass =
149 algorithmHash.get(algorithmURI);
150 if (log.isLoggable(java.util.logging.Level.FINE)) {
151 log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
152 + implementingClass + "\"");
153 }
154 return implementingClass.newInstance();
155 } catch (IllegalAccessException ex) {
156 Object exArgs[] = { algorithmURI, ex.getMessage() };
157 throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
158 } catch (InstantiationException ex) {
159 Object exArgs[] = { algorithmURI, ex.getMessage() };
293
294 /**
295 * Proxy method for {@link java.security.Signature#verify(byte[])}
296 * which is executed on the internal {@link java.security.Signature} object.
297 *
298 * @param signature
299 * @return true if if the signature is valid.
300 *
301 * @throws XMLSignatureException
302 */
303 public boolean verify(byte[] signature) throws XMLSignatureException {
304 return signatureAlgorithm.engineVerify(signature);
305 }
306
307 /**
308 * Returns the URI representation of Transformation algorithm
309 *
310 * @return the URI representation of Transformation algorithm
311 */
312 public final String getURI() {
313 return _constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM);
314 }
315
316 /**
317 * Registers implementing class of the Transform algorithm with algorithmURI
318 *
319 * @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code>.
320 * @param implementingClass <code>implementingClass</code> the implementing class of
321 * {@link SignatureAlgorithmSpi}
322 * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
323 * @throws XMLSignatureException
324 */
325 @SuppressWarnings("unchecked")
326 public static void register(String algorithmURI, String implementingClass)
327 throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
328 XMLSignatureException {
329 if (log.isLoggable(java.util.logging.Level.FINE)) {
330 log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
331 }
332
333 // are we already registered?
363 XMLSignatureException {
364 if (log.isLoggable(java.util.logging.Level.FINE)) {
365 log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
366 }
367
368 // are we already registered?
369 Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI);
370 if (registeredClass != null) {
371 Object exArgs[] = { algorithmURI, registeredClass };
372 throw new AlgorithmAlreadyRegisteredException(
373 "algorithm.alreadyRegistered", exArgs
374 );
375 }
376 algorithmHash.put(algorithmURI, implementingClass);
377 }
378
379 /**
380 * This method registers the default algorithms.
381 */
382 public static void registerDefaultAlgorithms() {
383 algorithmHash.put(
384 XMLSignature.ALGO_ID_SIGNATURE_DSA, SignatureDSA.class
385 );
386 algorithmHash.put(
387 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1, SignatureBaseRSA.SignatureRSASHA1.class
388 );
389 algorithmHash.put(
390 XMLSignature.ALGO_ID_MAC_HMAC_SHA1, IntegrityHmac.IntegrityHmacSHA1.class
391 );
392 algorithmHash.put(
393 XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5,
394 SignatureBaseRSA.SignatureRSAMD5.class
395 );
396 algorithmHash.put(
397 XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
398 SignatureBaseRSA.SignatureRSARIPEMD160.class
399 );
400 algorithmHash.put(
401 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256, SignatureBaseRSA.SignatureRSASHA256.class
402 );
403 algorithmHash.put(
404 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384, SignatureBaseRSA.SignatureRSASHA384.class
405 );
406 algorithmHash.put(
407 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512, SignatureBaseRSA.SignatureRSASHA512.class
408 );
409 algorithmHash.put(
410 XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, SignatureECDSA.SignatureECDSASHA1.class
411 );
412 algorithmHash.put(
413 XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5, IntegrityHmac.IntegrityHmacMD5.class
414 );
415 algorithmHash.put(
416 XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160, IntegrityHmac.IntegrityHmacRIPEMD160.class
417 );
