src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMPGPData.java - santuario-java - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements. See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership. The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License. You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 /*
  * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
  */
 package org.apache.jcp.xml.dsig.internal.dom;

 import java.util.*;

 import javax.xml.crypto.*;
 import javax.xml.crypto.dom.DOMCryptoContext;
 import javax.xml.crypto.dsig.XMLSignature;
 import javax.xml.crypto.dsig.keyinfo.PGPData;

 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;

 import org.apache.xml.security.utils.XMLUtils;

 /**
  * DOM-based implementation of PGPData.
  *
  */
 public final class DOMPGPData extends DOMStructure implements PGPData {

     private final byte[] keyId;
     private final byte[] keyPacket;
     private final List<XMLStructure> externalElements;

     /**
      * Creates a <code>DOMPGPData</code> containing the specified key packet.
      * and optional list of external elements.
      *
      * @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
      *    <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
      *    array is cloned to prevent subsequent modification.
      * @param other a list of {@link XMLStructure}s representing elements from
      *    an external namespace. The list is defensively copied to prevent
      *    subsequent modification. May be <code>null</code> or empty.
      * @throws NullPointerException if <code>keyPacket</code> is
      *    <code>null</code>
      * @throws IllegalArgumentException if the key packet is not in the
      *    correct format
      * @throws ClassCastException if <code>other</code> contains any
      *    entries that are not of type {@link XMLStructure}
      */
     public DOMPGPData(byte[] keyPacket, List<? extends XMLStructure> other) {
         if (keyPacket == null) {
             throw new NullPointerException("keyPacket cannot be null");
         }
         if (other == null || other.isEmpty()) {
             this.externalElements = Collections.emptyList();
         } else {
             this.externalElements =
                 Collections.unmodifiableList(new ArrayList<>(other));
             for (int i = 0, size = this.externalElements.size(); i < size; i++) {
                 if (!(this.externalElements.get(i) instanceof XMLStructure)) {
                     throw new ClassCastException
                         ("other["+i+"] is not a valid PGPData type");
                 }
             }
         }
         this.keyPacket = keyPacket.clone();
         checkKeyPacket(keyPacket);
         this.keyId = null;
     }

     /**
      * Creates a <code>DOMPGPData</code> containing the specified key id and
      * optional key packet and list of external elements.
      *
      * @param keyId a PGP public key id as defined in section 11.2 of
      *    <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
      *    array is cloned to prevent subsequent modification.
      * @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
      *    <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a> (may
      *    be <code>null</code>). The array is cloned to prevent subsequent
      *    modification.
      * @param other a list of {@link XMLStructure}s representing elements from
      *    an external namespace. The list is defensively copied to prevent
      *    subsequent modification. May be <code>null</code> or empty.
      * @throws NullPointerException if <code>keyId</code> is <code>null</code>
      * @throws IllegalArgumentException if the key id or packet is not in the
      *    correct format
      * @throws ClassCastException if <code>other</code> contains any
      *    entries that are not of type {@link XMLStructure}
      */
     public DOMPGPData(byte[] keyId, byte[] keyPacket,
                       List<? extends XMLStructure> other)
     {
         if (keyId == null) {
             throw new NullPointerException("keyId cannot be null");
         }
         // key ids must be 8 bytes
         if (keyId.length != 8) {
             throw new IllegalArgumentException("keyId must be 8 bytes long");
         }
         if (other == null || other.isEmpty()) {
             this.externalElements = Collections.emptyList();
         } else {
             this.externalElements =
                 Collections.unmodifiableList(new ArrayList<>(other));
             for (int i = 0, size = this.externalElements.size(); i < size; i++) {
                 if (!(this.externalElements.get(i) instanceof XMLStructure)) {
                     throw new ClassCastException
                         ("other["+i+"] is not a valid PGPData type");
                 }
             }
         }
         this.keyId = keyId.clone();
         this.keyPacket = keyPacket == null ? null
                                            : keyPacket.clone();
         if (keyPacket != null) {
             checkKeyPacket(keyPacket);
         }
     }

