# HG changeset patch # User Andrew John Hughes # Date 1371937104 18000 # Node ID 08ce3247b5b05bae61b9b24a871cd48f882d7e1a # Parent 36d69d052be1ed03edbdcf9a126f41ddda3d343a Add 2013/06/18 security patches. 2013-06-22 Andrew John Hughes * patches/idresolver_fix.patch: Removed. Part of 6469266. * Makefile.am: (SECURITY_PATCHES): Add new ones. (SPECIAL_SECURITY_PATCH_1): Renamed from SPECIAL_SECURITY_PATCH. (SPECIAL_SECURITY_PATCH_2): Add 8009071, which needs to be applied after some AWT backports. (ICEDTEA_PATCHES): Use SPECIAL_SECURITY_PATCH_{1,2}. Move 8005615, 8007393 & 8007611 to SECURITY_PATCHES as must be applied before 8004584. Add 7171223 to end. * patches/openjdk/6307603-xrender-01.patch, * patches/openjdk/6469266-xmlsec_1.4.2.patch, * patches/openjdk/6656651-windows_lcd_glyphs.patch, * patches/openjdk/6786028-wcag_bold_tags.patch, * patches/openjdk/6786682-wcag_lang.patch, * patches/openjdk/6786688-wcag_table.patch, * patches/openjdk/6786690-wcag_dl.patch, * patches/openjdk/6802694-no_deprecated.patch, * patches/openjdk/6851834-restructure.patch, * patches/openjdk/6888167-medialib_memory_leaks.patch, * patches/openjdk/6961178-doclet_xml.patch, * patches/openjdk/6990754-use_native_memory_for_symboltable.patch, * patches/openjdk/7006270-regressions.patch, * patches/openjdk/7008809-report_class_in_arraystoreexception.patch, * patches/openjdk/7014851-unused_parallel_compaction_code.patch, * patches/openjdk/7017732-move_static_fields_to_class.patch, * patches/openjdk/7036747-elfstringtable.patch, * patches/openjdk/7086585-flexible_field_injection.patch, * patches/openjdk/7171223-strict_aliasing.patch, * patches/openjdk/7195301-no_instanceof_node.patch, * patches/security/20130618/6741606-apache_santuario.patch, * patches/security/20130618/7158805-nested_subroutine_rewriting.patch, * patches/security/20130618/7170730-windows_network_stack.patch, * patches/security/20130618/8000638-improve_deserialization.patch, * patches/security/20130618/8000642-better_transportation_handling.patch, * patches/security/20130618/8001032-restrict_object_access-corba.patch, * patches/security/20130618/8001032-restrict_object_access-jdk.patch, * patches/security/20130618/8001033-refactor_address_handling.patch, * patches/security/20130618/8001034-memory_management.patch, * patches/security/20130618/8001038-resourcefully_handle_resources.patch, * patches/security/20130618/8001043-clarify_definition_restrictions.patch, * patches/security/20130618/8001309-better_handling_of_annotation_interfaces.patch, * patches/security/20130618/8001318-6_fixup.patch, * patches/security/20130618/8001318-socket_getlocaladdress_consistency.patch, * patches/security/20130618/8001330-checking_order_improvement.patch, * patches/security/20130618/8001330-improve_checking_order.patch, * patches/security/20130618/8003703-update_rmi_connection_dialog.patch, * patches/security/20130618/8004584-augment_applet_contextualization.patch, * patches/security/20130618/8005007-better_glyph_processing.patch, * patches/security/20130618/8006328-6_fixup.patch, * patches/security/20130618/8006328-sound_class_robustness.patch, * patches/security/20130618/8006611-improve_scripting.patch, * patches/security/20130618/8007467-improve_jmx_internal_api_robustness.patch, * patches/security/20130618/8007471-6_fixup.patch, * patches/security/20130618/8007471-improve_mbean_notifications.patch, * patches/security/20130618/8007812-getenclosingmethod.patch, * patches/security/20130618/8008120-improve_jmx_class_checking.patch, * patches/security/20130618/8008124-better_compliance_testing.patch, * patches/security/20130618/8008128-better_jmx_api_coherence.patch, * patches/security/20130618/8008132-better_serialization.patch, * patches/security/20130618/8008585-jmx_data_handling.patch, * patches/security/20130618/8008593-better_urlclassloader.patch, * patches/security/20130618/8008603-jmx_provider_provision.patch, * patches/security/20130618/8008611-6_fixup.patch, * patches/security/20130618/8008611-jmx_annotations.patch, * patches/security/20130618/8008615-jmx_internal_api_robustness.patch, * patches/security/20130618/8008623-mbeanserver_handling.patch, * patches/security/20130618/8008744-6741606_rework.patch, * patches/security/20130618/8008982-jmx_interface_changes.patch, * patches/security/20130618/8009004-rmi_connection_improvement.patch, * patches/security/20130618/8009013-t2k_glyphs.patch, * patches/security/20130618/8009034-jmx_notification_improvement.patch, * patches/security/20130618/8009038-jmx_notification_support_improvement.patch, * patches/security/20130618/8009067-improve_key_storing.patch, * patches/security/20130618/8009071-improve_shape_handling.patch, * patches/security/20130618/8009235-improve_tsa_data_handling.patch, * patches/security/20130618/8009554-serialjavaobject.patch, * patches/security/20130618/8011243-improve_imaginglib.patch, * patches/security/20130618/8011248-better_component_rasters.patch, * patches/security/20130618/8011253-better_short_component_rasters.patch, * patches/security/20130618/8011257-better_byte_component_rasters.patch, * patches/security/20130618/8011557-improve_reflection.patch, * patches/security/20130618/8012375-javadoc_framing.patch, * patches/security/20130618/8012421-better_positioning.patch, * patches/security/20130618/8012438-better_image_validation.patch, * patches/security/20130618/8012597-better_image_channel_validation.patch, * patches/security/20130618/8012601-better_layout_validation.patch, * patches/security/20130618/8014281-better_xml_signature_checking.patch, * patches/security/20130618/8015997-more_javadoc_framing.patch, * patches/security/20130618/diamond_fix.patch, * patches/security/20130618/handle_npe.patch, * patches/security/20130618/hs_merge-01.patch, * patches/security/20130618/hs_merge-02.patch, * patches/security/20130618/hs_merge-03.patch, * patches/security/20130618/hs_merge-04.patch, * patches/security/20130618/javac_issue.patch, * patches/security/20130618/langtools_generics.patch, * patches/security/20130618/langtools_merge-01.patch, * patches/security/20130618/langtools_merge-02.patch, * patches/security/20130618/langtools_merge-03.patch: 2013/06/18 security patches. * patches/apache-xml-internal-fix-bug-38655.patch: Remove. diff -r 36d69d052be1 -r 08ce3247b5b0 ChangeLog --- a/ChangeLog Thu Apr 25 14:14:05 2013 +0100 +++ b/ChangeLog Sat Jun 22 16:38:24 2013 -0500 @@ -1,3 +1,110 @@ +2013-06-22 Andrew John Hughes + + * patches/idresolver_fix.patch: + Removed. Part of 6469266. + * Makefile.am: + (SECURITY_PATCHES): Add new ones. + (SPECIAL_SECURITY_PATCH_1): Renamed from + SPECIAL_SECURITY_PATCH. + (SPECIAL_SECURITY_PATCH_2): Add 8009071, which + needs to be applied after some AWT backports. + (ICEDTEA_PATCHES): Use SPECIAL_SECURITY_PATCH_{1,2}. + Move 8005615, 8007393 & 8007611 to SECURITY_PATCHES + as must be applied before 8004584. Add 7171223 to + end. + * patches/openjdk/6307603-xrender-01.patch, + * patches/openjdk/6469266-xmlsec_1.4.2.patch, + * patches/openjdk/6656651-windows_lcd_glyphs.patch, + * patches/openjdk/6786028-wcag_bold_tags.patch, + * patches/openjdk/6786682-wcag_lang.patch, + * patches/openjdk/6786688-wcag_table.patch, + * patches/openjdk/6786690-wcag_dl.patch, + * patches/openjdk/6802694-no_deprecated.patch, + * patches/openjdk/6851834-restructure.patch, + * patches/openjdk/6888167-medialib_memory_leaks.patch, + * patches/openjdk/6961178-doclet_xml.patch, + * patches/openjdk/6990754-use_native_memory_for_symboltable.patch, + * patches/openjdk/7006270-regressions.patch, + * patches/openjdk/7008809-report_class_in_arraystoreexception.patch, + * patches/openjdk/7014851-unused_parallel_compaction_code.patch, + * patches/openjdk/7017732-move_static_fields_to_class.patch, + * patches/openjdk/7036747-elfstringtable.patch, + * patches/openjdk/7086585-flexible_field_injection.patch, + * patches/openjdk/7171223-strict_aliasing.patch, + * patches/openjdk/7195301-no_instanceof_node.patch, + * patches/security/20130618/6741606-apache_santuario.patch, + * patches/security/20130618/7158805-nested_subroutine_rewriting.patch, + * patches/security/20130618/7170730-windows_network_stack.patch, + * patches/security/20130618/8000638-improve_deserialization.patch, + * patches/security/20130618/8000642-better_transportation_handling.patch, + * patches/security/20130618/8001032-restrict_object_access-corba.patch, + * patches/security/20130618/8001032-restrict_object_access-jdk.patch, + * patches/security/20130618/8001033-refactor_address_handling.patch, + * patches/security/20130618/8001034-memory_management.patch, + * patches/security/20130618/8001038-resourcefully_handle_resources.patch, + * patches/security/20130618/8001043-clarify_definition_restrictions.patch, + * patches/security/20130618/8001309-better_handling_of_annotation_interfaces.patch, + * patches/security/20130618/8001318-6_fixup.patch, + * patches/security/20130618/8001318-socket_getlocaladdress_consistency.patch, + * patches/security/20130618/8001330-checking_order_improvement.patch, + * patches/security/20130618/8001330-improve_checking_order.patch, + * patches/security/20130618/8003703-update_rmi_connection_dialog.patch, + * patches/security/20130618/8004584-augment_applet_contextualization.patch, + * patches/security/20130618/8005007-better_glyph_processing.patch, + * patches/security/20130618/8006328-6_fixup.patch, + * patches/security/20130618/8006328-sound_class_robustness.patch, + * patches/security/20130618/8006611-improve_scripting.patch, + * patches/security/20130618/8007467-improve_jmx_internal_api_robustness.patch, + * patches/security/20130618/8007471-6_fixup.patch, + * patches/security/20130618/8007471-improve_mbean_notifications.patch, + * patches/security/20130618/8007812-getenclosingmethod.patch, + * patches/security/20130618/8008120-improve_jmx_class_checking.patch, + * patches/security/20130618/8008124-better_compliance_testing.patch, + * patches/security/20130618/8008128-better_jmx_api_coherence.patch, + * patches/security/20130618/8008132-better_serialization.patch, + * patches/security/20130618/8008585-jmx_data_handling.patch, + * patches/security/20130618/8008593-better_urlclassloader.patch, + * patches/security/20130618/8008603-jmx_provider_provision.patch, + * patches/security/20130618/8008611-6_fixup.patch, + * patches/security/20130618/8008611-jmx_annotations.patch, + * patches/security/20130618/8008615-jmx_internal_api_robustness.patch, + * patches/security/20130618/8008623-mbeanserver_handling.patch, + * patches/security/20130618/8008744-6741606_rework.patch, + * patches/security/20130618/8008982-jmx_interface_changes.patch, + * patches/security/20130618/8009004-rmi_connection_improvement.patch, + * patches/security/20130618/8009013-t2k_glyphs.patch, + * patches/security/20130618/8009034-jmx_notification_improvement.patch, + * patches/security/20130618/8009038-jmx_notification_support_improvement.patch, + * patches/security/20130618/8009067-improve_key_storing.patch, + * patches/security/20130618/8009071-improve_shape_handling.patch, + * patches/security/20130618/8009235-improve_tsa_data_handling.patch, + * patches/security/20130618/8009554-serialjavaobject.patch, + * patches/security/20130618/8011243-improve_imaginglib.patch, + * patches/security/20130618/8011248-better_component_rasters.patch, + * patches/security/20130618/8011253-better_short_component_rasters.patch, + * patches/security/20130618/8011257-better_byte_component_rasters.patch, + * patches/security/20130618/8011557-improve_reflection.patch, + * patches/security/20130618/8012375-javadoc_framing.patch, + * patches/security/20130618/8012421-better_positioning.patch, + * patches/security/20130618/8012438-better_image_validation.patch, + * patches/security/20130618/8012597-better_image_channel_validation.patch, + * patches/security/20130618/8012601-better_layout_validation.patch, + * patches/security/20130618/8014281-better_xml_signature_checking.patch, + * patches/security/20130618/8015997-more_javadoc_framing.patch, + * patches/security/20130618/diamond_fix.patch, + * patches/security/20130618/handle_npe.patch, + * patches/security/20130618/hs_merge-01.patch, + * patches/security/20130618/hs_merge-02.patch, + * patches/security/20130618/hs_merge-03.patch, + * patches/security/20130618/hs_merge-04.patch, + * patches/security/20130618/javac_issue.patch, + * patches/security/20130618/langtools_generics.patch, + * patches/security/20130618/langtools_merge-01.patch, + * patches/security/20130618/langtools_merge-02.patch, + * patches/security/20130618/langtools_merge-03.patch: + 2013/06/18 security patches. + * patches/apache-xml-internal-fix-bug-38655.patch: Remove. + 2013-04-25 Andrew John Hughes * configure.ac: Bump to 1.12.6pre. diff -r 36d69d052be1 -r 08ce3247b5b0 Makefile.am --- a/Makefile.am Thu Apr 25 14:14:05 2013 +0100 +++ b/Makefile.am Sat Jun 22 16:38:24 2013 -0500 @@ -336,9 +336,99 @@ patches/security/20130416/8009305.patch \ patches/security/20130416/8009699.patch \ patches/security/20130416/8009814.patch \ - patches/security/20130416/8009857.patch + patches/security/20130416/8009857.patch \ + patches/openjdk/7195301-no_instanceof_node.patch \ + patches/openjdk/6469266-xmlsec_1.4.2.patch \ + patches/security/20130618/6741606-apache_santuario.patch \ + patches/security/20130618/7170730-windows_network_stack.patch \ + patches/security/20130618/8000638-improve_deserialization.patch \ + patches/security/20130618/8001032-restrict_object_access-corba.patch \ + patches/security/20130618/8001032-restrict_object_access-jdk.patch \ + patches/security/20130618/8001033-refactor_address_handling.patch \ + patches/security/20130618/8001034-memory_management.patch \ + patches/security/20130618/8001038-resourcefully_handle_resources.patch \ + patches/security/20130618/8001043-clarify_definition_restrictions.patch \ + patches/security/20130618/8001309-better_handling_of_annotation_interfaces.patch \ + patches/security/20130618/8001318-socket_getlocaladdress_consistency.patch \ + patches/security/20130618/8001318-6_fixup.patch \ + patches/security/20130618/8001330-improve_checking_order.patch \ + patches/security/20130618/8003703-update_rmi_connection_dialog.patch \ + patches/openjdk/8005615-failure_to_load_logger_implementation.patch \ + patches/openjdk/8007393.patch \ + patches/openjdk/8007611.patch \ + patches/security/20130618/8004584-augment_applet_contextualization.patch \ + patches/security/20130618/8005007-better_glyph_processing.patch \ + patches/security/20130618/8006328-sound_class_robustness.patch \ + patches/security/20130618/8006328-6_fixup.patch \ + patches/security/20130618/8006611-improve_scripting.patch \ + patches/security/20130618/8007467-improve_jmx_internal_api_robustness.patch \ + patches/security/20130618/8007471-improve_mbean_notifications.patch \ + patches/security/20130618/8007471-6_fixup.patch \ + patches/security/20130618/8007812-getenclosingmethod.patch \ + patches/security/20130618/8008120-improve_jmx_class_checking.patch \ + patches/security/20130618/8008124-better_compliance_testing.patch \ + patches/security/20130618/8008128-better_jmx_api_coherence.patch \ + patches/security/20130618/8008132-better_serialization.patch \ + patches/security/20130618/8008585-jmx_data_handling.patch \ + patches/security/20130618/8008593-better_urlclassloader.patch \ + patches/security/20130618/8008603-jmx_provider_provision.patch \ + patches/security/20130618/8008611-jmx_annotations.patch \ + patches/security/20130618/8008611-6_fixup.patch \ + patches/security/20130618/8008615-jmx_internal_api_robustness.patch \ + patches/security/20130618/8008623-mbeanserver_handling.patch \ + patches/security/20130618/8008744-6741606_rework.patch \ + patches/security/20130618/8008982-jmx_interface_changes.patch \ + patches/security/20130618/8009004-rmi_connection_improvement.patch \ + patches/security/20130618/8009013-t2k_glyphs.patch \ + patches/security/20130618/8009034-jmx_notification_improvement.patch \ + patches/security/20130618/8009038-jmx_notification_support_improvement.patch \ + patches/security/20130618/8009067-improve_key_storing.patch \ + patches/security/20130618/8009235-improve_tsa_data_handling.patch \ + patches/security/20130618/8009554-serialjavaobject.patch \ + patches/openjdk/6888167-medialib_memory_leaks.patch \ + patches/security/20130618/8011243-improve_imaginglib.patch \ + patches/security/20130618/8011248-better_component_rasters.patch \ + patches/security/20130618/8011253-better_short_component_rasters.patch \ + patches/security/20130618/8011257-better_byte_component_rasters.patch \ + patches/security/20130618/8011557-improve_reflection.patch \ + patches/security/20130618/8012421-better_positioning.patch \ + patches/security/20130618/8012438-better_image_validation.patch \ + patches/security/20130618/8012597-better_image_channel_validation.patch \ + patches/security/20130618/8012601-better_layout_validation.patch \ + patches/security/20130618/8014281-better_xml_signature_checking.patch \ + patches/security/20130618/diamond_fix.patch \ + patches/security/20130618/handle_npe.patch \ + patches/security/20130618/javac_issue.patch \ + patches/security/20130618/7158805-nested_subroutine_rewriting.patch \ + patches/security/20130618/8001330-checking_order_improvement.patch \ + patches/openjdk/7036747-elfstringtable.patch \ + patches/openjdk/7017732-move_static_fields_to_class.patch \ + patches/openjdk/6990754-use_native_memory_for_symboltable.patch \ + patches/openjdk/7008809-report_class_in_arraystoreexception.patch \ + patches/openjdk/7086585-flexible_field_injection.patch \ + patches/security/20130618/hs_merge-01.patch \ + patches/security/20130618/hs_merge-02.patch \ + patches/security/20130618/hs_merge-03.patch \ + patches/openjdk/7014851-unused_parallel_compaction_code.patch \ + patches/security/20130618/hs_merge-04.patch \ + patches/security/20130618/8000642-better_transportation_handling.patch \ + patches/openjdk/6786028-wcag_bold_tags.patch \ + patches/openjdk/6786682-wcag_lang.patch \ + patches/openjdk/6802694-no_deprecated.patch \ + patches/openjdk/6786690-wcag_dl.patch \ + patches/openjdk/6786688-wcag_table.patch \ + patches/openjdk/6961178-doclet_xml.patch \ + patches/openjdk/6851834-restructure.patch \ + patches/openjdk/7006270-regressions.patch \ + patches/security/20130618/8012375-javadoc_framing.patch \ + patches/security/20130618/8015997-more_javadoc_framing.patch \ + patches/security/20130618/langtools_merge-01.patch \ + patches/security/20130618/langtools_merge-02.patch \ + patches/security/20130618/langtools_generics.patch \ + patches/security/20130618/langtools_merge-03.patch -SPECIAL_SECURITY_PATCH = patches/security/20120214/7112642.patch +SPECIAL_SECURITY_PATCH_1 = patches/security/20120214/7112642.patch +SPECIAL_SECURITY_PATCH_2 = patches/security/20130618/8009071-improve_shape_handling.patch ICEDTEA_PATCHES = \ $(DROP_PATCHES) \ @@ -355,13 +445,15 @@ patches/openjdk/6725214-direct3d-01.patch \ patches/openjdk/6748082-isDisplayLocal.patch \ patches/openjdk/6633275-shaped_translucent_windows.patch \ - $(SPECIAL_SECURITY_PATCH) \ + $(SPECIAL_SECURITY_PATCH_1) \ patches/openjdk/6769607-modal-hangs.patch \ patches/openjdk/6791612-opengl-jni-fix.patch \ patches/openjdk/6755274-glgetstring-crash.patch \ patches/openjdk/6984543-onscreen_rendering_resize_test.patch \ patches/openjdk/6693253-security_warning.patch \ patches/openjdk/6444769-windowwithwarningtest.patch \ + patches/openjdk/6656651-windows_lcd_glyphs.patch \ + $(SPECIAL_SECURITY_PATCH_2) \ patches/notice-safepoints.patch \ patches/parisc-opt.patch \ patches/lucene-crash.patch \ @@ -540,8 +632,6 @@ patches/ScriptEngineManager-doc.patch \ patches/openjdk/6883983-JarVerifier_removed_dependency_sun_security_pkcs.patch \ patches/openjdk/4465490-Suspicious_double-check_locking_idiom.patch \ - patches/idresolver_fix.patch \ - patches/apache-xml-internal-fix-bug-38655.patch \ patches/openjdk/6792400-Avoid_loading_Normalizer_resources.patch \ patches/openjdk/7088989-ucrypto_tests.patch \ patches/generalise_crypto_tests.patch \ @@ -563,18 +653,16 @@ patches/openjdk/7162902-corba_fixes.patch \ patches/traceable.patch \ patches/openjdk/7010849-modernise_sa.patch \ - patches/openjdk/8005615-failure_to_load_logger_implementation.patch \ patches/openjdk/8004341-jck_dialog_failure.patch \ patches/openjdk/8004341-jck_dialog_failure-02.patch \ patches/pr1319-support_giflib_5.patch \ - patches/openjdk/8007393.patch \ - patches/openjdk/8007611.patch \ patches/fix_get_stack_bounds_leak.patch \ patches/openjdk/7197906-handle_32_bit_shifts.patch \ patches/aarch64.patch \ patches/jaxws-tempfiles-ioutils-6.patch \ patches/object-factory-cl-internal.patch \ - patches/openjdk/8009530-icu_kern_table_support_broken.patch + patches/openjdk/8009530-icu_kern_table_support_broken.patch \ + patches/openjdk/7171223-strict_aliasing.patch if WITH_RHINO ICEDTEA_PATCHES += \ diff -r 36d69d052be1 -r 08ce3247b5b0 patches/apache-xml-internal-fix-bug-38655.patch --- a/patches/apache-xml-internal-fix-bug-38655.patch Thu Apr 25 14:14:05 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,11 +0,0 @@ -diff -u -r /jck/apache-xml/icedtea6/openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java security/c14n/implementations/NameSpaceSymbTable.java ---- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java 2011-11-14 23:11:46.000000000 +0100 -+++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java 2012-03-16 17:52:37.000000000 +0100 -@@ -370,6 +370,7 @@ - if (cur == null || (cur.equals( obj))) { - return index; - } -+ length=length-1; - do { - index=index==length? 0:++index; - cur = set[index]; diff -r 36d69d052be1 -r 08ce3247b5b0 patches/idresolver_fix.patch --- a/patches/idresolver_fix.patch Thu Apr 25 14:14:05 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,194 +0,0 @@ ---- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java 2012-03-20 20:29:30.000000000 +0100 -+++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java 2012-03-20 22:18:41.094309861 +0100 -@@ -26,6 +26,7 @@ - import org.w3c.dom.Attr; - import org.w3c.dom.Document; - import org.w3c.dom.Element; -+import org.w3c.dom.NamedNodeMap; - import org.w3c.dom.Node; - - import java.util.Arrays; -@@ -175,69 +176,124 @@ - return null; - } - -+ private static java.util.List names; -+ private static int namesLength; -+ static { -+ String namespaces[]={ -+ Constants.SignatureSpecNS, -+ EncryptionConstants.EncryptionSpecNS, -+ "http://schemas.xmlsoap.org/soap/security/2000-12", -+ "http://www.w3.org/2002/03/xkms#", -+ "urn:oasis:names:tc:SAML:1.0:assertion", -+ "urn:oasis:names:tc:SAML:1.0:protocol" -+ }; -+ names = Arrays.asList(namespaces); -+ namesLength = names.size(); -+ } - -- static java.util.List names; -- static { -- String namespaces[]={ Constants.SignatureSpecNS, -- EncryptionConstants.EncryptionSpecNS, -- "http://schemas.xmlsoap.org/soap/security/2000-12", -- "http://www.w3.org/2002/03/xkms#" -- }; -- names=Arrays.asList(namespaces); -- } - -+ private static Element getElementBySearching(Node root,String id) { -+ Element []els=new Element[namesLength + 1]; -+ getEl(root,id,els); -+ for (int i=0;i2) -+ continue; -+ String value=n.getNodeValue(); -+ if (name.charAt(0)=='I') { -+ char ch=name.charAt(1); -+ if (ch=='d' && value.equals(id)) { -+ els[index]=el; -+ if (index==0) { - return 1; -- sibling=sibling.getNextSibling(); -+ } -+ } else if (ch=='D' &&value.endsWith(id)) { -+ if (index!=3) { -+ index=namesLength; -+ } -+ els[index]=el; - } -- } -- return 0; -- } -- -+ } else if ( "id".equals(name) && value.equals(id) ) { -+ if (index!=2) { -+ index=namesLength; -+ } -+ els[index]=el; -+ } -+ } -+ //For an element namespace search for importants -+ if ((elementIndex==3)&&( -+ el.getAttribute("OriginalRequestID").equals(id) || -+ el.getAttribute("RequestID").equals(id) || -+ el.getAttribute("ResponseID").equals(id))) { -+ els[3]=el; -+ } else if ((elementIndex==4)&&( -+ el.getAttribute("AssertionID").equals(id))) { -+ els[4]=el; -+ } else if ((elementIndex==5)&&( -+ el.getAttribute("RequestID").equals(id) || -+ el.getAttribute("ResponseID").equals(id))) { -+ els[5]=el; -+ } -+ return 0; -+ } - } diff -r 36d69d052be1 -r 08ce3247b5b0 patches/openjdk/6307603-xrender-01.patch --- a/patches/openjdk/6307603-xrender-01.patch Thu Apr 25 14:14:05 2013 +0100 +++ b/patches/openjdk/6307603-xrender-01.patch Sat Jun 22 16:38:24 2013 -0500 @@ -1,6 +1,6 @@ diff -Nru openjdk.orig/jdk/make/sun/awt/mapfile-mawt-vers openjdk/jdk/make/sun/awt/mapfile-mawt-vers ---- openjdk.orig/jdk/make/sun/awt/mapfile-mawt-vers 2011-02-17 16:00:41.000000000 +0000 -+++ openjdk/jdk/make/sun/awt/mapfile-mawt-vers 2011-02-17 16:52:48.186147394 +0000 +--- openjdk.orig/jdk/make/sun/awt/mapfile-mawt-vers 2013-06-22 16:01:50.561607738 -0500 ++++ openjdk/jdk/make/sun/awt/mapfile-mawt-vers 2013-06-22 16:16:23.516699861 -0500 @@ -312,6 +312,7 @@ Java_sun_awt_X11GraphicsEnvironment_initGLX; Java_sun_awt_X11GraphicsEnvironment_pRunningXinerama; @@ -71,9 +71,9 @@ Java_sun_java2d_opengl_OGLContext_getOGLIdString; Java_sun_java2d_opengl_OGLMaskFill_maskFill; diff -Nru openjdk.orig/jdk/make/sun/awt/mapfile-vers-linux openjdk/jdk/make/sun/awt/mapfile-vers-linux ---- openjdk.orig/jdk/make/sun/awt/mapfile-vers-linux 2011-02-17 16:00:41.000000000 +0000 -+++ openjdk/jdk/make/sun/awt/mapfile-vers-linux 2011-02-17 16:52:48.186147394 +0000 -@@ -426,6 +426,7 @@ +--- openjdk.orig/jdk/make/sun/awt/mapfile-vers-linux 2013-06-22 16:01:50.740608553 -0500 ++++ openjdk/jdk/make/sun/awt/mapfile-vers-linux 2013-06-22 16:16:23.517699859 -0500 +@@ -428,6 +428,7 @@ Java_sun_awt_X11GraphicsEnvironment_initDisplay; Java_sun_awt_X11GraphicsEnvironment_pRunningXinerama; Java_sun_awt_X11GraphicsEnvironment_getXineramaCenterPoint; @@ -82,8 +82,8 @@ diff -Nru openjdk.orig/jdk/make/sun/headless/mapfile-vers openjdk/jdk/make/sun/headless/mapfile-vers ---- openjdk.orig/jdk/make/sun/headless/mapfile-vers 2011-02-17 16:00:33.000000000 +0000 -+++ openjdk/jdk/make/sun/headless/mapfile-vers 2011-02-17 16:52:48.186147394 +0000 +--- openjdk.orig/jdk/make/sun/headless/mapfile-vers 2013-06-22 16:01:48.352591297 -0500 ++++ openjdk/jdk/make/sun/headless/mapfile-vers 2013-06-22 16:16:23.518699857 -0500 @@ -46,17 +46,20 @@ Java_sun_java2d_x11_X11Renderer_XFillRoundRect; Java_sun_java2d_x11_X11Renderer_devCopyArea; @@ -112,8 +112,8 @@ Java_java_awt_Font_initIDs; Java_sun_font_FontManager_getFontConfig; diff -Nru openjdk.orig/jdk/make/sun/jawt/Makefile openjdk/jdk/make/sun/jawt/Makefile ---- openjdk.orig/jdk/make/sun/jawt/Makefile 2011-02-17 16:00:41.000000000 +0000 -+++ openjdk/jdk/make/sun/jawt/Makefile 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/make/sun/jawt/Makefile 2013-06-22 16:01:49.796603467 -0500 ++++ openjdk/jdk/make/sun/jawt/Makefile 2013-06-22 16:16:23.518699857 -0500 @@ -118,7 +118,7 @@ # Libraries to link in. # @@ -124,8 +124,8 @@ ifeq ($(PLATFORM), linux) diff -Nru openjdk.orig/jdk/make/sun/xawt/FILES_c_unix.gmk openjdk/jdk/make/sun/xawt/FILES_c_unix.gmk ---- openjdk.orig/jdk/make/sun/xawt/FILES_c_unix.gmk 2011-02-17 16:00:41.000000000 +0000 -+++ openjdk/jdk/make/sun/xawt/FILES_c_unix.gmk 2011-02-17 16:53:14.908062495 +0000 +--- openjdk.orig/jdk/make/sun/xawt/FILES_c_unix.gmk 2013-06-22 16:01:49.406600186 -0500 ++++ openjdk/jdk/make/sun/xawt/FILES_c_unix.gmk 2013-06-22 16:16:23.518699857 -0500 @@ -79,4 +79,7 @@ gtk2_interface.c \ swing_GTKEngine.c \ @@ -136,8 +136,8 @@ + XRBackendNative.c + diff -Nru openjdk.orig/jdk/make/sun/xawt/Makefile openjdk/jdk/make/sun/xawt/Makefile ---- openjdk.orig/jdk/make/sun/xawt/Makefile 2011-02-17 16:00:41.000000000 +0000 -+++ openjdk/jdk/make/sun/xawt/Makefile 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/make/sun/xawt/Makefile 2013-06-22 16:01:49.406600186 -0500 ++++ openjdk/jdk/make/sun/xawt/Makefile 2013-06-22 16:16:23.518699857 -0500 @@ -48,6 +48,11 @@ LDFLAGS += -L$(OPENWIN_LIB) @@ -169,8 +169,8 @@ ifeq ($(PLATFORM), linux) # Allows for builds on Debian GNU Linux, X11 is in a different place diff -Nru openjdk.orig/jdk/make/sun/xawt/mapfile-vers openjdk/jdk/make/sun/xawt/mapfile-vers ---- openjdk.orig/jdk/make/sun/xawt/mapfile-vers 2011-02-17 16:00:41.000000000 +0000 -+++ openjdk/jdk/make/sun/xawt/mapfile-vers 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/make/sun/xawt/mapfile-vers 2013-06-22 16:01:51.483611926 -0500 ++++ openjdk/jdk/make/sun/xawt/mapfile-vers 2013-06-22 16:16:23.518699857 -0500 @@ -186,6 +186,7 @@ Java_sun_font_FontManager_populateFontFileNameMap; Java_sun_awt_X11GraphicsEnvironment_initDisplay; @@ -179,7 +179,7 @@ Java_sun_awt_X11GraphicsEnvironment_checkShmExt; Java_sun_awt_X11GraphicsEnvironment_getNumScreens; Java_sun_awt_X11GraphicsEnvironment_getDefaultScreenNum; -@@ -337,21 +338,52 @@ +@@ -339,21 +340,52 @@ Java_sun_java2d_x11_X11Renderer_XFillRect; Java_sun_java2d_x11_X11Renderer_XFillRoundRect; Java_sun_java2d_x11_X11Renderer_devCopyArea; @@ -241,8 +241,8 @@ Java_com_sun_java_swing_plaf_gtk_GTKEngine_native_1paint_1arrow; Java_com_sun_java_swing_plaf_gtk_GTKEngine_native_1paint_1box; diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/GlyphDisposedListener.java openjdk/jdk/src/share/classes/sun/font/GlyphDisposedListener.java ---- openjdk.orig/jdk/src/share/classes/sun/font/GlyphDisposedListener.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/share/classes/sun/font/GlyphDisposedListener.java 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/classes/sun/font/GlyphDisposedListener.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/share/classes/sun/font/GlyphDisposedListener.java 2013-06-22 16:16:23.519699855 -0500 @@ -0,0 +1,32 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -277,8 +277,8 @@ + public void glyphDisposed(ArrayList glyphs); +} diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/StrikeCache.java openjdk/jdk/src/share/classes/sun/font/StrikeCache.java ---- openjdk.orig/jdk/src/share/classes/sun/font/StrikeCache.java 2011-02-17 16:00:33.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/font/StrikeCache.java 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/classes/sun/font/StrikeCache.java 2013-06-22 16:01:48.356591329 -0500 ++++ openjdk/jdk/src/share/classes/sun/font/StrikeCache.java 2013-06-22 16:16:23.519699855 -0500 @@ -31,6 +31,7 @@ import java.lang.ref.ReferenceQueue; import java.lang.ref.SoftReference; @@ -440,8 +440,8 @@ public static Reference getStrikeRef(FontStrike strike) { return getStrikeRef(strike, cacheRefTypeWeak); diff -Nru openjdk.orig/jdk/src/share/classes/sun/java2d/pipe/BufferedPaints.java openjdk/jdk/src/share/classes/sun/java2d/pipe/BufferedPaints.java ---- openjdk.orig/jdk/src/share/classes/sun/java2d/pipe/BufferedPaints.java 2011-01-20 23:54:26.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/java2d/pipe/BufferedPaints.java 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/classes/sun/java2d/pipe/BufferedPaints.java 2011-11-14 16:12:00.000000000 -0600 ++++ openjdk/jdk/src/share/classes/sun/java2d/pipe/BufferedPaints.java 2013-06-22 16:16:23.519699855 -0500 @@ -307,7 +307,7 @@ * linear RGB space. Copied directly from the * MultipleGradientPaintContext class. @@ -452,8 +452,8 @@ input = color / 255.0f; diff -Nru openjdk.orig/jdk/src/share/classes/sun/java2d/pipe/RenderBuffer.java openjdk/jdk/src/share/classes/sun/java2d/pipe/RenderBuffer.java ---- openjdk.orig/jdk/src/share/classes/sun/java2d/pipe/RenderBuffer.java 2011-01-20 23:54:26.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/java2d/pipe/RenderBuffer.java 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/classes/sun/java2d/pipe/RenderBuffer.java 2011-11-14 16:12:00.000000000 -0600 ++++ openjdk/jdk/src/share/classes/sun/java2d/pipe/RenderBuffer.java 2013-06-22 16:16:23.519699855 -0500 @@ -131,6 +131,11 @@ curAddress = baseAddress; } @@ -467,8 +467,8 @@ * putByte() methods... */ diff -Nru openjdk.orig/jdk/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine openjdk/jdk/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine ---- openjdk.orig/jdk/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2011-01-20 23:54:26.