You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2011/04/15 12:09:15 UTC
svn commit: r1092650 - in
/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security:
Init.java algorithms/JCEMapper.java algorithms/MessageDigestAlgorithm.java
encryption/XMLCipher.java keys/content/KeyInfoContent.java
resource/config.xml
Author: coheigea
Date: Fri Apr 15 10:09:15 2011
New Revision: 1092650
URL: http://svn.apache.org/viewvc?rev=1092650&view=rev
Log:
Refactoring of the JCEMapper code.
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/Init.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/MessageDigestAlgorithm.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/KeyInfoContent.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/Init.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/Init.java?rev=1092650&r1=1092649&r2=1092650&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/Init.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/Init.java Fri Apr 15 10:09:15 2011
@@ -26,6 +26,7 @@ import javax.xml.parsers.DocumentBuilder
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.xml.security.algorithms.JCEMapper;
+import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.apache.xml.security.algorithms.SignatureAlgorithm;
import org.apache.xml.security.algorithms.SignatureAlgorithmSpi;
import org.apache.xml.security.algorithms.implementations.IntegrityHmac;
@@ -33,6 +34,7 @@ import org.apache.xml.security.algorithm
import org.apache.xml.security.algorithms.implementations.SignatureDSA;
import org.apache.xml.security.algorithms.implementations.SignatureECDSA;
import org.apache.xml.security.c14n.Canonicalizer;
+import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.keys.keyresolver.KeyResolver;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.transforms.Transform;
@@ -82,6 +84,8 @@ public class Init {
new HashMap<String, Class<? extends TransformSpi>>();
private static Map<String, Class<? extends SignatureAlgorithmSpi>> defaultSignatures =
new HashMap<String, Class<? extends SignatureAlgorithmSpi>>();
+ private static Map<String, JCEMapper.Algorithm> defaultAlgorithms =
+ new HashMap<String, JCEMapper.Algorithm>();
static {
//
@@ -191,6 +195,146 @@ public class Init {
defaultSignatures.put(
XMLSignature.ALGO_ID_MAC_HMAC_SHA512, IntegrityHmac.IntegrityHmacSHA512.class
);
+
+ //
+ // Default URI-Algorithm object pairs
+ //
+ defaultAlgorithms.put(
+ MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5,
+ new JCEMapper.Algorithm(null, "MD5")
+ );
+ defaultAlgorithms.put(
+ MessageDigestAlgorithm.ALGO_ID_DIGEST_RIPEMD160,
+ new JCEMapper.Algorithm(null, "RIPEMD160")
+ );
+ defaultAlgorithms.put(
+ MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1,
+ new JCEMapper.Algorithm(null, "SHA-1")
+ );
+ defaultAlgorithms.put(
+ MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256,
+ new JCEMapper.Algorithm(null, "SHA-256")
+ );
+ defaultAlgorithms.put(
+ MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA384,
+ new JCEMapper.Algorithm(null, "SHA-384")
+ );
+ defaultAlgorithms.put(
+ MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512,
+ new JCEMapper.Algorithm(null, "SHA-512")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_DSA,
+ new JCEMapper.Algorithm(null, "SHA1withDSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5,
+ new JCEMapper.Algorithm(null, "MD5withRSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
+ new JCEMapper.Algorithm(null, "RIPEMD160withRSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1,
+ new JCEMapper.Algorithm(null, "SHA1withRSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
+ new JCEMapper.Algorithm(null, "SHA256withRSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384,
+ new JCEMapper.Algorithm(null, "SHA384withRSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512,
+ new JCEMapper.Algorithm(null, "SHA512withRSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1,
+ new JCEMapper.Algorithm(null, "SHA1withECDSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256,
