1 17 package com.sun.org.apache.xml.internal.security.algorithms.implementations; 18 19 20 21 import java.security.InvalidAlgorithmParameterException ; 22 import java.security.InvalidKeyException ; 23 import java.security.Key ; 24 import java.security.SecureRandom ; 25 import java.security.spec.AlgorithmParameterSpec ; 26 27 import javax.crypto.Mac; 28 import javax.crypto.SecretKey; 29 30 import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; 31 import com.sun.org.apache.xml.internal.security.algorithms.MessageDigestAlgorithm; 32 import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi; 33 import com.sun.org.apache.xml.internal.security.signature.XMLSignature; 34 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; 35 import com.sun.org.apache.xml.internal.security.utils.Constants; 36 import com.sun.org.apache.xml.internal.security.utils.XMLUtils; 37 import org.w3c.dom.Document ; 38 import org.w3c.dom.Element ; 39 import org.w3c.dom.Text ; 40 41 42 46 public abstract class IntegrityHmac extends SignatureAlgorithmSpi { 47 48 49 static java.util.logging.Logger log = 50 java.util.logging.Logger.getLogger(IntegrityHmacSHA1.class.getName()); 51 52 57 public abstract String engineGetURI(); 58 59 60 private Mac _macAlgorithm = null; 61 62 63 int _HMACOutputLength = 0; 64 65 70 public IntegrityHmac() throws XMLSignatureException { 71 72 String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); 73 if (true) 74 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID); 75 76 try { 77 this._macAlgorithm = Mac.getInstance(algorithmID); 78 } catch (java.security.NoSuchAlgorithmException ex) { 79 Object [] exArgs = { algorithmID, 80 ex.getLocalizedMessage() }; 81 82 throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); 83 } 84 } 85 86 93 protected void engineSetParameter(AlgorithmParameterSpec params) 94 throws XMLSignatureException { 95 throw new XMLSignatureException("empty"); 96 } 97 98 106 protected boolean engineVerify(byte[] signature) 107 throws XMLSignatureException { 108 109 try { 110 byte[] completeResult = this._macAlgorithm.doFinal(); 111 112 if ((this._HMACOutputLength == 0) || (this._HMACOutputLength >= 160)) { 113 return MessageDigestAlgorithm.isEqual(completeResult, signature); 114 } 115 byte[] stripped = IntegrityHmac.reduceBitLength(completeResult, 116 this._HMACOutputLength); 117 return MessageDigestAlgorithm.isEqual(stripped, signature); 118 } catch (IllegalStateException ex) { 119 throw new XMLSignatureException("empty", ex); 120 } 121 } 122 123 130 protected void engineInitVerify(Key secretKey) throws XMLSignatureException { 131 132 if (!(secretKey instanceof SecretKey)) { 133 String supplied = secretKey.getClass().getName(); 134 String needed = SecretKey.class.getName(); 135 Object exArgs[] = { supplied, needed }; 136 137 throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", 138 exArgs); 139 } 140 141 try { 142 this._macAlgorithm.init(secretKey); 143 } catch (InvalidKeyException ex) { 144 throw new XMLSignatureException("empty", ex); 145 } 146 } 147 148 155 protected byte[] engineSign() throws XMLSignatureException { 156 157 try { 158 byte[] completeResult = this._macAlgorithm.doFinal(); 159 160 if ((this._HMACOutputLength == 0) || (this._HMACOutputLength >= 160)) { 161 return completeResult; 162 } 163 return IntegrityHmac.reduceBitLength(completeResult, 164 this._HMACOutputLength); 165 166 } catch (IllegalStateException ex) { 167 throw new XMLSignatureException("empty", ex); 168 } 169 } 170 171 179 private static byte[] reduceBitLength(byte completeResult[], int length) { 180 181 int bytes = length / 8; 182 int abits = length % 8; 183 byte[] strippedResult = new byte[bytes + ((abits == 0) 184 ? 0 185 : 1)]; 186 187 System.arraycopy(completeResult, 0, strippedResult, 0, bytes); 188 189 if (abits > 0) { 190 byte[] MASK = { (byte) 0x00, (byte) 0x80, (byte) 0xC0, (byte) 0xE0, 191 (byte) 0xF0, (byte) 0xF8, (byte) 0xFC, (byte) 0xFE }; 192 193 strippedResult[bytes] = (byte) (completeResult[bytes] & MASK[abits]); 194 } 195 196 return strippedResult; 197 } 198 199 205 protected void engineInitSign(Key secretKey) throws XMLSignatureException { 206 207 if (!(secretKey instanceof SecretKey)) { 208 String supplied = secretKey.getClass().getName(); 209 String needed = SecretKey.class.getName(); 210 Object exArgs[] = { supplied, needed }; 211 212 throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", 213 exArgs); 214 } 215 216 try { 217 this._macAlgorithm.init(secretKey); 218 } catch (InvalidKeyException ex) { 219 throw new XMLSignatureException("empty", ex); 220 } 221 } 222 223 230 protected void engineInitSign( 231 Key secretKey, AlgorithmParameterSpec algorithmParameterSpec) 232 throws XMLSignatureException { 233 234 if (!