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2011-11-14 16:12:00.000000000 -0600 ++++ openjdk/jdk/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2013-06-22 16:16:23.519699855 -0500 @@ -1,2 +1,5 @@ +# Jules Rendering Engine module +sun.java2d.jules.JulesRenderingEngine @@ -478,8 +478,8 @@ +sun.java2d.pisces.PiscesRenderingEngine \ No newline at end of file diff -Nru openjdk.orig/jdk/src/share/native/sun/font/AccelGlyphCache.c openjdk/jdk/src/share/native/sun/font/AccelGlyphCache.c ---- openjdk.orig/jdk/src/share/native/sun/font/AccelGlyphCache.c 2011-02-17 16:00:33.000000000 +0000 -+++ openjdk/jdk/src/share/native/sun/font/AccelGlyphCache.c 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/native/sun/font/AccelGlyphCache.c 2013-06-22 16:01:48.363591389 -0500 ++++ openjdk/jdk/src/share/native/sun/font/AccelGlyphCache.c 2013-06-22 16:16:23.519699855 -0500 @@ -325,6 +325,7 @@ cellInfo->glyphInfo = glyph; cellInfo->nextGCI = glyph->cellInfo; @@ -489,8 +489,8 @@ /** diff -Nru openjdk.orig/jdk/src/share/native/sun/font/fontscalerdefs.h openjdk/jdk/src/share/native/sun/font/fontscalerdefs.h ---- openjdk.orig/jdk/src/share/native/sun/font/fontscalerdefs.h 2011-01-20 23:54:38.000000000 +0000 -+++ openjdk/jdk/src/share/native/sun/font/fontscalerdefs.h 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/native/sun/font/fontscalerdefs.h 2013-06-22 16:01:44.530580871 -0500 ++++ openjdk/jdk/src/share/native/sun/font/fontscalerdefs.h 2013-06-22 16:16:23.520699854 -0500 @@ -84,15 +84,26 @@ #define t2kScalarAverage(a, b) (((a) + (b)) / (t2kScalar)(2)) @@ -520,8 +520,8 @@ } GlyphInfo; diff -Nru openjdk.orig/jdk/src/share/native/sun/font/freetypeScaler.c openjdk/jdk/src/share/native/sun/font/freetypeScaler.c ---- openjdk.orig/jdk/src/share/native/sun/font/freetypeScaler.c 2011-02-17 16:00:43.000000000 +0000 -+++ openjdk/jdk/src/share/native/sun/font/freetypeScaler.c 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/native/sun/font/freetypeScaler.c 2013-06-22 16:01:50.403607017 -0500 ++++ openjdk/jdk/src/share/native/sun/font/freetypeScaler.c 2013-06-22 16:16:23.520699854 -0500 @@ -783,6 +783,7 @@ return ptr_to_jlong(glyphInfo); } @@ -540,8 +540,8 @@ point; and a second-order control point if unset. */ current_type = SEG_CUBICTO; diff -Nru openjdk.orig/jdk/src/share/native/sun/font/sunFont.c openjdk/jdk/src/share/native/sun/font/sunFont.c ---- openjdk.orig/jdk/src/share/native/sun/font/sunFont.c 2011-02-17 16:00:33.000000000 +0000 -+++ openjdk/jdk/src/share/native/sun/font/sunFont.c 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/native/sun/font/sunFont.c 2013-06-22 16:01:48.363591389 -0500 ++++ openjdk/jdk/src/share/native/sun/font/sunFont.c 2013-06-22 16:16:23.520699854 -0500 @@ -294,7 +294,8 @@ for (i=0; i< len; i++) { if (ptrs[i] != 0) { @@ -572,8 +572,8 @@ } diff -Nru openjdk.orig/jdk/src/share/native/sun/java2d/opengl/OGLTextRenderer.c openjdk/jdk/src/share/native/sun/java2d/opengl/OGLTextRenderer.c ---- openjdk.orig/jdk/src/share/native/sun/java2d/opengl/OGLTextRenderer.c 2011-01-20 23:54:39.000000000 +0000 -+++ openjdk/jdk/src/share/native/sun/java2d/opengl/OGLTextRenderer.c 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/share/native/sun/java2d/opengl/OGLTextRenderer.c 2011-11-14 16:12:13.000000000 -0600 ++++ openjdk/jdk/src/share/native/sun/java2d/opengl/OGLTextRenderer.c 2013-06-22 16:16:23.521699853 -0500 @@ -244,6 +244,7 @@ OGLTR_AddToGlyphCache(GlyphInfo *glyph, jboolean rgbOrder) { @@ -616,8 +616,8 @@ // location of the glyph in the destination's coordinate space diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java openjdk/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java ---- openjdk.orig/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java 2011-02-17 16:00:33.000000000 +0000 -+++ openjdk/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java 2013-06-22 16:01:48.369591440 -0500 ++++ openjdk/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java 2013-06-22 16:16:23.521699853 -0500 @@ -37,6 +37,7 @@ import java.util.HashMap; @@ -679,8 +679,8 @@ } } diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/awt/X11GraphicsEnvironment.java openjdk/jdk/src/solaris/classes/sun/awt/X11GraphicsEnvironment.java ---- openjdk.orig/jdk/src/solaris/classes/sun/awt/X11GraphicsEnvironment.java 2011-01-20 23:54:40.000000000 +0000 -+++ openjdk/jdk/src/solaris/classes/sun/awt/X11GraphicsEnvironment.java 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/awt/X11GraphicsEnvironment.java 2013-06-22 16:01:48.462592225 -0500 ++++ openjdk/jdk/src/solaris/classes/sun/awt/X11GraphicsEnvironment.java 2013-06-22 16:16:23.522699852 -0500 @@ -26,6 +26,7 @@ package sun.awt; @@ -764,8 +764,8 @@ * Checks if Shared Memory extension can be used. * Returns: diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/font/XRGlyphCacheEntry.java openjdk/jdk/src/solaris/classes/sun/font/XRGlyphCacheEntry.java ---- openjdk.orig/jdk/src/solaris/classes/sun/font/XRGlyphCacheEntry.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/font/XRGlyphCacheEntry.java 2011-02-17 16:52:48.198146458 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/font/XRGlyphCacheEntry.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/font/XRGlyphCacheEntry.java 2013-06-22 16:16:23.522699852 -0500 @@ -0,0 +1,206 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -974,8 +974,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/font/XRGlyphCache.java openjdk/jdk/src/solaris/classes/sun/font/XRGlyphCache.java ---- openjdk.orig/jdk/src/solaris/classes/sun/font/XRGlyphCache.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/font/XRGlyphCache.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/font/XRGlyphCache.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/font/XRGlyphCache.java 2013-06-22 16:16:23.522699852 -0500 @@ -0,0 +1,301 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -1279,8 +1279,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/font/XRTextRenderer.java openjdk/jdk/src/solaris/classes/sun/font/XRTextRenderer.java ---- openjdk.orig/jdk/src/solaris/classes/sun/font/XRTextRenderer.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/font/XRTextRenderer.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/font/XRTextRenderer.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/font/XRTextRenderer.java 2013-06-22 16:16:23.523699851 -0500 @@ -0,0 +1,152 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -1435,8 +1435,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/IdleTileCache.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/IdleTileCache.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/IdleTileCache.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/IdleTileCache.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/IdleTileCache.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/IdleTileCache.java 2013-06-22 16:16:23.523699851 -0500 @@ -0,0 +1,109 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -1548,8 +1548,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesAATileGenerator.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesAATileGenerator.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesAATileGenerator.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesAATileGenerator.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesAATileGenerator.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesAATileGenerator.java 2013-06-22 16:16:23.523699851 -0500 @@ -0,0 +1,349 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -1901,8 +1901,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesPathBuf.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesPathBuf.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesPathBuf.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesPathBuf.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesPathBuf.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesPathBuf.java 2013-06-22 16:16:23.524699850 -0500 @@ -0,0 +1,271 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -2176,8 +2176,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesRenderingEngine.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesRenderingEngine.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesRenderingEngine.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesRenderingEngine.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesRenderingEngine.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesRenderingEngine.java 2013-06-22 16:16:23.524699850 -0500 @@ -0,0 +1,54 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -2234,8 +2234,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesShapePipe.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesShapePipe.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesShapePipe.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesShapePipe.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesShapePipe.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesShapePipe.java 2013-06-22 16:16:23.524699850 -0500 @@ -0,0 +1,102 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -2340,8 +2340,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesTile.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesTile.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesTile.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesTile.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/JulesTile.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/JulesTile.java 2013-06-22 16:16:23.524699850 -0500 @@ -0,0 +1,67 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -2411,8 +2411,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/TileWorker.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/TileWorker.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/TileWorker.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/TileWorker.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/TileWorker.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/TileWorker.java 2013-06-22 16:16:23.524699850 -0500 @@ -0,0 +1,146 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -2561,8 +2561,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/TrapezoidList.java openjdk/jdk/src/solaris/classes/sun/java2d/jules/TrapezoidList.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/TrapezoidList.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/TrapezoidList.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/jules/TrapezoidList.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/jules/TrapezoidList.java 2013-06-22 16:16:23.524699850 -0500 @@ -0,0 +1,110 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -2675,8 +2675,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/SurfaceManagerFactory.java openjdk/jdk/src/solaris/classes/sun/java2d/SurfaceManagerFactory.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/SurfaceManagerFactory.java 2011-01-20 23:54:41.000000000 +0000 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/SurfaceManagerFactory.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/SurfaceManagerFactory.java 2011-11-14 16:12:15.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/SurfaceManagerFactory.java 2013-06-22 16:16:23.524699850 -0500 @@ -34,6 +34,8 @@ import sun.java2d.opengl.GLXGraphicsConfig; import sun.java2d.opengl.GLXVolatileSurfaceManager; @@ -2705,8 +2705,8 @@ return new X11VolatileSurfaceManager(vImg, context); } diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/x11/X11SurfaceData.java openjdk/jdk/src/solaris/classes/sun/java2d/x11/X11SurfaceData.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/x11/X11SurfaceData.java 2011-02-17 16:00:43.000000000 +0000 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/x11/X11SurfaceData.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/x11/X11SurfaceData.java 2013-06-22 16:01:50.582607833 -0500 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/x11/X11SurfaceData.java 2013-06-22 16:16:23.525699849 -0500 @@ -46,6 +46,7 @@ import sun.awt.SunToolkit; import sun.awt.X11ComponentPeer; @@ -2715,7 +2715,7 @@ import sun.awt.image.PixelConverter; import sun.font.X11TextRenderer; import sun.java2d.InvalidPipeException; -@@ -63,7 +64,7 @@ +@@ -64,7 +65,7 @@ import sun.java2d.pipe.TextPipe; import sun.java2d.pipe.Region; @@ -2724,7 +2724,7 @@ X11ComponentPeer peer; X11GraphicsConfig graphicsConfig; private RenderLoops solidloops; -@@ -73,8 +74,6 @@ +@@ -74,8 +75,6 @@ private static native void initIDs(Class xorComp, boolean tryDGA); protected native void initSurface(int depth, int width, int height, long drawable); @@ -2733,7 +2733,7 @@ public static final String DESC_INT_BGR_X11 = "Integer BGR Pixmap"; -@@ -199,7 +198,8 @@ +@@ -200,7 +199,8 @@ protected static boolean dgaAvailable; static { @@ -2743,7 +2743,7 @@ // If a screen magnifier is present, don't attempt to use DGA String magPresent = (String) java.security.AccessController.doPrivileged (new sun.security.action.GetPropertyAction("javax.accessibility.screen_magnifier_present")); -@@ -232,7 +232,7 @@ +@@ -233,7 +233,7 @@ X11PMBlitLoops.register(); X11PMBlitBgLoops.register(); } @@ -2752,7 +2752,7 @@ } /** -@@ -405,11 +405,11 @@ +@@ -420,11 +420,11 @@ cm, drawable, transparency); } @@ -2769,7 +2769,7 @@ protected X11SurfaceData(X11ComponentPeer peer, X11GraphicsConfig gc, -@@ -568,8 +568,6 @@ +@@ -583,8 +583,6 @@ return sType; } @@ -2778,7 +2778,7 @@ public void invalidate() { if (isValid()) { setInvalid(); -@@ -583,16 +581,9 @@ +@@ -598,16 +596,9 @@ * X11SurfaceData object. */ @@ -2796,8 +2796,8 @@ private long xgc; private Region validatedClip; diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/x11/XSurfaceData.java openjdk/jdk/src/solaris/classes/sun/java2d/x11/XSurfaceData.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/x11/XSurfaceData.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/x11/XSurfaceData.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/x11/XSurfaceData.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/x11/XSurfaceData.java 2013-06-22 16:16:23.525699849 -0500 @@ -0,0 +1,40 @@ +package sun.java2d.x11; + @@ -2840,8 +2840,8 @@ + protected static native void XSetGraphicsExposures(long xgc, boolean needExposures); +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/DirtyRegion.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/DirtyRegion.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/DirtyRegion.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/DirtyRegion.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/DirtyRegion.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/DirtyRegion.java 2013-06-22 16:16:23.525699849 -0500 @@ -0,0 +1,133 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -2977,8 +2977,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableByteArray.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableByteArray.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableByteArray.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableByteArray.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableByteArray.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableByteArray.java 2013-06-22 16:16:23.525699849 -0500 @@ -0,0 +1,127 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -3108,8 +3108,8 @@ + +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableEltArray.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableEltArray.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableEltArray.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableEltArray.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableEltArray.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableEltArray.java 2013-06-22 16:16:23.525699849 -0500 @@ -0,0 +1,84 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -3196,8 +3196,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableIntArray.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableIntArray.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableIntArray.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableIntArray.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableIntArray.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableIntArray.java 2013-06-22 16:16:23.526699847 -0500 @@ -0,0 +1,114 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -3314,8 +3314,8 @@ + +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowablePointArray.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowablePointArray.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowablePointArray.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowablePointArray.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowablePointArray.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowablePointArray.java 2013-06-22 16:16:23.526699847 -0500 @@ -0,0 +1,62 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -3380,8 +3380,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableRectArray.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableRectArray.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableRectArray.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableRectArray.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/GrowableRectArray.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/GrowableRectArray.java 2013-06-22 16:16:23.526699847 -0500 @@ -0,0 +1,79 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -3463,8 +3463,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MaskTile.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/MaskTile.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MaskTile.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/MaskTile.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MaskTile.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/MaskTile.java 2013-06-22 16:16:23.526699847 -0500 @@ -0,0 +1,166 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -3633,8 +3633,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MaskTileManager.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/MaskTileManager.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MaskTileManager.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/MaskTileManager.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MaskTileManager.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/MaskTileManager.java 2013-06-22 16:16:23.526699847 -0500 @@ -0,0 +1,327 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -3964,8 +3964,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MutableInteger.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/MutableInteger.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MutableInteger.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/MutableInteger.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/MutableInteger.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/MutableInteger.java 2013-06-22 16:16:23.527699845 -0500 @@ -0,0 +1,57 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -4025,8 +4025,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XcbRequestCounter.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XcbRequestCounter.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XcbRequestCounter.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XcbRequestCounter.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XcbRequestCounter.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XcbRequestCounter.java 2013-06-22 16:16:23.527699845 -0500 @@ -0,0 +1,59 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -4088,8 +4088,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XIDGenerator.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XIDGenerator.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XIDGenerator.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XIDGenerator.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XIDGenerator.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XIDGenerator.java 2013-06-22 16:16:23.527699845 -0500 @@ -0,0 +1,53 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -4145,8 +4145,8 @@ + private static native void bufferXIDs(int[] buffer, int arraySize); +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRBackend.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRBackend.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRBackend.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRBackend.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRBackend.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRBackend.java 2013-06-22 16:16:23.527699845 -0500 @@ -0,0 +1,117 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -4266,8 +4266,8 @@ + TrapezoidList trapList); +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRBackendNative.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRBackendNative.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRBackendNative.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRBackendNative.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRBackendNative.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRBackendNative.java 2013-06-22 16:16:23.527699845 -0500 @@ -0,0 +1,343 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -4613,8 +4613,8 @@ + int[] trapezoids); +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRColor.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRColor.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRColor.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRColor.java 2011-02-17 16:52:48.202146146 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRColor.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRColor.java 2013-06-22 16:16:23.528699843 -0500 @@ -0,0 +1,141 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -4758,8 +4758,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java 2013-06-22 16:16:23.528699843 -0500 @@ -0,0 +1,334 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -5096,8 +5096,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRDrawImage.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRDrawImage.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRDrawImage.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRDrawImage.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRDrawImage.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRDrawImage.java 2013-06-22 16:16:23.528699843 -0500 @@ -0,0 +1,67 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -5167,8 +5167,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRGraphicsConfig.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRGraphicsConfig.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRGraphicsConfig.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRGraphicsConfig.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRGraphicsConfig.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRGraphicsConfig.java 2013-06-22 16:16:23.528699843 -0500 @@ -0,0 +1,61 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -5232,8 +5232,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskBlit.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskBlit.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskBlit.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskBlit.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskBlit.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskBlit.java 2013-06-22 16:16:23.528699843 -0500 @@ -0,0 +1,94 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -5330,8 +5330,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskFill.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskFill.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskFill.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskFill.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskFill.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskFill.java 2013-06-22 16:16:23.528699843 -0500 @@ -0,0 +1,115 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -5449,8 +5449,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskImage.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskImage.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskImage.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskImage.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRMaskImage.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRMaskImage.java 2013-06-22 16:16:23.528699843 -0500 @@ -0,0 +1,129 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -5582,8 +5582,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRPaints.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRPaints.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRPaints.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRPaints.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRPaints.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRPaints.java 2013-06-22 16:16:23.529699842 -0500 @@ -0,0 +1,314 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -5900,8 +5900,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java 2013-06-22 16:16:23.529699842 -0500 @@ -0,0 +1,400 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -6304,8 +6304,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRRenderer.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRRenderer.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRRenderer.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRRenderer.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRRenderer.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRRenderer.java 2013-06-22 16:16:23.530699841 -0500 @@ -0,0 +1,331 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -6639,8 +6639,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceData.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceData.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceData.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceData.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceData.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceData.java 2013-06-22 16:16:23.530699841 -0500 @@ -0,0 +1,668 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -7311,8 +7311,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceDataProxy.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceDataProxy.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceDataProxy.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceDataProxy.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceDataProxy.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRSurfaceDataProxy.java 2013-06-22 16:16:23.530699841 -0500 @@ -0,0 +1,83 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -7398,8 +7398,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRUtils.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRUtils.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRUtils.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRUtils.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRUtils.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRUtils.java 2013-06-22 16:16:23.530699841 -0500 @@ -0,0 +1,261 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -7663,8 +7663,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRVolatileSurfaceManager.java openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRVolatileSurfaceManager.java ---- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRVolatileSurfaceManager.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRVolatileSurfaceManager.java 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/classes/sun/java2d/xr/XRVolatileSurfaceManager.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/classes/sun/java2d/xr/XRVolatileSurfaceManager.java 2013-06-22 16:16:23.530699841 -0500 @@ -0,0 +1,94 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -7761,8 +7761,8 @@ + } +} diff -Nru openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.c openjdk/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.c ---- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.c 2011-01-20 23:54:42.000000000 +0000 -+++ openjdk/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.c 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.c 2013-06-22 16:01:50.563607746 -0500 ++++ openjdk/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.c 2013-06-22 16:19:02.233536415 -0500 @@ -71,7 +71,7 @@ extern AwtGraphicsConfigDataPtr getGraphicsConfigFromComponentPeer(JNIEnv *env, jobject this); @@ -7772,7 +7772,7 @@ static int X11SD_FindClip(SurfaceDataBounds *b, SurfaceDataBounds *bounds, X11SDOps *xsdo); static int X11SD_ClipToRoot(SurfaceDataBounds *b, SurfaceDataBounds *bounds, -@@ -97,19 +97,10 @@ +@@ -98,19 +98,10 @@ #endif /* !HEADLESS */ @@ -7794,7 +7794,7 @@ char c[4]; int i; } endian; -@@ -117,20 +108,64 @@ +@@ -118,12 +109,32 @@ endian.i = 0xff000000; nativeByteOrder = (endian.c[0]) ? MSBFirst : LSBFirst; @@ -7806,32 +7806,8 @@ JNU_ThrowInternalError(env, "Private RasInfo structure too large!"); - return; + return JNI_FALSE; -+ } -+ -+#ifdef MITSHM -+ if (getenv("NO_AWT_MITSHM") == NULL && -+ getenv("NO_J2D_MITSHM") == NULL) { -+ char * force; -+ TryInitMITShm(env, &useMitShmExt, &useMitShmPixmaps); -+ -+ if(allowShmPixmaps) { -+ useMitShmPixmaps = (useMitShmPixmaps == CAN_USE_MITSHM); -+ force = getenv("J2D_PIXMAPS"); -+ if (force != NULL) { -+ if (useMitShmPixmaps && (strcmp(force, "shared") == 0)) { -+ forceSharedPixmaps = JNI_TRUE; -+ } else if (strcmp(force, "server") == 0) { -+ useMitShmPixmaps = JNI_FALSE; -+ } -+ } -+ }else { -+ useMitShmPixmaps = JNI_FALSE; -+ } } - -+ return JNI_TRUE; -+#endif /* MITSHM */ -+ ++} +#endif /* !HEADLESS */ +} + @@ -7849,10 +7825,10 @@ + if(XShared_initIDs(env, JNI_TRUE)) + { + void *lib = 0; -+ + xorCompClass = (*env)->NewGlobalRef(env, XORComp); - if (tryDGA && (getenv("NO_J2D_DGA") == NULL)) { +@@ -131,7 +142,7 @@ /* we use RTLD_NOW because of bug 4032715 */ lib = dlopen("libsunwjdga.so", RTLD_NOW); } @@ -7861,33 +7837,7 @@ if (lib != NULL) { JDgaStatus ret = JDGA_FAILED; void *sym = dlsym(lib, "JDgaLibInit"); -@@ -149,24 +184,7 @@ - lib = NULL; - } - } -- --#ifdef MITSHM -- if (getenv("NO_AWT_MITSHM") == NULL && -- getenv("NO_J2D_MITSHM") == NULL) { -- char * force; -- TryInitMITShm(env, &useMitShmExt, &useMitShmPixmaps); -- useMitShmPixmaps = (useMitShmPixmaps == CAN_USE_MITSHM); -- force = getenv("J2D_PIXMAPS"); -- if (force != NULL) { -- if (useMitShmPixmaps && (strcmp(force, "shared") == 0)) { -- forceSharedPixmaps = JNI_TRUE; -- } else if (strcmp(force, "server") == 0) { -- useMitShmPixmaps = JNI_FALSE; -- } -- } -- } --#endif /* MITSHM */ -- -+ } - #endif /* !HEADLESS */ - } - -@@ -176,7 +194,7 @@ +@@ -184,7 +195,7 @@ * Signature: ()Z */ JNIEXPORT jboolean JNICALL @@ -7896,7 +7846,7 @@ { jboolean ret = JNI_FALSE; -@@ -214,9 +232,9 @@ +@@ -239,9 +250,9 @@ * Signature: (Ljava/lang/Object;I)V */ JNIEXPORT void JNICALL @@ -7909,7 +7859,7 @@ { #ifndef HEADLESS X11SDOps *xsdo = (X11SDOps*)SurfaceData_InitOps(env, xsd, sizeof(X11SDOps)); -@@ -286,6 +304,8 @@ +@@ -311,6 +322,8 @@ } else { xsdo->pixelmask = 0xff; } @@ -7918,7 +7868,7 @@ #endif /* !HEADLESS */ } -@@ -295,7 +315,7 @@ +@@ -320,7 +333,7 @@ * Signature: ()V */ JNIEXPORT void JNICALL @@ -7927,7 +7877,7 @@ { #ifndef HEADLESS SurfaceDataOps *ops = SurfaceData_GetOps(env, xsd); -@@ -366,6 +386,11 @@ +@@ -391,6 +404,11 @@ XFreeGC(awt_display, xsdo->cachedGC); xsdo->cachedGC = NULL; } @@ -7939,7 +7889,7 @@ AWT_UNLOCK(); #endif /* !HEADLESS */ } -@@ -375,7 +400,7 @@ +@@ -400,7 +418,7 @@ * Signature: ()V */ JNIEXPORT void JNICALL @@ -7948,7 +7898,7 @@ { #ifndef HEADLESS X11SDOps *xsdo = (X11SDOps *) SurfaceData_GetOps(env, xsd); -@@ -386,29 +411,10 @@ +@@ -411,29 +429,10 @@ #endif /* !HEADLESS */ } @@ -7980,7 +7930,7 @@ if (drawable != (jlong)0) { /* Double-buffering */ -@@ -434,7 +440,7 @@ +@@ -459,7 +458,7 @@ if (xsdo->drawable) { xsdo->shmPMData.usingShmPixmap = JNI_TRUE; xsdo->shmPMData.shmPixmap = xsdo->drawable; @@ -7989,12 +7939,12 @@ } } #endif /* MITSHM */ -@@ -454,7 +460,40 @@ +@@ -479,7 +478,40 @@ if (xsdo->drawable == 0) { JNU_ThrowOutOfMemoryError(env, "Can't create offscreen surface"); + return JNI_FALSE; - } ++ } + + return JNI_TRUE; +#endif /* !HEADLESS */ @@ -8016,7 +7966,7 @@ + X11SDOps *xsdo = X11SurfaceData_GetOps(env, xsd); + if (xsdo == NULL) { + return; -+ } + } + + if (xsdo->configData->awt_cmap == (Colormap)NULL) { + awtJNI_CreateColorData(env, xsdo->configData, 1); @@ -8030,7 +7980,7 @@ #endif /* !HEADLESS */ } -@@ -700,7 +739,7 @@ +@@ -726,7 +758,7 @@ } #endif /* MITSHM */ @@ -8039,7 +7989,7 @@ { if (xsdo->isPixmap == JNI_TRUE) { return SD_FAILURE; -@@ -1549,7 +1588,7 @@ +@@ -1575,7 +1607,7 @@ * Signature: (I)J */ JNIEXPORT jlong JNICALL @@ -8048,7 +7998,7 @@ (JNIEnv *env, jclass xsd, jlong pXSData) { jlong ret; -@@ -1579,7 +1618,7 @@ +@@ -1605,7 +1637,7 @@ * Signature: (JIIIILsun/java2d/pipe/Region;)V */ JNIEXPORT void JNICALL @@ -8057,7 +8007,7 @@ (JNIEnv *env, jclass xsd, jlong xgc) { #ifndef HEADLESS -@@ -1594,7 +1633,7 @@ +@@ -1620,7 +1652,7 @@ * Signature: (JIIIILsun/java2d/pipe/Region;)V */ JNIEXPORT void JNICALL @@ -8066,7 +8016,7 @@ (JNIEnv *env, jclass xsd, jlong xgc, jint x1, jint y1, jint x2, jint y2, jobject complexclip) -@@ -1669,7 +1708,7 @@ +@@ -1695,7 +1727,7 @@ * Signature: (JZ)V */ JNIEXPORT void JNICALL @@ -8076,8 +8026,8 @@ { #ifndef HEADLESS diff -Nru openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.h openjdk/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.h ---- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.h 2011-01-20 23:54:42.000000000 +0000 -+++ openjdk/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.h 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.h 2011-11-14 16:12:16.000000000 -0600 ++++ openjdk/jdk/src/solaris/native/sun/java2d/x11/X11SurfaceData.h 2013-06-22 16:16:23.531699840 -0500 @@ -30,6 +30,8 @@ #include @@ -8106,8 +8056,8 @@ * This function returns a pointer to a native X11SDOps structure * for accessing the indicated X11 SurfaceData Java object. It diff -Nru openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/XRBackendNative.c openjdk/jdk/src/solaris/native/sun/java2d/x11/XRBackendNative.c ---- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/XRBackendNative.c 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/native/sun/java2d/x11/XRBackendNative.c 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/XRBackendNative.c 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/native/sun/java2d/x11/XRBackendNative.c 2013-06-22 16:16:23.532699839 -0500 @@ -0,0 +1,784 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. @@ -8894,8 +8844,8 @@ + (*env)->ReleasePrimitiveArrayCritical(env, trapArray, traps, JNI_ABORT); +} diff -Nru openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/XRSurfaceData.c openjdk/jdk/src/solaris/native/sun/java2d/x11/XRSurfaceData.c ---- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/XRSurfaceData.c 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/src/solaris/native/sun/java2d/x11/XRSurfaceData.c 2011-02-17 16:52:48.206145834 +0000 +--- openjdk.orig/jdk/src/solaris/native/sun/java2d/x11/XRSurfaceData.c 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/src/solaris/native/sun/java2d/x11/XRSurfaceData.c 2013-06-22 16:16:23.532699839 -0500 @@ -0,0 +1,116 @@ +/* + * Copyright 2010 Sun Microsystems, Inc. All Rights Reserved. diff -r 36d69d052be1 -r 08ce3247b5b0 patches/openjdk/6469266-xmlsec_1.4.2.