+ new JCEMapper.Algorithm(null, "SHA256withECDSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384,
+ new JCEMapper.Algorithm(null, "SHA384withECDSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512,
+ new JCEMapper.Algorithm(null, "SHA512withECDSA")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5,
+ new JCEMapper.Algorithm(null, "HmacMD5")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160,
+ new JCEMapper.Algorithm(null, "HMACRIPEMD160")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_MAC_HMAC_SHA1,
+ new JCEMapper.Algorithm(null, "HmacSHA1")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_MAC_HMAC_SHA256,
+ new JCEMapper.Algorithm(null, "HmacSHA256")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_MAC_HMAC_SHA384,
+ new JCEMapper.Algorithm(null, "HmacSHA384")
+ );
+ defaultAlgorithms.put(
+ XMLSignature.ALGO_ID_MAC_HMAC_SHA512,
+ new JCEMapper.Algorithm(null, "HmacSHA512")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.TRIPLEDES,
+ new JCEMapper.Algorithm("DESede", "DESede/CBC/ISO10126Padding")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.AES_128,
+ new JCEMapper.Algorithm("AES", "AES/CBC/ISO10126Padding")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.AES_192,
+ new JCEMapper.Algorithm("AES", "AES/CBC/ISO10126Padding")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.AES_256,
+ new JCEMapper.Algorithm("AES", "AES/CBC/ISO10126Padding")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.RSA_v1dot5,
+ new JCEMapper.Algorithm("RSA", "RSA/ECB/PKCS1Padding")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.RSA_OAEP,
+ new JCEMapper.Algorithm("RSA", "RSA/ECB/OAEPWithSHA1AndMGF1Padding")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.DIFFIE_HELLMAN,
+ new JCEMapper.Algorithm(null, null)
+ );
+ defaultAlgorithms.put(
+ XMLCipher.TRIPLEDES_KeyWrap,
+ new JCEMapper.Algorithm("DESede", "DESedeWrap")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.AES_128_KeyWrap,
+ new JCEMapper.Algorithm("AES", "AESWrap")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.AES_192_KeyWrap,
+ new JCEMapper.Algorithm("AES", "AESWrap")
+ );
+ defaultAlgorithms.put(
+ XMLCipher.AES_256_KeyWrap,
+ new JCEMapper.Algorithm("AES", "AESWrap")
+ );
}
/**
@@ -297,7 +441,16 @@ public class Init {
}
if ("JCEAlgorithmMappings".equals(tag)) {
- JCEMapper.init((Element)el);
+ Node algorithmsNode = ((Element)el).getElementsByTagName("Algorithms").item(0);
+ if (algorithmsNode != null) {
+ Element[] algorithms =
+ XMLUtils.selectNodes(algorithmsNode.getFirstChild(), CONF_NS, "Algorithm");
+ for (int i = 0; i < algorithms.length; i++) {
+ Element element = algorithms[i];
+ String id = element.getAttribute("URI");
+ JCEMapper.register(id, new JCEMapper.Algorithm(element));
+ }
+ }
}
if (tag.equals("SignatureAlgorithms")) {
@@ -450,6 +603,13 @@ public class Init {
);
}
+ //
+ // Set the default JCE algorithms
+ //
+ for (String key : defaultAlgorithms.keySet()) {
+ JCEMapper.register(key, defaultAlgorithms.get(key));
+ }
+
} catch (Exception ex) {
log.error(ex);
ex.printStackTrace();
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java?rev=1092650&r1=1092649&r2=1092650&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java Fri Apr 15 10:09:15 2011
@@ -16,11 +16,9 @@
*/
package org.apache.xml.security.algorithms;
-import java.util.HashMap;
import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
-import org.apache.xml.security.Init;
-import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Element;
@@ -33,72 +31,37 @@ public class JCEMapper {
private static org.apache.commons.logging.Log log =
org.apache.commons.logging.LogFactory.getLog(JCEMapper.class);
- private static Map<String, String> uriToJCEName;
-
- private static Map<String, Algorithm> algorithmsMap;
+ private static Map<String, Algorithm> algorithmsMap =
+ new ConcurrentHashMap<String, Algorithm>();
private static String providerName = null;
/**
- * Method init
+ * Method register
*
- * @param mappingElement
+ * @param element
* @throws Exception