418 algorithmHash.put(
419 XMLSignature.ALGO_ID_MAC_HMAC_SHA256, IntegrityHmac.IntegrityHmacSHA256.class
420 );
421 algorithmHash.put(
422 XMLSignature.ALGO_ID_MAC_HMAC_SHA384, IntegrityHmac.IntegrityHmacSHA384.class
423 );
424 algorithmHash.put(
425 XMLSignature.ALGO_ID_MAC_HMAC_SHA512, IntegrityHmac.IntegrityHmacSHA512.class
426 );
427 }
428
429 /**
430 * Method getBaseNamespace
|
57 private static Map<String, Class<? extends SignatureAlgorithmSpi>> algorithmHash =
58 new ConcurrentHashMap<String, Class<? extends SignatureAlgorithmSpi>>();
59
60 /** Field signatureAlgorithm */
61 private final SignatureAlgorithmSpi signatureAlgorithm;
62
63 private final String algorithmURI;
64
65 /**
66 * Constructor SignatureAlgorithm
67 *
68 * @param doc
69 * @param algorithmURI
70 * @throws XMLSecurityException
71 */
72 public SignatureAlgorithm(Document doc, String algorithmURI) throws XMLSecurityException {
73 super(doc, algorithmURI);
74 this.algorithmURI = algorithmURI;
75
76 signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
77 signatureAlgorithm.engineGetContextFromElement(this.constructionElement);
78 }
79
80 /**
81 * Constructor SignatureAlgorithm
82 *
83 * @param doc
84 * @param algorithmURI
85 * @param hmacOutputLength
86 * @throws XMLSecurityException
87 */
88 public SignatureAlgorithm(
89 Document doc, String algorithmURI, int hmacOutputLength
90 ) throws XMLSecurityException {
91 super(doc, algorithmURI);
92 this.algorithmURI = algorithmURI;
93
94 signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
95 signatureAlgorithm.engineGetContextFromElement(this.constructionElement);
96
97 signatureAlgorithm.engineSetHMACOutputLength(hmacOutputLength);
98 ((IntegrityHmac)signatureAlgorithm).engineAddContextToElement(constructionElement);
99 }
100
101 /**
102 * Constructor SignatureAlgorithm
103 *
104 * @param element
105 * @param baseURI
106 * @throws XMLSecurityException
107 */
108 public SignatureAlgorithm(Element element, String baseURI) throws XMLSecurityException {
109 this(element, baseURI, false);
110 }
111
112 /**
113 * Constructor SignatureAlgorithm
114 *
115 * @param element
116 * @param baseURI
117 * @param secureValidation
118 * @throws XMLSecurityException
119 */
120 public SignatureAlgorithm(
121 Element element, String baseURI, boolean secureValidation
122 ) throws XMLSecurityException {
123 super(element, baseURI);
124 algorithmURI = this.getURI();
125
126 Attr attr = element.getAttributeNodeNS(null, "Id");
127 if (attr != null) {
128 element.setIdAttributeNode(attr, true);
129 }
130
131 if (secureValidation && (XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5.equals(algorithmURI)
132 || XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5.equals(algorithmURI))) {
133 Object exArgs[] = { algorithmURI };
134
135 throw new XMLSecurityException("signature.signatureAlgorithm", exArgs);
136 }
137
138 signatureAlgorithm = getSignatureAlgorithmSpi(algorithmURI);
139 signatureAlgorithm.engineGetContextFromElement(this.constructionElement);
140 }
141
142 /**
143 * Get a SignatureAlgorithmSpi object corresponding to the algorithmURI argument
144 */
145 private static SignatureAlgorithmSpi getSignatureAlgorithmSpi(String algorithmURI)
146 throws XMLSignatureException {
147 try {
148 Class<? extends SignatureAlgorithmSpi> implementingClass =
149 algorithmHash.get(algorithmURI);
150 if (log.isLoggable(java.util.logging.Level.FINE)) {
151 log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \""
152 + implementingClass + "\"");
153 }
154 return implementingClass.newInstance();
155 } catch (IllegalAccessException ex) {
156 Object exArgs[] = { algorithmURI, ex.getMessage() };
157 throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, ex);
158 } catch (InstantiationException ex) {
159 Object exArgs[] = { algorithmURI, ex.getMessage() };
293
294 /**
295 * Proxy method for {@link java.security.Signature#verify(byte[])}
296 * which is executed on the internal {@link java.security.Signature} object.