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/6469266-xmlsec_1.4.2.patch Sat Jun 22 16:38:24 2013 -0500 @@ -0,0 +1,23876 @@ +# HG changeset patch +# User andrew +# Date 1371136223 -3600 +# Node ID a955a845f0d1b8e21e0780986d971b3712db26c7 +# Parent 2ae6d8da293f30c94c9478a6634c7a480328c5c5 +6469266: Integrate Apache XMLSec 1.4.2 into JDK 7 +Reviewed-by: valeriep + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java b/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java +@@ -20,12 +20,9 @@ + */ + package com.sun.org.apache.xml.internal.security; + +- +- + import java.io.InputStream; + import java.security.AccessController; + import java.security.PrivilegedAction; +- + import javax.xml.parsers.DocumentBuilder; + import javax.xml.parsers.DocumentBuilderFactory; + +@@ -51,7 +48,7 @@ + * done by calling {@link Init#init} which should be done in any static block + * of the files of this library. We ensure that this call is only executed once. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public final class Init { + +@@ -113,20 +110,19 @@ + dbf.setValidating(false); + + DocumentBuilder db = dbf.newDocumentBuilder(); +- + // We don't allow users to override the Apache XML Security + // configuration in the JRE. Users should use the standard security + // provider mechanism instead if implementing their own + // transform or canonicalization algorithms. +- // String cfile = System.getProperty("com.sun.org.apache.xml.internal.security.resource.config"); +- // InputStream is = +- // Class.forName("com.sun.org.apache.xml.internal.security.Init") +- // .getResourceAsStream(cfile != null ? cfile : "resource/config.xml"); ++ // InputStream is = Class.forName("com.sun.org.apache.xml.internal.security.Init").getResourceAsStream("resource/config.xml"); + InputStream is = (InputStream) AccessController.doPrivileged( + new PrivilegedAction() { + public Object run() { ++// String cfile = System.getProperty ++// ("com.sun.org.apache.xml.internal.security.resource.config"); + return getClass().getResourceAsStream +- ("resource/config.xml"); ++// (cfile != null ? cfile : "resource/config.xml"); ++ ("resource/config.xml"); + } + }); + +@@ -167,7 +163,7 @@ + // + // if (tag.equals("ResourceBundles")){ + // XX_configure_i18n_start = System.currentTimeMillis(); +-// Element resource=(Element)el; ++// Element resource=(Element)el; + // /* configure internationalization */ + // Attr langAttr = resource.getAttributeNode("defaultLanguageCode"); + // Attr countryAttr = resource.getAttributeNode("defaultCountryCode"); +@@ -202,11 +198,11 @@ + + if (currMeth.getDeclaringClass().getName() + .equals(JAVACLASS)) { +- log.log(java.util.logging.Level.FINE, currMeth.getDeclaringClass().toString()); ++ log.log(java.util.logging.Level.FINE, currMeth.getDe claringClass().toString()); + } + }*/ +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + URI + ", " ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Canonicalizer.register(" + URI + ", " + + JAVACLASS + ")"); + Canonicalizer.register(URI, JAVACLASS); + } catch (ClassNotFoundException e) { +@@ -233,9 +229,8 @@ + "JAVACLASS"); + try { + Class.forName(JAVACLASS); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transform.register(" + URI + ", " + JAVACLASS +- + ")"); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Transform.register(" + URI + ", " + JAVACLASS + ")"); + Transform.register(URI, JAVACLASS); + } catch (ClassNotFoundException e) { + Object exArgs[] = { URI, JAVACLASS }; +@@ -284,12 +279,11 @@ + // + // if (currMeth.getDeclaringClass().getName() + // .equals(JAVACLASS)) { +-// log.log(java.util.logging.Level.FINE, currMeth.getDeclaringClass().toString()); ++// log.log(java.util.logging.Level.FINE, currMeth.getDe claringClass().toString()); + // } + // } +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + URI + ", " +- + JAVACLASS + ")"); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "SignatureAlgorithm.register(" + URI + ", " + JAVACLASS + ")"); + SignatureAlgorithm.register(URI, JAVACLASS); + } catch (ClassNotFoundException e) { + Object exArgs[] = { URI, JAVACLASS }; +@@ -320,13 +314,11 @@ + "DESCRIPTION"); + + if ((Description != null) && (Description.length() > 0)) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " +- + Description); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " + Description); + } else { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS +- + ": For unknown purposes"); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": For unknown purposes"); + } + try { + ResourceResolver.register(JAVACLASS); +@@ -359,13 +351,11 @@ + "DESCRIPTION"); + + if ((Description != null) && (Description.length() > 0)) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " +- + Description); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": " + Description); + } else { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS +- + ": For unknown purposes"); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Register Resolver: " + JAVACLASS + ": For unknown purposes"); + } + + KeyResolver.register(JAVACLASS); +@@ -376,8 +366,8 @@ + + if (tag.equals("PrefixMappings")){ + XX_configure_reg_prefixes_start = System.currentTimeMillis(); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:"); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Now I try to bind prefixes:"); + + Element[] nl = XMLUtils.selectNodes(el.getFirstChild(), CONF_NS,"PrefixMapping"); + +@@ -386,8 +376,8 @@ + "namespace"); + String prefix = nl[i].getAttributeNS(null, + "prefix"); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Now I try to bind " + prefix + " to " + namespace); + com.sun.org.apache.xml.internal.security.utils.ElementProxy + .setDefaultPrefix(namespace, prefix); + } +@@ -398,19 +388,19 @@ + long XX_init_end = System.currentTimeMillis(); + + //J- +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XX_init " + ((int)(XX_init_end - XX_init_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_prng " + ((int)(XX_prng_end - XX_prng_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_parsing " + ((int)(XX_parsing_end - XX_parsing_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_i18n " + ((int)(XX_configure_i18n_end- XX_configure_i18n_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_c14n " + ((int)(XX_configure_reg_c14n_end- XX_configure_reg_c14n_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_jcemapper " + ((int)(XX_configure_reg_jcemapper_end- XX_configure_reg_jcemapper_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyInfo " + ((int)(XX_configure_reg_keyInfo_end- XX_configure_reg_keyInfo_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyResolver " + ((int)(XX_configure_reg_keyResolver_end- XX_configure_reg_keyResolver_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_prefixes " + ((int)(XX_configure_reg_prefixes_end- XX_configure_reg_prefixes_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_resourceresolver " + ((int)(XX_configure_reg_resourceresolver_end- XX_configure_reg_resourceresolver_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_sigalgos " + ((int)(XX_configure_reg_sigalgos_end- XX_configure_reg_sigalgos_start)) + " ms"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " XX_configure_reg_transforms " + ((int)(XX_configure_reg_transforms_end- XX_configure_reg_transforms_start)) + " ms"); ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "XX_init " + ((int)(XX_init_end - XX_init_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_prng " + ((int)(XX_prng_end - XX_prng_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_parsing " + ((int)(XX_parsing_end - XX_parsing_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_i18n " + ((int)(XX_configure_i18n_end- XX_configure_i18n_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_c14n " + ((int)(XX_configure_reg_c14n_end- XX_configure_reg_c14n_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_jcemapper " + ((int)(XX_configure_reg_jcemapper_end- XX_configure_reg_jcemapper_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyInfo " + ((int)(XX_configure_reg_keyInfo_end- XX_configure_reg_keyInfo_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_keyResolver " + ((int)(XX_configure_reg_keyResolver_end- XX_configure_reg_keyResolver_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_prefixes " + ((int)(XX_configure_reg_prefixes_end- XX_configure_reg_prefixes_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_resourceresolver " + ((int)(XX_configure_reg_resourceresolver_end- XX_configure_reg_resourceresolver_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_sigalgos " + ((int)(XX_configure_reg_sigalgos_end- XX_configure_reg_sigalgos_start)) + " ms"); ++ log.log(java.util.logging.Level.FINE, " XX_configure_reg_transforms " + ((int)(XX_configure_reg_transforms_end- XX_configure_reg_transforms_start)) + " ms"); + } + } catch (Exception e) { + log.log(java.util.logging.Level.SEVERE, "Bad: ", e); +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java +@@ -24,7 +24,7 @@ + + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.utils.Constants; +-import com.sun.org.apache.xml.internal.security.utils.ElementProxy; ++import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +@@ -33,11 +33,7 @@ + * The Algorithm class which stores the Algorithm URI as a string. + * + */ +-public abstract class Algorithm extends ElementProxy { +- +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(Algorithm.class.getName()); ++public abstract class Algorithm extends SignatureElementProxy { + + /** + * +@@ -79,7 +75,7 @@ + */ + protected void setAlgorithmURI(String algorithmURI) { + +- if ((this._state == MODE_CREATE) && (algorithmURI != null)) { ++ if ( (algorithmURI != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, + algorithmURI); + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java +@@ -35,7 +35,7 @@ + /** + * This class maps algorithm identifier URIs to JAVA JCE class names. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class JCEMapper { + +@@ -45,9 +45,9 @@ + + + +- private static Map uriToJCEName = new HashMap(); ++ private static Map uriToJCEName; + +- private static Map algorithmsMap = new HashMap(); ++ private static Map algorithmsMap; + + private static String providerName = null; + /** +@@ -63,6 +63,8 @@ + + static void loadAlgorithms( Element algorithmsEl) { + Element[] algorithms = XMLUtils.selectNodes(algorithmsEl.getFirstChild(),Init.CONF_NS,"Algorithm"); ++ uriToJCEName = new HashMap( algorithms.length * 2); ++ algorithmsMap = new HashMap( algorithms.length * 2); + for (int i = 0 ;i < algorithms.length ;i ++) { + Element el = algorithms[i]; + String id = el.getAttribute("URI"); +@@ -70,6 +72,7 @@ + uriToJCEName.put(id, jceName); + algorithmsMap.put(id, new Algorithm(el)); + } ++ + } + + static Algorithm getAlgorithmMapping(String algoURI) { +@@ -84,8 +87,8 @@ + * + */ + public static String translateURItoJCEID(String AlgorithmURI) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI); + + String jceName = (String) uriToJCEName.get(AlgorithmURI); + return jceName; +@@ -100,8 +103,8 @@ + * + */ + public static String getAlgorithmClassFromURI(String AlgorithmURI) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Request for URI " + AlgorithmURI); + + return ((Algorithm) algorithmsMap.get(AlgorithmURI)).algorithmClass; + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java +@@ -20,10 +20,10 @@ + */ + package com.sun.org.apache.xml.internal.security.algorithms; + +- +- + import java.security.MessageDigest; + import java.security.NoSuchProviderException; ++import java.util.HashMap; ++import java.util.Map; + + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; + import com.sun.org.apache.xml.internal.security.utils.Constants; +@@ -41,11 +41,6 @@ + */ + public class MessageDigestAlgorithm extends Algorithm { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger( +- MessageDigestAlgorithm.class.getName()); +- + /** Message Digest - NOT RECOMMENDED MD5*/ + public static final String ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5 = Constants.MoreAlgorithmsSpecNS + "md5"; + /** Digest - Required SHA1*/ +@@ -76,6 +71,12 @@ + this.algorithm = messageDigest; + } + ++ static ThreadLocal instances=new ThreadLocal() { ++ protected Object initialValue() { ++ return new HashMap(); ++ }; ++ }; ++ + /** + * Factory method for constructing a message digest algorithm by name. + * +@@ -86,8 +87,15 @@ + */ + public static MessageDigestAlgorithm getInstance( + Document doc, String algorithmURI) throws XMLSignatureException { ++ MessageDigest md = getDigestInstance(algorithmURI); ++ return new MessageDigestAlgorithm(doc, md, algorithmURI); ++ } + +- String algorithmID = JCEMapper.translateURItoJCEID(algorithmURI); ++private static MessageDigest getDigestInstance(String algorithmURI) throws XMLSignatureException { ++ MessageDigest result=(MessageDigest) ((Map)instances.get()).get(algorithmURI); ++ if (result!=null) ++ return result; ++ String algorithmID = JCEMapper.translateURItoJCEID(algorithmURI); + + if (algorithmID == null) { + Object[] exArgs = { algorithmURI }; +@@ -113,8 +121,9 @@ + + throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); + } +- return new MessageDigestAlgorithm(doc, md, algorithmURI); +- } ++ ((Map)instances.get()).put(algorithmURI, md); ++ return md; ++} + + /** + * Returns the actual {@link java.security.MessageDigest} algorithm object +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java +@@ -25,6 +25,7 @@ + import java.security.SecureRandom; + import java.security.spec.AlgorithmParameterSpec; + import java.util.HashMap; ++import java.util.Map; + + import com.sun.org.apache.xml.internal.security.algorithms.implementations.IntegrityHmac; + import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException; +@@ -52,9 +53,35 @@ + /** All available algorithm classes are registered here */ + static HashMap _algorithmHash = null; + ++ static ThreadLocal instancesSigning=new ThreadLocal() { ++ protected Object initialValue() { ++ return new HashMap(); ++ }; ++ }; ++ ++ static ThreadLocal instancesVerify=new ThreadLocal() { ++ protected Object initialValue() { ++ return new HashMap(); ++ }; ++ }; ++ ++ static ThreadLocal keysSigning=new ThreadLocal() { ++ protected Object initialValue() { ++ return new HashMap(); ++ }; ++ }; ++ static ThreadLocal keysVerify=new ThreadLocal() { ++ protected Object initialValue() { ++ return new HashMap(); ++ }; ++ }; ++// boolean isForSigning=false; ++ + /** Field _signatureAlgorithm */ + protected SignatureAlgorithmSpi _signatureAlgorithm = null; + ++ private String algorithmURI; ++ + /** + * Constructor SignatureAlgorithm + * +@@ -64,18 +91,49 @@ + */ + public SignatureAlgorithm(Document doc, String algorithmURI) + throws XMLSecurityException { ++ super(doc, algorithmURI); ++ this.algorithmURI = algorithmURI; ++ } + +- super(doc, algorithmURI); + +- try { ++ private void initializeAlgorithm(boolean isForSigning) throws XMLSignatureException { ++ if (_signatureAlgorithm!=null) { ++ return; ++ } ++ _signatureAlgorithm=isForSigning ? getInstanceForSigning(algorithmURI) : getInstanceForVerify(algorithmURI); ++ this._signatureAlgorithm ++ .engineGetContextFromElement(this._constructionElement); ++ } ++ private static SignatureAlgorithmSpi getInstanceForSigning(String algorithmURI) throws XMLSignatureException { ++ SignatureAlgorithmSpi result=(SignatureAlgorithmSpi) ((Map)instancesSigning.get()).get(algorithmURI); ++ if (result!=null) { ++ result.reset(); ++ return result; ++ } ++ result=buildSigner(algorithmURI, result); ++ ((Map)instancesSigning.get()).put(algorithmURI,result); ++ return result; ++ } ++ private static SignatureAlgorithmSpi getInstanceForVerify(String algorithmURI) throws XMLSignatureException { ++ SignatureAlgorithmSpi result=(SignatureAlgorithmSpi) ((Map)instancesVerify.get()).get(algorithmURI); ++ if (result!=null) { ++ result.reset(); ++ return result; ++ } ++ result=buildSigner(algorithmURI, result); ++ ((Map)instancesVerify.get()).put(algorithmURI,result); ++ return result; ++ } ++ ++ private static SignatureAlgorithmSpi buildSigner(String algorithmURI, SignatureAlgorithmSpi result) throws XMLSignatureException { ++ try { + Class implementingClass = + SignatureAlgorithm.getImplementingClass(algorithmURI); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \"" ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \"" + + implementingClass + "\""); +- +- this._signatureAlgorithm = +- (SignatureAlgorithmSpi) implementingClass.newInstance(); ++ result=(SignatureAlgorithmSpi) implementingClass.newInstance(); ++ return result; + } catch (IllegalAccessException ex) { + Object exArgs[] = { algorithmURI, ex.getMessage() }; + +@@ -92,7 +150,7 @@ + throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, + ex); + } +- } ++} + + /** + * Constructor SignatureAlgorithm +@@ -107,7 +165,8 @@ + throws XMLSecurityException { + + this(doc, algorithmURI); +- ++ this.algorithmURI=algorithmURI; ++ initializeAlgorithm(true); + this._signatureAlgorithm.engineSetHMACOutputLength(HMACOutputLength); + ((IntegrityHmac)this._signatureAlgorithm) + .engineAddContextToElement(this._constructionElement); +@@ -124,37 +183,7 @@ + throws XMLSecurityException { + + super(element, BaseURI); +- +- String algorithmURI = this.getURI(); +- +- try { +- Class implementingClass = +- SignatureAlgorithm.getImplementingClass(algorithmURI); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \"" +- + implementingClass + "\""); +- +- this._signatureAlgorithm = +- (SignatureAlgorithmSpi) implementingClass.newInstance(); +- +- this._signatureAlgorithm +- .engineGetContextFromElement(this._constructionElement); +- } catch (IllegalAccessException ex) { +- Object exArgs[] = { algorithmURI, ex.getMessage() }; +- +- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, +- ex); +- } catch (InstantiationException ex) { +- Object exArgs[] = { algorithmURI, ex.getMessage() }; +- +- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, +- ex); +- } catch (NullPointerException ex) { +- Object exArgs[] = { algorithmURI, ex.getMessage() }; +- +- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs, +- ex); +- } ++ algorithmURI = this.getURI(); + } + + /** +@@ -175,7 +204,12 @@ + * @return the result of the {@link java.security.Signature#getAlgorithm} method + */ + public String getJCEAlgorithmString() { +- return this._signatureAlgorithm.engineGetJCEAlgorithmString(); ++ try { ++ return getInstanceForVerify(algorithmURI).engineGetJCEAlgorithmString(); ++ } catch (XMLSignatureException e) { ++ //Ignore. ++ return null; ++ } + } + + /** +@@ -184,7 +218,11 @@ + * @return The Provider of this Signature Alogrithm + */ + public String getJCEProviderName() { +- return this._signatureAlgorithm.engineGetJCEProviderName(); ++ try { ++ return getInstanceForVerify(algorithmURI).engineGetJCEProviderName(); ++ } catch (XMLSignatureException e) { ++ return null; ++ } + } + + /** +@@ -231,7 +269,13 @@ + * @throws XMLSignatureException + */ + public void initSign(Key signingKey) throws XMLSignatureException { +- this._signatureAlgorithm.engineInitSign(signingKey); ++ initializeAlgorithm(true); ++ Map map=(Map)keysSigning.get(); ++ if (map.get(this.algorithmURI)==signingKey) { ++ return; ++ } ++ map.put(this.algorithmURI,signingKey); ++ this._signatureAlgorithm.engineInitSign(signingKey); + } + + /** +@@ -244,6 +288,7 @@ + */ + public void initSign(Key signingKey, SecureRandom secureRandom) + throws XMLSignatureException { ++ initializeAlgorithm(true); + this._signatureAlgorithm.engineInitSign(signingKey, secureRandom); + } + +@@ -258,6 +303,7 @@ + public void initSign( + Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) + throws XMLSignatureException { ++ initializeAlgorithm(true); + this._signatureAlgorithm.engineInitSign(signingKey, + algorithmParameterSpec); + } +@@ -282,7 +328,13 @@ + * @throws XMLSignatureException + */ + public void initVerify(Key verificationKey) throws XMLSignatureException { +- this._signatureAlgorithm.engineInitVerify(verificationKey); ++ initializeAlgorithm(false); ++ Map map=(Map)keysVerify.get(); ++ if (map.get(this.algorithmURI)==verificationKey) { ++ return; ++ } ++ map.put(this.algorithmURI,verificationKey); ++ this._signatureAlgorithm.engineInitVerify(verificationKey); + } + + /** +@@ -320,7 +372,7 @@ + .getLogger(SignatureAlgorithm.class.getName()); + } + +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Init() called"); ++ log.log(java.util.logging.Level.FINE, "Init() called"); + + if (!SignatureAlgorithm._alreadyInitialized) { + SignatureAlgorithm._algorithmHash = new HashMap(10); +@@ -340,8 +392,8 @@ + throws AlgorithmAlreadyRegisteredException,XMLSignatureException { + + { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass); + + // are we already registered? + Class registeredClassClass = +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java +@@ -20,27 +20,20 @@ + */ + package com.sun.org.apache.xml.internal.security.algorithms; + +- +- + import java.security.Key; + import java.security.SecureRandom; + import java.security.spec.AlgorithmParameterSpec; + + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; +-import org.w3c.dom.Document; + import org.w3c.dom.Element; + + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public abstract class SignatureAlgorithmSpi { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(SignatureAlgorithmSpi.class.getName()); +- + /** + * Returns the URI representation of Transformation algorithm + * +@@ -167,20 +160,6 @@ + protected abstract void engineSetParameter(AlgorithmParameterSpec params) + throws XMLSignatureException; + +- /** Field _doc */ +- Document _doc = null; +- +- /** +- * Method engineSetDocument +- * +- * @param doc +- */ +- protected void engineSetDocument(Document doc) { +- this._doc = doc; +- } +- +- /** Field _constructionElement */ +- Element _constructionElement = null; + + /** + * Method engineGetContextFromElement +@@ -188,7 +167,6 @@ + * @param element + */ + protected void engineGetContextFromElement(Element element) { +- this._constructionElement = element; + } + + /** +@@ -199,4 +177,7 @@ + */ + protected abstract void engineSetHMACOutputLength(int HMACOutputLength) + throws XMLSignatureException; ++ ++ public void reset() { ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java +@@ -45,7 +45,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public abstract class IntegrityHmac extends SignatureAlgorithmSpi { + +@@ -80,8 +80,8 @@ + public IntegrityHmac() throws XMLSignatureException { + + String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Created IntegrityHmacSHA1 using " + algorithmID); + + try { + this._macAlgorithm = Mac.getInstance(algorithmID); +@@ -105,6 +105,10 @@ + throw new XMLSignatureException("empty"); + } + ++ public void reset() { ++ _HMACOutputLength=0; ++ } ++ + /** + * Proxy method for {@link java.security.Signature#verify(byte[])} + * which is executed on the internal {@link java.security.Signature} object. +@@ -153,7 +157,20 @@ + try { + this._macAlgorithm.init(secretKey); + } catch (InvalidKeyException ex) { +- throw new XMLSignatureException("empty", ex); ++ // reinstantiate Mac object to work around bug in JDK ++ // see: http://bugs.sun.com/view_bug.do?bug_id=4953555 ++ Mac mac = this._macAlgorithm; ++ try { ++ this._macAlgorithm = Mac.getInstance ++ (_macAlgorithm.getAlgorithm()); ++ } catch (Exception e) { ++ // this shouldn't occur, but if it does, restore previous Mac ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Mac:" + e); ++ } ++ this._macAlgorithm = mac; ++ } ++ throw new XMLSignatureException("empty", ex); + } + } + +@@ -333,7 +350,7 @@ + */ + protected String engineGetJCEAlgorithmString() { + +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()"); ++ log.log(java.util.logging.Level.FINE, "engineGetJCEAlgorithmString()"); + + return this._macAlgorithm.getAlgorithm(); + } +@@ -407,7 +424,8 @@ + /** + * Class IntegrityHmacSHA1 + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public static class IntegrityHmacSHA1 extends IntegrityHmac { + +@@ -437,7 +455,8 @@ + /** + * Class IntegrityHmacSHA256 + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public static class IntegrityHmacSHA256 extends IntegrityHmac { + +@@ -467,7 +486,8 @@ + /** + * Class IntegrityHmacSHA384 + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public static class IntegrityHmacSHA384 extends IntegrityHmac { + +@@ -497,7 +517,8 @@ + /** + * Class IntegrityHmacSHA512 + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public static class IntegrityHmacSHA512 extends IntegrityHmac { + +@@ -527,7 +548,8 @@ + /** + * Class IntegrityHmacRIPEMD160 + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public static class IntegrityHmacRIPEMD160 extends IntegrityHmac { + +@@ -557,7 +579,8 @@ + /** + * Class IntegrityHmacMD5 + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public static class IntegrityHmacMD5 extends IntegrityHmac { + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java +@@ -3,7 +3,7 @@ + * DO NOT REMOVE OR ALTER! + */ + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 1999-2007 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.algorithms.implementations; + +- +- + import java.security.InvalidAlgorithmParameterException; + import java.security.InvalidKeyException; + import java.security.Key; +@@ -38,329 +36,344 @@ + import com.sun.org.apache.xml.internal.security.signature.XMLSignature; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi { + +- /** {@link java.util.logging} logging facility */ ++ /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(SignatureBaseRSA.class.getName()); ++ java.util.logging.Logger.getLogger ++ (SignatureBaseRSA.class.getName()); + + /** @inheritDoc */ +- public abstract String engineGetURI(); ++ public abstract String engineGetURI(); + +- /** Field algorithm */ +- private java.security.Signature _signatureAlgorithm = null; ++ /** Field algorithm */ ++ private java.security.Signature _signatureAlgorithm = null; + +- /** +- * Constructor SignatureRSA +- * +- * @throws XMLSignatureException +- */ +- public SignatureBaseRSA() throws XMLSignatureException { ++ /** ++ * Constructor SignatureRSA ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureBaseRSA() throws XMLSignatureException { + +- String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); ++ String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); + +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID); +- String provider=JCEMapper.getProviderId(); +- try { +- if (provider==null) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Created SignatureRSA using " + algorithmID); ++ String provider=JCEMapper.getProviderId(); ++ try { ++ if (provider==null) { + this._signatureAlgorithm = Signature.getInstance(algorithmID); +- } else { ++ } else { + this._signatureAlgorithm = Signature.getInstance(algorithmID,provider); +- } +- } catch (java.security.NoSuchAlgorithmException ex) { +- Object[] exArgs = { algorithmID, +- ex.getLocalizedMessage() }; ++ } ++ } catch (java.security.NoSuchAlgorithmException ex) { ++ Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; + +- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); +- } catch (NoSuchProviderException ex) { +- Object[] exArgs = { algorithmID, +- ex.getLocalizedMessage() }; ++ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); ++ } catch (NoSuchProviderException ex) { ++ Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; + +- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); ++ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); + } +- } ++ } + +- /** @inheritDoc */ +- protected void engineSetParameter(AlgorithmParameterSpec params) +- throws XMLSignatureException { ++ /** @inheritDoc */ ++ protected void engineSetParameter(AlgorithmParameterSpec params) ++ throws XMLSignatureException { + +- try { +- this._signatureAlgorithm.setParameter(params); +- } catch (InvalidAlgorithmParameterException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ try { ++ this._signatureAlgorithm.setParameter(params); ++ } catch (InvalidAlgorithmParameterException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** @inheritDoc */ +- protected boolean engineVerify(byte[] signature) +- throws XMLSignatureException { ++ /** @inheritDoc */ ++ protected boolean engineVerify(byte[] signature) ++ throws XMLSignatureException { + +- try { +- return this._signatureAlgorithm.verify(signature); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ try { ++ return this._signatureAlgorithm.verify(signature); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** @inheritDoc */ +- protected void engineInitVerify(Key publicKey) throws XMLSignatureException { ++ /** @inheritDoc */ ++ protected void engineInitVerify(Key publicKey) throws XMLSignatureException { + +- if (!(publicKey instanceof PublicKey)) { +- String supplied = publicKey.getClass().getName(); +- String needed = PublicKey.class.getName(); +- Object exArgs[] = { supplied, needed }; ++ if (!(publicKey instanceof PublicKey)) { ++ String supplied = publicKey.getClass().getName(); ++ String needed = PublicKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; + +- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", +- exArgs); +- } ++ throw new XMLSignatureException ++ ("algorithms.WrongKeyForThisOperation", exArgs); ++ } + +- try { +- this._signatureAlgorithm.initVerify((PublicKey) publicKey); +- } catch (InvalidKeyException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ try { ++ this._signatureAlgorithm.initVerify((PublicKey) publicKey); ++ } catch (InvalidKeyException ex) { ++ // reinstantiate Signature object to work around bug in JDK ++ // see: http://bugs.sun.com/view_bug.do?bug_id=4953555 ++ Signature sig = this._signatureAlgorithm; ++ try { ++ this._signatureAlgorithm = Signature.getInstance ++ (_signatureAlgorithm.getAlgorithm()); ++ } catch (Exception e) { ++ // this shouldn't occur, but if it does, restore previous ++ // Signature ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e); ++ } ++ this._signatureAlgorithm = sig; ++ } ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** @inheritDoc */ +- protected byte[] engineSign() throws XMLSignatureException { ++ /** @inheritDoc */ ++ protected byte[] engineSign() throws XMLSignatureException { ++ try { ++ return this._signatureAlgorithm.sign(); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- try { +- return this._signatureAlgorithm.sign(); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ /** @inheritDoc */ ++ protected void engineInitSign(Key privateKey, SecureRandom secureRandom) ++ throws XMLSignatureException { + +- /** @inheritDoc */ +- protected void engineInitSign(Key privateKey, SecureRandom secureRandom) +- throws XMLSignatureException { ++ if (!(privateKey instanceof PrivateKey)) { ++ String supplied = privateKey.getClass().getName(); ++ String needed = PrivateKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; + +- if (!(privateKey instanceof PrivateKey)) { +- String supplied = privateKey.getClass().getName(); +- String needed = PrivateKey.class.getName(); +- Object exArgs[] = { supplied, needed }; ++ throw new XMLSignatureException ++ ("algorithms.WrongKeyForThisOperation", exArgs); ++ } + +- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", +- exArgs); +- } ++ try { ++ this._signatureAlgorithm.initSign ++ ((PrivateKey) privateKey, secureRandom); ++ } catch (InvalidKeyException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- try { +- this._signatureAlgorithm.initSign((PrivateKey) privateKey, +- secureRandom); +- } catch (InvalidKeyException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ /** @inheritDoc */ ++ protected void engineInitSign(Key privateKey) throws XMLSignatureException { + +- /** @inheritDoc */ +- protected void engineInitSign(Key privateKey) throws XMLSignatureException { ++ if (!(privateKey instanceof PrivateKey)) { ++ String supplied = privateKey.getClass().getName(); ++ String needed = PrivateKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; + +- if (!