     /**
      * Creates a <code>DOMPGPData</code> from an element.
      *
      * @param pdElem a PGPData element
      */
     public DOMPGPData(Element pdElem) throws MarshalException {
         // get all children nodes
         byte[] pgpKeyId = null;
         byte[] pgpKeyPacket = null;

         List<XMLStructure> other = new ArrayList<>();
         Node firstChild = pdElem.getFirstChild();
         while (firstChild != null) {
             if (firstChild.getNodeType() == Node.ELEMENT_NODE) {
                 Element childElem = (Element)firstChild;
                 String localName = childElem.getLocalName();
                 String namespace = childElem.getNamespaceURI();
                 if ("PGPKeyID".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
                     String content = XMLUtils.getFullTextChildrenFromNode(childElem);
                     pgpKeyId = XMLUtils.decode(content);
                 } else if ("PGPKeyPacket".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
                     String content = XMLUtils.getFullTextChildrenFromNode(childElem);
                     pgpKeyPacket = XMLUtils.decode(content);
                 } else {
                     other.add
                     (new javax.xml.crypto.dom.DOMStructure(childElem));
                 }
             }
             firstChild = firstChild.getNextSibling();
         }
         this.keyId = pgpKeyId;
         this.keyPacket = pgpKeyPacket;
         this.externalElements = Collections.unmodifiableList(other);
     }

     public byte[] getKeyId() {
         return keyId == null ? null : keyId.clone();
     }

     public byte[] getKeyPacket() {
         return keyPacket == null ? null : keyPacket.clone();
     }

     public List<XMLStructure> getExternalElements() {
         return externalElements;
     }

     @Override
     public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
         throws MarshalException
     {
         Document ownerDoc = DOMUtils.getOwnerDocument(parent);
         Element pdElem = DOMUtils.createElement(ownerDoc, "PGPData",
                                                 XMLSignature.XMLNS, dsPrefix);

         // create and append PGPKeyID element
         if (keyId != null) {
             Element keyIdElem = DOMUtils.createElement(ownerDoc, "PGPKeyID",
                                                        XMLSignature.XMLNS,
                                                        dsPrefix);
             keyIdElem.appendChild
                 (ownerDoc.createTextNode(XMLUtils.encodeToString(keyId)));
             pdElem.appendChild(keyIdElem);
         }

         // create and append PGPKeyPacket element
         if (keyPacket != null) {
             Element keyPktElem = DOMUtils.createElement(ownerDoc,
                                                         "PGPKeyPacket",
                                                         XMLSignature.XMLNS,
                                                         dsPrefix);
             keyPktElem.appendChild
                 (ownerDoc.createTextNode(XMLUtils.encodeToString(keyPacket)));
             pdElem.appendChild(keyPktElem);
         }

         // create and append any elements
         for (XMLStructure extElem : externalElements) {
             DOMUtils.appendChild(pdElem, ((javax.xml.crypto.dom.DOMStructure)
                 extElem).getNode());
         }

         parent.appendChild(pdElem);
     }

     /**
      * We assume packets use the new format packet syntax, as specified in
      * section 4 of RFC 2440.
      *
      * This method only checks if the packet contains a valid tag. The
      * contents of the packet should be checked by the application.
      */
     private void checkKeyPacket(byte[] keyPacket) {
         // length must be at least 3 (one byte for tag, one byte for length,
         // and minimally one byte of content
         if (keyPacket.length < 3) {
             throw new IllegalArgumentException("keypacket must be at least " +
                                                "3 bytes long");
         }

         int tag = keyPacket[0];
         // first bit must be set
         if ((tag & 128) != 128) {
             throw new IllegalArgumentException("keypacket tag is invalid: " +
                                                "bit 7 is not set");
         }
         // make sure using new format
         if ((tag & 64) != 64) {
             throw new IllegalArgumentException("old keypacket tag format is " +
                                                "unsupported");
         }