297 *
298 * @param signature
299 * @return true if if the signature is valid.
300 *
301 * @throws XMLSignatureException
302 */
303 public boolean verify(byte[] signature) throws XMLSignatureException {
304 return signatureAlgorithm.engineVerify(signature);
305 }
306
307 /**
308 * Returns the URI representation of Transformation algorithm
309 *
310 * @return the URI representation of Transformation algorithm
311 */
312 public final String getURI() {
313 return constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM);
314 }
315
316 /**
317 * Registers implementing class of the Transform algorithm with algorithmURI
318 *
319 * @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code>.
320 * @param implementingClass <code>implementingClass</code> the implementing class of
321 * {@link SignatureAlgorithmSpi}
322 * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
323 * @throws XMLSignatureException
324 */
325 @SuppressWarnings("unchecked")
326 public static void register(String algorithmURI, String implementingClass)
327 throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
328 XMLSignatureException {
329 if (log.isLoggable(java.util.logging.Level.FINE)) {
330 log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
331 }
332
333 // are we already registered?
363 XMLSignatureException {
364 if (log.isLoggable(java.util.logging.Level.FINE)) {
365 log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
366 }
367
368 // are we already registered?
369 Class<? extends SignatureAlgorithmSpi> registeredClass = algorithmHash.get(algorithmURI);
370 if (registeredClass != null) {
371 Object exArgs[] = { algorithmURI, registeredClass };
372 throw new AlgorithmAlreadyRegisteredException(
373 "algorithm.alreadyRegistered", exArgs
374 );
375 }
376 algorithmHash.put(algorithmURI, implementingClass);
377 }
378
379 /**
380 * This method registers the default algorithms.
381 */
382 public static void registerDefaultAlgorithms() {
383 algorithmHash.put(SignatureDSA.URI, SignatureDSA.class);
384 algorithmHash.put(
385 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1, SignatureBaseRSA.SignatureRSASHA1.class
386 );
387 algorithmHash.put(
388 XMLSignature.ALGO_ID_MAC_HMAC_SHA1, IntegrityHmac.IntegrityHmacSHA1.class
389 );
390 algorithmHash.put(
391 XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5,
392 SignatureBaseRSA.SignatureRSAMD5.class
393 );
394 algorithmHash.put(
395 XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
396 SignatureBaseRSA.SignatureRSARIPEMD160.class
397 );
398 algorithmHash.put(
399 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256, SignatureBaseRSA.SignatureRSASHA256.class
400 );
401 algorithmHash.put(
402 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384, SignatureBaseRSA.SignatureRSASHA384.class
403 );
404 algorithmHash.put(
405 XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512, SignatureBaseRSA.SignatureRSASHA512.class
406 );
407 algorithmHash.put(
408 XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, SignatureECDSA.SignatureECDSASHA1.class
409 );
410 algorithmHash.put(
411 XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256, SignatureECDSA.SignatureECDSASHA256.class
412 );
413 algorithmHash.put(
414 XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384, SignatureECDSA.SignatureECDSASHA384.class
415 );
416 algorithmHash.put(
417 XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512, SignatureECDSA.SignatureECDSASHA512.class
418 );
419 algorithmHash.put(
420 XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5, IntegrityHmac.IntegrityHmacMD5.class
421 );
422 algorithmHash.put(
423 XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160, IntegrityHmac.IntegrityHmacRIPEMD160.class
424 );
425 algorithmHash.put(
426 XMLSignature.ALGO_ID_MAC_HMAC_SHA256, IntegrityHmac.IntegrityHmacSHA256.class
427 );
428 algorithmHash.put(
429 XMLSignature.ALGO_ID_MAC_HMAC_SHA384, IntegrityHmac.IntegrityHmacSHA384.class
430 );
431 algorithmHash.put(
432 XMLSignature.ALGO_ID_MAC_HMAC_SHA512, IntegrityHmac.IntegrityHmacSHA512.class
433 );
434 }
435
436 /**
437 * Method getBaseNamespace
|