Skip to content

Commit

Permalink
8319124: Update XML Security for Java to 3.0.3
Browse files Browse the repository at this point in the history
Reviewed-by: mbaesken
Backport-of: 6b5655a651a7c4418d0f4e19ce34b487e021910e
  • Loading branch information
GoeLin committed Jan 23, 2024
1 parent 03cd885 commit cb3c6ca
Show file tree
Hide file tree
Showing 130 changed files with 1,297 additions and 409 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -57,17 +57,22 @@
*/
public class Init {

/** The namespace for CONF file **/
/**
* The namespace for CONF file
**/
public static final String CONF_NS = "http://www.xmlsecurity.org/NS/#configuration";

private static final com.sun.org.slf4j.internal.Logger LOG =
com.sun.org.slf4j.internal.LoggerFactory.getLogger(Init.class);
com.sun.org.slf4j.internal.LoggerFactory.getLogger(Init.class);

/** Field alreadyInitialized */
/**
* Field alreadyInitialized
*/
private static boolean alreadyInitialized = false;

/**
* Method isInitialized
*
* @return true if the library is already initialized.
*/
public static final synchronized boolean isInitialized() {
Expand All @@ -82,28 +87,23 @@ public static synchronized void init() {
if (alreadyInitialized) {
return;
}

InputStream is =
AccessController.doPrivileged(
(PrivilegedAction<InputStream>)
() -> {
String cfile =
System.getProperty("com.sun.org.apache.xml.internal.security.resource.config");
if (cfile == null) {
return null;
}
return getResourceAsStream(cfile, Init.class);
}
);
if (is == null) {
dynamicInit();
} else {
fileInit(is);
try {
is.close();
} catch (IOException ex) {
LOG.warn(ex.getMessage());
PrivilegedAction<InputStream> action = () -> {
String cfile = System.getProperty("com.sun.org.apache.xml.internal.security.resource.config");
if (cfile == null) {
return null;
}
return getResourceAsStream(cfile, Init.class);
};

try (@SuppressWarnings("removal")
InputStream is = AccessController.doPrivileged(action)) {
if (is == null) {
dynamicInit();
} else {
fileInit(is);
}
} catch (IOException ex) {
LOG.warn(ex.getMessage(), ex);
}

alreadyInitialized = true;
Expand Down Expand Up @@ -410,9 +410,11 @@ private static List<URL> getResources(String resourceName, Class<?> callingClass
}
List<URL> ret = new ArrayList<>();
Enumeration<URL> urls = new Enumeration<URL>() {
@Override
public boolean hasMoreElements() {
return false;
}
@Override
public URL nextElement() {
return null;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,9 @@ public class JCEMapper {

private static Map<String, Algorithm> algorithmsMap = new ConcurrentHashMap<>();

private static String providerName;
private static String globalProviderName;

private static final ThreadLocal<String> threadSpecificProviderName = new ThreadLocal<>();

/**
* Method register
Expand Down Expand Up @@ -344,7 +346,10 @@ private static Algorithm getAlgorithm(String algorithmURI) {
* @return the default providerId.
*/
public static String getProviderId() {
return providerName;
if (threadSpecificProviderName.get() != null) {
return threadSpecificProviderName.get();
}
return globalProviderName;
}

/**
Expand All @@ -355,7 +360,18 @@ public static String getProviderId() {
*/
public static void setProviderId(String provider) {
JavaUtils.checkRegisterPermission();
providerName = provider;
globalProviderName = provider;
}

/**
* Sets the default Provider for this thread to obtain the security algorithms
* @param threadSpecificProviderName the default providerId.
* @throws SecurityException if a security manager is installed and the
* caller does not have permission to register the JCE algorithm
*/
public static void setThreadSpecificProviderName(String threadSpecificProviderName) {
JavaUtils.checkRegisterPermission();
JCEMapper.threadSpecificProviderName.set(threadSpecificProviderName);
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -256,11 +256,13 @@ public void update(byte[] buf, int offset, int len) {
}

/** {@inheritDoc} */
@Override
public String getBaseNamespace() {
return Constants.SignatureSpecNS;
}

