@Override
  public Map<X509Certificate, List<X509Certificate>> getSignerCertificates(int signersType) {
    SignedContentFactory factory = equinoxContainer.getSignedContentFactory();
    if (factory == null) {
      return Collections.emptyMap();
    }

    try {
      SignerInfo[] infos = signerInfos;
      if (infos == null) {
        SignedContent signedContent = factory.getSignedContent(this);
        infos = signedContent.getSignerInfos();
        signerInfos = infos;
      }
      if (infos.length == 0) return Collections.emptyMap();
      Map<X509Certificate, List<X509Certificate>> results =
          new HashMap<X509Certificate, List<X509Certificate>>(infos.length);
      for (int i = 0; i < infos.length; i++) {
        if (signersType == SIGNERS_TRUSTED && !infos[i].isTrusted()) continue;
        Certificate[] certs = infos[i].getCertificateChain();
        if (certs == null || certs.length == 0) continue;
        List<X509Certificate> certChain = new ArrayList<X509Certificate>();
        for (int j = 0; j < certs.length; j++) certChain.add((X509Certificate) certs[j]);
        results.put((X509Certificate) certs[0], certChain);
      }
      return results;
    } catch (Exception e) {
      return Collections.emptyMap();
    }
  }
Пример #2
0
 public DOMReference(
     String uri,
     String type,
     DigestMethod dm,
     List appliedTransforms,
     Data result,
     List transforms,
     String id,
     byte[] digestValue) {
   if (dm == null) {
     throw new NullPointerException("DigestMethod must be non-null");
   }
   if (appliedTransforms == null || appliedTransforms.isEmpty()) {
     this.appliedTransforms = Collections.EMPTY_LIST;
   } else {
     List transformsCopy = new ArrayList(appliedTransforms);
     for (int i = 0, size = transformsCopy.size(); i < size; i++) {
       if (!(transformsCopy.get(i) instanceof Transform)) {
         throw new ClassCastException("appliedTransforms[" + i + "] is not a valid type");
       }
     }
     this.appliedTransforms = Collections.unmodifiableList(transformsCopy);
   }
   if (transforms == null || transforms.isEmpty()) {
     this.transforms = Collections.EMPTY_LIST;
   } else {
     List transformsCopy = new ArrayList(transforms);
     for (int i = 0, size = transformsCopy.size(); i < size; i++) {
       if (!(transformsCopy.get(i) instanceof Transform)) {
         throw new ClassCastException("transforms[" + i + "] is not a valid type");
       }
     }
     this.transforms = Collections.unmodifiableList(transformsCopy);
   }
   List all = new ArrayList(this.appliedTransforms);
   all.addAll(this.transforms);
   this.allTransforms = Collections.unmodifiableList(all);
   this.digestMethod = dm;
   this.uri = uri;
   if ((uri != null) && (!uri.equals(""))) {
     try {
       new URI(uri);
     } catch (URISyntaxException e) {
       throw new IllegalArgumentException(e.getMessage());
     }
   }
   this.type = type;
   this.id = id;
   if (digestValue != null) {
     this.digestValue = (byte[]) digestValue.clone();
     this.digested = true;
   }
   this.appliedTransformData = result;
 }
 static {
   FILE_UTILS = FileUtils.getFileUtils();
   AntClassLoader.pathMap = Collections.synchronizedMap(new HashMap<String, String>());
   AntClassLoader.subClassToLoad = null;
   CONSTRUCTOR_ARGS = new Class[] {ClassLoader.class, Project.class, Path.class, Boolean.TYPE};
   if (JavaEnvUtils.isAtLeastJavaVersion("1.5")) {
     try {
       AntClassLoader.subClassToLoad =
           Class.forName("org.apache.tools.ant.loader.AntClassLoader5");
     } catch (ClassNotFoundException ex) {
     }
   }
 }
Пример #4
0
  /** @return */
  public static String getIPv4Address() {
    String ipv4address = null;

    try {
      final List<NetworkInterface> networkinterfaces =
          Collections.list(NetworkInterface.getNetworkInterfaces());
      for (final NetworkInterface networkinterface : networkinterfaces) {
        final List<InetAddress> addresses = Collections.list(networkinterface.getInetAddresses());
        for (final InetAddress address : addresses) {
          if ((address == null) || address.isLoopbackAddress()) {
            continue;
          }
          if (address instanceof Inet4Address) {
            ipv4address = address.getHostAddress().toString();
            break;
          }
        }
      }
    } catch (Exception x) {
      DBG.m(x);
    }

    return ipv4address;
  }
Пример #5
0
  /**
   * Creates a <code>DOMReference</code> from an element.
   *
   * @param refElem a Reference element
   */
  public DOMReference(Element refElem, XMLCryptoContext context) throws MarshalException {
    // unmarshal Transforms, if specified
    Element nextSibling = DOMUtils.getFirstChildElement(refElem);
    List transforms = new ArrayList(5);
    if (nextSibling.getLocalName().equals("Transforms")) {
      Element transformElem = DOMUtils.getFirstChildElement(nextSibling);
      while (transformElem != null) {
        transforms.add(new DOMTransform(transformElem, context));
        transformElem = DOMUtils.getNextSiblingElement(transformElem);
      }
      nextSibling = DOMUtils.getNextSiblingElement(nextSibling);
    }