         // tag value must be 6, 14, 5 or 7
         if ((tag & 6) != 6 && (tag & 14) != 14 &&
             (tag & 5) != 5 && (tag & 7) != 7) {
             throw new IllegalArgumentException("keypacket tag is invalid: " +
                                                "must be 6, 14, 5, or 7");
         }
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	/*
	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
	*/
	package org.apache.jcp.xml.dsig.internal.dom;

	import java.util.*;

	import javax.xml.crypto.*;
	import javax.xml.crypto.dom.DOMCryptoContext;
	import javax.xml.crypto.dsig.XMLSignature;
	import javax.xml.crypto.dsig.keyinfo.PGPData;

	import org.w3c.dom.Document;
	import org.w3c.dom.Element;
	import org.w3c.dom.Node;

	import org.apache.xml.security.utils.XMLUtils;

	/**
	* DOM-based implementation of PGPData.
	*
	*/
	public final class DOMPGPData extends DOMStructure implements PGPData {

	private final byte[] keyId;
	private final byte[] keyPacket;
	private final List<XMLStructure> externalElements;

	/**
	* Creates a <code>DOMPGPData</code> containing the specified key packet.
	* and optional list of external elements.
	*
	* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
	* <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
	* array is cloned to prevent subsequent modification.
	* @param other a list of {@link XMLStructure}s representing elements from
	* an external namespace. The list is defensively copied to prevent
	* subsequent modification. May be <code>null</code> or empty.
	* @throws NullPointerException if <code>keyPacket</code> is
	* <code>null</code>
	* @throws IllegalArgumentException if the key packet is not in the
	* correct format
	* @throws ClassCastException if <code>other</code> contains any
	* entries that are not of type {@link XMLStructure}
	*/
	public DOMPGPData(byte[] keyPacket, List<? extends XMLStructure> other) {
	if (keyPacket == null) {
	throw new NullPointerException("keyPacket cannot be null");
	}
	if (other == null \|\| other.isEmpty()) {
	this.externalElements = Collections.emptyList();
	} else {
	this.externalElements =
	Collections.unmodifiableList(new ArrayList<>(other));
	for (int i = 0, size = this.externalElements.size(); i < size; i++) {
	if (!(this.externalElements.get(i) instanceof XMLStructure)) {
	throw new ClassCastException
	("other["+i+"] is not a valid PGPData type");
	}
	}
	}
	this.keyPacket = keyPacket.clone();
	checkKeyPacket(keyPacket);
	this.keyId = null;
	}

	/**
	* Creates a <code>DOMPGPData</code> containing the specified key id and
	* optional key packet and list of external elements.
	*
	* @param keyId a PGP public key id as defined in section 11.2 of
	* <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
	* array is cloned to prevent subsequent modification.
	* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
	* <a href="https://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a> (may
	* be <code>null</code>). The array is cloned to prevent subsequent
	* modification.
	* @param other a list of {@link XMLStructure}s representing elements from
	* an external namespace. The list is defensively copied to prevent
	* subsequent modification. May be <code>null</code> or empty.
	* @throws NullPointerException if <code>keyId</code> is <code>null</code>
	* @throws IllegalArgumentException if the key id or packet is not in the
	* correct format
	* @throws ClassCastException if <code>other</code> contains any
	* entries that are not of type {@link XMLStructure}
	*/
	public DOMPGPData(byte[] keyId, byte[] keyPacket,
	List<? extends XMLStructure> other)
	{
	if (keyId == null) {
	throw new NullPointerException("keyId cannot be null");
	}
	// key ids must be 8 bytes
	if (keyId.length != 8) {
	throw new IllegalArgumentException("keyId must be 8 bytes long");
	}
	if (other == null \|\| other.isEmpty()) {
	this.externalElements = Collections.emptyList();
	} else {
	this.externalElements =
	Collections.unmodifiableList(new ArrayList<>(other));
	for (int i = 0, size = this.externalElements.size(); i < size; i++) {
	if (!(this.externalElements.get(i) instanceof XMLStructure)) {
	throw new ClassCastException
	("other["+i+"] is not a valid PGPData type");
	}
	}
	}
	this.keyId = keyId.clone();
	this.keyPacket = keyPacket == null ? null
	: keyPacket.clone();
	if (keyPacket != null) {
	checkKeyPacket(keyPacket);
	}
	}