(secretKey instanceof SecretKey)) { 235 String supplied = secretKey.getClass().getName(); 236 String needed = SecretKey.class.getName(); 237 Object exArgs[] = { supplied, needed }; 238 239 throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", 240 exArgs); 241 } 242 243 try { 244 this._macAlgorithm.init(secretKey, algorithmParameterSpec); 245 } catch (InvalidKeyException ex) { 246 throw new XMLSignatureException("empty", ex); 247 } catch (InvalidAlgorithmParameterException ex) { 248 throw new XMLSignatureException("empty", ex); 249 } 250 } 251 252 259 protected void engineInitSign(Key secretKey, SecureRandom secureRandom) 260 throws XMLSignatureException { 261 throw new XMLSignatureException("algorithms.CannotUseSecureRandomOnMAC"); 262 } 263 264 271 protected void engineUpdate(byte[] input) throws XMLSignatureException { 272 273 try { 274 this._macAlgorithm.update(input); 275 } catch (IllegalStateException ex) { 276 throw new XMLSignatureException("empty", ex); 277 } 278 } 279 280 287 protected void engineUpdate(byte input) throws XMLSignatureException { 288 289 try { 290 this._macAlgorithm.update(input); 291 } catch (IllegalStateException ex) { 292 throw new XMLSignatureException("empty", ex); 293 } 294 } 295 296 305 protected void engineUpdate(byte buf[], int offset, int len) 306 throws XMLSignatureException { 307 308 try { 309 this._macAlgorithm.update(buf, offset, len); 310 } catch (IllegalStateException ex) { 311 throw new XMLSignatureException("empty", ex); 312 } 313 } 314 315 320 protected String engineGetJCEAlgorithmString() { 321 322 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()"); 323 324 return this._macAlgorithm.getAlgorithm(); 325 } 326 327 332 protected String engineGetJCEProviderName() { 333 return this._macAlgorithm.getProvider().getName(); 334 } 335 336 341 protected void engineSetHMACOutputLength(int HMACOutputLength) { 342 this._HMACOutputLength = HMACOutputLength; 343 } 344 345 350 protected void engineGetContextFromElement(Element element) { 351 352 super.engineGetContextFromElement(element); 353 354 if (element == null) { 355 throw new IllegalArgumentException ("element null"); 356 } 357 358 Text hmaclength =XMLUtils.selectDsNodeText(element.getFirstChild(), 359 Constants._TAG_HMACOUTPUTLENGTH,0); 360 361 if (hmaclength != null) { 362 this._HMACOutputLength = Integer.parseInt(hmaclength.getData()); 363 } 364 365 } 366 367 372 public void engineAddContextToElement(Element element) 373 { 374 375 if (element == null) { 376 throw new IllegalArgumentException ("null element"); 377 } 378 379 if (this._HMACOutputLength != 0) { 380 Document doc = element.getOwnerDocument(); 381 Element HMElem = XMLUtils.createElementInSignatureSpace(doc, 382 Constants._TAG_HMACOUTPUTLENGTH); 383 Text HMText = 384 doc.createTextNode(new Integer (this._HMACOutputLength).toString()); 385 386 HMElem.appendChild(HMText); 387 XMLUtils.addReturnToElement(element); 388 element.appendChild(HMElem); 389 XMLUtils.addReturnToElement(element); 390 } 391 } 392 393 399 public static class IntegrityHmacSHA1 extends IntegrityHmac { 400 401 406 public IntegrityHmacSHA1() throws XMLSignatureException { 407 super(); 408 } 409 410 415 public String engineGetURI() { 416 return XMLSignature.ALGO_ID_MAC_HMAC_SHA1; 417 } 418 } 419 420 426 public static class IntegrityHmacSHA256 extends IntegrityHmac { 427 428 433 public IntegrityHmacSHA256() throws XMLSignatureException { 434 super(); 435 } 436 437 442 public String engineGetURI() { 443 return XMLSignature.ALGO_ID_MAC_HMAC_SHA256; 444 } 445 } 446 447 453 public static class IntegrityHmacSHA384 extends IntegrityHmac { 454 455 460 public IntegrityHmacSHA384() throws XMLSignatureException { 461 super(); 462 } 463 464 469 public String engineGetURI() { 470 return XMLSignature.ALGO_ID_MAC_HMAC_SHA384; 471 } 472 } 473 474 480 public static class IntegrityHmacSHA512 extends IntegrityHmac { 481 482 487 public IntegrityHmacSHA512() throws XMLSignatureException { 488 super(); 489 } 490 491 496 public String engineGetURI() { 497 return XMLSignature.ALGO_ID_MAC_HMAC_SHA512; 498 } 499 } 500 501 507 public static class IntegrityHmacRIPEMD160 extends IntegrityHmac { 508 509 514 public IntegrityHmacRIPEMD160() throws XMLSignatureException { 515 super(); 516 } 517 518 523 public String engineGetURI() { 524 return XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160; 525 } 526 } 527 528 534 public static class IntegrityHmacMD5 extends IntegrityHmac { 535 536 541 public IntegrityHmacMD5() throws XMLSignatureException { 542 super(); 543 } 544 545 550 public String engineGetURI() { 551 return XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5; 552 } 553 } 554 } 555 | Popular Tags |