    // unmarshal DigestMethod
    Element dmElem = nextSibling;
    this.digestMethod = DOMDigestMethod.unmarshal(dmElem);

    // unmarshal DigestValue
    try {
      Element dvElem = DOMUtils.getNextSiblingElement(dmElem);
      this.digestValue = Base64.decode(dvElem);
    } catch (Base64DecodingException bde) {
      throw new MarshalException(bde);
    }

    // unmarshal attributes
    this.uri = DOMUtils.getAttributeValue(refElem, "URI");
    this.id = DOMUtils.getAttributeValue(refElem, "Id");

    this.type = DOMUtils.getAttributeValue(refElem, "Type");
    this.here = refElem.getAttributeNodeNS(null, "URI");
    this.refElem = refElem;

    if (transforms.isEmpty()) {
      this.transforms = Collections.EMPTY_LIST;
    } else {
      this.transforms = Collections.unmodifiableList(transforms);
    }
    this.appliedTransforms = Collections.EMPTY_LIST;
    this.allTransforms = transforms;
    this.appliedTransformData = null;
  }
Пример #6
0
  protected void expandSession(AbstractSession session) throws IOException {
    if (session != null) {
      String id = session.getId();
      HttpSession httpSession = lookupHttpSessionById.get(id);

      // Set 'timeLastAccess' upon session:
      {
        if (httpSession != null) {
          Date timeLastAccess = new Date(httpSession.getLastAccessedTime());
          session.setTimeLastAccess(timeLastAccess);
        }
      }

      expandSessionPrincipal(session);

      // Set 'requestURI' upon session:
      {
        if (httpSession != null) {
          List<String> requestURIs = RequestURISessionDecorator.getRequestURIs(httpSession);
          if (requestURIs != null) {
            Collections.reverse(requestURIs); // reverse the order!
            session.setRequestURIs(requestURIs);
          }
        }
      }

      // Set 'properties' upon session:
      {
        if (httpSession != null) {
          Map<String, Object> m = PropertiesSessionDecorator.getProperties(httpSession);
          if (m != null) {
            Properties properties = convertProperties(m);
            session.setProperties(properties);
          }
        }
      }
    }
  }
Пример #7
0
/**
 * @author <a href="mailto:[email protected]" >Morten Sabroe Mortensen</a>
 * @version $Id: HttpSessionAccessor.java,v 1.8 2007/05/21 17:56:06 momor Exp $
 */
public class HttpSessionAccessor extends AbstractSessionAccessor {
  /** Constructor. */
  public HttpSessionAccessor() {
    super();
  }

  /** */
  private static final Map<String, AbstractSession> lookupSessionById =
      new HashMap<String, AbstractSession>();

  /** */
  private static final Map<String, HttpSession> lookupHttpSessionById =
      Collections.synchronizedMap(new HashMap<String, HttpSession>());

  /** */
  private static int sessionCountMax;

  /** */
  private static Long sessionCountMaxTime;

  /** */
  public static synchronized void sessionCreated(HttpSessionEvent ev) {
    HttpSession httpSession = ev.getSession();
    String id = httpSession.getId();

    // Remember HTTP-session:
    {
      lookupHttpSessionById.put(id, httpSession);
    }

    AbstractSession session = null;

    synchronized (lookupSessionById) {
      session = lookupSessionById.get(id);
    }

    if (session == null) {
      Principal userPrincipal = null;
      Date timeCreation = new Date(httpSession.getCreationTime());
      Date timeLastAccess = new Date(httpSession.getLastAccessedTime());
      List<String> urisForLastRequests = null;
      Properties properties = null;

      session =
          new DefaultSession(
              id, userPrincipal, timeCreation, timeLastAccess, urisForLastRequests, properties);

      synchronized (lookupSessionById) {
        lookupSessionById.put(id, session);

        // Update 'sessionCountMax':
        {
          int sessionCount = lookupSessionById.size();
          if (sessionCount > sessionCountMax) {
            sessionCountMax = sessionCount;
            sessionCountMaxTime = System.currentTimeMillis();
          }
        }
      }
    }
  }

