1 /* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5 /** 6 * Licensed to the Apache Software Foundation (ASF) under one 7 * or more contributor license agreements. See the NOTICE file 8 * distributed with this work for additional information 9 * regarding copyright ownership. The ASF licenses this file 10 * to you under the Apache License, Version 2.0 (the 11 * "License"); you may not use this file except in compliance 12 * with the License. You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, 17 * software distributed under the License is distributed on an 18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19 * KIND, either express or implied. See the License for the 20 * specific language governing permissions and limitations 21 * under the License. 22 */ 23 package com.sun.org.apache.xml.internal.security.keys.content.x509; 24 25 import java.security.MessageDigest; 26 import java.security.cert.X509Certificate; 27 28 import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; 29 import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; 30 import com.sun.org.apache.xml.internal.security.utils.Constants; 31 import com.sun.org.apache.xml.internal.security.utils.Signature11ElementProxy; 32 import org.w3c.dom.Attr; 33 import org.w3c.dom.Document; 34 import org.w3c.dom.Element; 35 36 /** 37 * Provides content model support for the {@code dsig11:X509Digest} element. 38 * 39 */ 40 public class XMLX509Digest extends Signature11ElementProxy implements XMLX509DataContent { 41 42 /** 43 * Constructor XMLX509Digest 44 * 45 * @param element 46 * @param baseURI 47 * @throws XMLSecurityException 48 */ XMLX509Digest(Element element, String baseURI)49 public XMLX509Digest(Element element, String baseURI) throws XMLSecurityException { 50 super(element, baseURI); 51 } 52 53 /** 54 * Constructor XMLX509Digest 55 * 56 * @param doc 57 * @param digestBytes 58 * @param algorithmURI 59 */ XMLX509Digest(Document doc, byte[] digestBytes, String algorithmURI)60 public XMLX509Digest(Document doc, byte[] digestBytes, String algorithmURI) { 61 super(doc); 62 this.addBase64Text(digestBytes); 63 setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI); 64 } 65 66 /** 67 * Constructor XMLX509Digest 68 * 69 * @param doc 70 * @param x509certificate 71 * @param algorithmURI 72 * @throws XMLSecurityException 73 */ XMLX509Digest(Document doc, X509Certificate x509certificate, String algorithmURI)74 public XMLX509Digest(Document doc, X509Certificate x509certificate, String algorithmURI) throws XMLSecurityException { 75 super(doc); 76 this.addBase64Text(getDigestBytesFromCert(x509certificate, algorithmURI)); 77 setLocalAttribute(Constants._ATT_ALGORITHM, algorithmURI); 78 } 79 80 /** 81 * Method getAlgorithmAttr 82 * 83 * @return the Algorithm attribute 84 */ getAlgorithmAttr()85 public Attr getAlgorithmAttr() { 86 return getElement().getAttributeNodeNS(null, Constants._ATT_ALGORITHM); 87 } 88 89 /** 90 * Method getAlgorithm 91 * 92 * @return Algorithm string 93 */ getAlgorithm()94 public String getAlgorithm() { 95 return this.getAlgorithmAttr().getNodeValue(); 96 } 97 98 /** 99 * Method getDigestBytes 100 * 101 * @return the digestbytes 102 * @throws XMLSecurityException 103 */ getDigestBytes()104 public byte[] getDigestBytes() throws XMLSecurityException { 105 return this.getBytesFromTextChild(); 106 } 107 108 /** 109 * Method getDigestBytesFromCert 110 * 111 * @param cert 112 * @param algorithmURI 113 * @return digest bytes from the given certificate 114 * 115 * @throws XMLSecurityException 116 */ getDigestBytesFromCert(X509Certificate cert, String algorithmURI)117 public static byte[] getDigestBytesFromCert(X509Certificate cert, String algorithmURI) throws XMLSecurityException { 118 String jcaDigestAlgorithm = JCEMapper.translateURItoJCEID(algorithmURI); 119 if (jcaDigestAlgorithm == null) { 120 Object exArgs[] = { algorithmURI }; 121 throw new XMLSecurityException("XMLX509Digest.UnknownDigestAlgorithm", exArgs); 122 } 123 124 try { 125 MessageDigest md = MessageDigest.getInstance(jcaDigestAlgorithm); 126 return md.digest(cert.getEncoded()); 127 } catch (Exception e) { 128 Object exArgs[] = { jcaDigestAlgorithm }; 129 throw new XMLSecurityException("XMLX509Digest.FailedDigest", exArgs); 130 } 131 132 } 133 134 /** {@inheritDoc} */ getBaseLocalName()135 public String getBaseLocalName() { 136 return Constants._TAG_X509DIGEST; 137 } 138 } 139