You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by mu...@apache.org on 2013/11/04 22:21:26 UTC
svn commit: r1538766 -
/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/
Author: mullan
Date: Mon Nov 4 21:21:26 2013
New Revision: 1538766
URL: http://svn.apache.org/r1538766
Log:
Check for invalid tag names and extra elements when unmarshalling.
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMManifest.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignedInfo.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMUtils.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java Mon Nov 4 21:21:26 2013
@@ -220,9 +220,11 @@ public abstract class DOMKeyValue<K exte
("unable to create RSA KeyFactory: " + e.getMessage());
}
}
- Element modulusElem = DOMUtils.getFirstChildElement(kvtElem);
+ Element modulusElem = DOMUtils.getFirstChildElement(kvtElem,
+ "Modulus");
BigInteger modulus = decode(modulusElem);
- Element exponentElem = DOMUtils.getNextSiblingElement(modulusElem);
+ Element exponentElem = DOMUtils.getNextSiblingElement(modulusElem,
+ "Exponent");
BigInteger exponent = decode(exponentElem);
RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus, exponent);
return (RSAPublicKey) generatePublicKey(rsakf, spec);
@@ -277,14 +279,14 @@ public abstract class DOMKeyValue<K exte
BigInteger q = null;
if (curElem.getLocalName().equals("P")) {
p = decode(curElem);
- curElem = DOMUtils.getNextSiblingElement(curElem);
+ curElem = DOMUtils.getNextSiblingElement(curElem, "Q");
q = decode(curElem);
curElem = DOMUtils.getNextSiblingElement(curElem);
}
BigInteger g = null;
if (curElem.getLocalName().equals("G")) {
g = decode(curElem);
- curElem = DOMUtils.getNextSiblingElement(curElem);
+ curElem = DOMUtils.getNextSiblingElement(curElem, "Y");
}
BigInteger y = decode(curElem);
curElem = DOMUtils.getNextSiblingElement(curElem);
@@ -434,7 +436,7 @@ public abstract class DOMKeyValue<K exte
} else {
throw new MarshalException("Invalid ECKeyValue");
}
- curElem = DOMUtils.getNextSiblingElement(curElem);
+ curElem = DOMUtils.getNextSiblingElement(curElem, "PublicKey");
ECPoint ecPoint = null;
try {
Object[] args = new Object[] { Base64.decode(curElem),
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMManifest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMManifest.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMManifest.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMManifest.java Mon Nov 4 21:21:26 2013
@@ -87,20 +87,24 @@ public final class DOMManifest extends B
boolean secVal = Utils.secureValidation(context);
- Element refElem = DOMUtils.getFirstChildElement(manElem);
+ Element refElem = DOMUtils.getFirstChildElement(manElem, "Reference");
List<DOMReference> refs = new ArrayList<DOMReference>();
+ refs.add(new DOMReference(refElem, context, provider));
- int refCount = 0;
+ refElem = DOMUtils.getNextSiblingElement(refElem);
while (refElem != null) {
+ String localName = refElem.getLocalName();
+ if (!localName.equals("Reference")) {
+ throw new MarshalException("Invalid element name: " +
+ localName + ", expected Reference");
+ }
refs.add(new DOMReference(refElem, context, provider));
- refElem = DOMUtils.getNextSiblingElement(refElem);
-
- refCount++;
- if (secVal && refCount > DOMSignedInfo.MAXIMUM_REFERENCE_COUNT) {
+ if (secVal && refs.size() > DOMSignedInfo.MAXIMUM_REFERENCE_COUNT) {
String error = "A maxiumum of " + DOMSignedInfo.MAXIMUM_REFERENCE_COUNT + " "
+ "references per Manifest are allowed with secure validation";
throw new MarshalException(error);
}
+ refElem = DOMUtils.getNextSiblingElement(refElem);
}
this.references = Collections.unmodifiableList(refs);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java Mon Nov 4 21:21:26 2013
@@ -199,23 +199,33 @@ public final class DOMReference extends
Element nextSibling = DOMUtils.getFirstChildElement(refElem);
List<Transform> transforms = new ArrayList<Transform>(5);
if (nextSibling.getLocalName().equals("Transforms")) {
- Element transformElem = DOMUtils.getFirstChildElement(nextSibling);
-
- int transformCount = 0;
+ Element transformElem = DOMUtils.getFirstChildElement(nextSibling,
+ "Transform");
+ transforms.add(new DOMTransform(transformElem, context, provider));
+ transformElem = DOMUtils.getNextSiblingElement(transformElem);
while (transformElem != null) {
+ String localName = transformElem.getLocalName();
+ if (!localName.equals("Transform")) {
+ throw new MarshalException(
+ "Invalid element name: " + localName +
+ ", expected Transform");
+ }
transforms.add
(new DOMTransform(transformElem, context, provider));
- transformElem = DOMUtils.getNextSiblingElement(transformElem);
-
- transformCount++;
- if (secVal && transformCount > MAXIMUM_TRANSFORM_COUNT) {
+ if (secVal && transforms.size() > MAXIMUM_TRANSFORM_COUNT) {
String error = "A maxiumum of " + MAXIMUM_TRANSFORM_COUNT + " "
+ "transforms per Reference are allowed with secure validation";
throw new MarshalException(error);
}
+ transformElem = DOMUtils.getNextSiblingElement(transformElem);
}
nextSibling = DOMUtils.getNextSiblingElement(nextSibling);
}
+ if (!nextSibling.getLocalName().equals("DigestMethod")) {
+ throw new MarshalException("Invalid element name: " +
+ nextSibling.getLocalName() +
+ ", expected DigestMethod");
+ }
// unmarshal DigestMethod
Element dmElem = nextSibling;