(privateKey instanceof PrivateKey)) { +- String supplied = privateKey.getClass().getName(); +- String needed = PrivateKey.class.getName(); +- Object exArgs[] = { supplied, needed }; ++ throw new XMLSignatureException ++ ("algorithms.WrongKeyForThisOperation", exArgs); ++ } + +- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", +- exArgs); +- } ++ try { ++ this._signatureAlgorithm.initSign((PrivateKey) privateKey); ++ } catch (InvalidKeyException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- try { +- this._signatureAlgorithm.initSign((PrivateKey) privateKey); +- } catch (InvalidKeyException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ /** @inheritDoc */ ++ protected void engineUpdate(byte[] input) throws XMLSignatureException { ++ try { ++ this._signatureAlgorithm.update(input); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** @inheritDoc */ +- protected void engineUpdate(byte[] input) throws XMLSignatureException { ++ /** @inheritDoc */ ++ protected void engineUpdate(byte input) throws XMLSignatureException { ++ try { ++ this._signatureAlgorithm.update(input); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- try { +- this._signatureAlgorithm.update(input); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ /** @inheritDoc */ ++ protected void engineUpdate(byte buf[], int offset, int len) ++ throws XMLSignatureException { ++ try { ++ this._signatureAlgorithm.update(buf, offset, len); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** @inheritDoc */ +- protected void engineUpdate(byte input) throws XMLSignatureException { ++ /** @inheritDoc */ ++ protected String engineGetJCEAlgorithmString() { ++ return this._signatureAlgorithm.getAlgorithm(); ++ } + +- try { +- this._signatureAlgorithm.update(input); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ /** @inheritDoc */ ++ protected String engineGetJCEProviderName() { ++ return this._signatureAlgorithm.getProvider().getName(); ++ } + +- /** @inheritDoc */ +- protected void engineUpdate(byte buf[], int offset, int len) +- throws XMLSignatureException { ++ /** @inheritDoc */ ++ protected void engineSetHMACOutputLength(int HMACOutputLength) ++ throws XMLSignatureException { ++ throw new XMLSignatureException ++ ("algorithms.HMACOutputLengthOnlyForHMAC"); ++ } + +- try { +- this._signatureAlgorithm.update(buf, offset, len); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ /** @inheritDoc */ ++ protected void engineInitSign( ++ Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) ++ throws XMLSignatureException { ++ throw new XMLSignatureException( ++ "algorithms.CannotUseAlgorithmParameterSpecOnRSA"); ++ } + +- /** @inheritDoc */ +- protected String engineGetJCEAlgorithmString() { +- return this._signatureAlgorithm.getAlgorithm(); +- } ++ /** ++ * Class SignatureRSASHA1 ++ * ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ ++ */ ++ public static class SignatureRSASHA1 extends SignatureBaseRSA { + +- /** @inheritDoc */ +- protected String engineGetJCEProviderName() { +- return this._signatureAlgorithm.getProvider().getName(); +- } ++ /** ++ * Constructor SignatureRSASHA1 ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureRSASHA1() throws XMLSignatureException { ++ super(); ++ } + +- /** @inheritDoc */ +- protected void engineSetHMACOutputLength(int HMACOutputLength) +- throws XMLSignatureException { +- throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); +- } ++ /** @inheritDoc */ ++ public String engineGetURI() { ++ return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1; ++ } ++ } + +- /** @inheritDoc */ +- protected void engineInitSign( +- Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) +- throws XMLSignatureException { +- throw new XMLSignatureException( +- "algorithms.CannotUseAlgorithmParameterSpecOnRSA"); +- } ++ /** ++ * Class SignatureRSASHA256 ++ * ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ ++ */ ++ public static class SignatureRSASHA256 extends SignatureBaseRSA { + +- /** +- * Class SignatureRSASHA1 +- * +- * @author $Author: raul $ +- */ +- public static class SignatureRSASHA1 extends SignatureBaseRSA { ++ /** ++ * Constructor SignatureRSASHA256 ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureRSASHA256() throws XMLSignatureException { ++ super(); ++ } + +- /** +- * Constructor SignatureRSASHA1 +- * +- * @throws XMLSignatureException +- */ +- public SignatureRSASHA1() throws XMLSignatureException { +- super(); +- } ++ /** @inheritDoc */ ++ public String engineGetURI() { ++ return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256; ++ } ++ } + +- /** @inheritDoc */ +- public String engineGetURI() { +- return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1; +- } +- } ++ /** ++ * Class SignatureRSASHA384 ++ * ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ ++ */ ++ public static class SignatureRSASHA384 extends SignatureBaseRSA { + +- /** +- * Class SignatureRSASHA256 +- * +- * @author $Author: raul $ +- */ +- public static class SignatureRSASHA256 extends SignatureBaseRSA { ++ /** ++ * Constructor SignatureRSASHA384 ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureRSASHA384() throws XMLSignatureException { ++ super(); ++ } + +- /** +- * Constructor SignatureRSASHA256 +- * +- * @throws XMLSignatureException +- */ +- public SignatureRSASHA256() throws XMLSignatureException { +- super(); +- } ++ /** @inheritDoc */ ++ public String engineGetURI() { ++ return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384; ++ } ++ } + +- /** @inheritDoc */ +- public String engineGetURI() { +- return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256; +- } +- } ++ /** ++ * Class SignatureRSASHA512 ++ * ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ ++ */ ++ public static class SignatureRSASHA512 extends SignatureBaseRSA { + +- /** +- * Class SignatureRSASHA384 +- * +- * @author $Author: raul $ +- */ +- public static class SignatureRSASHA384 extends SignatureBaseRSA { ++ /** ++ * Constructor SignatureRSASHA512 ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureRSASHA512() throws XMLSignatureException { ++ super(); ++ } + +- /** +- * Constructor SignatureRSASHA384 +- * +- * @throws XMLSignatureException +- */ +- public SignatureRSASHA384() throws XMLSignatureException { +- super(); +- } ++ /** @inheritDoc */ ++ public String engineGetURI() { ++ return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512; ++ } ++ } + +- /** @inheritDoc */ +- public String engineGetURI() { +- return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384; +- } +- } ++ /** ++ * Class SignatureRSARIPEMD160 ++ * ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ ++ */ ++ public static class SignatureRSARIPEMD160 extends SignatureBaseRSA { + +- /** +- * Class SignatureRSASHA512 +- * +- * @author $Author: raul $ +- */ +- public static class SignatureRSASHA512 extends SignatureBaseRSA { ++ /** ++ * Constructor SignatureRSARIPEMD160 ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureRSARIPEMD160() throws XMLSignatureException { ++ super(); ++ } + +- /** +- * Constructor SignatureRSASHA512 +- * +- * @throws XMLSignatureException +- */ +- public SignatureRSASHA512() throws XMLSignatureException { +- super(); +- } ++ /** @inheritDoc */ ++ public String engineGetURI() { ++ return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160; ++ } ++ } + +- /** @inheritDoc */ +- public String engineGetURI() { +- return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512; +- } +- } ++ /** ++ * Class SignatureRSAMD5 ++ * ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ ++ */ ++ public static class SignatureRSAMD5 extends SignatureBaseRSA { + +- /** +- * Class SignatureRSARIPEMD160 +- * +- * @author $Author: raul $ +- */ +- public static class SignatureRSARIPEMD160 extends SignatureBaseRSA { ++ /** ++ * Constructor SignatureRSAMD5 ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureRSAMD5() throws XMLSignatureException { ++ super(); ++ } + +- /** +- * Constructor SignatureRSARIPEMD160 +- * +- * @throws XMLSignatureException +- */ +- public SignatureRSARIPEMD160() throws XMLSignatureException { +- super(); +- } +- +- /** @inheritDoc */ +- public String engineGetURI() { +- return XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160; +- } +- } +- +- /** +- * Class SignatureRSAMD5 +- * +- * @author $Author: raul $ +- */ +- public static class SignatureRSAMD5 extends SignatureBaseRSA { +- +- /** +- * Constructor SignatureRSAMD5 +- * +- * @throws XMLSignatureException +- */ +- public SignatureRSAMD5() throws XMLSignatureException { +- super(); +- } +- +- /** @inheritDoc */ +- public String engineGetURI() { +- return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5; +- } +- } ++ /** @inheritDoc */ ++ public String engineGetURI() { ++ return XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5; ++ } ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.algorithms.implementations; + +- +- + import java.io.IOException; + import java.security.InvalidAlgorithmParameterException; + import java.security.InvalidKeyException; +@@ -39,342 +37,359 @@ + import com.sun.org.apache.xml.internal.security.utils.Base64; + import com.sun.org.apache.xml.internal.security.utils.Constants; + +- + /** + * +- * @author $Author: vishal $ ++ * @author $Author: mullan $ + */ + public class SignatureDSA extends SignatureAlgorithmSpi { + +- /** {@link java.util.logging} logging facility */ ++ /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(SignatureDSA.class.getName()); + +- /** Field _URI */ +- public static final String _URI = Constants.SignatureSpecNS + "dsa-sha1"; ++ /** Field _URI */ ++ public static final String _URI = Constants.SignatureSpecNS + "dsa-sha1"; + +- /** Field algorithm */ +- private java.security.Signature _signatureAlgorithm = null; ++ /** Field algorithm */ ++ private java.security.Signature _signatureAlgorithm = null; + +- /** +- * Method engineGetURI +- * +- * @inheritDoc +- */ +- protected String engineGetURI() { +- return SignatureDSA._URI; +- } ++ /** ++ * Method engineGetURI ++ * ++ * @inheritDoc ++ */ ++ protected String engineGetURI() { ++ return SignatureDSA._URI; ++ } + +- /** +- * Constructor SignatureDSA +- * +- * @throws XMLSignatureException +- */ +- public SignatureDSA() throws XMLSignatureException { ++ /** ++ * Constructor SignatureDSA ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureDSA() throws XMLSignatureException { + +- String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA._URI); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID); ++ String algorithmID = JCEMapper.translateURItoJCEID(SignatureDSA._URI); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Created SignatureDSA using " + algorithmID); + +- try { +- this._signatureAlgorithm = Signature.getInstance(algorithmID); +- } catch (java.security.NoSuchAlgorithmException ex) { +- Object[] exArgs = { algorithmID, +- ex.getLocalizedMessage() }; ++ String provider = JCEMapper.getProviderId(); ++ try { ++ if (provider == null) { ++ this._signatureAlgorithm = Signature.getInstance(algorithmID); ++ } else { ++ this._signatureAlgorithm = ++ Signature.getInstance(algorithmID, provider); ++ } ++ } catch (java.security.NoSuchAlgorithmException ex) { ++ Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; ++ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); ++ } catch (java.security.NoSuchProviderException ex) { ++ Object[] exArgs = { algorithmID, ex.getLocalizedMessage() }; ++ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); ++ } ++ } + +- throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); +- } +- } ++ /** ++ * @inheritDoc ++ */ ++ protected void engineSetParameter(AlgorithmParameterSpec params) ++ throws XMLSignatureException { + +- /** +- * @inheritDoc +- */ +- protected void engineSetParameter(AlgorithmParameterSpec params) ++ try { ++ this._signatureAlgorithm.setParameter(params); ++ } catch (InvalidAlgorithmParameterException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** ++ * @inheritDoc ++ */ ++ protected boolean engineVerify(byte[] signature) + throws XMLSignatureException { + +- try { +- this._signatureAlgorithm.setParameter(params); +- } catch (InvalidAlgorithmParameterException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ try { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature)); + +- /** +- * @inheritDoc +- */ +- protected boolean engineVerify(byte[] signature) ++ byte[] jcebytes = SignatureDSA.convertXMLDSIGtoASN1(signature); ++ ++ return this._signatureAlgorithm.verify(jcebytes); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } catch (IOException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** ++ * @inheritDoc ++ */ ++ protected void engineInitVerify(Key publicKey) throws XMLSignatureException { ++ ++ if (!(publicKey instanceof PublicKey)) { ++ String supplied = publicKey.getClass().getName(); ++ String needed = PublicKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; ++ ++ throw new XMLSignatureException ++ ("algorithms.WrongKeyForThisOperation", exArgs); ++ } ++ ++ try { ++ this._signatureAlgorithm.initVerify((PublicKey) publicKey); ++ } catch (InvalidKeyException ex) { ++ // reinstantiate Signature object to work around bug in JDK ++ // see: http://bugs.sun.com/view_bug.do?bug_id=4953555 ++ Signature sig = this._signatureAlgorithm; ++ try { ++ this._signatureAlgorithm = Signature.getInstance ++ (_signatureAlgorithm.getAlgorithm()); ++ } catch (Exception e) { ++ // this shouldn't occur, but if it does, restore previous ++ // Signature ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e); ++ } ++ this._signatureAlgorithm = sig; ++ } ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** ++ * @inheritDoc ++ */ ++ protected byte[] engineSign() throws XMLSignatureException { ++ ++ try { ++ byte jcebytes[] = this._signatureAlgorithm.sign(); ++ ++ return SignatureDSA.convertASN1toXMLDSIG(jcebytes); ++ } catch (IOException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** ++ * @inheritDoc ++ */ ++ protected void engineInitSign(Key privateKey, SecureRandom secureRandom) + throws XMLSignatureException { + +- try { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Called DSA.verify() on " + Base64.encode(signature)); ++ if (!(privateKey instanceof PrivateKey)) { ++ String supplied = privateKey.getClass().getName(); ++ String needed = PrivateKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; + +- byte[] jcebytes = SignatureDSA.convertXMLDSIGtoASN1(signature); ++ throw new XMLSignatureException ++ ("algorithms.WrongKeyForThisOperation", exArgs); ++ } + +- return this._signatureAlgorithm.verify(jcebytes); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } catch (IOException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ try { ++ this._signatureAlgorithm.initSign((PrivateKey) privateKey, ++ secureRandom); ++ } catch (InvalidKeyException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** +- * @inheritDoc +- */ +- protected void engineInitVerify(Key publicKey) throws XMLSignatureException { ++ /** ++ * @inheritDoc ++ */ ++ protected void engineInitSign(Key privateKey) throws XMLSignatureException { + +- if (!(publicKey instanceof PublicKey)) { +- String supplied = publicKey.getClass().getName(); +- String needed = PublicKey.class.getName(); +- Object exArgs[] = { supplied, needed }; ++ if (!(privateKey instanceof PrivateKey)) { ++ String supplied = privateKey.getClass().getName(); ++ String needed = PrivateKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; + +- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", +- exArgs); +- } ++ throw new XMLSignatureException ++ ("algorithms.WrongKeyForThisOperation", exArgs); ++ } + +- try { +- this._signatureAlgorithm.initVerify((PublicKey) publicKey); +- } catch (InvalidKeyException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ try { ++ this._signatureAlgorithm.initSign((PrivateKey) privateKey); ++ } catch (InvalidKeyException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** +- * @inheritDoc +- */ +- protected byte[] engineSign() throws XMLSignatureException { ++ /** ++ * @inheritDoc ++ */ ++ protected void engineUpdate(byte[] input) throws XMLSignatureException { ++ try { ++ this._signatureAlgorithm.update(input); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- try { +- byte jcebytes[] = this._signatureAlgorithm.sign(); ++ /** ++ * @inheritDoc ++ */ ++ protected void engineUpdate(byte input) throws XMLSignatureException { ++ try { ++ this._signatureAlgorithm.update(input); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- return SignatureDSA.convertASN1toXMLDSIG(jcebytes); +- } catch (IOException ex) { +- throw new XMLSignatureException("empty", ex); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } ++ /** ++ * @inheritDoc ++ */ ++ protected void engineUpdate(byte buf[], int offset, int len) ++ throws XMLSignatureException { ++ try { ++ this._signatureAlgorithm.update(buf, offset, len); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } + +- /** +- * @inheritDoc +- */ +- protected void engineInitSign(Key privateKey, SecureRandom secureRandom) +- throws XMLSignatureException { ++ /** ++ * Method engineGetJCEAlgorithmString ++ * ++ * @inheritDoc ++ */ ++ protected String engineGetJCEAlgorithmString() { ++ return this._signatureAlgorithm.getAlgorithm(); ++ } + +- if (!(privateKey instanceof PrivateKey)) { +- String supplied = privateKey.getClass().getName(); +- String needed = PrivateKey.class.getName(); +- Object exArgs[] = { supplied, needed }; ++ /** ++ * Method engineGetJCEProviderName ++ * ++ * @inheritDoc ++ */ ++ protected String engineGetJCEProviderName() { ++ return this._signatureAlgorithm.getProvider().getName(); ++ } + +- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", +- exArgs); +- } +- +- try { +- this._signatureAlgorithm.initSign((PrivateKey) privateKey, +- secureRandom); +- } catch (InvalidKeyException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } +- +- /** +- * @inheritDoc +- */ +- protected void engineInitSign(Key privateKey) throws XMLSignatureException { +- +- if (!(privateKey instanceof PrivateKey)) { +- String supplied = privateKey.getClass().getName(); +- String needed = PrivateKey.class.getName(); +- Object exArgs[] = { supplied, needed }; +- +- throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", +- exArgs); +- } +- +- try { +- this._signatureAlgorithm.initSign((PrivateKey) privateKey); +- } catch (InvalidKeyException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } +- +- /** +- * @inheritDoc +- */ +- protected void engineUpdate(byte[] input) throws XMLSignatureException { +- +- try { +- this._signatureAlgorithm.update(input); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } +- +- /** +- * @inheritDoc +- */ +- protected void engineUpdate(byte input) throws XMLSignatureException { +- +- try { +- this._signatureAlgorithm.update(input); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } +- +- /** +- * @inheritDoc +- */ +- protected void engineUpdate(byte buf[], int offset, int len) +- throws XMLSignatureException { +- +- try { +- this._signatureAlgorithm.update(buf, offset, len); +- } catch (SignatureException ex) { +- throw new XMLSignatureException("empty", ex); +- } +- } +- +- /** +- * Method engineGetJCEAlgorithmString +- * +- * @inheritDoc +- */ +- protected String engineGetJCEAlgorithmString() { +- return this._signatureAlgorithm.getAlgorithm(); +- } +- +- /** +- * Method engineGetJCEProviderName +- * +- * @inheritDoc +- */ +- protected String engineGetJCEProviderName() { +- return this._signatureAlgorithm.getProvider().getName(); +- } +- +- +- /** +- * Converts an ASN.1 DSA value to a XML Signature DSA Value. +- * +- * The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value +- * pairs; the XML Signature requires the core BigInteger values. +- * +- * @param asn1Bytes +- * @return the decode bytes +- * +- * @throws IOException +- * @see 6.4.1 DSA +- */ +- private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) ++ /** ++ * Converts an ASN.1 DSA value to a XML Signature DSA Value. ++ * ++ * The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value ++ * pairs; the XML Signature requires the core BigInteger values. ++ * ++ * @param asn1Bytes ++ * @return the decode bytes ++ * ++ * @throws IOException ++ * @see 6.4.1 DSA ++ */ ++ private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) + throws IOException { + +- byte rLength = asn1Bytes[3]; +- int i; ++ byte rLength = asn1Bytes[3]; ++ int i; + +- for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--); ++ for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--); + +- byte sLength = asn1Bytes[5 + rLength]; +- int j; ++ byte sLength = asn1Bytes[5 + rLength]; ++ int j; + +- for (j = sLength; ++ for (j = sLength; + (j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--); + +- if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2) ++ if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2) + || (asn1Bytes[2] != 2) || (i > 20) + || (asn1Bytes[4 + rLength] != 2) || (j > 20)) { +- throw new IOException("Invalid ASN.1 format of DSA signature"); +- } +- byte xmldsigBytes[] = new byte[40]; ++ throw new IOException("Invalid ASN.1 format of DSA signature"); ++ } ++ byte xmldsigBytes[] = new byte[40]; + +- System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i, ++ System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 20 - i, + i); +- System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes, ++ System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes, + 40 - j, j); + +- return xmldsigBytes; +- } ++ return xmldsigBytes; ++ } + +- /** +- * Converts a XML Signature DSA Value to an ASN.1 DSA value. +- * +- * The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value +- * pairs; the XML Signature requires the core BigInteger values. +- * +- * @param xmldsigBytes +- * @return the encoded ASN.1 bytes +- * +- * @throws IOException +- * @see 6.4.1 DSA +- */ +- private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) ++ /** ++ * Converts a XML Signature DSA Value to an ASN.1 DSA value. ++ * ++ * The JAVA JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value ++ * pairs; the XML Signature requires the core BigInteger values. ++ * ++ * @param xmldsigBytes ++ * @return the encoded ASN.1 bytes ++ * ++ * @throws IOException ++ * @see 6.4.1 DSA ++ */ ++ private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) + throws IOException { + +- if (xmldsigBytes.length != 40) { +- throw new IOException("Invalid XMLDSIG format of DSA signature"); +- } ++ if (xmldsigBytes.length != 40) { ++ throw new IOException("Invalid XMLDSIG format of DSA signature"); ++ } + +- int i; ++ int i; + +- for (i = 20; (i > 0) && (xmldsigBytes[20 - i] == 0); i--); ++ for (i = 20; (i > 0) && (xmldsigBytes[20 - i] == 0); i--); + +- int j = i; ++ int j = i; + +- if (xmldsigBytes[20 - i] < 0) { ++ if (xmldsigBytes[20 - i] < 0) { + j += 1; +- } ++ } + +- int k; ++ int k; + +- for (k = 20; (k > 0) && (xmldsigBytes[40 - k] == 0); k--); ++ for (k = 20; (k > 0) && (xmldsigBytes[40 - k] == 0); k--); + +- int l = k; ++ int l = k; + +- if (xmldsigBytes[40 - k] < 0) { +- l += 1; +- } ++ if (xmldsigBytes[40 - k] < 0) { ++ l += 1; ++ } + +- byte asn1Bytes[] = new byte[6 + j + l]; ++ byte asn1Bytes[] = new byte[6 + j + l]; + +- asn1Bytes[0] = 48; +- asn1Bytes[1] = (byte) (4 + j + l); +- asn1Bytes[2] = 2; +- asn1Bytes[3] = (byte) j; ++ asn1Bytes[0] = 48; ++ asn1Bytes[1] = (byte) (4 + j + l); ++ asn1Bytes[2] = 2; ++ asn1Bytes[3] = (byte) j; + +- System.arraycopy(xmldsigBytes, 20 - i, asn1Bytes, (4 + j) - i, i); ++ System.arraycopy(xmldsigBytes, 20 - i, asn1Bytes, (4 + j) - i, i); + +- asn1Bytes[4 + j] = 2; +- asn1Bytes[5 + j] = (byte) l; ++ asn1Bytes[4 + j] = 2; ++ asn1Bytes[5 + j] = (byte) l; + +- System.arraycopy(xmldsigBytes, 40 - k, asn1Bytes, (6 + j + l) - k, k); ++ System.arraycopy(xmldsigBytes, 40 - k, asn1Bytes, (6 + j + l) - k, k); + +- return asn1Bytes; +- } ++ return asn1Bytes; ++ } + +- /** +- * Method engineSetHMACOutputLength +- * +- * @param HMACOutputLength +- * @throws XMLSignatureException +- */ +- protected void engineSetHMACOutputLength(int HMACOutputLength) +- throws XMLSignatureException { +- throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); +- } ++ /** ++ * Method engineSetHMACOutputLength ++ * ++ * @param HMACOutputLength ++ * @throws XMLSignatureException ++ */ ++ protected void engineSetHMACOutputLength(int HMACOutputLength) ++ throws XMLSignatureException { ++ throw new XMLSignatureException( ++ "algorithms.HMACOutputLengthOnlyForHMAC"); ++ } + +- /** +- * Method engineInitSign +- * +- * @param signingKey +- * @param algorithmParameterSpec +- * @throws XMLSignatureException +- */ +- protected void engineInitSign( +- Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) +- throws XMLSignatureException { +- throw new XMLSignatureException( +- "algorithms.CannotUseAlgorithmParameterSpecOnDSA"); +- } ++ /** ++ * Method engineInitSign ++ * ++ * @param signingKey ++ * @param algorithmParameterSpec ++ * @throws XMLSignatureException ++ */ ++ protected void engineInitSign( ++ Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) ++ throws XMLSignatureException { ++ throw new XMLSignatureException( ++ "algorithms.CannotUseAlgorithmParameterSpecOnDSA"); ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java +@@ -0,0 +1,384 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 1999-2004 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++package com.sun.org.apache.xml.internal.security.algorithms.implementations; ++ ++ ++ ++import java.io.IOException; ++import java.security.InvalidAlgorithmParameterException; ++import java.security.InvalidKeyException; ++import java.security.Key; ++import java.security.NoSuchProviderException; ++import java.security.PrivateKey; ++import java.security.PublicKey; ++import java.security.SecureRandom; ++import java.security.Signature; ++import java.security.SignatureException; ++import java.security.spec.AlgorithmParameterSpec; ++ ++import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; ++import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithmSpi; ++import com.sun.org.apache.xml.internal.security.signature.XMLSignature; ++import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; ++import com.sun.org.apache.xml.internal.security.utils.Base64; ++ ++ ++/** ++ * ++ * @author $Author: mullan $ ++ */ ++public abstract class SignatureECDSA extends SignatureAlgorithmSpi { ++ ++ /** {@link java.util.logging} logging facility */ ++ static java.util.logging.Logger log = ++ java.util.logging.Logger.getLogger(SignatureECDSA.class.getName()); ++ ++ /** @inheritDoc */ ++ public abstract String engineGetURI(); ++ ++ /** Field algorithm */ ++ private java.security.Signature _signatureAlgorithm = null; ++ ++ /** ++ * Converts an ASN.1 ECDSA value to a XML Signature ECDSA Value. ++ * ++ * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value ++ * pairs; the XML Signature requires the core BigInteger values. ++ * ++ * @param asn1Bytes ++ * @return the decode bytes ++ * ++ * @throws IOException ++ * @see 6.4.1 DSA ++ * @see 3.3. ECDSA Signatures ++ */ ++ private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) ++ throws IOException { ++ ++ byte rLength = asn1Bytes[3]; ++ int i; ++ ++ for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--); ++ ++ byte sLength = asn1Bytes[5 + rLength]; ++ int j; ++ ++ for (j = sLength; ++ (j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--); ++ ++ if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2) ++ || (asn1Bytes[2] != 2) || (i > 24) ++ || (asn1Bytes[4 + rLength] != 2) || (j > 24)) { ++ throw new IOException("Invalid ASN.1 format of ECDSA signature"); ++ } ++ byte xmldsigBytes[] = new byte[48]; ++ ++ System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, 24 - i, ++ i); ++ System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes, ++ 48 - j, j); ++ ++ return xmldsigBytes; ++ } ++ ++ /** ++ * Converts a XML Signature ECDSA Value to an ASN.1 DSA value. ++ * ++ * The JAVA JCE ECDSA Signature algorithm creates ASN.1 encoded (r,s) value ++ * pairs; the XML Signature requires the core BigInteger values. ++ * ++ * @param xmldsigBytes ++ * @return the encoded ASN.1 bytes ++ * ++ * @throws IOException ++ * @see 6.4.1 DSA ++ * @see 3.3. ECDSA Signatures ++ */ ++ private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) ++ throws IOException { ++ ++ if (xmldsigBytes.length != 48) { ++ throw new IOException("Invalid XMLDSIG format of ECDSA signature"); ++ } ++ ++ int i; ++ ++ for (i = 24; (i > 0) && (xmldsigBytes[24 - i] == 0); i--); ++ ++ int j = i; ++ ++ if (xmldsigBytes[24 - i] < 0) { ++ j += 1; ++ } ++ ++ int k; ++ ++ for (k = 24; (k > 0) && (xmldsigBytes[48 - k] == 0); k--); ++ ++ int l = k; ++ ++ if (xmldsigBytes[48 - k] < 0) { ++ l += 1; ++ } ++ ++ byte asn1Bytes[] = new byte[6 + j + l]; ++ ++ asn1Bytes[0] = 48; ++ asn1Bytes[1] = (byte) (4 + j + l); ++ asn1Bytes[2] = 2; ++ asn1Bytes[3] = (byte) j; ++ ++ System.arraycopy(xmldsigBytes, 24 - i, asn1Bytes, (4 + j) - i, i); ++ ++ asn1Bytes[4 + j] = 2; ++ asn1Bytes[5 + j] = (byte) l; ++ ++ System.arraycopy(xmldsigBytes, 48 - k, asn1Bytes, (6 + j + l) - k, k); ++ ++ return asn1Bytes; ++ } ++ ++ /** ++ * Constructor SignatureRSA ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureECDSA() throws XMLSignatureException { ++ ++ String algorithmID = JCEMapper.translateURItoJCEID(this.engineGetURI()); ++ ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Created SignatureECDSA using " + algorithmID); ++ String provider=JCEMapper.getProviderId(); ++ try { ++ if (provider==null) { ++ this._signatureAlgorithm = Signature.getInstance(algorithmID); ++ } else { ++ this._signatureAlgorithm = Signature.getInstance(algorithmID,provider); ++ } ++ } catch (java.security.NoSuchAlgorithmException ex) { ++ Object[] exArgs = { algorithmID, ++ ex.getLocalizedMessage() }; ++ ++ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); ++ } catch (NoSuchProviderException ex) { ++ Object[] exArgs = { algorithmID, ++ ex.getLocalizedMessage() }; ++ ++ throw new XMLSignatureException("algorithms.NoSuchAlgorithm", exArgs); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected void engineSetParameter(AlgorithmParameterSpec params) ++ throws XMLSignatureException { ++ ++ try { ++ this._signatureAlgorithm.setParameter(params); ++ } catch (InvalidAlgorithmParameterException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected boolean engineVerify(byte[] signature) ++ throws XMLSignatureException { ++ ++ try { ++ byte[] jcebytes = SignatureECDSA.convertXMLDSIGtoASN1(signature); ++ ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Called ECDSA.verify() on " + Base64.encode(signature)); ++ ++ return this._signatureAlgorithm.verify(jcebytes); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } catch (IOException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected void engineInitVerify(Key publicKey) throws XMLSignatureException { ++ ++ if (!(publicKey instanceof PublicKey)) { ++ String supplied = publicKey.getClass().getName(); ++ String needed = PublicKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; ++ ++ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", ++ exArgs); ++ } ++ ++ try { ++ this._signatureAlgorithm.initVerify((PublicKey) publicKey); ++ } catch (InvalidKeyException ex) { ++ // reinstantiate Signature object to work around bug in JDK ++ // see: http://bugs.sun.com/view_bug.do?bug_id=4953555 ++ Signature sig = this._signatureAlgorithm; ++ try { ++ this._signatureAlgorithm = Signature.getInstance ++ (_signatureAlgorithm.getAlgorithm()); ++ } catch (Exception e) { ++ // this shouldn't occur, but if it does, restore previous ++ // Signature ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e); ++ } ++ this._signatureAlgorithm = sig; ++ } ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected byte[] engineSign() throws XMLSignatureException { ++ ++ try { ++ byte jcebytes[] = this._signatureAlgorithm.sign(); ++ ++ return SignatureECDSA.convertASN1toXMLDSIG(jcebytes); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } catch (IOException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected void engineInitSign(Key privateKey, SecureRandom secureRandom) ++ throws XMLSignatureException { ++ ++ if (!(privateKey instanceof PrivateKey)) { ++ String supplied = privateKey.getClass().getName(); ++ String needed = PrivateKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; ++ ++ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", ++ exArgs); ++ } ++ ++ try { ++ this._signatureAlgorithm.initSign((PrivateKey) privateKey, ++ secureRandom); ++ } catch (InvalidKeyException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected void engineInitSign(Key privateKey) throws XMLSignatureException { ++ ++ if (!(privateKey instanceof PrivateKey)) { ++ String supplied = privateKey.getClass().getName(); ++ String needed = PrivateKey.class.getName(); ++ Object exArgs[] = { supplied, needed }; ++ ++ throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", ++ exArgs); ++ } ++ ++ try { ++ this._signatureAlgorithm.initSign((PrivateKey) privateKey); ++ } catch (InvalidKeyException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected void engineUpdate(byte[] input) throws XMLSignatureException { ++ ++ try { ++ this._signatureAlgorithm.update(input); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected void engineUpdate(byte input) throws XMLSignatureException { ++ ++ try { ++ this._signatureAlgorithm.update(input); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected void engineUpdate(byte buf[], int offset, int len) ++ throws XMLSignatureException { ++ ++ try { ++ this._signatureAlgorithm.update(buf, offset, len); ++ } catch (SignatureException ex) { ++ throw new XMLSignatureException("empty", ex); ++ } ++ } ++ ++ /** @inheritDoc */ ++ protected String engineGetJCEAlgorithmString() { ++ return this._signatureAlgorithm.getAlgorithm(); ++ } ++ ++ /** @inheritDoc */ ++ protected String engineGetJCEProviderName() { ++ return this._signatureAlgorithm.getProvider().getName(); ++ } ++ ++ /** @inheritDoc */ ++ protected void engineSetHMACOutputLength(int HMACOutputLength) ++ throws XMLSignatureException { ++ throw new XMLSignatureException("algorithms.HMACOutputLengthOnlyForHMAC"); ++ } ++ ++ /** @inheritDoc */ ++ protected void engineInitSign( ++ Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) ++ throws XMLSignatureException { ++ throw new XMLSignatureException( ++ "algorithms.CannotUseAlgorithmParameterSpecOnRSA"); ++ } ++ ++ /** ++ * Class SignatureRSASHA1 ++ * ++ * @author $Author: mullan $ ++ * @version $Revision: 1.2 $ ++ */ ++ public static class SignatureECDSASHA1 extends SignatureECDSA { ++ ++ /** ++ * Constructor SignatureRSASHA1 ++ * ++ * @throws XMLSignatureException ++ */ ++ public SignatureECDSASHA1() throws XMLSignatureException { ++ super(); ++ } ++ ++ /** @inheritDoc */ ++ public String engineGetURI() { ++ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1; ++ } ++ } ++ ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java +@@ -3,7 +3,7 @@ + * DO NOT REMOVE OR ALTER! + */ + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 1999-2008 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.c14n; + +- +- + import java.io.ByteArrayInputStream; + import java.io.OutputStream; + import java.util.HashMap; +@@ -37,318 +35,326 @@ + import org.w3c.dom.NodeList; + import org.xml.sax.InputSource; + +- + /** + * +- * + * @author Christian Geuer-Pollmann + */ + public class Canonicalizer { + +- //J- +- /** The output encoding of canonicalized data */ +- public static final String ENCODING = "UTF8"; ++ /** The output encoding of canonicalized data */ ++ public static final String ENCODING = "UTF8"; + ++ /** ++ * XPath Expresion for selecting every node and continuous comments joined ++ * in only one node ++ */ ++ public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE = ++ "(.