  /** */
  public static synchronized void sessionDestroyed(HttpSessionEvent ev) {
    HttpSession httpSession = ev.getSession();
    String id = httpSession.getId();

    synchronized (lookupSessionById) {
      lookupSessionById.remove(id);
    }

    // Forget HTTP-session:
    {
      lookupHttpSessionById.remove(id);
    }
  }

  /** */
  public Integer getSessionCount() throws IOException {
    Integer res = null;

    {
      synchronized (lookupSessionById) {
        res = lookupSessionById.size();
      }
    }

    return res;
  }

  /** */
  public Integer getSessionCountMax() throws IOException {
    Integer res = null;

    {
      synchronized (lookupSessionById) {
        res = sessionCountMax;
      }
    }

    return res;
  }

  /** */
  public void resetSessionCountMax() throws IOException {
    synchronized (lookupSessionById) {
      sessionCountMax = 0;
    }
  }

  /** */
  public List<String> getSessionIds() throws IOException {
    List<String> res = null;

    {
      synchronized (lookupSessionById) {
        Set<String> keySet = lookupSessionById.keySet();
        if (keySet != null) {
          res = new ArrayList<String>();
          res.addAll(keySet);
        }
      }
    }

    return res;
  }

  /** */
  public List<Session> getSessions() throws IOException {
    List<Session> res = null;

    {
      synchronized (lookupSessionById) {
        Collection<AbstractSession> values = lookupSessionById.values();
        if (values != null) {
          res = new ArrayList<Session>();

          for (AbstractSession session : values) {
            expandSession(session);
          }

          res.addAll(values);
        }
      }
    }

    return res;
  }

  /** */
  protected void expandSessionPrincipal(AbstractSession session) throws IOException {
    if (session != null) {
      String id = session.getId();
      HttpSession httpSession = lookupHttpSessionById.get(id);

      // Set 'userPrincipal' upon session:
      {
        if (httpSession != null) {
          Principal userPrincipal = PrincipalSessionDecorator.getPrincipal(httpSession);
          if (userPrincipal != null) {
            session.setUserPrincipal(userPrincipal);
          }
        }
      }
    }
  }

  /** */
  protected void expandSession(AbstractSession session) throws IOException {
    if (session != null) {
      String id = session.getId();
      HttpSession httpSession = lookupHttpSessionById.get(id);

      // Set 'timeLastAccess' upon session:
      {
        if (httpSession != null) {
          Date timeLastAccess = new Date(httpSession.getLastAccessedTime());
          session.setTimeLastAccess(timeLastAccess);
        }
      }

      expandSessionPrincipal(session);

      // Set 'requestURI' upon session:
      {
        if (httpSession != null) {
          List<String> requestURIs = RequestURISessionDecorator.getRequestURIs(httpSession);
          if (requestURIs != null) {
            Collections.reverse(requestURIs); // reverse the order!
            session.setRequestURIs(requestURIs);
          }
        }
      }

      // Set 'properties' upon session:
      {
        if (httpSession != null) {
          Map<String, Object> m = PropertiesSessionDecorator.getProperties(httpSession);
          if (m != null) {
            Properties properties = convertProperties(m);
            session.setProperties(properties);
          }
        }
      }
    }
  }

  /** */
  protected Properties convertProperties(Map<String, Object> m) {
    Properties res = null;

    {
      if (m != null) {
        res = new Properties();

        Set<String> keys = m.keySet();
        for (String key : keys) {
          String value = null;

          // Set 'value':
          {
            Object o = m.get(key);
            if (o != null) {
              value = o.toString();
            }
          }

          res.setProperty(key, value);
        }
      }
    }

    return res;
  }

  /** */
  public Session getSessionFromId(String id) throws IOException {
    Session res = null;

    {
      synchronized (lookupSessionById) {
        AbstractSession session = lookupSessionById.get(id);
        expandSession(session);
        res = session;
      }
    }

    return res;
  }

  /** */
  protected List<AbstractSession> filterByUserPrincipal(
      Collection<AbstractSession> values, Principal userPrincipal) throws IOException {
    List<AbstractSession> res = null;

    {
      if (values != null) {
        res = new ArrayList<AbstractSession>();

        for (AbstractSession session : values) {
          expandSessionPrincipal(session);
        }

        if (userPrincipal == null) {
          for (AbstractSession session : values) {
            Principal p = session.getUserPrincipal();
            if (p == null) {
              res.add(session);
            }
          }
        } else {
          for (AbstractSession session : values) {
            Principal p = session.getUserPrincipal();
            if (PrincipalUtil.equalsIgnoreRealm(userPrincipal, p)) {
              res.add(session);
            }
          }
        }
      }
    }

    return res;
  }

  /** */
  public List<Session> getSessionsFromUserPrincipal(Principal userPrincipal) throws IOException {
    List<Session> res = null;