*/
- public static void init(Element mappingElement) throws Exception {
- loadAlgorithms((Element)mappingElement.getElementsByTagName("Algorithms").item(0));
- }
-
- static void loadAlgorithms(Element algorithmsEl) {
- Element[] algorithms =
- XMLUtils.selectNodes(algorithmsEl.getFirstChild(), Init.CONF_NS, "Algorithm");
- uriToJCEName = new HashMap<String, String>(algorithms.length * 2);
- algorithmsMap = new HashMap<String, Algorithm>(algorithms.length * 2);
- for (int i = 0; i < algorithms.length; i++) {
- Element el = algorithms[i];
- String id = el.getAttribute("URI");
- String jceName = el.getAttribute("JCEName");
- uriToJCEName.put(id, jceName);
- algorithmsMap.put(id, new Algorithm(el));
- }
-
+ public static void register(String id, Algorithm algorithm) throws Exception {
+ algorithmsMap.put(id, algorithm);
}
/**
* Method translateURItoJCEID
*
- * @param AlgorithmURI
+ * @param algorithmURI
* @return the JCE standard name corresponding to the given URI
*/
- public static String translateURItoJCEID(String AlgorithmURI) {
+ public static String translateURItoJCEID(String algorithmURI) {
if (log.isDebugEnabled()) {
- log.debug("Request for URI " + AlgorithmURI);
+ log.debug("Request for URI " + algorithmURI);
}
- return uriToJCEName.get(AlgorithmURI);
- }
-
- /**
- * Method getAlgorithmClassFromURI
- * @param AlgorithmURI
- * @return the class name that implements this algorithm
- */
- public static String getAlgorithmClassFromURI(String AlgorithmURI) {
- if (log.isDebugEnabled()) {
- log.debug("Request for URI " + AlgorithmURI);
+ Algorithm algorithm = algorithmsMap.get(algorithmURI);
+ if (algorithm != null) {
+ return algorithm.jceName;
}
-
- return (algorithmsMap.get(AlgorithmURI)).algorithmClass;
- }
-
- /**
- * Returns the key length in bits for a particular algorithm.
- *
- * @param AlgorithmURI
- * @return The length of the key used in the algorithm
- */
- public static int getKeyLengthFromURI(String AlgorithmURI) {
- return Integer.parseInt((algorithmsMap.get(AlgorithmURI)).keyLength);
+ return null;
}
/**
@@ -107,8 +70,12 @@ public class JCEMapper {
* @param AlgorithmURI
* @return The KeyAlgorithm for the given URI.
*/
- public static String getJCEKeyAlgorithmFromURI(String AlgorithmURI) {
- return (algorithmsMap.get(AlgorithmURI)).requiredKey;
+ public static String getJCEKeyAlgorithmFromURI(String algorithmURI) {
+ Algorithm algorithm = algorithmsMap.get(algorithmURI);
+ if (algorithm != null) {
+ return algorithm.requiredKey;
+ }
+ return null;
}
/**
@@ -132,18 +99,21 @@ public class JCEMapper {
*/
public static class Algorithm {
- String algorithmClass;
- String keyLength;
- String requiredKey;
+ final String requiredKey;
+ final String jceName;
/**
* Gets data from element
* @param el
*/
public Algorithm(Element el) {
- algorithmClass = el.getAttribute("AlgorithmClass");
- keyLength = el.getAttribute("KeyLength");
requiredKey = el.getAttribute("RequiredKey");
+ jceName = el.getAttribute("JCEName");
+ }
+
+ public Algorithm(String requiredKey, String jceName) {
+ this.requiredKey = requiredKey;
+ this.jceName = jceName;
}
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/MessageDigestAlgorithm.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/MessageDigestAlgorithm.java?rev=1092650&r1=1092649&r2=1092650&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/MessageDigestAlgorithm.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/MessageDigestAlgorithm.java Fri Apr 15 10:09:15 2011
@@ -54,7 +54,7 @@ public class MessageDigestAlgorithm exte
EncryptionConstants.EncryptionSpecNS + "ripemd160";
/** Field algorithm stores the actual {@link java.security.MessageDigest} */
- private MessageDigest algorithm = null;
+ private final MessageDigest algorithm;
private static ThreadLocal<Map<String, MessageDigest>> instances =
new ThreadLocal<Map<String, MessageDigest>>() {
@@ -68,13 +68,13 @@ public class MessageDigestAlgorithm exte
* Constructor for the brave who pass their own message digest algorithms and the
* corresponding URI.