//. | .//@* | .//namespace::*)"; + +- /** +- * XPath Expresion for selecting every node and continuos comments joined in only one node +- */ +- public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE = "(.//. | .//@* | .//namespace::*)"; +- +- +- /** ++ /** + * The URL defined in XML-SEC Rec for inclusive c14n without comments. + */ +- public static final String ALGO_ID_C14N_OMIT_COMMENTS = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; +- /** +- * The URL defined in XML-SEC Rec for inclusive c14n with comments. +- */ +- public static final String ALGO_ID_C14N_WITH_COMMENTS = ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments"; +- /** +- * The URL defined in XML-SEC Rec for exclusive c14n without comments. +- */ +- public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = "http://www.w3.org/2001/10/xml-exc-c14n#"; +- /** +- * The URL defined in XML-SEC Rec for exclusive c14n with comments. +- */ +- public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments"; ++ public static final String ALGO_ID_C14N_OMIT_COMMENTS = ++ "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; ++ /** ++ * The URL defined in XML-SEC Rec for inclusive c14n with comments. ++ */ ++ public static final String ALGO_ID_C14N_WITH_COMMENTS = ++ ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments"; ++ /** ++ * The URL defined in XML-SEC Rec for exclusive c14n without comments. ++ */ ++ public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = ++ "http://www.w3.org/2001/10/xml-exc-c14n#"; ++ /** ++ * The URL defined in XML-SEC Rec for exclusive c14n with comments. ++ */ ++ public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = ++ ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments"; ++ /** ++ * The URI for inclusive c14n 1.1 without comments. ++ */ ++ public static final String ALGO_ID_C14N11_OMIT_COMMENTS = ++ "http://www.w3.org/2006/12/xml-c14n11"; ++ /** ++ * The URI for inclusive c14n 1.1 with comments. ++ */ ++ public static final String ALGO_ID_C14N11_WITH_COMMENTS = ++ ALGO_ID_C14N11_OMIT_COMMENTS + "#WithComments"; + +- static boolean _alreadyInitialized = false; +- static Map _canonicalizerHash = null; ++ static boolean _alreadyInitialized = false; ++ static Map _canonicalizerHash = null; + +- protected CanonicalizerSpi canonicalizerSpi = null; +- //J+ ++ protected CanonicalizerSpi canonicalizerSpi = null; + +- /** +- * Method init +- * +- */ +- public static void init() { ++ /** ++ * Method init ++ * ++ */ ++ public static void init() { + +- if (!Canonicalizer._alreadyInitialized) { +- Canonicalizer._canonicalizerHash = new HashMap(10); +- Canonicalizer._alreadyInitialized = true; +- } +- } ++ if (!Canonicalizer._alreadyInitialized) { ++ Canonicalizer._canonicalizerHash = new HashMap(10); ++ Canonicalizer._alreadyInitialized = true; ++ } ++ } + +- /** +- * Constructor Canonicalizer +- * +- * @param algorithmURI +- * @throws InvalidCanonicalizerException +- */ +- private Canonicalizer(String algorithmURI) ++ /** ++ * Constructor Canonicalizer ++ * ++ * @param algorithmURI ++ * @throws InvalidCanonicalizerException ++ */ ++ private Canonicalizer(String algorithmURI) + throws InvalidCanonicalizerException { + +- try { +- Class implementingClass = getImplementingClass(algorithmURI); ++ try { ++ Class implementingClass = getImplementingClass(algorithmURI); + +- this.canonicalizerSpi = +- (CanonicalizerSpi) implementingClass.newInstance(); +- this.canonicalizerSpi.reset=true; +- } catch (Exception e) { +- Object exArgs[] = { algorithmURI }; ++ this.canonicalizerSpi = ++ (CanonicalizerSpi) implementingClass.newInstance(); ++ this.canonicalizerSpi.reset=true; ++ } catch (Exception e) { ++ Object exArgs[] = { algorithmURI }; + +- throw new InvalidCanonicalizerException( +- "signature.Canonicalizer.UnknownCanonicalizer", exArgs); +- } +- } ++ throw new InvalidCanonicalizerException( ++ "signature.Canonicalizer.UnknownCanonicalizer", exArgs); ++ } ++ } + +- /** +- * Method getInstance +- * +- * @param algorithmURI +- * @return a Conicicalizer instance ready for the job +- * @throws InvalidCanonicalizerException +- */ +- public static final Canonicalizer getInstance(String algorithmURI) ++ /** ++ * Method getInstance ++ * ++ * @param algorithmURI ++ * @return a Conicicalizer instance ready for the job ++ * @throws InvalidCanonicalizerException ++ */ ++ public static final Canonicalizer getInstance(String algorithmURI) + throws InvalidCanonicalizerException { + +- Canonicalizer c14nizer = new Canonicalizer(algorithmURI); ++ Canonicalizer c14nizer = new Canonicalizer(algorithmURI); + +- return c14nizer; +- } ++ return c14nizer; ++ } + +- /** +- * Method register +- * +- * @param algorithmURI +- * @param implementingClass +- * @throws AlgorithmAlreadyRegisteredException +- */ +- public static void register(String algorithmURI, String implementingClass) ++ /** ++ * Method register ++ * ++ * @param algorithmURI ++ * @param implementingClass ++ * @throws AlgorithmAlreadyRegisteredException ++ */ ++ public static void register(String algorithmURI, String implementingClass) + throws AlgorithmAlreadyRegisteredException { + +- // check whether URI is already registered +- Class registeredClass = getImplementingClass(algorithmURI); ++ // check whether URI is already registered ++ Class registeredClass = getImplementingClass(algorithmURI); + +- if (registeredClass != null) { +- Object exArgs[] = { algorithmURI, registeredClass }; ++ if (registeredClass != null) { ++ Object exArgs[] = { algorithmURI, registeredClass }; + +- throw new AlgorithmAlreadyRegisteredException( +- "algorithm.alreadyRegistered", exArgs); +- } ++ throw new AlgorithmAlreadyRegisteredException( ++ "algorithm.alreadyRegistered", exArgs); ++ } + +- try { +- _canonicalizerHash.put(algorithmURI, Class.forName(implementingClass)); ++ try { ++ _canonicalizerHash.put(algorithmURI, Class.forName(implementingClass)); + } catch (ClassNotFoundException e) { +- throw new RuntimeException("c14n class not found"); ++ throw new RuntimeException("c14n class not found"); + } +- } ++ } + +- /** +- * Method getURI +- * +- * @return the URI defined for this c14n instance. +- */ +- public final String getURI() { +- return this.canonicalizerSpi.engineGetURI(); +- } ++ /** ++ * Method getURI ++ * ++ * @return the URI defined for this c14n instance. ++ */ ++ public final String getURI() { ++ return this.canonicalizerSpi.engineGetURI(); ++ } + +- /** +- * Method getIncludeComments +- * +- * @return true if the c14n respect the comments. +- */ +- public boolean getIncludeComments() { +- return this.canonicalizerSpi.engineGetIncludeComments(); +- } ++ /** ++ * Method getIncludeComments ++ * ++ * @return true if the c14n respect the comments. ++ */ ++ public boolean getIncludeComments() { ++ return this.canonicalizerSpi.engineGetIncludeComments(); ++ } + +- /** +- * This method tries to canonicalize the given bytes. It's possible to even +- * canonicalize non-wellformed sequences if they are well-formed after being +- * wrapped with a >a<...>/a<. +- * +- * @param inputBytes +- * @return the result of the conicalization. +- * @throws CanonicalizationException +- * @throws java.io.IOException +- * @throws javax.xml.parsers.ParserConfigurationException +- * @throws org.xml.sax.SAXException +- */ +- public byte[] canonicalize(byte[] inputBytes) ++ /** ++ * This method tries to canonicalize the given bytes. It's possible to even ++ * canonicalize non-wellformed sequences if they are well-formed after being ++ * wrapped with a >a<...>/a<. ++ * ++ * @param inputBytes ++ * @return the result of the conicalization. ++ * @throws CanonicalizationException ++ * @throws java.io.IOException ++ * @throws javax.xml.parsers.ParserConfigurationException ++ * @throws org.xml.sax.SAXException ++ */ ++ public byte[] canonicalize(byte[] inputBytes) + throws javax.xml.parsers.ParserConfigurationException, + java.io.IOException, org.xml.sax.SAXException, + CanonicalizationException { + +- ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes); +- InputSource in = new InputSource(bais); +- DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance(); ++ ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes); ++ InputSource in = new InputSource(bais); ++ DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance(); + +- dfactory.setNamespaceAware(true); ++ dfactory.setNamespaceAware(true); + +- // needs to validate for ID attribute nomalization +- dfactory.setValidating(true); ++ // needs to validate for ID attribute nomalization ++ dfactory.setValidating(true); + +- DocumentBuilder db = dfactory.newDocumentBuilder(); ++ DocumentBuilder db = dfactory.newDocumentBuilder(); + +- /* +- * for some of the test vectors from the specification, +- * there has to be a validatin parser for ID attributes, default +- * attribute values, NMTOKENS, etc. +- * Unfortunaltely, the test vectors do use different DTDs or +- * even no DTD. So Xerces 1.3.1 fires many warnings about using +- * ErrorHandlers. +- * +- * Text from the spec: +- * +- * The input octet stream MUST contain a well-formed XML document, +- * but the input need not be validated. However, the attribute +- * value normalization and entity reference resolution MUST be +- * performed in accordance with the behaviors of a validating +- * XML processor. As well, nodes for default attributes (declared +- * in the ATTLIST with an AttValue but not specified) are created +- * in each element. Thus, the declarations in the document type +- * declaration are used to help create the canonical form, even +- * though the document type declaration is not retained in the +- * canonical form. +- * +- */ +- db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils +- .IgnoreAllErrorHandler()); ++ /* ++ * for some of the test vectors from the specification, ++ * there has to be a validatin parser for ID attributes, default ++ * attribute values, NMTOKENS, etc. ++ * Unfortunaltely, the test vectors do use different DTDs or ++ * even no DTD. So Xerces 1.3.1 fires many warnings about using ++ * ErrorHandlers. ++ * ++ * Text from the spec: ++ * ++ * The input octet stream MUST contain a well-formed XML document, ++ * but the input need not be validated. However, the attribute ++ * value normalization and entity reference resolution MUST be ++ * performed in accordance with the behaviors of a validating ++ * XML processor. As well, nodes for default attributes (declared ++ * in the ATTLIST with an AttValue but not specified) are created ++ * in each element. Thus, the declarations in the document type ++ * declaration are used to help create the canonical form, even ++ * though the document type declaration is not retained in the ++ * canonical form. ++ * ++ */ ++ db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils ++ .IgnoreAllErrorHandler()); + +- Document document = db.parse(in); +- byte result[] = this.canonicalizeSubtree(document); ++ Document document = db.parse(in); ++ byte result[] = this.canonicalizeSubtree(document); + +- return result; +- } ++ return result; ++ } + +- /** +- * Canonicalizes the subtree rooted by node. +- * +- * @param node The node to canicalize +- * @return the result of the c14n. +- * +- * @throws CanonicalizationException +- */ +- public byte[] canonicalizeSubtree(Node node) ++ /** ++ * Canonicalizes the subtree rooted by node. ++ * ++ * @param node The node to canicalize ++ * @return the result of the c14n. ++ * ++ * @throws CanonicalizationException ++ */ ++ public byte[] canonicalizeSubtree(Node node) + throws CanonicalizationException { +- return this.canonicalizerSpi.engineCanonicalizeSubTree(node); +- } ++ return this.canonicalizerSpi.engineCanonicalizeSubTree(node); ++ } + +- /** +- * Canonicalizes the subtree rooted by node. +- * +- * @param node +- * @param inclusiveNamespaces +- * @return the result of the c14n. +- * @throws CanonicalizationException +- */ +- public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces) ++ /** ++ * Canonicalizes the subtree rooted by node. ++ * ++ * @param node ++ * @param inclusiveNamespaces ++ * @return the result of the c14n. ++ * @throws CanonicalizationException ++ */ ++ public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces) + throws CanonicalizationException { +- return this.canonicalizerSpi.engineCanonicalizeSubTree(node, ++ return this.canonicalizerSpi.engineCanonicalizeSubTree(node, + inclusiveNamespaces); +- } ++ } + +- /** +- * Canonicalizes an XPath node set. The xpathNodeSet is treated +- * as a list of XPath nodes, not as a list of subtrees. +- * +- * @param xpathNodeSet +- * @return the result of the c14n. +- * @throws CanonicalizationException +- */ +- public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet) ++ /** ++ * Canonicalizes an XPath node set. The xpathNodeSet is treated ++ * as a list of XPath nodes, not as a list of subtrees. ++ * ++ * @param xpathNodeSet ++ * @return the result of the c14n. ++ * @throws CanonicalizationException ++ */ ++ public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet) + throws CanonicalizationException { +- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); +- } ++ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); ++ } + +- /** +- * Canonicalizes an XPath node set. The xpathNodeSet is treated +- * as a list of XPath nodes, not as a list of subtrees. +- * +- * @param xpathNodeSet +- * @param inclusiveNamespaces +- * @return the result of the c14n. +- * @throws CanonicalizationException +- */ +- public byte[] canonicalizeXPathNodeSet( ++ /** ++ * Canonicalizes an XPath node set. The xpathNodeSet is treated ++ * as a list of XPath nodes, not as a list of subtrees. ++ * ++ * @param xpathNodeSet ++ * @param inclusiveNamespaces ++ * @return the result of the c14n. ++ * @throws CanonicalizationException ++ */ ++ public byte[] canonicalizeXPathNodeSet( + NodeList xpathNodeSet, String inclusiveNamespaces) + throws CanonicalizationException { +- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, ++ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, + inclusiveNamespaces); +- } ++ } + +- /** +- * Canonicalizes an XPath node set. +- * +- * @param xpathNodeSet +- * @return the result of the c14n. +- * @throws CanonicalizationException +- */ +- public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet) ++ /** ++ * Canonicalizes an XPath node set. ++ * ++ * @param xpathNodeSet ++ * @return the result of the c14n. ++ * @throws CanonicalizationException ++ */ ++ public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet) + throws CanonicalizationException { +- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); +- } ++ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); ++ } + +- /** +- * Canonicalizes an XPath node set. +- * +- * @param xpathNodeSet +- * @param inclusiveNamespaces +- * @return the result of the c14n. +- * @throws CanonicalizationException +- */ +- public byte[] canonicalizeXPathNodeSet( +- Set xpathNodeSet, String inclusiveNamespaces) +- throws CanonicalizationException { +- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, +- inclusiveNamespaces); +- } ++ /** ++ * Canonicalizes an XPath node set. ++ * ++ * @param xpathNodeSet ++ * @param inclusiveNamespaces ++ * @return the result of the c14n. ++ * @throws CanonicalizationException ++ */ ++ public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet, ++ String inclusiveNamespaces) throws CanonicalizationException { ++ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, ++ inclusiveNamespaces); ++ } + +- /** +- * Sets the writter where the cannocalization ends. ByteArrayOutputStream if +- * none is setted. +- * @param os +- */ +- public void setWriter(OutputStream os) { +- this.canonicalizerSpi.setWriter(os); +- } ++ /** ++ * Sets the writer where the canonicalization ends. ByteArrayOutputStream ++ * if none is set. ++ * @param os ++ */ ++ public void setWriter(OutputStream os) { ++ this.canonicalizerSpi.setWriter(os); ++ } + +- /** +- * Returns the name of the implementing {@link CanonicalizerSpi} class +- * +- * @return the name of the implementing {@link CanonicalizerSpi} class +- */ +- public String getImplementingCanonicalizerClass() { +- return this.canonicalizerSpi.getClass().getName(); +- } ++ /** ++ * Returns the name of the implementing {@link CanonicalizerSpi} class ++ * ++ * @return the name of the implementing {@link CanonicalizerSpi} class ++ */ ++ public String getImplementingCanonicalizerClass() { ++ return this.canonicalizerSpi.getClass().getName(); ++ } + +- /** +- * Method getImplementingClass +- * +- * @param URI +- * @return the name of the class that implements the give URI +- */ +- private static Class getImplementingClass(String URI) { +- return (Class) _canonicalizerHash.get(URI); +- } ++ /** ++ * Method getImplementingClass ++ * ++ * @param URI ++ * @return the name of the class that implements the given URI ++ */ ++ private static Class getImplementingClass(String URI) { ++ return (Class) _canonicalizerHash.get(URI); ++ } + +- /** +- * Set the canonicalizator behaviour to not reset. +- * +- */ +- public void notReset() { +- this.canonicalizerSpi.reset=false; +- } ++ /** ++ * Set the canonicalizer behaviour to not reset. ++ */ ++ public void notReset() { ++ this.canonicalizerSpi.reset = false; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,17 +20,17 @@ + */ + package com.sun.org.apache.xml.internal.security.c14n.helper; + +- +- + import com.sun.org.apache.xml.internal.security.utils.Constants; + import org.w3c.dom.Attr; +- ++import java.io.Serializable; ++import java.util.Comparator; + + /** + * Compares two attributes based on the C14n specification. + * + *
    +- *
  • Namespace nodes have a lesser document order position than attribute nodes. ++ *
  • Namespace nodes have a lesser document order position than attribute ++ * nodes. + *
  • An element's namespace nodes are sorted lexicographically by + * local name (the default namespace node, if one exists, has no + * local name and is therefore lexicographically least). +@@ -40,104 +39,89 @@ + * key (an empty namespace URI is lexicographically least). + *
+ * +- * $todo$ Should we implement java.util.Comparator and import java.util.Arrays to use Arrays.sort(intarray); + * @author Christian Geuer-Pollmann + */ +-public class AttrCompare implements java.util.Comparator { ++public class AttrCompare implements Comparator, Serializable { + +- private final int ATTR0_BEFORE_ATTR1 = -1; +- private final int ATTR1_BEFORE_ATTR0 = 1; ++ private final static long serialVersionUID = -7113259629930576230L; ++ private final static int ATTR0_BEFORE_ATTR1 = -1; ++ private final static int ATTR1_BEFORE_ATTR0 = 1; ++ private final static String XMLNS=Constants.NamespaceSpecNS; + +- private final static String XMLNS=Constants.NamespaceSpecNS; +- /** +- * Compares two attributes based on the C14n specification. +- * +- *
    +- *
  • Namespace nodes have a lesser document order position than attribute nodes. +- *
  • An element's namespace nodes are sorted lexicographically by +- * local name (the default namespace node, if one exists, has no +- * local name and is therefore lexicographically least). +- *
  • An element's attribute nodes are sorted lexicographically with +- * namespace URI as the primary key and local name as the secondary +- * key (an empty namespace URI is lexicographically least). +- *
+- * +- * @param obj0 casted Attr +- * @param obj1 casted Attr +- * @return returns a negative integer, zero, or a positive integer as obj0 is less than, equal to, or greater than obj1 +- * +- */ +- public int compare(Object obj0, Object obj1) { ++ /** ++ * Compares two attributes based on the C14n specification. ++ * ++ *
    ++ *
  • Namespace nodes have a lesser document order position than ++ * attribute nodes. ++ *
  • An element's namespace nodes are sorted lexicographically by ++ * local name (the default namespace node, if one exists, has no ++ * local name and is therefore lexicographically least). ++ *
  • An element's attribute nodes are sorted lexicographically with ++ * namespace URI as the primary key and local name as the secondary ++ * key (an empty namespace URI is lexicographically least). ++ *
++ * ++ * @param obj0 casted Attr ++ * @param obj1 casted Attr ++ * @return returns a negative integer, zero, or a positive integer as ++ * obj0 is less than, equal to, or greater than obj1 ++ * ++ */ ++ public int compare(Object obj0, Object obj1) { + +- Attr attr0 = (Attr) obj0; +- Attr attr1 = (Attr) obj1; +- String namespaceURI0 = attr0.getNamespaceURI(); +- String namespaceURI1 = attr1.getNamespaceURI(); ++ Attr attr0 = (Attr) obj0; ++ Attr attr1 = (Attr) obj1; ++ String namespaceURI0 = attr0.getNamespaceURI(); ++ String namespaceURI1 = attr1.getNamespaceURI(); + +- boolean isNamespaceAttr0 = +- XMLNS.equals(namespaceURI0); +- boolean isNamespaceAttr1 = +- XMLNS.equals(namespaceURI1); ++ boolean isNamespaceAttr0 = XMLNS==namespaceURI0; ++ boolean isNamespaceAttr1 = XMLNS==namespaceURI1; + +- if (isNamespaceAttr0) { +- if (isNamespaceAttr1) { ++ if (isNamespaceAttr0) { ++ if (isNamespaceAttr1) { ++ // both are namespaces ++ String localname0 = attr0.getLocalName(); ++ String localname1 = attr1.getLocalName(); + +- // both are namespaces +- String localname0 = attr0.getLocalName(); +- String localname1 = attr1.getLocalName(); ++ if (localname0.equals("xmlns")) { ++ localname0 = ""; ++ } + +- if (localname0.equals("xmlns")) { +- localname0 = ""; ++ if (localname1.equals("xmlns")) { ++ localname1 = ""; ++ } ++ ++ return localname0.compareTo(localname1); + } ++ // attr0 is a namespace, attr1 is not ++ return ATTR0_BEFORE_ATTR1; ++ } + +- if (localname1.equals("xmlns")) { +- localname1 = ""; +- } +- +- return localname0.compareTo(localname1); +- } +- // attr0 is a namespace, attr1 is not +- return ATTR0_BEFORE_ATTR1; +- +- } +- if (isNamespaceAttr1) { +- ++ if (isNamespaceAttr1) { + // attr1 is a namespace, attr0 is not + return ATTR1_BEFORE_ATTR0; +- } ++ } + +- // none is a namespae +- +- if (namespaceURI0 == null) { +- if (namespaceURI1 == null) { +- /* +- String localName0 = attr0.getLocalName(); +- String localName1 = attr1.getLocalName(); +- return localName0.compareTo(localName1); +- */ +- ++ // none is a namespace ++ if (namespaceURI0 == null) { ++ if (namespaceURI1 == null) { + String name0 = attr0.getName(); + String name1 = attr1.getName(); + return name0.compareTo(name1); ++ } ++ return ATTR0_BEFORE_ATTR1; + } +- return ATTR0_BEFORE_ATTR1; + +- } +- if (namespaceURI1 == null) { +- return ATTR1_BEFORE_ATTR0; +- } +- int a = namespaceURI0.compareTo(namespaceURI1); ++ if (namespaceURI1 == null) { ++ return ATTR1_BEFORE_ATTR0; ++ } + +- if (a != 0) { +- return a; +- } +- /* +- String localName0 = ; +- String localName1 =;*/ ++ int a = namespaceURI0.compareTo(namespaceURI1); ++ if (a != 0) { ++ return a; ++ } + +- return (attr0.getLocalName()) +- .compareTo( attr1.getLocalName()); +- +- } +- ++ return (attr0.getLocalName()).compareTo(attr1.getLocalName()); ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java +@@ -0,0 +1,684 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2008 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++package com.sun.org.apache.xml.internal.security.c14n.implementations; ++ ++import java.io.IOException; ++import java.net.URI; ++import java.net.URISyntaxException; ++import java.util.ArrayList; ++import java.util.Collection; ++import java.util.HashMap; ++import java.util.Iterator; ++import java.util.List; ++import java.util.Map; ++import java.util.Set; ++import java.util.SortedSet; ++import java.util.TreeSet; ++import javax.xml.parsers.ParserConfigurationException; ++import org.w3c.dom.Attr; ++import org.w3c.dom.Document; ++import org.w3c.dom.Element; ++import org.w3c.dom.NamedNodeMap; ++import org.w3c.dom.Node; ++import org.xml.sax.SAXException; ++ ++import java.util.logging.Logger; ++import java.util.logging.Logger; ++import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; ++import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper; ++import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.utils.Constants; ++import com.sun.org.apache.xml.internal.security.utils.XMLUtils; ++ ++/** ++ * Implements ++ * Canonical XML Version 1.1, a W3C Proposed Recommendation from 29 ++ * January 2008. ++ * ++ * @author Sean Mullan ++ * @author Raul Benito ++ * @version $Revision: 1.2 $ ++ */ ++public abstract class Canonicalizer11 extends CanonicalizerBase { ++ boolean firstCall = true; ++ final SortedSet result = new TreeSet(COMPARE); ++ static final String XMLNS_URI = Constants.NamespaceSpecNS; ++ static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS; ++ ++ static Logger log = Logger.getLogger(Canonicalizer11.class.getName()); ++ ++ static class XmlAttrStack { ++ int currentLevel = 0; ++ int lastlevel = 0; ++ XmlsStackElement cur; ++ static class XmlsStackElement { ++ int level; ++ boolean rendered = false; ++ List nodes = new ArrayList(); ++ }; ++ List levels = new ArrayList(); ++ void push(int level) { ++ currentLevel = level; ++ if (currentLevel == -1) ++ return; ++ cur = null; ++ while (lastlevel >= currentLevel) { ++ levels.remove(levels.size() - 1); ++ if (levels.size() == 0) { ++ lastlevel = 0; ++ return; ++ } ++ lastlevel=((XmlsStackElement)levels.get(levels.size()-1)).level; ++ } ++ } ++ void addXmlnsAttr(Attr n) { ++ if (cur == null) { ++ cur = new XmlsStackElement(); ++ cur.level = currentLevel; ++ levels.add(cur); ++ lastlevel = currentLevel; ++ } ++ cur.nodes.add(n); ++ } ++ void getXmlnsAttr(Collection col) { ++ if (cur == null) { ++ cur = new XmlsStackElement(); ++ cur.level = currentLevel; ++ lastlevel = currentLevel; ++ levels.add(cur); ++ } ++ int size = levels.size() - 2; ++ boolean parentRendered = false; ++ XmlsStackElement e = null; ++ if (size == -1) { ++ parentRendered = true; ++ } else { ++ e = (XmlsStackElement) levels.get(size); ++ if (e.rendered && e.level+1 == currentLevel) ++ parentRendered = true; ++ } ++ if (parentRendered) { ++ col.addAll(cur.nodes); ++ cur.rendered = true; ++ return; ++ } ++ ++ Map loa = new HashMap(); ++ List baseAttrs = new ArrayList(); ++ boolean successiveOmitted = true; ++ for (;size>=0;size--) { ++ e = (XmlsStackElement) levels.get(size); ++ if (e.rendered) { ++ successiveOmitted = false; ++ } ++ Iterator it = e.nodes.iterator(); ++ while (it.hasNext() && successiveOmitted) { ++ Attr n = (Attr) it.next(); ++ if (n.getLocalName().equals("base")) { ++ if (!e.rendered) { ++ baseAttrs.add(n); ++ } ++ } else if (!loa.containsKey(n.getName())) ++ loa.put(n.getName(), n); ++ } ++ } ++ if (!baseAttrs.isEmpty()) { ++ Iterator it = cur.nodes.iterator(); ++ String base = null; ++ Attr baseAttr = null; ++ while (it.hasNext()) { ++ Attr n = (Attr) it.next(); ++ if (n.getLocalName().equals("base")) { ++ base = n.getValue(); ++ baseAttr = n; ++ break; ++ } ++ } ++ it = baseAttrs.iterator(); ++ while (it.hasNext()) { ++ Attr n = (Attr) it.next(); ++ if (base == null) { ++ base = n.getValue(); ++ baseAttr = n; ++ } else { ++ try { ++ base = joinURI(n.getValue(), base); ++ } catch (URISyntaxException ue) { ++ ue.printStackTrace(); ++ } ++ } ++ } ++ if (base != null && base.length() != 0) { ++ baseAttr.setValue(base); ++ col.add(baseAttr); ++ } ++ } ++ ++ cur.rendered = true; ++ col.addAll(loa.values()); ++ } ++ }; ++ XmlAttrStack xmlattrStack = new XmlAttrStack(); ++ ++ /** ++ * Constructor Canonicalizer11 ++ * ++ * @param includeComments ++ */ ++ public Canonicalizer11(boolean includeComments) { ++ super(includeComments); ++ } ++ ++ /** ++ * Returns the Attr[]s to be outputted for the given element. ++ *
++ * The code of this method is a copy of {@link #handleAttributes(Element, ++ * NameSpaceSymbTable)}, ++ * whereas it takes into account that subtree-c14n is -- well -- ++ * subtree-based. ++ * So if the element in question isRoot of c14n, it's parent is not in the ++ * node set, as well as all other ancestors. ++ * ++ * @param E ++ * @param ns ++ * @return the Attr[]s to be outputted ++ * @throws CanonicalizationException ++ */ ++ Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns) ++ throws CanonicalizationException { ++ if (!E.hasAttributes() && !firstCall) { ++ return null; ++ } ++ // result will contain the attrs which have to be outputted ++ final SortedSet result = this.result; ++ result.clear(); ++ NamedNodeMap attrs = E.getAttributes(); ++ int attrsLength = attrs.getLength(); ++ ++ for (int i = 0; i < attrsLength; i++) { ++ Attr N = (Attr) attrs.item(i); ++ String NUri = N.getNamespaceURI(); ++ ++ if (XMLNS_URI != NUri) { ++ // It's not a namespace attr node. Add to the result and ++ // continue. ++ result.add(N); ++ continue; ++ } ++ ++ String NName = N.getLocalName(); ++ String NValue = N.getValue(); ++ if (XML.equals(NName) ++ && XML_LANG_URI.equals(NValue)) { ++ // The default mapping for xml must not be output. ++ continue; ++ } ++ ++ Node n = ns.addMappingAndRender(NName, NValue, N); ++ ++ if (n != null) { ++ // Render the ns definition ++ result.add(n); ++ if (C14nHelper.namespaceIsRelative(N)) { ++ Object exArgs[] = {E.getTagName(), NName, N.getNodeValue()}; ++ throw new CanonicalizationException( ++ "c14n.Canonicalizer.RelativeNamespace", exArgs); ++ } ++ } ++ } ++ ++ if (firstCall) { ++ // It is the first node of the subtree ++ // Obtain all the namespaces defined in the parents, and added ++ // to the output. ++ ns.getUnrenderedNodes(result); ++ // output the attributes in the xml namespace. ++ xmlattrStack.getXmlnsAttr(result); ++ firstCall = false; ++ } ++ ++ return result.iterator(); ++ } ++ ++ /** ++ * Returns the Attr[]s to be outputted for the given element. ++ *