	/**
	* Creates a <code>DOMPGPData</code> from an element.
	*
	* @param pdElem a PGPData element
	*/
	public DOMPGPData(Element pdElem) throws MarshalException {
	// get all children nodes
	byte[] pgpKeyId = null;
	byte[] pgpKeyPacket = null;

	List<XMLStructure> other = new ArrayList<>();
	Node firstChild = pdElem.getFirstChild();
	while (firstChild != null) {
	if (firstChild.getNodeType() == Node.ELEMENT_NODE) {
	Element childElem = (Element)firstChild;
	String localName = childElem.getLocalName();
	String namespace = childElem.getNamespaceURI();
	if ("PGPKeyID".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
	String content = XMLUtils.getFullTextChildrenFromNode(childElem);
	pgpKeyId = XMLUtils.decode(content);
	} else if ("PGPKeyPacket".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
	String content = XMLUtils.getFullTextChildrenFromNode(childElem);
	pgpKeyPacket = XMLUtils.decode(content);
	} else {
	other.add
	(new javax.xml.crypto.dom.DOMStructure(childElem));
	}
	}
	firstChild = firstChild.getNextSibling();
	}
	this.keyId = pgpKeyId;
	this.keyPacket = pgpKeyPacket;
	this.externalElements = Collections.unmodifiableList(other);
	}

	public byte[] getKeyId() {
	return keyId == null ? null : keyId.clone();
	}

	public byte[] getKeyPacket() {
	return keyPacket == null ? null : keyPacket.clone();
	}

	public List<XMLStructure> getExternalElements() {
	return externalElements;
	}

	@Override
	public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
	throws MarshalException
	{
	Document ownerDoc = DOMUtils.getOwnerDocument(parent);
	Element pdElem = DOMUtils.createElement(ownerDoc, "PGPData",
	XMLSignature.XMLNS, dsPrefix);

	// create and append PGPKeyID element
	if (keyId != null) {
	Element keyIdElem = DOMUtils.createElement(ownerDoc, "PGPKeyID",
	XMLSignature.XMLNS,
	dsPrefix);
	keyIdElem.appendChild
	(ownerDoc.createTextNode(XMLUtils.encodeToString(keyId)));
	pdElem.appendChild(keyIdElem);
	}

	// create and append PGPKeyPacket element
	if (keyPacket != null) {
	Element keyPktElem = DOMUtils.createElement(ownerDoc,
	"PGPKeyPacket",
	XMLSignature.XMLNS,
	dsPrefix);
	keyPktElem.appendChild
	(ownerDoc.createTextNode(XMLUtils.encodeToString(keyPacket)));
	pdElem.appendChild(keyPktElem);
	}

	// create and append any elements
	for (XMLStructure extElem : externalElements) {
	DOMUtils.appendChild(pdElem, ((javax.xml.crypto.dom.DOMStructure)
	extElem).getNode());
	}

	parent.appendChild(pdElem);
	}

	/**
	* We assume packets use the new format packet syntax, as specified in
	* section 4 of RFC 2440.
	*
	* This method only checks if the packet contains a valid tag. The
	* contents of the packet should be checked by the application.
	*/
	private void checkKeyPacket(byte[] keyPacket) {
	// length must be at least 3 (one byte for tag, one byte for length,
	// and minimally one byte of content
	if (keyPacket.length < 3) {
	throw new IllegalArgumentException("keypacket must be at least " +
	"3 bytes long");
	}

	int tag = keyPacket[0];
	// first bit must be set
	if ((tag & 128) != 128) {
	throw new IllegalArgumentException("keypacket tag is invalid: " +
	"bit 7 is not set");
	}
	// make sure using new format
	if ((tag & 64) != 64) {
	throw new IllegalArgumentException("old keypacket tag format is " +
	"unsupported");
	}

	// tag value must be 6, 14, 5 or 7
	if ((tag & 6) != 6 && (tag & 14) != 14 &&
	(tag & 5) != 5 && (tag & 7) != 7) {
	throw new IllegalArgumentException("keypacket tag is invalid: " +
	"must be 6, 14, 5, or 7");
	}
	}
	}