You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2020/02/14 11:57:55 UTC
svn commit: r1874014 - in
/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security:
encryption/ stax/impl/processor/output/ stax/impl/util/
Author: coheigea
Date: Fri Feb 14 11:57:55 2020
New Revision: 1874014
URL: http://svn.apache.org/viewvc?rev=1874014&view=rev
Log:
Remove unneeded reflection code from XMLCipherUtils
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/IVSplittingOutputStream.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java?rev=1874014&r1=1874013&r2=1874014&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java Fri Feb 14 11:57:55 2020
@@ -1226,7 +1226,7 @@ public class XMLCipher {
* specified algorithm
*/
private AlgorithmParameterSpec constructBlockCipherParameters(String algorithm, byte[] iv) {
- return XMLCipherUtil.constructBlockCipherParameters(algorithm, iv, this.getClass());
+ return XMLCipherUtil.constructBlockCipherParameters(algorithm, iv);
}
/**
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java?rev=1874014&r1=1874013&r2=1874014&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java Fri Feb 14 11:57:55 2020
@@ -22,9 +22,9 @@ import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.spec.AlgorithmParameterSpec;
+import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
-import org.apache.xml.security.utils.ClassLoaderUtils;
import org.apache.xml.security.utils.EncryptionConstants;
public final class XMLCipherUtil {
@@ -45,27 +45,27 @@ public final class XMLCipherUtil {
* @return the newly constructed AlgorithmParameterSpec instance, appropriate for the
* specified algorithm
*/
- public static AlgorithmParameterSpec constructBlockCipherParameters(String algorithm, byte[] iv, Class<?> callingClass) {
+ public static AlgorithmParameterSpec constructBlockCipherParameters(String algorithm, byte[] iv) {
if (EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM.equals(algorithm)
|| EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM.equals(algorithm)
|| EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM.equals(algorithm)) {
- return constructBlockCipherParametersForGCMAlgorithm(algorithm, iv, callingClass);
+ return constructBlockCipherParametersForGCMAlgorithm(algorithm, iv);
} else {
LOG.debug("Saw non-AES-GCM mode block cipher, returning IvParameterSpec: {}", algorithm);
return new IvParameterSpec(iv);
}
}
- public static AlgorithmParameterSpec constructBlockCipherParameters(boolean gcmAlgorithm, byte[] iv, Class<?> callingClass) {
+ public static AlgorithmParameterSpec constructBlockCipherParameters(boolean gcmAlgorithm, byte[] iv) {
if (gcmAlgorithm) {
- return constructBlockCipherParametersForGCMAlgorithm("AES/GCM/NoPadding", iv, callingClass);
+ return constructBlockCipherParametersForGCMAlgorithm("AES/GCM/NoPadding", iv);
} else {
LOG.debug("Saw non-AES-GCM mode block cipher, returning IvParameterSpec");
return new IvParameterSpec(iv);
}
}
- private static AlgorithmParameterSpec constructBlockCipherParametersForGCMAlgorithm(String algorithm, byte[] iv, Class<?> callingClass) {
+ private static AlgorithmParameterSpec constructBlockCipherParametersForGCMAlgorithm(String algorithm, byte[] iv) {
if (gcmUseIvParameterSpec) {
// This override allows to support Java 1.7+ with (usually older versions of) third-party security
// providers which support or even require GCM via IvParameterSpec rather than GCMParameterSpec,
@@ -76,20 +76,8 @@ public final class XMLCipherUtil {
LOG.debug("Saw AES-GCM block cipher, attempting to create GCMParameterSpec: {}", algorithm);
- try {
- // This class only added in Java 1.7. So load reflectively until Santuario starts targeting a minimum of Java 1.7.
- Class<?> gcmSpecClass = ClassLoaderUtils.loadClass("javax.crypto.spec.GCMParameterSpec", callingClass);
-
- // XML Encryption 1.1 mandates a 128-bit Authentication Tag for AES GCM modes.
- AlgorithmParameterSpec gcmSpec = (AlgorithmParameterSpec) gcmSpecClass.getConstructor(int.class, byte[].class)
- .newInstance(128, iv);
- LOG.debug("Successfully created GCMParameterSpec");
- return gcmSpec;
- } catch (Exception e) {
- // This handles the case of Java < 1.7 with a third-party security provider that
- // supports GCM mode using only an IvParameterSpec, such as BouncyCastle.
- LOG.debug("Failed to create GCMParameterSpec, falling back to returning IvParameterSpec", e);
- return new IvParameterSpec(iv);
- }
+ GCMParameterSpec gcmSpec = new GCMParameterSpec(128, iv);
+ LOG.debug("Successfully created GCMParameterSpec");
+ return gcmSpec;
}
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java?rev=1874014&r1=1874013&r2=1874014&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java Fri Feb 14 11:57:55 2020
@@ -170,7 +170,7 @@ public abstract class AbstractEncryptOut
int ivLen = JCEMapper.getIVLengthFromURI(encryptionSymAlgorithm) / 8;
byte[] iv = XMLSecurityConstants.generateBytes(ivLen);
AlgorithmParameterSpec parameterSpec =
- XMLCipherUtil.constructBlockCipherParameters(encryptionSymAlgorithm, iv, this.getClass());
+ XMLCipherUtil.constructBlockCipherParameters(encryptionSymAlgorithm, iv);
symmetricCipher.init(Cipher.ENCRYPT_MODE, encryptionPartDef.getSymmetricKey(), parameterSpec);
characterEventGeneratorOutputStream = new CharacterEventGeneratorOutputStream();
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/IVSplittingOutputStream.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/IVSplittingOutputStream.java?rev=1874014&r1=1874013&r2=1874014&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/IVSplittingOutputStream.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/IVSplittingOutputStream.java Fri Feb 14 11:57:55 2020
@@ -64,7 +64,7 @@ public class IVSplittingOutputStream ext
}
private void initializeCipher() throws IOException {
- AlgorithmParameterSpec iv = XMLCipherUtil.constructBlockCipherParameters(cipher.getAlgorithm().toUpperCase().contains("GCM"), this.getIv(), this.getClass());
+ AlgorithmParameterSpec iv = XMLCipherUtil.constructBlockCipherParameters(cipher.getAlgorithm().toUpperCase().contains("GCM"), this.getIv());
try {
cipher.init(Cipher.DECRYPT_MODE, secretKey, iv);
} catch (InvalidKeyException e) {