++ * IMPORTANT: This method expects to work on a modified DOM tree, i.e. a ++ * DOM which has been prepared using ++ * {@link com.sun.org.apache.xml.internal.security.utils.XMLUtils#circumventBug2650( ++ * org.w3c.dom.Document)}. ++ * ++ * @param E ++ * @param ns ++ * @return the Attr[]s to be outputted ++ * @throws CanonicalizationException ++ */ ++ Iterator handleAttributes(Element E, NameSpaceSymbTable ns) ++ throws CanonicalizationException { ++ // result will contain the attrs which have to be output ++ xmlattrStack.push(ns.getLevel()); ++ boolean isRealVisible = isVisibleDO(E, ns.getLevel()) == 1; ++ NamedNodeMap attrs = null; ++ int attrsLength = 0; ++ if (E.hasAttributes()) { ++ attrs = E.getAttributes(); ++ attrsLength = attrs.getLength(); ++ } ++ ++ SortedSet result = this.result; ++ result.clear(); ++ ++ for (int i = 0; i < attrsLength; i++) { ++ Attr N = (Attr) attrs.item(i); ++ String NUri = N.getNamespaceURI(); ++ ++ if (XMLNS_URI != NUri) { ++ // A non namespace definition node. ++ if (XML_LANG_URI == NUri) { ++ if (N.getLocalName().equals("id")) { ++ if (isRealVisible) { ++ // treat xml:id like any other attribute ++ // (emit it, but don't inherit it) ++ result.add(N); ++ } ++ } else { ++ xmlattrStack.addXmlnsAttr(N); ++ } ++ } else if (isRealVisible) { ++ // The node is visible add the attribute to the list of ++ // output attributes. ++ result.add(N); ++ } ++ // keep working ++ continue; ++ } ++ ++ String NName = N.getLocalName(); ++ String NValue = N.getValue(); ++ if ("xml".equals(NName) ++ && XML_LANG_URI.equals(NValue)) { ++ /* except omit namespace node with local name xml, which defines ++ * the xml prefix, if its string value is ++ * http://www.w3.org/XML/1998/namespace. ++ */ ++ continue; ++ } ++ // add the prefix binding to the ns symb table. ++ // ns.addInclusiveMapping(NName,NValue,N,isRealVisible); ++ if (isVisible(N)) { ++ if (!isRealVisible && ns.removeMappingIfRender(NName)) { ++ continue; ++ } ++ // The xpath select this node output it if needed. ++ // Node n = ns.addMappingAndRenderXNodeSet ++ // (NName, NValue, N, isRealVisible); ++ Node n = ns.addMappingAndRender(NName, NValue, N); ++ if (n != null) { ++ result.add(n); ++ if (C14nHelper.namespaceIsRelative(N)) { ++ Object exArgs[] = ++ { E.getTagName(), NName, N.getNodeValue() }; ++ throw new CanonicalizationException( ++ "c14n.Canonicalizer.RelativeNamespace", exArgs); ++ } ++ } ++ } else { ++ if (isRealVisible && NName != XMLNS) { ++ ns.removeMapping(NName); ++ } else { ++ ns.addMapping(NName, NValue, N); ++ } ++ } ++ } ++ if (isRealVisible) { ++ // The element is visible, handle the xmlns definition ++ Attr xmlns = E.getAttributeNodeNS(XMLNS_URI, XMLNS); ++ Node n = null; ++ if (xmlns == null) { ++ // No xmlns def just get the already defined. ++ n = ns.getMapping(XMLNS); ++ } else if (!isVisible(xmlns)) { ++ // There is a defn but the xmlns is not selected by the xpath. ++ // then xmlns="" ++ n = ns.addMappingAndRender(XMLNS, "", nullNode); ++ } ++ // output the xmlns def if needed. ++ if (n != null) { ++ result.add(n); ++ } ++ // Float all xml:* attributes of the unselected parent elements to ++ // this one. addXmlAttributes(E,result); ++ xmlattrStack.getXmlnsAttr(result); ++ ns.getUnrenderedNodes(result); ++ } ++ ++ return result.iterator(); ++ } ++ ++ /** ++ * Always throws a CanonicalizationException because this is inclusive c14n. ++ * ++ * @param xpathNodeSet ++ * @param inclusiveNamespaces ++ * @return none it always fails ++ * @throws CanonicalizationException always ++ */ ++ public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet, ++ String inclusiveNamespaces) throws CanonicalizationException { ++ throw new CanonicalizationException( ++ "c14n.Canonicalizer.UnsupportedOperation"); ++ } ++ ++ /** ++ * Always throws a CanonicalizationException because this is inclusive c14n. ++ * ++ * @param rootNode ++ * @param inclusiveNamespaces ++ * @return none it always fails ++ * @throws CanonicalizationException ++ */ ++ public byte[] engineCanonicalizeSubTree(Node rootNode, ++ String inclusiveNamespaces) throws CanonicalizationException { ++ throw new CanonicalizationException( ++ "c14n.Canonicalizer.UnsupportedOperation"); ++ } ++ ++ void circumventBugIfNeeded(XMLSignatureInput input) ++ throws CanonicalizationException, ParserConfigurationException, ++ IOException, SAXException { ++ if (!input.isNeedsToBeExpanded()) ++ return; ++ Document doc = null; ++ if (input.getSubNode() != null) { ++ doc = XMLUtils.getOwnerDocument(input.getSubNode()); ++ } else { ++ doc = XMLUtils.getOwnerDocument(input.getNodeSet()); ++ } ++ XMLUtils.circumventBug2650(doc); ++ } ++ ++ void handleParent(Element e, NameSpaceSymbTable ns) { ++ if (!e.hasAttributes()) { ++ return; ++ } ++ xmlattrStack.push(-1); ++ NamedNodeMap attrs = e.getAttributes(); ++ int attrsLength = attrs.getLength(); ++ for (int i = 0; i < attrsLength; i++) { ++ Attr N = (Attr) attrs.item(i); ++ if (Constants.NamespaceSpecNS != N.getNamespaceURI()) { ++ // Not a namespace definition, ignore. ++ if (XML_LANG_URI == N.getNamespaceURI()) { ++ xmlattrStack.addXmlnsAttr(N); ++ } ++ continue; ++ } ++ ++ String NName = N.getLocalName(); ++ String NValue = N.getNodeValue(); ++ if (XML.equals(NName) ++ && Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) { ++ continue; ++ } ++ ns.addMapping(NName,NValue,N); ++ } ++ } ++ ++ private static String joinURI(String baseURI, String relativeURI) ++ throws URISyntaxException { ++ String bscheme = null; ++ String bauthority = null; ++ String bpath = ""; ++ String bquery = null; ++ String bfragment = null; // Is this correct? ++ ++ // pre-parse the baseURI ++ if (baseURI != null) { ++ if (baseURI.endsWith("..")) { ++ baseURI = baseURI + "/"; ++ } ++ URI base = new URI(baseURI); ++ bscheme = base.getScheme(); ++ bauthority = base.getAuthority(); ++ bpath = base.getPath(); ++ bquery = base.getQuery(); ++ bfragment = base.getFragment(); ++ } ++ ++ URI r = new URI(relativeURI); ++ String rscheme = r.getScheme(); ++ String rauthority = r.getAuthority(); ++ String rpath = r.getPath(); ++ String rquery = r.getQuery(); ++ String rfragment = null; ++ ++ String tscheme, tauthority, tpath, tquery, tfragment; ++ if (rscheme != null && rscheme.equals(bscheme)) { ++ rscheme = null; ++ } ++ if (rscheme != null) { ++ tscheme = rscheme; ++ tauthority = rauthority; ++ tpath = removeDotSegments(rpath); ++ tquery = rquery; ++ } else { ++ if (rauthority != null) { ++ tauthority = rauthority; ++ tpath = removeDotSegments(rpath); ++ tquery = rquery; ++ } else { ++ if (rpath.length() == 0) { ++ tpath = bpath; ++ if (rquery != null) { ++ tquery = rquery; ++ } else { ++ tquery = bquery; ++ } ++ } else { ++ if (rpath.startsWith("/")) { ++ tpath = removeDotSegments(rpath); ++ } else { ++ if (bauthority != null && bpath.length() == 0) { ++ tpath = "/" + rpath; ++ } else { ++ int last = bpath.lastIndexOf('/'); ++ if (last == -1) { ++ tpath = rpath; ++ } else { ++ tpath = bpath.substring(0, last+1) + rpath; ++ } ++ } ++ tpath = removeDotSegments(tpath); ++ } ++ tquery = rquery; ++ } ++ tauthority = bauthority; ++ } ++ tscheme = bscheme; ++ } ++ tfragment = rfragment; ++ return new URI(tscheme, tauthority, tpath, tquery, tfragment).toString(); ++ } ++ ++ private static String removeDotSegments(String path) { ++ ++ log.log(java.util.logging.Level.FINE, "STEP OUTPUT BUFFER\t\tINPUT BUFFER"); ++ ++ // 1. The input buffer is initialized with the now-appended path ++ // components then replace occurrences of "//" in the input buffer ++ // with "/" until no more occurrences of "//" are in the input buffer. ++ String input = path; ++ while (input.indexOf("//") > -1) { ++ input = input.replaceAll("//", "/"); ++ } ++ ++ // Initialize the output buffer with the empty string. ++ StringBuffer output = new StringBuffer(); ++ ++ // If the input buffer starts with a root slash "/" then move this ++ // character to the output buffer. ++ if (input.charAt(0) == '/') { ++ output.append("/"); ++ input = input.substring(1); ++ } ++ ++ printStep("1 ", output.toString(), input); ++ ++ // While the input buffer is not empty, loop as follows ++ while (input.length() != 0) { ++ // 2A. If the input buffer begins with a prefix of "./", ++ // then remove that prefix from the input buffer ++ // else if the input buffer begins with a prefix of "../", then ++ // if also the output does not contain the root slash "/" only, ++ // then move this prefix to the end of the output buffer else ++ // remove that prefix ++ if (input.startsWith("./")) { ++ input = input.substring(2); ++ printStep("2A", output.toString(), input); ++ } else if (input.startsWith("../")) { ++ input = input.substring(3); ++ if (!output.toString().equals("/")) { ++ output.append("../"); ++ } ++ printStep("2A", output.toString(), input); ++ // 2B. if the input buffer begins with a prefix of "/./" or "/.", ++ // where "." is a complete path segment, then replace that prefix ++ // with "/" in the input buffer; otherwise, ++ } else if (input.startsWith("/./")) { ++ input = input.substring(2); ++ printStep("2B", output.toString(), input); ++ } else if (input.equals("/.")) { ++ // FIXME: what is complete path segment? ++ input = input.replaceFirst("/.", "/"); ++ printStep("2B", output.toString(), input); ++ // 2C. if the input buffer begins with a prefix of "/../" or "/..", ++ // where ".." is a complete path segment, then replace that prefix ++ // with "/" in the input buffer and if also the output buffer is ++ // empty, last segment in the output buffer equals "../" or "..", ++ // where ".." is a complete path segment, then append ".." or "/.." ++ // for the latter case respectively to the output buffer else ++ // remove the last segment and its preceding "/" (if any) from the ++ // output buffer and if hereby the first character in the output ++ // buffer was removed and it was not the root slash then delete a ++ // leading slash from the input buffer; otherwise, ++ } else if (input.startsWith("/../")) { ++ input = input.substring(3); ++ if (output.length() == 0) { ++ output.append("/"); ++ } else if (output.toString().endsWith("../")) { ++ output.append(".."); ++ } else if (output.toString().endsWith("..")) { ++ output.append("/.."); ++ } else { ++ int index = output.lastIndexOf("/"); ++ if (index == -1) { ++ output = new StringBuffer(); ++ if (input.charAt(0) == '/') { ++ input = input.substring(1); ++ } ++ } else { ++ output = output.delete(index, output.length()); ++ } ++ } ++ printStep("2C", output.toString(), input); ++ } else if (input.equals("/..")) { ++ // FIXME: what is complete path segment? ++ input = input.replaceFirst("/..", "/"); ++ if (output.length() == 0) { ++ output.append("/"); ++ } else if (output.toString().endsWith("../")) { ++ output.append(".."); ++ } else if (output.toString().endsWith("..")) { ++ output.append("/.."); ++ } else { ++ int index = output.lastIndexOf("/"); ++ if (index == -1) { ++ output = new StringBuffer(); ++ if (input.charAt(0) == '/') { ++ input = input.substring(1); ++ } ++ } else { ++ output = output.delete(index, output.length()); ++ } ++ } ++ printStep("2C", output.toString(), input); ++ // 2D. if the input buffer consists only of ".", then remove ++ // that from the input buffer else if the input buffer consists ++ // only of ".." and if the output buffer does not contain only ++ // the root slash "/", then move the ".." to the output buffer ++ // else delte it.; otherwise, ++ } else if (input.equals(".")) { ++ input = ""; ++ printStep("2D", output.toString(), input); ++ } else if (input.equals("..")) { ++ if (!output.toString().equals("/")) ++ output.append(".."); ++ input = ""; ++ printStep("2D", output.toString(), input); ++ // 2E. move the first path segment (if any) in the input buffer ++ // to the end of the output buffer, including the initial "/" ++ // character (if any) and any subsequent characters up to, but not ++ // including, the next "/" character or the end of the input buffer. ++ } else { ++ int end = -1; ++ int begin = input.indexOf('/'); ++ if (begin == 0) { ++ end = input.indexOf('/', 1); ++ } else { ++ end = begin; ++ begin = 0; ++ } ++ String segment; ++ if (end == -1) { ++ segment = input.substring(begin); ++ input = ""; ++ } else { ++ segment = input.substring(begin, end); ++ input = input.substring(end); ++ } ++ output.append(segment); ++ printStep("2E", output.toString(), input); ++ } ++ } ++ ++ // 3. Finally, if the only or last segment of the output buffer is ++ // "..", where ".." is a complete path segment not followed by a slash ++ // then append a slash "/". The output buffer is returned as the result ++ // of remove_dot_segments ++ if (output.toString().endsWith("..")) { ++ output.append("/"); ++ printStep("3 ", output.toString(), input); ++ } ++ ++ return output.toString(); ++ } ++ ++ private static void printStep(String step, String output, String input) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, " " + step + ": " + output); ++ if (output.length() == 0) { ++ log.log(java.util.logging.Level.FINE, "\t\t\t\t" + input); ++ } else { ++ log.log(java.util.logging.Level.FINE, "\t\t\t" + input); ++ } ++ } ++ } ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java +@@ -0,0 +1,41 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2008 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++package com.sun.org.apache.xml.internal.security.c14n.implementations; ++ ++import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; ++ ++/** ++ * @author Sean Mullan ++ */ ++public class Canonicalizer11_OmitComments extends Canonicalizer11 { ++ ++ public Canonicalizer11_OmitComments() { ++ super(false); ++ } ++ ++ public final String engineGetURI() { ++ return Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS; ++ } ++ ++ public final boolean engineGetIncludeComments() { ++ return false; ++ } ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java +@@ -0,0 +1,41 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2008 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++package com.sun.org.apache.xml.internal.security.c14n.implementations; ++ ++import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; ++ ++/** ++ * @author Sean Mullan ++ */ ++public class Canonicalizer11_WithComments extends Canonicalizer11 { ++ ++ public Canonicalizer11_WithComments() { ++ super(true); ++ } ++ ++ public final String engineGetURI() { ++ return Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS; ++ } ++ ++ public final boolean engineGetIncludeComments() { ++ return true; ++ } ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -23,20 +22,30 @@ + + + ++import java.io.IOException; ++import java.util.ArrayList; ++import java.util.Collection; + import java.util.HashMap; + import java.util.Iterator; ++import java.util.List; + import java.util.Map; + import java.util.Set; + import java.util.SortedSet; + import java.util.TreeSet; + ++import javax.xml.parsers.ParserConfigurationException; ++ + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper; ++import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; + import com.sun.org.apache.xml.internal.security.utils.Constants; ++import com.sun.org.apache.xml.internal.security.utils.XMLUtils; + import org.w3c.dom.Attr; ++import org.w3c.dom.Document; + import org.w3c.dom.Element; + import org.w3c.dom.NamedNodeMap; + import org.w3c.dom.Node; ++import org.xml.sax.SAXException; + + + /** +@@ -44,13 +53,92 @@ + * XML Version 1.0, a W3C Recommendation from 15 March 2001. + * + * @author Christian Geuer-Pollmann ++ * @version $Revision: 1.5 $ + */ + public abstract class Canonicalizer20010315 extends CanonicalizerBase { + boolean firstCall=true; + final SortedSet result= new TreeSet(COMPARE); + static final String XMLNS_URI=Constants.NamespaceSpecNS; + static final String XML_LANG_URI=Constants.XML_LANG_SPACE_SpecNS; +- /** ++ static class XmlAttrStack { ++ int currentLevel=0; ++ int lastlevel=0; ++ XmlsStackElement cur; ++ static class XmlsStackElement { ++ int level; ++ boolean rendered=false; ++ List nodes=new ArrayList(); ++ }; ++ List levels=new ArrayList(); ++ void push(int level) { ++ currentLevel=level; ++ if (currentLevel==-1) ++ return; ++ cur=null; ++ while (lastlevel>=currentLevel) { ++ levels.remove(levels.size()-1); ++ if (levels.size()==0) { ++ lastlevel=0; ++ return; ++ } ++ lastlevel=((XmlsStackElement)levels.get(levels.size()-1)).level; ++ } ++ } ++ void addXmlnsAttr(Attr n) { ++ if (cur==null) { ++ cur=new XmlsStackElement(); ++ cur.level=currentLevel; ++ levels.add(cur); ++ lastlevel=currentLevel; ++ } ++ cur.nodes.add(n); ++ } ++ void getXmlnsAttr(Collection col) { ++ int size=levels.size()-1; ++ if (cur==null) { ++ cur=new XmlsStackElement(); ++ cur.level=currentLevel; ++ lastlevel=currentLevel; ++ levels.add(cur); ++ } ++ boolean parentRendered=false; ++ XmlsStackElement e=null; ++ if (size==-1) { ++ parentRendered=true; ++ } else { ++ e=(XmlsStackElement)levels.get(size); ++ if (e.rendered && e.level+1==currentLevel) ++ parentRendered=true; ++ ++ } ++ if (parentRendered) { ++ col.addAll(cur.nodes); ++ cur.rendered=true; ++ return; ++ } ++ ++ Map loa = new HashMap(); ++ for (;size>=0;size--) { ++ e=(XmlsStackElement)levels.get(size); ++ Iterator it=e.nodes.iterator(); ++ while (it.hasNext()) { ++ Attr n=(Attr)it.next(); ++ if (!loa.containsKey(n.getName())) ++ loa.put(n.getName(),n); ++ } ++ //if (e.rendered) ++ //break; ++ ++ }; ++ //cur.nodes.clear(); ++ //cur.nodes.addAll(loa.values()); ++ cur.rendered=true; ++ col.addAll(loa.values()); ++ } ++ ++ } ++ XmlAttrStack xmlattrStack=new XmlAttrStack(); ++ /** + * Constructor Canonicalizer20010315 + * + * @param includeComments +@@ -86,16 +174,16 @@ + + for (int i = 0; i < attrsLength; i++) { + Attr N = (Attr) attrs.item(i); +- String NName=N.getLocalName(); +- String NValue=N.getValue(); + String NUri =N.getNamespaceURI(); + +- if (!XMLNS_URI.equals(NUri)) { ++ if (XMLNS_URI!=NUri) { + //It's not a namespace attr node. Add to the result and continue. + result.add(N); + continue; + } + ++ String NName=N.getLocalName(); ++ String NValue=N.getValue(); + if (XML.equals(NName) + && XML_LANG_URI.equals(NValue)) { + //The default mapping for xml must not be output. +@@ -120,65 +208,14 @@ + //Obtain all the namespaces defined in the parents, and added to the output. + ns.getUnrenderedNodes(result); + //output the attributes in the xml namespace. +- addXmlAttributesSubtree(E, result); +- firstCall=false; ++ xmlattrStack.getXmlnsAttr(result); ++ firstCall=false; + } + + return result.iterator(); + } + + /** +- * Float the xml:* attributes of the parent nodes to the root node of c14n +- * @param E the root node. +- * @param result the xml:* attributes to output. +- */ +- private void addXmlAttributesSubtree(Element E, SortedSet result) { +- // E is in the node-set +- Node parent = E.getParentNode(); +- Map loa = new HashMap(); +- +- if ((parent != null) && (parent.getNodeType() == Node.ELEMENT_NODE)) { +- +- // parent element is not in node set +- for (Node ancestor = parent; +- (ancestor != null) +- && (ancestor.getNodeType() == Node.ELEMENT_NODE); +- ancestor = ancestor.getParentNode()) { +- Element el=((Element) ancestor); +- if (!el.hasAttributes()) { +- continue; +- } +- // for all ancestor elements +- NamedNodeMap ancestorAttrs = el.getAttributes(); +- +- for (int i = 0; i < ancestorAttrs.getLength(); i++) { +- // for all attributes in the ancestor element +- Attr currentAncestorAttr = (Attr) ancestorAttrs.item(i); +- +- if (XML_LANG_URI.equals( +- currentAncestorAttr.getNamespaceURI())) { +- +- // do we have an xml:* ? +- if (!E.hasAttributeNS( +- XML_LANG_URI, +- currentAncestorAttr.getLocalName())) { +- +- // the xml:* attr is not in E +- if (!loa.containsKey(currentAncestorAttr.getName())) { +- loa.put(currentAncestorAttr.getName(), +- currentAncestorAttr); +- } +- } +- } +- } +- } +- } +- +- result.addAll( loa.values()); +- +- } +- +- /** + * Returns the Attr[]s to be outputted for the given element. + *
+ * IMPORTANT: This method expects to work on a modified DOM tree, i.e. a DOM which has +@@ -192,7 +229,8 @@ + */ + Iterator handleAttributes(Element E, NameSpaceSymbTable ns ) throws CanonicalizationException { + // result will contain the attrs which have to be outputted +- boolean isRealVisible=isVisible(E); ++ xmlattrStack.push(ns.getLevel()); ++ boolean isRealVisible=isVisibleDO(E,ns.getLevel())==1; + NamedNodeMap attrs = null; + int attrsLength = 0; + if (E.hasAttributes()) { +@@ -204,16 +242,15 @@ + SortedSet result = this.result; + result.clear(); + +- + for (int i = 0; i < attrsLength; i++) { + Attr N = (Attr) attrs.item(i); +- String NName=N.getLocalName(); +- String NValue=N.getValue(); + String NUri =N.getNamespaceURI(); + +- if (!XMLNS_URI.equals(NUri)) { ++ if (XMLNS_URI!=NUri) { + //A non namespace definition node. +- if (isRealVisible){ ++ if (XML_LANG_URI==NUri) { ++ xmlattrStack.addXmlnsAttr(N); ++ } else if (isRealVisible){ + //The node is visible add the attribute to the list of output attributes. + result.add(N); + } +@@ -221,7 +258,8 @@ + continue; + } + +- ++ String NName=N.getLocalName(); ++ String NValue=N.getValue(); + if ("xml".equals(NName) + && XML_LANG_URI.equals(NValue)) { + /* except omit namespace node with local name xml, which defines +@@ -232,16 +270,26 @@ + //add the prefix binding to the ns symb table. + //ns.addInclusiveMapping(NName,NValue,N,isRealVisible); + if (isVisible(N)) { +- //The xpath select this node output it if needed. +- Node n=ns.addMappingAndRenderXNodeSet(NName,NValue,N,isRealVisible); +- if (n!=null) { ++ if (!isRealVisible && ns.removeMappingIfRender(NName)) { ++ continue; ++ } ++ //The xpath select this node output it if needed. ++ //Node n=ns.addMappingAndRenderXNodeSet(NName,NValue,N,isRealVisible); ++ Node n=ns.addMappingAndRender(NName,NValue,N); ++ if (n!=null) { + result.add(n); + if (C14nHelper.namespaceIsRelative(N)) { + Object exArgs[] = { E.getTagName(), NName, N.getNodeValue() }; + throw new CanonicalizationException( + "c14n.Canonicalizer.RelativeNamespace", exArgs); +- } +- } ++ } ++ } ++ } else { ++ if (isRealVisible && NName!=XMLNS) { ++ ns.removeMapping(NName); ++ } else { ++ ns.addMapping(NName,NValue,N); ++ } + } + } + if (isRealVisible) { +@@ -254,85 +302,22 @@ + } else if ( !isVisible(xmlns)) { + //There is a definition but the xmlns is not selected by the xpath. + //then xmlns="" +- n=ns.addMappingAndRenderXNodeSet(XMLNS,"",nullNode,true); ++ n=ns.addMappingAndRender(XMLNS,"",nullNode); + } + //output the xmlns def if needed. + if (n!=null) { + result.add(n); + } + //Float all xml:* attributes of the unselected parent elements to this one. +- addXmlAttributes(E,result); ++ //addXmlAttributes(E,result); ++ xmlattrStack.getXmlnsAttr(result); ++ ns.getUnrenderedNodes(result); ++ + } + + return result.iterator(); + } + /** +- * Float the xml:* attributes of the unselected parent nodes to the ciurrent node. +- * @param E +- * @param result +- */ +- private void addXmlAttributes(Element E, SortedSet result) { +- /* The processing of an element node E MUST be modified slightly when an +- * XPath node-set is given as input and the element's parent is omitted +- * from the node-set. The method for processing the attribute axis of an +- * element E in the node-set is enhanced. All element nodes along E's +- * ancestor axis are examined for nearest occurrences of attributes in +- * the xml namespace, such as xml:lang and xml:space (whether or not they +- * are in the node-set). From this list of attributes, remove any that are +- * in E's attribute axis (whether or not they are in the node-set). Then, +- * lexicographically merge this attribute list with the nodes of E's +- * attribute axis that are in the node-set. The result of visiting the +- * attribute axis is computed by processing the attribute nodes in this +- * merged attribute list. +- */ +- +- // E is in the node-set +- Node parent = E.getParentNode(); +- Map loa = new HashMap(); +- +- if ((parent != null) && (parent.getNodeType() == Node.ELEMENT_NODE) +- &&!isVisible(parent)) { +- +- // parent element is not in node set +- for (Node ancestor = parent; +- (ancestor != null) +- && (ancestor.getNodeType() == Node.ELEMENT_NODE); +- ancestor = ancestor.getParentNode()) { +- Element el=((Element) ancestor); +- if (!el.hasAttributes()) { +- continue; +- } +- // for all ancestor elements +- NamedNodeMap ancestorAttrs =el.getAttributes(); +- +- for (int i = 0; i < ancestorAttrs.getLength(); i++) { +- +- // for all attributes in the ancestor element +- Attr currentAncestorAttr = (Attr) ancestorAttrs.item(i); +- +- if (XML_LANG_URI.equals( +- currentAncestorAttr.getNamespaceURI())) { +- +- // do we have an xml:* ? +- if (!E.hasAttributeNS( +- XML_LANG_URI, +- currentAncestorAttr.getLocalName())) { +- +- // the xml:* attr is not in E +- if (!loa.containsKey(currentAncestorAttr.getName())) { +- loa.put(currentAncestorAttr.getName(), +- currentAncestorAttr); +- } +- } +- } +- } +- } +- } +- result.addAll(loa.values()); +- +-} +- +- /** + * Always throws a CanonicalizationException because this is inclusive c14n. + * + * @param xpathNodeSet +@@ -363,4 +348,43 @@ + throw new CanonicalizationException( + "c14n.Canonicalizer.UnsupportedOperation"); + } ++ void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException { ++ if (!input.isNeedsToBeExpanded()) ++ return; ++ Document doc = null; ++ if (input.getSubNode() != null) { ++ doc=XMLUtils.getOwnerDocument(input.getSubNode()); ++ } else { ++ doc=XMLUtils.getOwnerDocument(input.getNodeSet()); ++ } ++ XMLUtils.circumventBug2650(doc); ++ ++ } ++ ++ void handleParent(Element e, NameSpaceSymbTable ns) { ++ if (!e.hasAttributes()) { ++ return; ++ } ++ xmlattrStack.push(-1); ++ NamedNodeMap attrs = e.getAttributes(); ++ int attrsLength = attrs.getLength(); ++ for (int i = 0; i < attrsLength; i++) { ++ Attr N = (Attr) attrs.item(i); ++ if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) { ++ //Not a namespace definition, ignore. ++ if (XML_LANG_URI==N.getNamespaceURI()) { ++ xmlattrStack.addXmlnsAttr(N); ++ } ++ continue; ++ } ++ ++ String NName=N.getLocalName(); ++ String NValue=N.getNodeValue(); ++ if (XML.equals(NName) ++ && Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) { ++ continue; ++ } ++ ns.addMapping(NName,NValue,N); ++ } ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,20 +20,26 @@ + */ + package com.sun.org.apache.xml.internal.security.c14n.implementations; + ++import java.io.IOException; + import java.util.Iterator; + import java.util.Set; + import java.util.SortedSet; + import java.util.TreeSet; + ++import javax.xml.parsers.ParserConfigurationException; ++ + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.c14n.helper.C14nHelper; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; + import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces; + import com.sun.org.apache.xml.internal.security.utils.Constants; ++import com.sun.org.apache.xml.internal.security.utils.XMLUtils; + import org.w3c.dom.Attr; ++import org.w3c.dom.Document; + import org.w3c.dom.Element; + import org.w3c.dom.NamedNodeMap; + import org.w3c.dom.Node; ++import org.xml.sax.SAXException; + /** + * Implements " Exclusive XML +@@ -47,6 +52,7 @@ + * THIS implementation is a complete rewrite of the algorithm. + * + * @author Christian Geuer-Pollmann ++ * @version $Revision: 1.5 $ + * @see + * XML Canonicalization, Version 1.0 + */ +@@ -55,7 +61,7 @@ + * This Set contains the names (Strings like "xmlns" or "xmlns:foo") of + * the inclusive namespaces. + */ +- TreeSet _inclusiveNSSet = null; ++ TreeSet _inclusiveNSSet = new TreeSet(); + static final String XMLNS_URI=Constants.NamespaceSpecNS; + final SortedSet result = new TreeSet(COMPARE); + /** +@@ -143,10 +149,8 @@ + + for (int i = 0; i < attrsLength; i++) { + Attr N = (Attr) attrs.item(i); +- String NName=N.getLocalName(); +- String NNodeValue=N.getNodeValue(); + +- if (!XMLNS_URI.equals(N.getNamespaceURI())) { ++ if (XMLNS_URI!=N.getNamespaceURI()) { + //Not a namespace definition. + //The Element is output element, add his prefix(if used) to visibyUtilized + String prefix = N.getPrefix(); +@@ -157,6 +161,8 @@ + result.add(N); + continue; + } ++ String NName=N.getLocalName(); ++ String NNodeValue=N.getNodeValue(); + + if (ns.addMapping(NName, NNodeValue,N)) { + //New definition check if it is relative. +@@ -168,17 +174,17 @@ + } + } + } ++ String prefix; ++ if (E.getNamespaceURI() != null) { ++ prefix = E.getPrefix(); ++ if ((prefix == null) || (prefix.length() == 0)) { ++ prefix=XMLNS; ++ } + +- if (E.getNamespaceURI() != null) { +- String prefix = E.getPrefix(); +- if ((prefix == null) || (prefix.length() == 0)) { +- visiblyUtilized.add(XMLNS); +- } else { +- visiblyUtilized.add(prefix); +- } + } else { +- visiblyUtilized.add(XMLNS); ++ prefix=XMLNS; + } ++ visiblyUtilized.add(prefix); + + //This can be optimezed by I don't have time + Iterator it=visiblyUtilized.iterator(); +@@ -211,12 +217,6 @@ + + } + +- /** @inheritDoc */ +- public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet +- ) throws CanonicalizationException { +- return engineCanonicalizeXPathNodeSet(xpathNodeSet,""); +- } +- + /** + * @inheritDoc + * @param E +@@ -236,21 +236,20 @@ + //The prefix visibly utilized(in the attribute or in the name) in the element + Set visiblyUtilized =null; + //It's the output selected. +- boolean isOutputElement = isVisible(E); ++ boolean isOutputElement=isVisibleDO(E,ns.getLevel())==1; + if (isOutputElement) { + visiblyUtilized = (Set) this._inclusiveNSSet.clone(); + } + + for (int i = 0; i < attrsLength; i++) { + Attr N = (Attr) attrs.item(i); +- String NName=N.getLocalName(); +- String NNodeValue=N.getNodeValue(); +- if ( !isVisible(N) ) { +- //The node is not in the nodeset(if there is a nodeset) +- continue; +- } + +- if (!XMLNS_URI.equals(N.getNamespaceURI())) { ++ ++ if (XMLNS_URI!=N.getNamespaceURI()) { ++ if ( !isVisible(N) ) { ++ //The node is not in the nodeset(if there is a nodeset) ++ continue; ++ } + //Not a namespace definition. + if (isOutputElement) { + //The Element is output element, add his prefix(if used) to visibyUtilized +@@ -263,6 +262,25 @@ + } + continue; + } ++ String NName=N.getLocalName(); ++ if (isOutputElement && !isVisible(N) && NName!=XMLNS) { ++ ns.removeMappingIfNotRender(NName); ++ continue; ++ } ++ String NNodeValue=N.getNodeValue(); ++ ++ if (!isOutputElement && isVisible(N) && _inclusiveNSSet.contains(NName) && !ns.removeMappingIfRender(NName)) { ++ Node n=ns.addMappingAndRender(NName,NNodeValue,N); ++ if (n!=null) { ++ result.add(n); ++ if (C14nHelper.namespaceIsRelative(N)) { ++ Object exArgs[] = { E.getTagName(), NName, N.getNodeValue() }; ++ throw new CanonicalizationException( ++ "c14n.Canonicalizer.RelativeNamespace", exArgs); ++ } ++ } ++ } ++ + + + if (ns.addMapping(NName, NNodeValue,N)) { +@@ -306,18 +324,20 @@ + } + result.add(key); + } +- } else /*if (_circunvented)*/ { +- Iterator it=this._inclusiveNSSet.iterator(); +- while (it.hasNext()) { +- String s=(String)it.next(); +- Attr key=ns.getMappingWithoutRendered(s); +- if (key==null) { +- continue; +- } +- result.add(key); +- } + } + + return result.iterator(); + } ++ void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException { ++ if (!input.isNeedsToBeExpanded() || _inclusiveNSSet.isEmpty()) ++ return; ++ Document doc = null; ++ if (input.getSubNode() != null) { ++ doc=XMLUtils.getOwnerDocument(input.getSubNode()); ++ } else { ++ doc=XMLUtils.getOwnerDocument(input.getNodeSet()); ++ } ++ ++ XMLUtils.circumventBug2650(doc); ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java +@@ -28,6 +28,7 @@ + /** + * Class Canonicalizer20010315ExclWithComments + * ++ * @version $Revision: 1.5 $ + */ + public class Canonicalizer20010315ExclWithComments + extends Canonicalizer20010315Excl { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java +@@ -27,9 +27,11 @@ + import java.io.OutputStream; + import java.io.UnsupportedEncodingException; + import java.util.ArrayList; ++import java.util.HashMap; + import java.util.Iterator; + import java.util.List; + import java.util.ListIterator; ++import java.util.Map; + import java.util.Set; + + import javax.xml.parsers.DocumentBuilderFactory; +@@ -45,7 +47,6 @@ + import com.sun.org.apache.xml.internal.security.utils.XMLUtils; + import org.w3c.dom.Attr; + import org.w3c.dom.Comment; +-import org.w3c.dom.Document; + import org.w3c.dom.Element; + import org.w3c.dom.NamedNodeMap; + import org.w3c.dom.Node; +@@ -57,6 +58,7 @@ + * Abstract base class for canonicalization algorithms. + * + * @author Christian Geuer-Pollmann ++ * @version $Revision: 1.5 $ + */ + public abstract class CanonicalizerBase extends CanonicalizerSpi { + //Constants to be outputed, In char array form, so +@@ -123,6 +125,18 @@ + return engineCanonicalizeSubTree(rootNode,(Node)null); + } + /** ++ * Method engineCanonicalizeXPathNodeSet ++ * @inheritDoc ++ * @param xpathNodeSet ++ * @throws CanonicalizationException ++ */ ++ public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet) ++ throws CanonicalizationException { ++ this._xpathNodeSet = xpathNodeSet; ++ return engineCanonicalizeXPathNodeSetInternal(XMLUtils.getOwnerDocument(this._xpathNodeSet)); ++ } ++ ++ /** + * Canonicalizes a Subtree node. + * @param input the root of the subtree to canicalize + * @return The canonicalize stream. +@@ -143,15 +157,8 @@ + return bytes; + } else if (input.isNodeSet()) { + nodeFilter=input.getNodeFilters(); +- Document doc = null; +- if (input.getSubNode() != null) { +- doc=XMLUtils.getOwnerDocument(input.getSubNode()); +- } else { +- doc=XMLUtils.getOwnerDocument(input.getNodeSet()); +- } +- if (input.isNeedsToBeExpanded()) { +- XMLUtils.circumventBug2650(doc); +- } ++ ++ circumventBugIfNeeded(input); + + if (input.getSubNode() != null) { + bytes = engineCanonicalizeXPathNodeSetInternal(input.getSubNode()); +@@ -173,6 +180,13 @@ + } + } + /** ++ * @param _writer The _writer to set. ++ */ ++ public void setWriter(OutputStream _writer) { ++ this._writer = _writer; ++ } ++ ++ /** + * Canonicalizes a Subtree node. + * + * @param rootNode +@@ -187,11 +201,13 @@ + this._excludeNode = excludeNode; + try { + NameSpaceSymbTable ns=new NameSpaceSymbTable(); ++ int nodeLevel=NODE_BEFORE_DOCUMENT_ELEMENT; + if (rootNode != null && rootNode.getNodeType() == Node.ELEMENT_NODE) { + //Fills the nssymbtable with the definitions of the parent of the root subnode + getParentNameSpaces((Element)rootNode,ns); ++ nodeLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT; + } +- this.canonicalizeSubTree(rootNode,ns,rootNode); ++ this.canonicalizeSubTree(rootNode,ns,rootNode,nodeLevel); + this._writer.close(); + if (this._writer instanceof ByteArrayOutputStream) { + byte []result=((ByteArrayOutputStream)this._writer).toByteArray(); +@@ -199,6 +215,12 @@ + ((ByteArrayOutputStream)this._writer).reset(); + } + return result; ++ } else if (this._writer instanceof UnsyncByteArrayOutputStream) { ++ byte []result=((UnsyncByteArrayOutputStream)this._writer).toByteArray(); ++ if (reset) { ++ ((UnsyncByteArrayOutputStream)this._writer).reset(); ++ } ++ return result; + } + return null; + +@@ -219,13 +241,17 @@ + * @throws CanonicalizationException + * @throws IOException + */ +- final void canonicalizeSubTree(Node currentNode, NameSpaceSymbTable ns,Node endnode) ++ final void canonicalizeSubTree(Node currentNode, NameSpaceSymbTable ns,Node endnode, ++ int documentLevel) + throws CanonicalizationException, IOException { ++ if (isVisibleInt(currentNode)==-1) ++ return; + Node sibling=null; + Node parentNode=null; + final OutputStream writer=this._writer; + final Node excludeNode=this._excludeNode; + final boolean includeComments=this._includeComments; ++ Map cache=new HashMap(); + do { + switch (currentNode.getNodeType()) { + +@@ -242,18 +268,17 @@ + case Node.DOCUMENT_FRAGMENT_NODE : + case Node.DOCUMENT_NODE : + ns.outputNodePush(); +- //currentNode = currentNode.getFirstChild(); + sibling= currentNode.getFirstChild(); + break; + + case Node.COMMENT_NODE : + if (includeComments) { +- outputCommentToWriter((Comment) currentNode, writer); ++ outputCommentToWriter((Comment) currentNode, writer, documentLevel); + } + break; + + case Node.PROCESSING_INSTRUCTION_NODE : +- outputPItoWriter((ProcessingInstruction) currentNode, writer); ++ outputPItoWriter((ProcessingInstruction) currentNode, writer, documentLevel); + break; + + case Node.TEXT_NODE : +@@ -262,6 +287,7 @@ + break; + + case Node.ELEMENT_NODE : ++ documentLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT; + if (currentNode==excludeNode) { + break; + } +@@ -270,27 +296,27 @@ + ns.outputNodePush(); + writer.write('<'); + String name=currentElement.getTagName(); +- writeStringToUtf8(name,writer); ++ UtfHelpper.writeByte(name,writer,cache); + + Iterator attrs = this.handleAttributesSubtree(currentElement,ns); + if (attrs!