/** {@inheritDoc} */
@Override
public String getBaseLocalName() {
return Constants._TAG_DIGESTMETHOD;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,11 @@
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

import com.sun.org.apache.xml.internal.security.algorithms.implementations.*;
import com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac;
import com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA;
import com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureDSA;
import com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureECDSA;
import com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureEDDSA;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
Expand Down Expand Up @@ -524,6 +528,7 @@ public static void registerDefaultAlgorithms() {
*
* @return URI of this element
*/
@Override
public String getBaseNamespace() {
return Constants.SignatureSpecNS;
}
Expand All @@ -533,6 +538,7 @@ public String getBaseNamespace() {
*
* @return Local name
*/
@Override
public String getBaseLocalName() {
return Constants._TAG_SIGNATUREMETHOD;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,12 @@
*/
package com.sun.org.apache.xml.internal.security.algorithms;

import java.security.*;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.AlgorithmParameterSpec;

import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,12 @@
import java.io.IOException;
import java.math.BigInteger;
import java.security.interfaces.ECPublicKey;
import java.security.spec.*;
import java.security.spec.ECField;
import java.security.spec.ECFieldF2m;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.EllipticCurve;
import java.util.ArrayList;
import java.util.List;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@ public IntegrityHmac(Provider provider) throws XMLSignatureException {
* @param params
* @throws XMLSignatureException
*/
@Override
protected void engineSetParameter(AlgorithmParameterSpec params) throws XMLSignatureException {
throw new XMLSignatureException("empty", new Object[]{"Incorrect method call"});
}
Expand All @@ -102,6 +103,7 @@ protected void engineSetParameter(AlgorithmParameterSpec params) throws XMLSigna
* @return true if the signature is correct
* @throws XMLSignatureException
*/
@Override
protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
try {
if (hmacOutputLength != null && hmacOutputLength.length < getDigestLength()) {
Expand All @@ -124,6 +126,7 @@ protected boolean engineVerify(byte[] signature) throws XMLSignatureException {
* @param secretKey
* @throws XMLSignatureException
*/
@Override
protected void engineInitVerify(Key secretKey) throws XMLSignatureException {
if (!(secretKey instanceof SecretKey)) {
String supplied = null;
Expand All @@ -150,6 +153,7 @@ protected void engineInitVerify(Key secretKey) throws XMLSignatureException {
* @return the result of the {@link java.security.Signature#sign()} method
* @throws XMLSignatureException
*/
@Override
protected byte[] engineSign() throws XMLSignatureException {
try {
if (hmacOutputLength != null && hmacOutputLength.length < getDigestLength()) {
Expand All @@ -170,6 +174,7 @@ protected byte[] engineSign() throws XMLSignatureException {
* @param secretKey
* @throws XMLSignatureException
*/
@Override
protected void engineInitSign(Key secretKey) throws XMLSignatureException {
engineInitSign(secretKey, (AlgorithmParameterSpec)null);
}
Expand All @@ -181,6 +186,7 @@ protected void engineInitSign(Key secretKey) throws XMLSignatureException {
* @param algorithmParameterSpec
* @throws XMLSignatureException
*/
@Override
protected void engineInitSign(
Key secretKey, AlgorithmParameterSpec algorithmParameterSpec
) throws XMLSignatureException {
Expand Down Expand Up @@ -213,6 +219,7 @@ protected void engineInitSign(
* @param secureRandom
* @throws XMLSignatureException
*/
@Override
protected void engineInitSign(Key secretKey, SecureRandom secureRandom)
throws XMLSignatureException {
throw new XMLSignatureException("algorithms.CannotUseSecureRandomOnMAC");
Expand All @@ -225,6 +232,7 @@ protected void engineInitSign(Key secretKey, SecureRandom secureRandom)
* @param input
* @throws XMLSignatureException
*/
@Override
protected void engineUpdate(byte[] input) throws XMLSignatureException {
try {
this.macAlgorithm.update(input);
Expand All @@ -240,6 +248,7 @@ protected void engineUpdate(byte[] input) throws XMLSignatureException {
* @param input
* @throws XMLSignatureException
*/
@Override
protected void engineUpdate(byte input) throws XMLSignatureException {
try {
this.macAlgorithm.update(input);
Expand All @@ -257,6 +266,7 @@ protected void engineUpdate(byte input) throws XMLSignatureException {
* @param len
* @throws XMLSignatureException
*/
@Override
protected void engineUpdate(byte[] buf, int offset, int len) throws XMLSignatureException {
try {
this.macAlgorithm.update(buf, offset, len);
Expand All @@ -270,6 +280,7 @@ protected void engineUpdate(byte[] buf, int offset, int len) throws XMLSignature
* {@inheritDoc}
*
*/
@Override
protected String engineGetJCEAlgorithmString() {
return this.macAlgorithm.getAlgorithm();
}
Expand All @@ -279,6 +290,7 @@ protected String engineGetJCEAlgorithmString() {
*
* {@inheritDoc}
*/
@Override
protected String engineGetJCEProviderName() {
return this.macAlgorithm.getProvider().getName();
}
Expand Down

1 comment on commit cb3c6ca

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.