@@ -229,13 +239,19 @@ public final class DOMReference extends
}
// unmarshal DigestValue
+ Element dvElem = DOMUtils.getNextSiblingElement(dmElem, "DigestValue");
try {
- Element dvElem = DOMUtils.getNextSiblingElement(dmElem);
this.digestValue = Base64.decode(dvElem);
} catch (Base64DecodingException bde) {
throw new MarshalException(bde);
}
+ // check for extra elements
+ if (DOMUtils.getNextSiblingElement(dvElem) != null) {
+ throw new MarshalException(
+ "Unexpected element after DigestValue element");
+ }
+
// unmarshal attributes
this.uri = DOMUtils.getAttributeValue(refElem, "URI");
this.id = DOMUtils.getIdAttributeValue(refElem, "Id");
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java Mon Nov 4 21:21:26 2013
@@ -130,21 +130,30 @@ public final class DOMRetrievalMethod ex
List<Transform> transforms = new ArrayList<Transform>();
Element transformsElem = DOMUtils.getFirstChildElement(rmElem);
- int transformCount = 0;
if (transformsElem != null) {
+ String localName = transformsElem.getLocalName();
+ if (!localName.equals("Transforms")) {
+ throw new MarshalException("Invalid element name: " +
+ localName + ", expected Transforms");
+ }
Element transformElem =
- DOMUtils.getFirstChildElement(transformsElem);
+ DOMUtils.getFirstChildElement(transformsElem, "Transform");
+ transforms.add(new DOMTransform(transformElem, context, provider));
+ transformElem = DOMUtils.getNextSiblingElement(transformElem);
while (transformElem != null) {
+ String name = transformElem.getLocalName();
+ if (!name.equals("Transform")) {
+ throw new MarshalException("Invalid element name: " +
+ name + ", expected Transform");
+ }
transforms.add
(new DOMTransform(transformElem, context, provider));
- transformElem = DOMUtils.getNextSiblingElement(transformElem);
-
- transformCount++;
- if (secVal && transformCount > DOMReference.MAXIMUM_TRANSFORM_COUNT) {
+ if (secVal && transforms.size() > DOMReference.MAXIMUM_TRANSFORM_COUNT) {
String error = "A maxiumum of " + DOMReference.MAXIMUM_TRANSFORM_COUNT + " "
+ "transforms per Reference are allowed with secure validation";
throw new MarshalException(error);
}
+ transformElem = DOMUtils.getNextSiblingElement(transformElem);
}
}
if (transforms.isEmpty()) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java Mon Nov 4 21:21:26 2013
@@ -96,6 +96,11 @@ public final class DOMSignaturePropertie
for (int i = 0; i < length; i++) {
Node child = nodes.item(i);
if (child.getNodeType() == Node.ELEMENT_NODE) {
+ String name = child.getLocalName();
+ if (!name.equals("SignatureProperty")) {
+ throw new MarshalException("Invalid element name: " + name +
+ ", expected SignatureProperty");
+ }
properties.add(new DOMSignatureProperty((Element)child));
}
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignedInfo.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignedInfo.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignedInfo.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignedInfo.java Mon Nov 4 21:21:26 2013
@@ -141,11 +141,14 @@ public final class DOMSignedInfo extends
id = DOMUtils.getAttributeValue(siElem, "Id");
// unmarshal CanonicalizationMethod
- Element cmElem = DOMUtils.getFirstChildElement(siElem);
- canonicalizationMethod = new DOMCanonicalizationMethod(cmElem, context, provider);
+ Element cmElem = DOMUtils.getFirstChildElement(siElem,
+ "CanonicalizationMethod");
+ canonicalizationMethod = new DOMCanonicalizationMethod(cmElem, context,
+ provider);
// unmarshal SignatureMethod
- Element smElem = DOMUtils.getNextSiblingElement(cmElem);
+ Element smElem = DOMUtils.getNextSiblingElement(cmElem,
+ "SignatureMethod");
signatureMethod = DOMSignatureMethod.unmarshal(smElem);
boolean secVal = Utils.secureValidation(context);
@@ -160,19 +163,23 @@ public final class DOMSignedInfo extends
// unmarshal References
ArrayList<Reference> refList = new ArrayList<Reference>(5);
- Element refElem = DOMUtils.getNextSiblingElement(smElem);
-
- int refCount = 0;
+ Element refElem = DOMUtils.getNextSiblingElement(smElem, "Reference");
+ refList.add(new DOMReference(refElem, context, provider));
+
+ refElem = DOMUtils.getNextSiblingElement(refElem);
while (refElem != null) {
+ String name = refElem.getLocalName();
+ if (!name.equals("Reference")) {
+ throw new MarshalException("Invalid element name: " +
+ name + ", expected Reference");
+ }
refList.add(new DOMReference(refElem, context, provider));
- refElem = DOMUtils.getNextSiblingElement(refElem);
-
- refCount++;
- if (secVal && refCount > MAXIMUM_REFERENCE_COUNT) {
+ if (secVal && refList.size() > MAXIMUM_REFERENCE_COUNT) {
String error = "A maxiumum of " + MAXIMUM_REFERENCE_COUNT + " "
+ "references per Manifest are allowed with secure validation";
throw new MarshalException(error);
}
+ refElem = DOMUtils.getNextSiblingElement(refElem);
}
references = Collections.unmodifiableList(refList);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMUtils.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMUtils.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMUtils.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMUtils.java Mon Nov 4 21:21:26 2013
@@ -143,6 +143,36 @@ public class DOMUtils {
}
/**
+ * Returns the first child element of the specified node and checks that
+ * the local name is equal to {@code localName}.