=null) { + //we output all Attrs which are available + while (attrs.hasNext()) { + Attr attr = (Attr) attrs.next(); +- outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer); ++ outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer,cache); + } + } + writer.write('>'); + sibling= currentNode.getFirstChild(); + if (sibling==null) { + writer.write(_END_TAG); +- writeStringToUtf8(name,writer); ++ UtfHelpper.writeStringToUtf8(name,writer); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. + ns.outputNodePop(); +- if (parentNode != null) { ++ if (parentNode != null) { + sibling= currentNode.getNextSibling(); +- } ++ } + } else { + parentNode=currentElement; + } +@@ -298,7 +324,7 @@ + } + while (sibling==null && parentNode!=null) { + writer.write(_END_TAG); +- writeStringToUtf8(((Element)parentNode).getTagName(),writer); ++ UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. + ns.outputNodePop(); +@@ -307,6 +333,7 @@ + sibling=parentNode.getNextSibling(); + parentNode=parentNode.getParentNode(); + if (parentNode !=null && parentNode.getNodeType() != Node.ELEMENT_NODE) { ++ documentLevel=NODE_AFTER_DOCUMENT_ELEMENT; + parentNode=null; + } + } +@@ -317,47 +344,8 @@ + } while(true); + } + +- /** +- * Checks whether a Comment or ProcessingInstruction is before or after the +- * document element. This is needed for prepending or appending "\n"s. +- * +- * @param currentNode comment or pi to check +- * @return NODE_BEFORE_DOCUMENT_ELEMENT, NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT or NODE_AFTER_DOCUMENT_ELEMENT +- * @see #NODE_BEFORE_DOCUMENT_ELEMENT +- * @see #NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT +- * @see #NODE_AFTER_DOCUMENT_ELEMENT +- */ +- final static int getPositionRelativeToDocumentElement(Node currentNode) { + +- if ((currentNode == null) || +- (currentNode.getParentNode().getNodeType() != Node.DOCUMENT_NODE) ) { +- return CanonicalizerBase.NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT; +- } +- Element documentElement = currentNode.getOwnerDocument().getDocumentElement(); +- if ( (documentElement == null) || (documentElement == currentNode) ){ +- return CanonicalizerBase.NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT; +- } + +- for (Node x = currentNode; x != null; x = x.getNextSibling()) { +- if (x == documentElement) { +- return CanonicalizerBase.NODE_BEFORE_DOCUMENT_ELEMENT; +- } +- } +- +- return CanonicalizerBase.NODE_AFTER_DOCUMENT_ELEMENT; +- } +- +- /** +- * Method engineCanonicalizeXPathNodeSet +- * @inheritDoc +- * @param xpathNodeSet +- * @throws CanonicalizationException +- */ +- public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet) +- throws CanonicalizationException { +- this._xpathNodeSet = xpathNodeSet; +- return engineCanonicalizeXPathNodeSetInternal(XMLUtils.getOwnerDocument(this._xpathNodeSet)); +- } + private byte[] engineCanonicalizeXPathNodeSetInternal(Node doc) + throws CanonicalizationException { + +@@ -370,6 +358,12 @@ + ((ByteArrayOutputStream)this._writer).reset(); + } + return sol; ++ } else if (this._writer instanceof UnsyncByteArrayOutputStream) { ++ byte []result=((UnsyncByteArrayOutputStream)this._writer).toByteArray(); ++ if (reset) { ++ ((UnsyncByteArrayOutputStream)this._writer).reset(); ++ } ++ return result; + } + return null; + } catch (UnsupportedEncodingException ex) { +@@ -390,11 +384,17 @@ + */ + final void canonicalizeXPathNodeSet(Node currentNode,Node endnode ) + throws CanonicalizationException, IOException { +- boolean currentNodeIsVisible = false; +- NameSpaceSymbTable ns=new NameSpaceSymbTable(); ++ if (isVisibleInt(currentNode)==-1) ++ return; ++ boolean currentNodeIsVisible = false; ++ NameSpaceSymbTable ns=new NameSpaceSymbTable(); ++ if (currentNode != null && currentNode.getNodeType() == Node.ELEMENT_NODE) ++ getParentNameSpaces((Element)currentNode,ns); + Node sibling=null; + Node parentNode=null; + OutputStream writer=this._writer; ++ int documentLevel=NODE_BEFORE_DOCUMENT_ELEMENT; ++ Map cache=new HashMap(); + do { + switch (currentNode.getNodeType()) { + +@@ -416,14 +416,14 @@ + break; + + case Node.COMMENT_NODE : +- if (this._includeComments && isVisible(currentNode)) { +- outputCommentToWriter((Comment) currentNode, writer); ++ if (this._includeComments && (isVisibleDO(currentNode,ns.getLevel())==1)) { ++ outputCommentToWriter((Comment) currentNode, writer, documentLevel); + } + break; + + case Node.PROCESSING_INSTRUCTION_NODE : + if (isVisible(currentNode)) +- outputPItoWriter((ProcessingInstruction) currentNode, writer); ++ outputPItoWriter((ProcessingInstruction) currentNode, writer, documentLevel); + break; + + case Node.TEXT_NODE : +@@ -436,12 +436,6 @@ + || (nextSibling.getNodeType() + == Node.CDATA_SECTION_NODE)); + nextSibling = nextSibling.getNextSibling()) { +- /* The XPath data model allows to select only the first of a +- * sequence of mixed text and CDATA nodes. But we must output +- * them all, so we must search: +- * +- * @see http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6329 +- */ + outputTextToWriter(nextSibling.getNodeValue(), writer); + currentNode=nextSibling; + sibling=currentNode.getNextSibling(); +@@ -451,15 +445,21 @@ + break; + + case Node.ELEMENT_NODE : ++ documentLevel=NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT; + Element currentElement = (Element) currentNode; + //Add a level to the nssymbtable. So latter can be pop-back. + String name=null; +- currentNodeIsVisible=isVisible(currentNode); ++ int i=isVisibleDO(currentNode,ns.getLevel()); ++ if (i==-1) { ++ sibling= currentNode.getNextSibling(); ++ break; ++ } ++ currentNodeIsVisible=(i==1); + if (currentNodeIsVisible) { + ns.outputNodePush(); + writer.write('<'); + name=currentElement.getTagName(); +- writeStringToUtf8(name,writer); ++ UtfHelpper.writeByte(name,writer,cache); + } else { + ns.push(); + } +@@ -469,7 +469,7 @@ + //we output all Attrs which are available + while (attrs.hasNext()) { + Attr attr = (Attr) attrs.next(); +- outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer); ++ outputAttrToWriter(attr.getNodeName(),attr.getNodeValue(), writer,cache); + } + } + if (currentNodeIsVisible) { +@@ -480,7 +480,7 @@ + if (sibling==null) { + if (currentNodeIsVisible) { + writer.write(_END_TAG); +- writeStringToUtf8(name,writer); ++ UtfHelpper.writeByte(name,writer,cache); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. + ns.outputNodePop(); +@@ -498,7 +498,7 @@ + while (sibling==null && parentNode!=null) { + if (isVisible(parentNode)) { + writer.write(_END_TAG); +- writeStringToUtf8(((Element)parentNode).getTagName(),writer); ++ UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. + ns.outputNodePop(); +@@ -511,6 +511,7 @@ + parentNode=parentNode.getParentNode(); + if (parentNode != null && parentNode.getNodeType() != Node.ELEMENT_NODE) { + parentNode=null; ++ documentLevel=NODE_AFTER_DOCUMENT_ELEMENT; + } + } + if (sibling==null) +@@ -519,12 +520,38 @@ + sibling=currentNode.getNextSibling(); + } while(true); + } ++ int isVisibleDO(Node currentNode,int level) { ++ if (nodeFilter!=null) { ++ Iterator it=nodeFilter.iterator(); ++ while (it.hasNext()) { ++ int i=((NodeFilter)it.next()).isNodeIncludeDO(currentNode,level); ++ if (i!=1) ++ return i; ++ } ++ } ++ if ((this._xpathNodeSet!=null) && !this._xpathNodeSet.contains(currentNode)) ++ return 0; ++ return 1; ++ } ++ int isVisibleInt(Node currentNode) { ++ if (nodeFilter!=null) { ++ Iterator it=nodeFilter.iterator(); ++ while (it.hasNext()) { ++ int i=((NodeFilter)it.next()).isNodeInclude(currentNode); ++ if (i!=1) ++ return i; ++ } ++ } ++ if ((this._xpathNodeSet!=null) && !this._xpathNodeSet.contains(currentNode)) ++ return 0; ++ return 1; ++ } + + boolean isVisible(Node currentNode) { + if (nodeFilter!=null) { + Iterator it=nodeFilter.iterator(); + while (it.hasNext()) { +- if (!((NodeFilter)it.next()).isNodeInclude(currentNode)) ++ if (((NodeFilter)it.next()).isNodeInclude(currentNode)!=1) + return false; + } + } +@@ -533,13 +560,36 @@ + return true; + } + ++ void handleParent(Element e,NameSpaceSymbTable ns) { ++ if (!e.hasAttributes()) { ++ return; ++ } ++ NamedNodeMap attrs = e.getAttributes(); ++ int attrsLength = attrs.getLength(); ++ for (int i = 0; i < attrsLength; i++) { ++ Attr N = (Attr) attrs.item(i); ++ if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) { ++ //Not a namespace definition, ignore. ++ continue; ++ } ++ ++ String NName=N.getLocalName(); ++ String NValue=N.getNodeValue(); ++ if (XML.equals(NName) ++ && Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) { ++ continue; ++ } ++ ns.addMapping(NName,NValue,N); ++ } ++ } ++ + /** + * Adds to ns the definitons from the parent elements of el + * @param el + * @param ns + */ +- final static void getParentNameSpaces(Element el,NameSpaceSymbTable ns) { +- List parents=new ArrayList(); ++ final void getParentNameSpaces(Element el,NameSpaceSymbTable ns) { ++ List parents=new ArrayList(10); + Node n1=el.getParentNode(); + if (n1 == null || n1.getNodeType() != Node.ELEMENT_NODE) { + return; +@@ -553,28 +603,9 @@ + //Visit them in reverse order. + ListIterator it=parents.listIterator(parents.size()); + while (it.hasPrevious()) { +- Element ele=(Element)it.previous(); +- if (!ele.hasAttributes()) { +- continue; ++ Element ele=(Element)it.previous(); ++ handleParent(ele, ns); + } +- NamedNodeMap attrs = ele.getAttributes(); +- int attrsLength = attrs.getLength(); +- for (int i = 0; i < attrsLength; i++) { +- Attr N = (Attr) attrs.item(i); +- if (!Constants.NamespaceSpecNS.equals(N.getNamespaceURI())) { +- //Not a namespace definition, ignore. +- continue; +- } +- +- String NName=N.getLocalName(); +- String NValue=N.getNodeValue(); +- if (XML.equals(NName) +- && Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) { +- continue; +- } +- ns.addMapping(NName,NValue,N); +- } +- } + Attr nsprefix; + if (((nsprefix=ns.getMappingWithoutRendered("xmlns"))!=null) + && "".equals(nsprefix.getValue())) { +@@ -582,269 +613,6 @@ + } + } + /** +- * Outputs an Attribute to the internal Writer. +- * +- * The string value of the node is modified by replacing +- *
    +- *
  • all ampersands (&) with &amp;
    • +- *
  • all open angle brackets (<) with &lt;
    • +- *
  • all quotation mark characters with &quot;
    • +- *
  • and the whitespace characters #x9, #xA, and #xD, with character +- * references. The character references are written in uppercase +- * hexadecimal with no leading zeroes (for example, #xD is represented +- * by the character reference &#xD;)
    • +- *
+- * +- * @param name +- * @param value +- * @param writer +- * @throws IOException +- */ +- static final void outputAttrToWriter(final String name, final String value, final OutputStream writer) throws IOException { +- writer.write(' '); +- writeStringToUtf8(name,writer); +- writer.write(equalsStr); +- byte []toWrite; +- final int length = value.length(); +- for (int i=0;i < length; i++) { +- char c = value.charAt(i); +- +- switch (c) { +- +- case '&' : +- toWrite=_AMP_; +- //writer.write(_AMP_); +- break; +- +- case '<' : +- toWrite=_LT_; +- //writer.write(_LT_); +- break; +- +- case '"' : +- toWrite=_QUOT_; +- //writer.write(_QUOT_); +- break; +- +- case 0x09 : // '\t' +- toWrite=__X9_; +- //writer.write(__X9_); +- break; +- +- case 0x0A : // '\n' +- toWrite=__XA_; +- //writer.write(__XA_); +- break; +- +- case 0x0D : // '\r' +- toWrite=__XD_; +- //writer.write(__XD_); +- break; +- +- default : +- writeCharToUtf8(c,writer); +- //this._writer.write(c); +- continue; +- } +- writer.write(toWrite); +- } +- +- writer.write('\"'); +- } +- +- final static void writeCharToUtf8(final char c,final OutputStream out) throws IOException{ +- char ch; +- if (/*(c >= 0x0001) &&*/ (c <= 0x007F)) { +- out.write(c); +- return; +- } +- int bias; +- int write; +- if (c > 0x07FF) { +- ch=(char)(c>>>12); +- write=0xE0; +- if (ch>0) { +- write |= ( ch & 0x0F); +- } +- out.write(write); +- write=0x80; +- bias=0x3F; +- } else { +- write=0xC0; +- bias=0x1F; +- } +- ch=(char)(c>>>6); +- if (ch>0) { +- write|= (ch & bias); +- } +- out.write(write); +- out.write(0x80 | ((c) & 0x3F)); +- +- } +- +- final static void writeStringToUtf8(final String str,final OutputStream out) throws IOException{ +- final int length=str.length(); +- int i=0; +- char c; +- while (i= 0x0001) &&*/ (c <= 0x007F)) { +- out.write(c); +- continue; +- } +- char ch; +- int bias; +- int write; +- if (c > 0x07FF) { +- ch=(char)(c>>>12); +- write=0xE0; +- if (ch>0) { +- write |= ( ch & 0x0F); +- } +- out.write(write); +- write=0x80; +- bias=0x3F; +- } else { +- write=0xC0; +- bias=0x1F; +- } +- ch=(char)(c>>>6); +- if (ch>0) { +- write|= (ch & bias); +- } +- out.write(write); +- out.write(0x80 | ((c) & 0x3F)); +- continue; +- +- } +- +- } +- /** +- * Outputs a PI to the internal Writer. +- * +- * @param currentPI +- * @param writer where to write the things +- * @throws IOException +- */ +- static final void outputPItoWriter(ProcessingInstruction currentPI, OutputStream writer) throws IOException { +- final int position = getPositionRelativeToDocumentElement(currentPI); +- +- if (position == NODE_AFTER_DOCUMENT_ELEMENT) { +- writer.write('\n'); +- } +- writer.write(_BEGIN_PI); +- +- final String target = currentPI.getTarget(); +- int length = target.length(); +- +- for (int i = 0; i < length; i++) { +- char c=target.charAt(i); +- if (c==0x0D) { +- writer.write(__XD_); +- } else { +- writeCharToUtf8(c,writer); +- } +- } +- +- final String data = currentPI.getData(); +- +- length = data.length(); +- +- if (length > 0) { +- writer.write(' '); +- +- for (int i = 0; i < length; i++) { +- char c=data.charAt(i); +- if (c==0x0D) { +- writer.write(__XD_); +- } else { +- writeCharToUtf8(c,writer); +- } +- } +- } +- +- writer.write(_END_PI); +- if (position == NODE_BEFORE_DOCUMENT_ELEMENT) { +- writer.write('\n'); +- } +- } +- +- /** +- * Method outputCommentToWriter +- * +- * @param currentComment +- * @param writer writer where to write the things +- * @throws IOException +- */ +- static final void outputCommentToWriter(Comment currentComment, OutputStream writer) throws IOException { +- final int position = getPositionRelativeToDocumentElement(currentComment); +- if (position == NODE_AFTER_DOCUMENT_ELEMENT) { +- writer.write('\n'); +- } +- writer.write(_BEGIN_COMM); +- +- final String data = currentComment.getData(); +- final int length = data.length(); +- +- for (int i = 0; i < length; i++) { +- char c=data.charAt(i); +- if (c==0x0D) { +- writer.write(__XD_); +- } else { +- writeCharToUtf8(c,writer); +- } +- } +- +- writer.write(_END_COMM); +- if (position == NODE_BEFORE_DOCUMENT_ELEMENT) { +- writer.write('\n'); +- } +- } +- +- /** +- * Outputs a Text of CDATA section to the internal Writer. +- * +- * @param text +- * @param writer writer where to write the things +- * @throws IOException +- */ +- static final void outputTextToWriter(final String text, final OutputStream writer) throws IOException { +- final int length = text.length(); +- byte []toWrite; +- for (int i = 0; i < length; i++) { +- char c = text.charAt(i); +- +- switch (c) { +- +- case '&' : +- toWrite=_AMP_; +- //writer.write(_AMP_); +- break; +- +- case '<' : +- toWrite=_LT_; +- //writer.write(_LT_); +- break; +- +- case '>' : +- toWrite=_GT_; +- //writer.write(_GT_); +- break; +- +- case 0xD : +- toWrite=__XD_; +- //writer.write(__XD_); +- break; +- +- default : +- writeCharToUtf8(c,writer); +- continue; +- } +- writer.write(toWrite); +- } +- } +- +- /** + * Obtain the attributes to output for this node in XPathNodeSet c14n. + * + * @param E +@@ -866,13 +634,207 @@ + abstract Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns) + throws CanonicalizationException; + ++ abstract void circumventBugIfNeeded(XMLSignatureInput input) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException; + ++ /** ++ * Outputs an Attribute to the internal Writer. ++ * ++ * The string value of the node is modified by replacing ++ *
    ++ *
  • all ampersands (&) with &amp;
    • ++ *
  • all open angle brackets (<) with &lt;
    • ++ *
  • all quotation mark characters with &quot;
    • ++ *
  • and the whitespace characters #x9, #xA, and #xD, with character ++ * references. The character references are written in uppercase ++ * hexadecimal with no leading zeroes (for example, #xD is represented ++ * by the character reference &#xD;)
    • ++ *
++ * ++ * @param name ++ * @param value ++ * @param writer ++ * @throws IOException ++ */ ++ static final void outputAttrToWriter(final String name, final String value, final OutputStream writer, ++ final Map cache) throws IOException { ++ writer.write(' '); ++ UtfHelpper.writeByte(name,writer,cache); ++ writer.write(equalsStr); ++ byte []toWrite; ++ final int length = value.length(); ++ int i=0; ++ while (i < length) { ++ char c = value.charAt(i++); + +- /** +- * @param _writer The _writer to set. +- */ +- public void setWriter(OutputStream _writer) { +- this._writer = _writer; +- } ++ switch (c) { ++ ++ case '&' : ++ toWrite=_AMP_; ++ break; ++ ++ case '<' : ++ toWrite=_LT_; ++ break; ++ ++ case '"' : ++ toWrite=_QUOT_; ++ break; ++ ++ case 0x09 : // '\t' ++ toWrite=__X9_; ++ break; ++ ++ case 0x0A : // '\n' ++ toWrite=__XA_; ++ break; ++ ++ case 0x0D : // '\r' ++ toWrite=__XD_; ++ break; ++ ++ default : ++ if (c < 0x80 ) { ++ writer.write(c); ++ } else { ++ UtfHelpper.writeCharToUtf8(c,writer); ++ }; ++ continue; ++ } ++ writer.write(toWrite); ++ } ++ ++ writer.write('\"'); ++ } ++ ++ /** ++ * Outputs a PI to the internal Writer. ++ * ++ * @param currentPI ++ * @param writer where to write the things ++ * @throws IOException ++ */ ++ static final void outputPItoWriter(ProcessingInstruction currentPI, OutputStream writer,int position) throws IOException { ++ ++ if (position == NODE_AFTER_DOCUMENT_ELEMENT) { ++ writer.write('\n'); ++ } ++ writer.write(_BEGIN_PI); ++ ++ final String target = currentPI.getTarget(); ++ int length = target.length(); ++ ++ for (int i = 0; i < length; i++) { ++ char c=target.charAt(i); ++ if (c==0x0D) { ++ writer.write(__XD_); ++ } else { ++ if (c < 0x80) { ++ writer.write(c); ++ } else { ++ UtfHelpper.writeCharToUtf8(c,writer); ++ }; ++ } ++ } ++ ++ final String data = currentPI.getData(); ++ ++ length = data.length(); ++ ++ if (length > 0) { ++ writer.write(' '); ++ ++ for (int i = 0; i < length; i++) { ++ char c=data.charAt(i); ++ if (c==0x0D) { ++ writer.write(__XD_); ++ } else { ++ UtfHelpper.writeCharToUtf8(c,writer); ++ } ++ } ++ } ++ ++ writer.write(_END_PI); ++ if (position == NODE_BEFORE_DOCUMENT_ELEMENT) { ++ writer.write('\n'); ++ } ++ } ++ ++ /** ++ * Method outputCommentToWriter ++ * ++ * @param currentComment ++ * @param writer writer where to write the things ++ * @throws IOException ++ */ ++ static final void outputCommentToWriter(Comment currentComment, OutputStream writer,int position) throws IOException { ++ if (position == NODE_AFTER_DOCUMENT_ELEMENT) { ++ writer.write('\n'); ++ } ++ writer.write(_BEGIN_COMM); ++ ++ final String data = currentComment.getData(); ++ final int length = data.length(); ++ ++ for (int i = 0; i < length; i++) { ++ char c=data.charAt(i); ++ if (c==0x0D) { ++ writer.write(__XD_); ++ } else { ++ if (c < 0x80) { ++ writer.write(c); ++ } else { ++ UtfHelpper.writeCharToUtf8(c,writer); ++ }; ++ } ++ } ++ ++ writer.write(_END_COMM); ++ if (position == NODE_BEFORE_DOCUMENT_ELEMENT) { ++ writer.write('\n'); ++ } ++ } ++ ++ /** ++ * Outputs a Text of CDATA section to the internal Writer. ++ * ++ * @param text ++ * @param writer writer where to write the things ++ * @throws IOException ++ */ ++ static final void outputTextToWriter(final String text, final OutputStream writer) throws IOException { ++ final int length = text.length(); ++ byte []toWrite; ++ for (int i = 0; i < length; i++) { ++ char c = text.charAt(i); ++ ++ switch (c) { ++ ++ case '&' : ++ toWrite=_AMP_; ++ break; ++ ++ case '<' : ++ toWrite=_LT_; ++ break; ++ ++ case '>' : ++ toWrite=_GT_; ++ break; ++ ++ case 0xD : ++ toWrite=__XD_; ++ break; ++ ++ default : ++ if (c < 0x80) { ++ writer.write(c); ++ } else { ++ UtfHelpper.writeCharToUtf8(c,writer); ++ }; ++ continue; ++ } ++ writer.write(toWrite); ++ } ++ } + + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java +@@ -20,16 +20,10 @@ + */ + package com.sun.org.apache.xml.internal.security.c14n.implementations; + +-import java.lang.reflect.Array; +-import java.util.AbstractList; + import java.util.ArrayList; +-import java.util.Arrays; + import java.util.Collection; +-import java.util.HashMap; + import java.util.Iterator; + import java.util.List; +-import java.util.Map; +- + + + import org.w3c.dom.Attr; +@@ -46,21 +40,26 @@ + public class NameSpaceSymbTable { + + /**The map betwen prefix-> entry table. */ +- SymbMap symb = new SymbMap(); ++ SymbMap symb; + /**The level of nameSpaces (for Inclusive visibility).*/ + int nameSpaces=0; + /**The stacks for removing the definitions when doing pop.*/ +- List level = new ArrayList(); ++ List level; + boolean cloned=true; + static final String XMLNS="xmlns"; ++ final static SymbMap initialMap=new SymbMap(); ++ static { ++ NameSpaceSymbEntry ne=new NameSpaceSymbEntry("",null,true,XMLNS); ++ ne.lastrendered=""; ++ initialMap.put(XMLNS,ne); ++ } + /** + * Default constractor + **/ + public NameSpaceSymbTable() { ++ level = new ArrayList(10); + //Insert the default binding for xmlns. +- NameSpaceSymbEntry ne=new NameSpaceSymbEntry("",null,true); +- ne.lastrendered=""; +- symb.put(XMLNS,ne); ++ symb=(SymbMap) initialMap.clone(); + } + + /** +@@ -75,8 +74,14 @@ + NameSpaceSymbEntry n=(NameSpaceSymbEntry)(it.next()); + //put them rendered? + if ((!n.rendered) && (n.n!=null)) { ++ n=(NameSpaceSymbEntry) n.clone(); ++ needsClone(); ++ symb.put(n.prefix,n); ++ n.lastrendered=n.uri; ++ n.rendered=true; ++ + result.add(n.n); +- n.rendered=true; ++ + } + } + } +@@ -104,10 +109,6 @@ + **/ + public void push() { + //Put the number of namespace definitions in the stack. +- /**if (cloned) { +- Object ob[]= {symb,cloned ? symb : null}; +- level.add(ob); +- } **/ + level.add(null); + cloned=false; + } +@@ -124,7 +125,7 @@ + if (size==0) { + cloned=false; + } else +- cloned=(level.get(size-1)!=symb); ++ cloned=(level.get(size-1)!=symb); + } else { + cloned=false; + } +@@ -134,8 +135,7 @@ + + final void needsClone() { + if (!cloned) { +- level.remove(level.size()-1); +- level.add(symb); ++ level.set(level.size()-1,symb); + symb=(SymbMap) symb.clone(); + cloned=true; + } +@@ -200,7 +200,7 @@ + return false; + } + //Creates and entry in the table for this new definition. +- NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,false); ++ NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,false,prefix); + needsClone(); + symb.put(prefix, ne); + if (ob != null) { +@@ -238,7 +238,7 @@ + return null; + } + +- NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true); ++ NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true,prefix); + ne.lastrendered=uri; + needsClone(); + symb.put(prefix, ne); +@@ -251,53 +251,38 @@ + } + return ne.n; + } +- /** +- * Adds & gets(if needed) the attribute node that defines the binding for the prefix. +- * Take on account if the rules of rendering in the inclusive c14n. +- * For inclusive c14n. +- * @param prefix the prefix to obtain the attribute. +- * @param outputNode the container element is an output element. +- * @param uri the Uri of the definition +- * @param n the attribute that have the definition +- * @return null if there is no need to render the prefix. Otherwise the node of +- * definition. +- **/ +- public Node addMappingAndRenderXNodeSet(String prefix, String uri,Attr n,boolean outputNode) { ++ ++ public int getLevel() { ++ // TODO Auto-generated method stub ++ return level.size(); ++ } ++ ++ public void removeMapping(String prefix) { + NameSpaceSymbEntry ob = symb.get(prefix); +- int visibleNameSpaces=nameSpaces; +- if ((ob!=null) && uri.equals(ob.uri)) { +- if (!ob.rendered) { +- ob=(NameSpaceSymbEntry)ob.clone(); +- needsClone(); +- symb.put(prefix,ob); +- ob.rendered=true; +- ob.level=visibleNameSpaces; +- return ob.n; +- } +- ob=(NameSpaceSymbEntry)ob.clone(); ++ ++ if (ob!=null) { + needsClone(); +- symb.put(prefix,ob); +- if (outputNode && (((visibleNameSpaces-ob.level)<2) || XMLNS.equals(prefix)) ) { +- ob.level=visibleNameSpaces; +- return null; //Already rendered, just return nulll +- } +- ob.level=visibleNameSpaces; +- return ob.n; +- } ++ symb.put(prefix,null); ++ } ++ } + +- NameSpaceSymbEntry ne=new NameSpaceSymbEntry(uri,n,true); +- ne.level=nameSpaces; +- ne.rendered=true; +- needsClone(); +- symb.put(prefix, ne); +- if (ob != null) { +- ne.lastrendered=ob.lastrendered; ++ public void removeMappingIfNotRender(String prefix) { ++ NameSpaceSymbEntry ob = symb.get(prefix); + +- if ((ob.lastrendered!=null)&& (ob.lastrendered.equals(uri))) { +- ne.rendered=true; +- } +- } +- return ne.n; ++ if (ob!=null && !ob.rendered) { ++ needsClone(); ++ symb.put(prefix,null); ++ } ++ } ++ ++ public boolean removeMappingIfRender(String prefix) { ++ NameSpaceSymbEntry ob = symb.get(prefix); ++ ++ if (ob!=null && ob.rendered) { ++ needsClone(); ++ symb.put(prefix,null); ++ } ++ return false; + } + } + +@@ -305,10 +290,11 @@ + * The internal structure of NameSpaceSymbTable. + **/ + class NameSpaceSymbEntry implements Cloneable { +- NameSpaceSymbEntry(String name,Attr n,boolean rendered) { ++ NameSpaceSymbEntry(String name,Attr n,boolean rendered,String prefix) { + this.uri=name; + this.rendered=rendered; + this.n=n; ++ this.prefix=prefix; + } + /** @inheritDoc */ + public Object clone() { +@@ -320,6 +306,7 @@ + } + /** The level where the definition was rendered(Only for inclusive) */ + int level=0; ++ String prefix; + /**The URI that the prefix defines */ + String uri; + /**The last output in the URI for this prefix (This for speed reason).*/ +@@ -330,53 +317,57 @@ + Attr n; + }; + +-class SymbMap implements Cloneable{ +- int free=23; +- NameSpaceSymbEntry[] entries=new NameSpaceSymbEntry[free]; +- String[] keys=new String[free]; +- +- void put(String key, NameSpaceSymbEntry value) { ++class SymbMap implements Cloneable { ++ int free=23; ++ NameSpaceSymbEntry[] entries; ++ String[] keys; ++ SymbMap() { ++ entries=new NameSpaceSymbEntry[free]; ++ keys=new String[free]; ++ } ++ void put(String key, NameSpaceSymbEntry value) { + int index = index(key); +- Object oldKey = keys[index]; +- keys[index] = key; +- entries[index] = value; ++ Object oldKey = keys[index]; ++ keys[index] = key; ++ entries[index] = value; + if (oldKey==null || !oldKey.equals(key)) { +- if (--free == 0) { +- free=entries.length; +- int newCapacity = free<<2; +- rehash(newCapacity); +- } ++ if (--free == 0) { ++ free=entries.length; ++ int newCapacity = free<<2; ++ rehash(newCapacity); ++ } + } + } + + List entrySet() { +- List a=new ArrayList(); +- for (int i=0;iint value +@@ -384,37 +375,38 @@ + protected void rehash(int newCapacity) { + int oldCapacity = keys.length; + String oldKeys[] = keys; +- NameSpaceSymbEntry oldVals[] = entries; ++ NameSpaceSymbEntry oldVals[] = entries; + +- keys = new String[newCapacity]; +- entries = new NameSpaceSymbEntry[newCapacity]; ++ keys = new String[newCapacity]; ++ entries = new NameSpaceSymbEntry[newCapacity]; + + for (int i = oldCapacity; i-- > 0;) { + if(oldKeys[i] != null) { + String o = oldKeys[i]; + int index = index(o); +- keys[index] = o; +- entries[index] = oldVals[i]; ++ keys[index] = o; ++ entries[index] = oldVals[i]; + } + } + } +- NameSpaceSymbEntry get(String key) { +- return entries[index(key)]; +- } +- protected Object clone() { +- // TODO Auto-generated method stub +- try { +- SymbMap copy=(SymbMap) super.clone(); +- copy.entries=new NameSpaceSymbEntry[entries.length]; +- System.arraycopy(entries,0,copy.entries,0,entries.length); +- copy.keys=new String[keys.length]; +- System.arraycopy(keys,0,copy.keys,0,keys.length); + +- return copy; +- } catch (CloneNotSupportedException e) { +- // TODO Auto-generated catch block +- e.printStackTrace(); +- } +- return null; ++ NameSpaceSymbEntry get(String key) { ++ return entries[index(key)]; ++ } ++ ++ protected Object clone() { ++ try { ++ SymbMap copy=(SymbMap) super.clone(); ++ copy.entries=new NameSpaceSymbEntry[entries.length]; ++ System.arraycopy(entries,0,copy.entries,0,entries.length); ++ copy.keys=new String[keys.length]; ++ System.arraycopy(keys,0,copy.keys,0,keys.length); ++ ++ return copy; ++ } catch (CloneNotSupportedException e) { ++ // TODO Auto-generated catch block ++ e.printStackTrace(); + } ++ return null; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java +@@ -0,0 +1,155 @@ ++package com.sun.org.apache.xml.internal.security.c14n.implementations; ++ ++import java.io.IOException; ++import java.io.OutputStream; ++import java.util.Map; ++ ++public class UtfHelpper { ++ ++ final static void writeByte(final String str,final OutputStream out,Map cache) throws IOException { ++ byte []result=(byte[]) cache.get(str); ++ if (result==null) { ++ result=getStringInUtf8(str); ++ cache.put(str,result); ++ } ++ ++ out.write(result); ++ ++ } ++ ++ final static void writeCharToUtf8(final char c,final OutputStream out) throws IOException{ ++ if (c < 0x80) { ++ out.write(c); ++ return; ++ } ++ if ((c >= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){ ++ //No Surrogates in sun java ++ out.write(0x3f); ++ return; ++ } ++ int bias; ++ int write; ++ char ch; ++ if (c > 0x07FF) { ++ ch=(char)(c>>>12); ++ write=0xE0; ++ if (ch>0) { ++ write |= ( ch & 0x0F); ++ } ++ out.write(write); ++ write=0x80; ++ bias=0x3F; ++ } else { ++ write=0xC0; ++ bias=0x1F; ++ } ++ ch=(char)(c>>>6); ++ if (ch>0) { ++ write|= (ch & bias); ++ } ++ out.write(write); ++ out.write(0x80 | ((c) & 0x3F)); ++ ++ } ++ ++ final static void writeStringToUtf8(final String str,final OutputStream out) throws IOException{ ++ final int length=str.length(); ++ int i=0; ++ char c; ++ while (i= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){ ++ //No Surrogates in sun java ++ out.write(0x3f); ++ continue; ++ } ++ char ch; ++ int bias; ++ int write; ++ if (c > 0x07FF) { ++ ch=(char)(c>>>12); ++ write=0xE0; ++ if (ch>0) { ++ write |= ( ch & 0x0F); ++ } ++ out.write(write); ++ write=0x80; ++ bias=0x3F; ++ } else { ++ write=0xC0; ++ bias=0x1F; ++ } ++ ch=(char)(c>>>6); ++ if (ch>0) { ++ write|= (ch & bias); ++ } ++ out.write(write); ++ out.write(0x80 | ((c) & 0x3F)); ++ ++ } ++ ++ } ++ public final static byte[] getStringInUtf8(final String str) { ++ final int length=str.length(); ++ boolean expanded=false; ++ byte []result=new byte[length]; ++ int i=0; ++ int out=0; ++ char c; ++ while (i= 0xD800 && c <= 0xDBFF) || (c >= 0xDC00 && c <= 0xDFFF) ){ ++ //No Surrogates in sun java ++ result[out++]=0x3f; ++ ++ continue; ++ } ++ if (!expanded) { ++ byte newResult[]=new byte[3*length]; ++ System.arraycopy(result, 0, newResult, 0, out); ++ result=newResult; ++ expanded=true; ++ } ++ char ch; ++ int bias; ++ byte write; ++ if (c > 0x07FF) { ++ ch=(char)(c>>>12); ++ write=(byte)0xE0; ++ if (ch>0) { ++ write |= ( ch & 0x0F); ++ } ++ result[out++]=write; ++ write=(byte)0x80; ++ bias=0x3F; ++ } else { ++ write=(byte)0xC0; ++ bias=0x1F; ++ } ++ ch=(char)(c>>>6); ++ if (ch>0) { ++ write|= (ch & bias); ++ } ++ result[out++]=write; ++ result[out++]=(byte)(0x80 | ((c) & 0x3F));/**/ ++ ++ } ++ if (expanded) { ++ byte newResult[]=new byte[out]; ++ System.arraycopy(result, 0, newResult, 0, out); ++ result=newResult; ++ } ++ return result; ++ } ++ ++ ++ ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java b/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java +@@ -22,6 +22,7 @@ + + + import java.io.ByteArrayOutputStream; ++import java.io.InputStream; + import java.io.IOException; + import java.io.StringReader; + import java.io.UnsupportedEncodingException; +@@ -30,6 +31,7 @@ + import java.security.Key; + import java.security.NoSuchAlgorithmException; + import java.security.NoSuchProviderException; ++import java.util.HashMap; + import java.util.Iterator; + import java.util.LinkedList; + import java.util.List; +@@ -204,7 +206,7 @@ + * @since 1.0. + */ + private XMLCipher() { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Constructing XMLCipher..."); ++ logger.log(java.util.logging.Level.FINE, "Constructing XMLCipher..."); + + _factory = new Factory(); + _serializer = new Serializer(); +@@ -266,7 +268,7 @@ + public static XMLCipher getInstance(String transformation) throws + XMLEncryptionException { + // sanity checks +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Getting XMLCipher..."); ++ logger.log(java.util.logging.Level.FINE, "Getting