    {
      synchronized (lookupSessionById) {
        Collection<AbstractSession> values = lookupSessionById.values();
        values = filterByUserPrincipal(values, userPrincipal);

        if (values != null) {
          res = new ArrayList<Session>();

          for (AbstractSession session : values) {
            expandSession(session);
          }

          res.addAll(values);
        }
      }
    }

    return res;
  }

  /** */
  public Properties getProperties() throws IOException {
    Properties res = null;

    {
      res = super.getProperties();

      if (res == null) {
        res = new Properties();
      }

      Integer sessionCount = null;
      Integer sessionCountMax = null;
      Long sessionCountMaxTime = null;

      synchronized (lookupSessionById) {
        sessionCount = lookupSessionById.size();
        sessionCountMax = this.sessionCountMax;
        sessionCountMaxTime = this.sessionCountMaxTime;
      }

      if (sessionCount != null) {
        res.setProperty("session.count", Integer.toString(sessionCount));
      }

      if (sessionCountMax != null) {
        res.setProperty("session.count-max", Integer.toString(sessionCountMax));
      }

      if (sessionCountMaxTime != null) {
        String sessionCountMaxTimeText =
            ApplicationConstants.FORMAT_DATE.format(sessionCountMaxTime);
        res.setProperty("session.count-max.timestamp", sessionCountMaxTimeText);
      }
    }

    return res;
  }

  /** */
  public void dispose() {
    super.dispose();
  }
}
Пример #8
0
  X509Certificate[] engineValidate(X509Certificate[] chain, Collection otherCerts, Object parameter)
      throws CertificateException {
    if ((chain == null) || (chain.length == 0)) {
      throw new CertificateException("null or zero-length certificate chain");
    }
    if (TRY_VALIDATOR) {
      // check that chain is in correct order and check if chain contains
      // trust anchor
      X500Principal prevIssuer = null;
      for (int i = 0; i < chain.length; i++) {
        X509Certificate cert = chain[i];
        X500Principal dn = cert.getSubjectX500Principal();
        if (i != 0 && !dn.equals(prevIssuer)) {
          // chain is not ordered correctly, call builder instead
          return doBuild(chain, otherCerts);
        }

        // Check if chain[i] is already trusted. It may be inside
        // trustedCerts, or has the same dn and public key as a cert
        // inside trustedCerts. The latter happens when a CA has
        // updated its cert with a stronger signature algorithm in JRE
        // but the weak one is still in circulation.

        if (trustedCerts.contains(cert)
            || // trusted cert
            (trustedSubjects.containsKey(dn)
                && // replacing ...
                trustedSubjects
                    .get(dn)
                    .contains( // ... weak cert
                        cert.getPublicKey()))) {
          if (i == 0) {
            return new X509Certificate[] {chain[0]};
          }
          // Remove and call validator on partial chain [0 .. i-1]
          X509Certificate[] newChain = new X509Certificate[i];
          System.arraycopy(chain, 0, newChain, 0, i);
          return doValidate(newChain);
        }
        prevIssuer = cert.getIssuerX500Principal();
      }

      // apparently issued by trust anchor?
      X509Certificate last = chain[chain.length - 1];
      X500Principal issuer = last.getIssuerX500Principal();
      X500Principal subject = last.getSubjectX500Principal();
      if (trustedSubjects.containsKey(issuer)
          && isSignatureValid(trustedSubjects.get(issuer), last)) {
        return doValidate(chain);
      }

      // don't fallback to builder if called from plugin/webstart
      if (plugin) {
        // Validate chain even if no trust anchor is found. This
        // allows plugin/webstart to make sure the chain is
        // otherwise valid
        if (chain.length > 1) {
          X509Certificate[] newChain = new X509Certificate[chain.length - 1];
          System.arraycopy(chain, 0, newChain, 0, newChain.length);
          // temporarily set last cert as sole trust anchor
          PKIXBuilderParameters params = (PKIXBuilderParameters) parameterTemplate.clone();
          try {
            params.setTrustAnchors(
                Collections.singleton(new TrustAnchor(chain[chain.length - 1], null)));
          } catch (InvalidAlgorithmParameterException iape) {
            // should never occur, but ...
            throw new CertificateException(iape);
          }
          doValidate(newChain, params);
        }
        // if the rest of the chain is valid, throw exception
        // indicating no trust anchor was found
        throw new ValidatorException(ValidatorException.T_NO_TRUST_ANCHOR);
      }
      // otherwise, fall back to builder
    }

    return doBuild(chain, otherCerts);
  }
Пример #9
0
 public synchronized List getManifestDigests() {
   return Collections.unmodifiableList(manifestDigests);
 }