* @param doc
- * @param messageDigest
* @param algorithmURI
*/
- private MessageDigestAlgorithm(Document doc, MessageDigest messageDigest, String algorithmURI) {
+ private MessageDigestAlgorithm(Document doc, String algorithmURI)
+ throws XMLSignatureException {
super(doc, algorithmURI);
- this.algorithm = messageDigest;
+ algorithm = getDigestInstance(algorithmURI);
}
/**
@@ -88,8 +88,7 @@ public class MessageDigestAlgorithm exte
public static MessageDigestAlgorithm getInstance(
Document doc, String algorithmURI
) throws XMLSignatureException {
- MessageDigest md = getDigestInstance(algorithmURI);
- return new MessageDigestAlgorithm(doc, md, algorithmURI);
+ return new MessageDigestAlgorithm(doc, algorithmURI);
}
private static MessageDigest getDigestInstance(String algorithmURI) throws XMLSignatureException {
@@ -133,7 +132,7 @@ public class MessageDigestAlgorithm exte
* @return the actual {@link java.security.MessageDigest} algorithm object
*/
public java.security.MessageDigest getAlgorithm() {
- return this.algorithm;
+ return algorithm;
}
/**
@@ -155,7 +154,7 @@ public class MessageDigestAlgorithm exte
* @return the result of the {@link java.security.MessageDigest#digest()} method
*/
public byte[] digest() {
- return this.algorithm.digest();
+ return algorithm.digest();
}
/**
@@ -166,7 +165,7 @@ public class MessageDigestAlgorithm exte
* @return the result of the {@link java.security.MessageDigest#digest(byte[])} method
*/
public byte[] digest(byte input[]) {
- return this.algorithm.digest(input);
+ return algorithm.digest(input);
}
/**
@@ -180,7 +179,7 @@ public class MessageDigestAlgorithm exte
* @throws java.security.DigestException
*/
public int digest(byte buf[], int offset, int len) throws java.security.DigestException {
- return this.algorithm.digest(buf, offset, len);
+ return algorithm.digest(buf, offset, len);
}
/**
@@ -190,7 +189,7 @@ public class MessageDigestAlgorithm exte
* @return the result of the {@link java.security.MessageDigest#getAlgorithm} method
*/
public String getJCEAlgorithmString() {
- return this.algorithm.getAlgorithm();
+ return algorithm.getAlgorithm();
}
/**
@@ -200,7 +199,7 @@ public class MessageDigestAlgorithm exte
* @return the result of the {@link java.security.MessageDigest#getProvider} method
*/
public java.security.Provider getJCEProvider() {
- return this.algorithm.getProvider();
+ return algorithm.getProvider();
}
/**
@@ -210,7 +209,7 @@ public class MessageDigestAlgorithm exte
* @return the result of the {@link java.security.MessageDigest#getDigestLength} method
*/
public int getDigestLength() {
- return this.algorithm.getDigestLength();
+ return algorithm.getDigestLength();
}
/**
@@ -219,7 +218,7 @@ public class MessageDigestAlgorithm exte
*
*/
public void reset() {
- this.algorithm.reset();
+ algorithm.reset();
}
/**
@@ -229,7 +228,7 @@ public class MessageDigestAlgorithm exte
* @param input
*/
public void update(byte[] input) {
- this.algorithm.update(input);
+ algorithm.update(input);
}
/**
@@ -239,7 +238,7 @@ public class MessageDigestAlgorithm exte
* @param input
*/
public void update(byte input) {
- this.algorithm.update(input);
+ algorithm.update(input);
}
/**
@@ -251,7 +250,7 @@ public class MessageDigestAlgorithm exte
* @param len
*/
public void update(byte buf[], int offset, int len) {
- this.algorithm.update(buf, offset, len);
+ algorithm.update(buf, offset, len);
}
/** @inheritDoc */
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java?rev=1092650&r1=1092649&r2=1092650&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java Fri Apr 15 10:09:15 2011
@@ -1728,7 +1728,7 @@ public class XMLCipher {
* @return a new <code>EncryptionProperty</code>
*/
public EncryptionProperty createEncryptionProperty() {
- return (factory.newEncryptionProperty());
+ return factory.newEncryptionProperty();
}
/**
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/KeyInfoContent.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/KeyInfoContent.java?rev=1092650&r1=1092649&r2=1092650&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/KeyInfoContent.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/KeyInfoContent.java Fri Apr 15 10:09:15 2011
@@ -18,7 +18,7 @@
package org.apache.xml.security.keys.content;
/**
- * Empty interface just to identify Elements that can be cildren of ds:KeyInfo.
+ * Empty interface just to identify Elements that can be children of ds:KeyInfo.
*
* @author $Author$
*/
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml?rev=1092650&r1=1092649&r2=1092650&view=diff
==============================================================================
Binary files - no diff available.