+ *
+ * @param node the node
+ * @return the first child element of the specified node
+ * @throws NullPointerException if {@code node == null}
+ * @throws MarshalException if no such element or the local name is not
+ * equal to {@code localName}
+ */
+ public static Element getFirstChildElement(Node node, String localName)
+ throws MarshalException
+ {
+ return verifyElement(getFirstChildElement(node), localName);
+ }
+
+ private static Element verifyElement(Element elem, String localName)
+ throws MarshalException
+ {
+ if (elem == null) {
+ throw new MarshalException("Missing " + localName + " element");
+ }
+ String name = elem.getLocalName();
+ if (!name.equals(localName)) {
+ throw new MarshalException("Invalid element name: " +
+ name + ", expected " + localName);
+ }
+ return elem;
+ }
+
+ /**
* Returns the last child element of the specified node, or null if there
* is no such element.
*
@@ -177,6 +207,22 @@ public class DOMUtils {
}
/**
+ * Returns the next sibling element of the specified node and checks that
+ * the local name is equal to {@code localName}.
+ *
+ * @param node the node
+ * @return the next sibling element of the specified node
+ * @throws NullPointerException if {@code node == null}
+ * @throws MarshalException if no such element or the local name is not
+ * equal to {@code localName}
+ */
+ public static Element getNextSiblingElement(Node node, String localName)
+ throws MarshalException
+ {
+ return verifyElement(getNextSiblingElement(node), localName);
+ }
+
+ /**
* Returns the attribute value for the attribute with the specified name.
* Returns null if there is no such attribute, or
* the empty string if the attribute value is empty.
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java Mon Nov 4 21:21:26 2013
@@ -24,6 +24,7 @@
*/
package org.apache.jcp.xml.dsig.internal.dom;
+import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
import java.math.BigInteger;
@@ -71,9 +72,11 @@ public final class DOMX509IssuerSerial e
*
* @param isElem an X509IssuerSerial element
*/
- public DOMX509IssuerSerial(Element isElem) {
- Element iNElem = DOMUtils.getFirstChildElement(isElem);
- Element sNElem = DOMUtils.getNextSiblingElement(iNElem);
+ public DOMX509IssuerSerial(Element isElem) throws MarshalException {
+ Element iNElem = DOMUtils.getFirstChildElement(isElem,
+ "X509IssuerName");
+ Element sNElem = DOMUtils.getNextSiblingElement(iNElem,
+ "X509SerialNumber");
issuerName = iNElem.getFirstChild().getNodeValue();
serialNumber = new BigInteger(sNElem.getFirstChild().getNodeValue());
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java?rev=1538766&r1=1538765&r2=1538766&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Mon Nov 4 21:21:26 2013
@@ -130,11 +130,13 @@ public final class DOMXMLSignature exten
id = DOMUtils.getAttributeValue(localSigElem, "Id");
// unmarshal SignedInfo
- Element siElem = DOMUtils.getFirstChildElement(localSigElem);
+ Element siElem = DOMUtils.getFirstChildElement(localSigElem,
+ "SignedInfo");
si = new DOMSignedInfo(siElem, context, provider);
// unmarshal SignatureValue
- Element sigValElem = DOMUtils.getNextSiblingElement(siElem);
+ Element sigValElem = DOMUtils.getNextSiblingElement(siElem,
+ "SignatureValue");
sv = new DOMSignatureValue(sigValElem);
// unmarshal KeyInfo, if specified
@@ -150,6 +152,11 @@ public final class DOMXMLSignature exten
} else {
List<XMLObject> tempObjects = new ArrayList<XMLObject>();
while (nextSibling != null) {
+ String name = nextSibling.getLocalName();
+ if (!name.equals("Object")) {
+ throw new MarshalException("Invalid element name: " + name +
+ ", expected KeyInfo or Object");
+ }
tempObjects.add(new DOMXMLObject(nextSibling,
context, provider));
nextSibling = DOMUtils.getNextSiblingElement(nextSibling);