XMLCipher..."); + if (null == transformation) + logger.log(java.util.logging.Level.SEVERE, "Transformation unexpectedly null..."); + if(!isValidEncryptionAlgorithm(transformation)) +@@ -294,7 +296,7 @@ + + try { + instance._contextCipher = Cipher.getInstance(jceAlgorithm); +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "cihper.algoritm = " + ++ logger.log(java.util.logging.Level.FINE, "cihper.algoritm = " + + instance._contextCipher.getAlgorithm()); + } catch (NoSuchAlgorithmException nsae) { + throw new XMLEncryptionException("empty", nsae); +@@ -305,49 +307,6 @@ + return (instance); + } + +- public static XMLCipher getInstance(String transformation,Cipher cipher) throws +- XMLEncryptionException { +- // sanity checks +- logger.log(java.util.logging.Level.FINE, "Getting XMLCipher..."); +- if (null == transformation) +- logger.log(java.util.logging.Level.SEVERE, "Transformation unexpectedly null..."); +- if(!isValidEncryptionAlgorithm(transformation)) +- logger.log(java.util.logging.Level.WARNING, "Algorithm non-standard, expected one of " + ENC_ALGORITHMS); +- +- XMLCipher instance = new XMLCipher(); +- +- instance._algorithm = transformation; +- instance._key = null; +- instance._kek = null; +- +- +- /* Create a canonicaliser - used when serialising DOM to octets +- * prior to encryption (and for the reverse) */ +- +- try { +- instance._canon = Canonicalizer.getInstance +- (Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS); +- +- } catch (InvalidCanonicalizerException ice) { +- throw new XMLEncryptionException("empty", ice); +- } +- +- String jceAlgorithm = JCEMapper.translateURItoJCEID(transformation); +- +- try { +- instance._contextCipher = cipher; +- //Cipher.getInstance(jceAlgorithm); +- logger.log(java.util.logging.Level.FINE, "cihper.algoritm = " + +- instance._contextCipher.getAlgorithm()); +- }catch(Exception ex) { +- throw new XMLEncryptionException("empty", ex); +- } +- +- return (instance); +- } +- +- +- + /** + * Returns an XMLCipher that implements the specified + * transformation, operates on the specified context document and serializes +@@ -380,6 +339,45 @@ + return instance; + } + ++ public static XMLCipher getInstance(String transformation,Cipher cipher) throws XMLEncryptionException { ++ // sanity checks ++ logger.log(java.util.logging.Level.FINE, "Getting XMLCipher..."); ++ if (null == transformation) ++ logger.log(java.util.logging.Level.SEVERE, "Transformation unexpectedly null..."); ++ if(!isValidEncryptionAlgorithm(transformation)) ++ logger.log(java.util.logging.Level.WARNING, "Algorithm non-standard, expected one of " + ENC_ALGORITHMS); ++ ++ XMLCipher instance = new XMLCipher(); ++ ++ instance._algorithm = transformation; ++ instance._key = null; ++ instance._kek = null; ++ ++ ++ /* Create a canonicaliser - used when serialising DOM to octets ++ * prior to encryption (and for the reverse) */ ++ ++ try { ++ instance._canon = Canonicalizer.getInstance ++ (Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS); ++ ++ } catch (InvalidCanonicalizerException ice) { ++ throw new XMLEncryptionException("empty", ice); ++ } ++ ++ String jceAlgorithm = JCEMapper.translateURItoJCEID(transformation); ++ ++ try { ++ instance._contextCipher = cipher; ++ //Cipher.getInstance(jceAlgorithm); ++ logger.log(java.util.logging.Level.FINE, "cihper.algoritm = " + ++ instance._contextCipher.getAlgorithm()); ++ }catch(Exception ex) { ++ throw new XMLEncryptionException("empty", ex); ++ } ++ ++ return (instance); ++ } + + /** + * Returns an XMLCipher that implements the specified +@@ -396,7 +394,7 @@ + public static XMLCipher getProviderInstance(String transformation, String provider) + throws XMLEncryptionException { + // sanity checks +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Getting XMLCipher..."); ++ logger.log(java.util.logging.Level.FINE, "Getting XMLCipher..."); + if (null == transformation) + logger.log(java.util.logging.Level.SEVERE, "Transformation unexpectedly null..."); + if(null == provider) +@@ -429,9 +427,9 @@ + + instance._contextCipher = Cipher.getInstance(jceAlgorithm, provider); + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "cipher._algorithm = " + ++ logger.log(java.util.logging.Level.FINE, "cipher._algorithm = " + + instance._contextCipher.getAlgorithm()); +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "provider.name = " + provider); ++ logger.log(java.util.logging.Level.FINE, "provider.name = " + provider); + } catch (NoSuchAlgorithmException nsae) { + throw new XMLEncryptionException("empty", nsae); + } catch (NoSuchProviderException nspre) { +@@ -490,7 +488,7 @@ + public static XMLCipher getInstance() + throws XMLEncryptionException { + // sanity checks +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Getting XMLCipher for no transformation..."); ++ logger.log(java.util.logging.Level.FINE, "Getting XMLCipher for no transformation..."); + + XMLCipher instance = new XMLCipher(); + +@@ -532,7 +530,7 @@ + throws XMLEncryptionException { + // sanity checks + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Getting XMLCipher, provider but no transformation"); ++ logger.log(java.util.logging.Level.FINE, "Getting XMLCipher, provider but no transformation"); + if(null == provider) + logger.log(java.util.logging.Level.SEVERE, "Provider unexpectedly null.."); + if("" == provider) +@@ -578,7 +576,7 @@ + */ + public void init(int opmode, Key key) throws XMLEncryptionException { + // sanity checks +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Initializing XMLCipher..."); ++ logger.log(java.util.logging.Level.FINE, "Initializing XMLCipher..."); + + _ek = null; + _ed = null; +@@ -586,18 +584,18 @@ + switch (opmode) { + + case ENCRYPT_MODE : +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "opmode = ENCRYPT_MODE"); ++ logger.log(java.util.logging.Level.FINE, "opmode = ENCRYPT_MODE"); + _ed = createEncryptedData(CipherData.VALUE_TYPE, "NO VALUE YET"); + break; + case DECRYPT_MODE : +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "opmode = DECRYPT_MODE"); ++ logger.log(java.util.logging.Level.FINE, "opmode = DECRYPT_MODE"); + break; + case WRAP_MODE : +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "opmode = WRAP_MODE"); ++ logger.log(java.util.logging.Level.FINE, "opmode = WRAP_MODE"); + _ek = createEncryptedKey(CipherData.VALUE_TYPE, "NO VALUE YET"); + break; + case UNWRAP_MODE : +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "opmode = UNWRAP_MODE"); ++ logger.log(java.util.logging.Level.FINE, "opmode = UNWRAP_MODE"); + break; + default : + logger.log(java.util.logging.Level.SEVERE, "Mode unexpectedly invalid"); +@@ -622,7 +620,7 @@ + public EncryptedData getEncryptedData() { + + // Sanity checks +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Returning EncryptedData"); ++ logger.log(java.util.logging.Level.FINE, "Returning EncryptedData"); + return _ed; + + } +@@ -640,7 +638,7 @@ + public EncryptedKey getEncryptedKey() { + + // Sanity checks +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Returning EncryptedKey"); ++ logger.log(java.util.logging.Level.FINE, "Returning EncryptedKey"); + return _ek; + } + +@@ -750,11 +748,11 @@ + */ + + private Document encryptElement(Element element) throws Exception{ +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypting element..."); ++ logger.log(java.util.logging.Level.FINE, "Encrypting element..."); + if(null == element) + logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null..."); + if(_cipherMode != ENCRYPT_MODE) +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE..."); ++ logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE..."); + + if (_algorithm == null) { + throw new XMLEncryptionException("XMLCipher instance without transformation specified"); +@@ -785,11 +783,11 @@ + */ + private Document encryptElementContent(Element element) throws + /* XMLEncryption */Exception { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypting element content..."); ++ logger.log(java.util.logging.Level.FINE, "Encrypting element content..."); + if(null == element) + logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null..."); + if(_cipherMode != ENCRYPT_MODE) +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE..."); ++ logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE..."); + + if (_algorithm == null) { + throw new XMLEncryptionException("XMLCipher instance without transformation specified"); +@@ -815,7 +813,7 @@ + */ + public Document doFinal(Document context, Document source) throws + /* XMLEncryption */Exception { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Processing source document..."); ++ logger.log(java.util.logging.Level.FINE, "Processing source document..."); + if(null == context) + logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); + if(null == source) +@@ -855,7 +853,7 @@ + */ + public Document doFinal(Document context, Element element) throws + /* XMLEncryption */Exception { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Processing source element..."); ++ logger.log(java.util.logging.Level.FINE, "Processing source element..."); + if(null == context) + logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); + if(null == element) +@@ -898,7 +896,7 @@ + */ + public Document doFinal(Document context, Element element, boolean content) + throws /* XMLEncryption*/ Exception { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Processing source element..."); ++ logger.log(java.util.logging.Level.FINE, "Processing source element..."); + if(null == context) + logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); + if(null == element) +@@ -954,6 +952,34 @@ + + /** + * Returns an EncryptedData interface. Use this operation if ++ * you want to have full control over the serialization of the element ++ * or element content. ++ * ++ * This does not change the source document in any way. ++ * ++ * @param context the context Document. ++ * @param type a URI identifying type information about the plaintext form ++ * of the encrypted content (may be null) ++ * @param serializedData the serialized data ++ * @return the EncryptedData ++ * @throws Exception ++ */ ++ public EncryptedData encryptData(Document context, String type, ++ InputStream serializedData) throws Exception { ++ ++ logger.log(java.util.logging.Level.FINE, "Encrypting element..."); ++ if (null == context) ++ logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); ++ if (null == serializedData) ++ logger.log(java.util.logging.Level.SEVERE, "Serialized data unexpectedly null..."); ++ if (_cipherMode != ENCRYPT_MODE) ++ logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE..."); ++ ++ return encryptData(context, null, type, serializedData); ++ } ++ ++ /** ++ * Returns an EncryptedData interface. Use this operation if + * you want to have full control over the contents of the + * EncryptedData structure. + * +@@ -966,160 +992,60 @@ + * @return the EncryptedData + * @throws Exception + */ +- public EncryptedData encryptData(Document context, Element element, boolean contentMode) throws +- /* XMLEncryption */ Exception { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypting element..."); +- if (null == context) +- logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); +- if (null == element) +- logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null..."); +- if (_cipherMode != ENCRYPT_MODE) +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE..."); +- +- _contextDocument = context; +- +- if (_algorithm == null) { +- throw new XMLEncryptionException("XMLCipher instance without transformation specified"); +- } +- +- String serializedOctets = null; +- if (contentMode) { +- NodeList children = element.getChildNodes(); +- if ((null != children)) { +- serializedOctets = _serializer.serialize(children); +- } else { +- Object exArgs[] = { "Element has no content." }; +- throw new XMLEncryptionException("empty", exArgs); +- } +- } else { +- serializedOctets = _serializer.serialize(element); +- } +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Serialized octets:\n" + serializedOctets); +- +- byte[] encryptedBytes = null; +- +- // Now create the working cipher if none was created already +- Cipher c; +- if (_contextCipher == null) { +- String jceAlgorithm = +- JCEMapper.translateURItoJCEID(_algorithm); +- +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "alg = " + jceAlgorithm); +- +- try { +- if (_requestedJCEProvider == null) +- c = Cipher.getInstance(jceAlgorithm); +- else +- c = Cipher.getInstance(jceAlgorithm, _requestedJCEProvider); +- } catch (NoSuchAlgorithmException nsae) { +- throw new XMLEncryptionException("empty", nsae); +- } catch (NoSuchProviderException nspre) { +- throw new XMLEncryptionException("empty", nspre); +- } catch (NoSuchPaddingException nspae) { +- throw new XMLEncryptionException("empty", nspae); +- } +- } +- else { +- c = _contextCipher; +- } +- // Now perform the encryption +- +- try { +- // Should internally generate an IV +- // todo - allow user to set an IV +- c.init(_cipherMode, _key); +- } catch (InvalidKeyException ike) { +- throw new XMLEncryptionException("empty", ike); +- } +- +- try { +- encryptedBytes = +- c.doFinal(serializedOctets.getBytes("UTF-8")); +- +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Expected cipher.outputSize = " + +- Integer.toString(c.getOutputSize( +- serializedOctets.getBytes().length))); +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Actual cipher.outputSize = " + +- Integer.toString(encryptedBytes.length)); +- } catch (IllegalStateException ise) { +- throw new XMLEncryptionException("empty", ise); +- } catch (IllegalBlockSizeException ibse) { +- throw new XMLEncryptionException("empty", ibse); +- } catch (BadPaddingException bpe) { +- throw new XMLEncryptionException("empty", bpe); +- } catch (UnsupportedEncodingException uee) { +- throw new XMLEncryptionException("empty", uee); +- } +- +- // Now build up to a properly XML Encryption encoded octet stream +- // IvParameterSpec iv; +- +- byte[] iv = c.getIV(); +- byte[] finalEncryptedBytes = +- new byte[iv.length + encryptedBytes.length]; +- System.arraycopy(iv, 0, finalEncryptedBytes, 0, +- iv.length); +- System.arraycopy(encryptedBytes, 0, finalEncryptedBytes, +- iv.length, +- encryptedBytes.length); +- +- String base64EncodedEncryptedOctets = Base64.encode(finalEncryptedBytes); +- +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets); +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypted octets length = " + +- base64EncodedEncryptedOctets.length()); +- +- try { +- CipherData cd = _ed.getCipherData(); +- CipherValue cv = cd.getCipherValue(); +- // cv.setValue(base64EncodedEncryptedOctets.getBytes()); +- cv.setValue(base64EncodedEncryptedOctets); +- +- if (contentMode) { +- _ed.setType( +- new URI(EncryptionConstants.TYPE_CONTENT).toString()); +- } else { +- _ed.setType( +- new URI(EncryptionConstants.TYPE_ELEMENT).toString()); +- } +- EncryptionMethod method = +- _factory.newEncryptionMethod(new URI(_algorithm).toString()); +- _ed.setEncryptionMethod(method); +- } catch (URI.MalformedURIException mfue) { +- throw new XMLEncryptionException("empty", mfue); +- } +- return (_ed); +- } +- +- +- +- public EncryptedData encryptData(Document context, byte [] serializedOctets, boolean contentMode) throws +- /* XMLEncryption */ Exception { ++ public EncryptedData encryptData( ++ Document context, Element element, boolean contentMode) ++ throws /* XMLEncryption */ Exception { ++ + logger.log(java.util.logging.Level.FINE, "Encrypting element..."); + if (null == context) + logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); +- if (null == serializedOctets) +- logger.log(java.util.logging.Level.SEVERE, "Canonicalized Data is unexpectedly null..."); ++ if (null == element) ++ logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null..."); + if (_cipherMode != ENCRYPT_MODE) + logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in ENCRYPT_MODE..."); + ++ if (contentMode) { ++ return encryptData ++ (context, element, EncryptionConstants.TYPE_CONTENT, null); ++ } else { ++ return encryptData ++ (context, element, EncryptionConstants.TYPE_ELEMENT, null); ++ } ++ } ++ ++ private EncryptedData encryptData( ++ Document context, Element element, String type, ++ InputStream serializedData) throws /* XMLEncryption */ Exception { ++ + _contextDocument = context; + + if (_algorithm == null) { +- throw new XMLEncryptionException("XMLCipher instance without transformation specified"); ++ throw new XMLEncryptionException ++ ("XMLCipher instance without transformation specified"); + } + +- +- logger.log(java.util.logging.Level.FINE, "Serialized octets:\n" + serializedOctets); ++ String serializedOctets = null; ++ if (serializedData == null) { ++ if (type == EncryptionConstants.TYPE_CONTENT) { ++ NodeList children = element.getChildNodes(); ++ if (null != children) { ++ serializedOctets = _serializer.serialize(children); ++ } else { ++ Object exArgs[] = { "Element has no content." }; ++ throw new XMLEncryptionException("empty", exArgs); ++ } ++ } else { ++ serializedOctets = _serializer.serialize(element); ++ } ++ logger.log(java.util.logging.Level.FINE, "Serialized octets:\n" + serializedOctets); ++ } + + byte[] encryptedBytes = null; + + // Now create the working cipher if none was created already + Cipher c; + if (_contextCipher == null) { +- String jceAlgorithm = +- JCEMapper.translateURItoJCEID(_algorithm); +- ++ String jceAlgorithm = JCEMapper.translateURItoJCEID(_algorithm); + logger.log(java.util.logging.Level.FINE, "alg = " + jceAlgorithm); + + try { +@@ -1148,41 +1074,47 @@ + } + + try { +- encryptedBytes = +- c.doFinal(serializedOctets); +- +- logger.log(java.util.logging.Level.FINE, "Expected cipher.outputSize = " + ++ if (serializedData != null) { ++ int numBytes; ++ byte[] buf = new byte[8192]; ++ ByteArrayOutputStream baos = new ByteArrayOutputStream(); ++ while ((numBytes = serializedData.read(buf)) != -1) { ++ byte[] data = c.update(buf, 0, numBytes); ++ baos.write(data); ++ } ++ baos.write(c.doFinal()); ++ encryptedBytes = baos.toByteArray(); ++ } else { ++ encryptedBytes = c.doFinal(serializedOctets.getBytes("UTF-8")); ++ logger.log(java.util.logging.Level.FINE, "Expected cipher.outputSize = " + + Integer.toString(c.getOutputSize( +- serializedOctets.length))); ++ serializedOctets.getBytes().length))); ++ } + logger.log(java.util.logging.Level.FINE, "Actual cipher.outputSize = " + +- Integer.toString(encryptedBytes.length)); ++ Integer.toString(encryptedBytes.length)); + } catch (IllegalStateException ise) { + throw new XMLEncryptionException("empty", ise); + } catch (IllegalBlockSizeException ibse) { + throw new XMLEncryptionException("empty", ibse); + } catch (BadPaddingException bpe) { + throw new XMLEncryptionException("empty", bpe); +- } catch (Exception uee) { ++ } catch (UnsupportedEncodingException uee) { + throw new XMLEncryptionException("empty", uee); + } + + // Now build up to a properly XML Encryption encoded octet stream + // IvParameterSpec iv; +- + byte[] iv = c.getIV(); + byte[] finalEncryptedBytes = + new byte[iv.length + encryptedBytes.length]; +- System.arraycopy(iv, 0, finalEncryptedBytes, 0, +- iv.length); +- System.arraycopy(encryptedBytes, 0, finalEncryptedBytes, +- iv.length, +- encryptedBytes.length); +- ++ System.arraycopy(iv, 0, finalEncryptedBytes, 0, iv.length); ++ System.arraycopy(encryptedBytes, 0, finalEncryptedBytes, iv.length, ++ encryptedBytes.length); + String base64EncodedEncryptedOctets = Base64.encode(finalEncryptedBytes); + + logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets); + logger.log(java.util.logging.Level.FINE, "Encrypted octets length = " + +- base64EncodedEncryptedOctets.length()); ++ base64EncodedEncryptedOctets.length()); + + try { + CipherData cd = _ed.getCipherData(); +@@ -1190,15 +1122,11 @@ + // cv.setValue(base64EncodedEncryptedOctets.getBytes()); + cv.setValue(base64EncodedEncryptedOctets); + +- if (contentMode) { +- _ed.setType( +- new URI(EncryptionConstants.TYPE_CONTENT).toString()); +- } else { +- _ed.setType( +- new URI(EncryptionConstants.TYPE_ELEMENT).toString()); ++ if (type != null) { ++ _ed.setType(new URI(type).toString()); + } + EncryptionMethod method = +- _factory.newEncryptionMethod(new URI(_algorithm).toString()); ++ _factory.newEncryptionMethod(new URI(_algorithm).toString()); + _ed.setEncryptionMethod(method); + } catch (URI.MalformedURIException mfue) { + throw new XMLEncryptionException("empty", mfue); +@@ -1206,7 +1134,6 @@ + return (_ed); + } + +- + /** + * Returns an EncryptedData interface. Use this operation if + * you want to load an EncryptedData structure from a DOM +@@ -1219,7 +1146,7 @@ + */ + public EncryptedData loadEncryptedData(Document context, Element element) + throws XMLEncryptionException { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Loading encrypted element..."); ++ logger.log(java.util.logging.Level.FINE, "Loading encrypted element..."); + if(null == context) + logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); + if(null == element) +@@ -1246,13 +1173,13 @@ + + public EncryptedKey loadEncryptedKey(Document context, Element element) + throws XMLEncryptionException { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Loading encrypted key..."); ++ logger.log(java.util.logging.Level.FINE, "Loading encrypted key..."); + if(null == context) + logger.log(java.util.logging.Level.SEVERE, "Context document unexpectedly null..."); + if(null == element) + logger.log(java.util.logging.Level.SEVERE, "Element unexpectedly null..."); + if(_cipherMode != UNWRAP_MODE && _cipherMode != DECRYPT_MODE) +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in UNWRAP_MODE or DECRYPT_MODE..."); ++ logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in UNWRAP_MODE or DECRYPT_MODE..."); + + _contextDocument = context; + _ek = _factory.newEncryptedKey(element); +@@ -1290,12 +1217,12 @@ + public EncryptedKey encryptKey(Document doc, Key key) throws + XMLEncryptionException { + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypting key ..."); ++ logger.log(java.util.logging.Level.FINE, "Encrypting key ..."); + + if(null == key) + logger.log(java.util.logging.Level.SEVERE, "Key unexpectedly null..."); + if(_cipherMode != WRAP_MODE) +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in WRAP_MODE..."); ++ logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in WRAP_MODE..."); + + if (_algorithm == null) { + +@@ -1313,7 +1240,7 @@ + String jceAlgorithm = + JCEMapper.translateURItoJCEID(_algorithm); + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "alg = " + jceAlgorithm); ++ logger.log(java.util.logging.Level.FINE, "alg = " + jceAlgorithm); + + try { + if (_requestedJCEProvider == null) +@@ -1345,8 +1272,8 @@ + + String base64EncodedEncryptedOctets = Base64.encode(encryptedBytes); + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypted key octets:\n" + base64EncodedEncryptedOctets); +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypted key octets length = " + ++ logger.log(java.util.logging.Level.FINE, "Encrypted key octets:\n" + base64EncodedEncryptedOctets); ++ logger.log(java.util.logging.Level.FINE, "Encrypted key octets length = " + + base64EncodedEncryptedOctets.length()); + + CipherValue cv = _ek.getCipherData().getCipherValue(); +@@ -1376,10 +1303,10 @@ + public Key decryptKey(EncryptedKey encryptedKey, String algorithm) throws + XMLEncryptionException { + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Decrypting key from previously loaded EncryptedKey..."); ++ logger.log(java.util.logging.Level.FINE, "Decrypting key from previously loaded EncryptedKey..."); + + if(_cipherMode != UNWRAP_MODE) +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in UNWRAP_MODE..."); ++ logger.log(java.util.logging.Level.FINE, "XMLCipher unexpectedly not in UNWRAP_MODE..."); + + if (algorithm == null) { + throw new XMLEncryptionException("Cannot decrypt a key without knowing the algorithm"); +@@ -1387,7 +1314,7 @@ + + if (_key == null) { + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Trying to find a KEK via key resolvers"); ++ logger.log(java.util.logging.Level.FINE, "Trying to find a KEK via key resolvers"); + + KeyInfo ki = encryptedKey.getKeyInfo(); + if (ki != null) { +@@ -1418,7 +1345,7 @@ + JCEMapper.translateURItoJCEID( + encryptedKey.getEncryptionMethod().getAlgorithm()); + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm); ++ logger.log(java.util.logging.Level.FINE, "JCE Algorithm = " + jceAlgorithm); + + try { + if (_requestedJCEProvider == null) +@@ -1448,7 +1375,7 @@ + throw new XMLEncryptionException("empty", nsae); + } + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Decryption of key type " + algorithm + " OK"); ++ logger.log(java.util.logging.Level.FINE, "Decryption of key type " + algorithm + " OK"); + + return ret; + +@@ -1478,14 +1405,9 @@ + * + * @param node the Node to clear. + */ +- private void removeContent(Node node) { +- NodeList list = node.getChildNodes(); +- if (list.getLength() > 0) { +- Node n = list.item(0); +- if (null != n) { +- n.getParentNode().removeChild(n); +- } +- removeContent(node); ++ private static void removeContent(Node node) { ++ while (node.hasChildNodes()) { ++ node.removeChild(node.getFirstChild()); + } + } + +@@ -1499,7 +1421,7 @@ + private Document decryptElement(Element element) throws + XMLEncryptionException { + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Decrypting element..."); ++ logger.log(java.util.logging.Level.FINE, "Decrypting element..."); + + if(_cipherMode != DECRYPT_MODE) + logger.log(java.util.logging.Level.SEVERE, "XMLCipher unexpectedly not in DECRYPT_MODE..."); +@@ -1512,7 +1434,7 @@ + } + + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Decrypted octets:\n" + octets); ++ logger.log(java.util.logging.Level.FINE, "Decrypted octets:\n" + octets); + + Node sourceParent = element.getParentNode(); + +@@ -1573,7 +1495,7 @@ + public byte[] decryptToByteArray(Element element) + throws XMLEncryptionException { + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Decrypting to ByteArray..."); ++ logger.log(java.util.logging.Level.FINE, "Decrypting to ByteArray..."); + + if(_cipherMode != DECRYPT_MODE) + logger.log(java.util.logging.Level.SEVERE, "XMLCipher unexpectedly not in DECRYPT_MODE..."); +@@ -2226,7 +2148,7 @@ + AgreementMethod newAgreementMethod(Element element) throws + XMLEncryptionException { + if (null == element) { +- //complain ++ throw new NullPointerException("element is null"); + } + + String algorithm = element.getAttributeNS(null, +@@ -2292,7 +2214,7 @@ + CipherData newCipherData(Element element) throws + XMLEncryptionException { + if (null == element) { +- // complain ++ throw new NullPointerException("element is null"); + } + + int type = 0; +@@ -2352,7 +2274,7 @@ + (Element) transformsElements.item(0); + + if (transformsElement != null) { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Creating a DSIG based Transforms element"); ++ logger.log(java.util.logging.Level.FINE, "Creating a DSIG based Transforms element"); + try { + result.setTransforms(new TransformsImpl(transformsElement)); + } +@@ -2411,34 +2333,28 @@ + XMLEncryptionException { + EncryptedData result = null; + +- NodeList dataElements = element.getElementsByTagNameNS( +- EncryptionConstants.EncryptionSpecNS, +- EncryptionConstants._TAG_CIPHERDATA); +- +- // Need to get the last CipherData found, as earlier ones will +- // be for elements in the KeyInfo lists ++ NodeList dataElements = element.getElementsByTagNameNS( ++ EncryptionConstants.EncryptionSpecNS, ++ EncryptionConstants._TAG_CIPHERDATA); ++ ++ // Need to get the last CipherData found, as earlier ones will ++ // be for elements in the KeyInfo lists + + Element dataElement = +- (Element) dataElements.item(dataElements.getLength() - 1); ++ (Element) dataElements.item(dataElements.getLength() - 1); + + CipherData data = newCipherData(dataElement); + + result = newEncryptedData(data); + +- try { +- result.setId(element.getAttributeNS( +- null, EncryptionConstants._ATT_ID)); +- result.setType(new URI( +- element.getAttributeNS( +- null, EncryptionConstants._ATT_TYPE)).toString()); +- result.setMimeType(element.getAttributeNS( +- null, EncryptionConstants._ATT_MIMETYPE)); +- result.setEncoding(new URI( +- element.getAttributeNS( +- null, Constants._ATT_ENCODING)).toString()); +- } catch (URI.MalformedURIException mfue) { +- // do nothing +- } ++ result.setId(element.getAttributeNS( ++ null, EncryptionConstants._ATT_ID)); ++ result.setType( ++ element.getAttributeNS(null, EncryptionConstants._ATT_TYPE)); ++ result.setMimeType(element.getAttributeNS( ++ null, EncryptionConstants._ATT_MIMETYPE)); ++ result.setEncoding( ++ element.getAttributeNS(null, Constants._ATT_ENCODING)); + + Element encryptionMethodElement = + (Element) element.getElementsByTagNameNS( +@@ -2450,18 +2366,18 @@ + } + + // BFL 16/7/03 - simple implementation +- // TODO: Work out how to handle relative URI ++ // TODO: Work out how to handle relative URI + + Element keyInfoElement = + (Element) element.getElementsByTagNameNS( + Constants.SignatureSpecNS, Constants._TAG_KEYINFO).item(0); + if (null != keyInfoElement) { +- try { +- result.setKeyInfo(new KeyInfo(keyInfoElement, null)); +- } catch (XMLSecurityException xse) { +- throw new XMLEncryptionException("Error loading Key Info", +- xse); +- } ++ try { ++ result.setKeyInfo(new KeyInfo(keyInfoElement, null)); ++ } catch (XMLSecurityException xse) { ++ throw new XMLEncryptionException("Error loading Key Info", ++ xse); ++ } + } + + // TODO: Implement +@@ -2511,31 +2427,25 @@ + EncryptedKey newEncryptedKey(Element element) throws + XMLEncryptionException { + EncryptedKey result = null; +- NodeList dataElements = element.getElementsByTagNameNS( +- EncryptionConstants.EncryptionSpecNS, +- EncryptionConstants._TAG_CIPHERDATA); ++ NodeList dataElements = element.getElementsByTagNameNS( ++ EncryptionConstants.EncryptionSpecNS, ++ EncryptionConstants._TAG_CIPHERDATA); + Element dataElement = +- (Element) dataElements.item(dataElements.getLength() - 1); ++ (Element) dataElements.item(dataElements.getLength() - 1); + + CipherData data = newCipherData(dataElement); + result = newEncryptedKey(data); + +- try { +- result.setId(element.getAttributeNS( +- null, EncryptionConstants._ATT_ID)); +- result.setType(new URI( +- element.getAttributeNS( +- null, EncryptionConstants._ATT_TYPE)).toString()); +- result.setMimeType(element.getAttributeNS( +- null, EncryptionConstants._ATT_MIMETYPE)); +- result.setEncoding(new URI( +- element.getAttributeNS( +- null, Constants._ATT_ENCODING)).toString()); +- result.setRecipient(element.getAttributeNS( +- null, EncryptionConstants._ATT_RECIPIENT)); +- } catch (URI.MalformedURIException mfue) { +- // do nothing +- } ++ result.setId(element.getAttributeNS( ++ null, EncryptionConstants._ATT_ID)); ++ result.setType( ++ element.getAttributeNS(null, EncryptionConstants._ATT_TYPE)); ++ result.setMimeType(element.getAttributeNS( ++ null, EncryptionConstants._ATT_MIMETYPE)); ++ result.setEncoding( ++ element.getAttributeNS(null, Constants._ATT_ENCODING)); ++ result.setRecipient(element.getAttributeNS( ++ null, EncryptionConstants._ATT_RECIPIENT)); + + Element encryptionMethodElement = + (Element) element.getElementsByTagNameNS( +@@ -2550,12 +2460,12 @@ + (Element) element.getElementsByTagNameNS( + Constants.SignatureSpecNS, Constants._TAG_KEYINFO).item(0); + if (null != keyInfoElement) { +- try { +- result.setKeyInfo(new KeyInfo(keyInfoElement, null)); +- } catch (XMLSecurityException xse) { +- throw new XMLEncryptionException("Error loading Key Info", +- xse); +- } ++ try { ++ result.setKeyInfo(new KeyInfo(keyInfoElement, null)); ++ } catch (XMLSecurityException xse) { ++ throw new XMLEncryptionException ++ ("Error loading Key Info", xse); ++ } + } + + // TODO: Implement +@@ -2581,7 +2491,8 @@ + EncryptionConstants.EncryptionSpecNS, + EncryptionConstants._TAG_CARRIEDKEYNAME).item(0); + if (null != carriedNameElement) { +- result.setCarriedName(carriedNameElement.getNodeValue()); ++ result.setCarriedName ++ (carriedNameElement.getFirstChild().getNodeValue()); + } + + return (result); +@@ -2680,13 +2591,8 @@ + EncryptionProperty newEncryptionProperty(Element element) { + EncryptionProperty result = newEncryptionProperty(); + +- try { +- result.setTarget(new URI( +- element.getAttributeNS( +- null, EncryptionConstants._ATT_TARGET)).toString()); +- } catch (URI.MalformedURIException mfue) { +- // do nothing +- } ++ result.setTarget( ++ element.getAttributeNS(null, EncryptionConstants._ATT_TARGET)); + result.setId(element.getAttributeNS( + null, EncryptionConstants._ATT_ID)); + // TODO: Make this lot work... +@@ -2943,7 +2849,7 @@ + } catch (URI.MalformedURIException mfue) { + //complain + } +- algorithm = tmpAlgorithm.toString(); ++ algorithmURI = tmpAlgorithm.toString(); + } + + // +@@ -3183,7 +3089,7 @@ + _contextDocument, EncryptionConstants.EncryptionSpecNS, + EncryptionConstants._TAG_CIPHERVALUE); + result.appendChild(_contextDocument.createTextNode( +- new String(cipherValue))); ++ cipherValue)); + + return (result); + } +@@ -3247,8 +3153,7 @@ + } + if (null != super.getType()) { + result.setAttributeNS( +- null, EncryptionConstants._ATT_TYPE, +- super.getType().toString()); ++ null, EncryptionConstants._ATT_TYPE, super.getType()); + } + if (null != super.getMimeType()) { + result.setAttributeNS( +@@ -3258,7 +3163,7 @@ + if (null != super.getEncoding()) { + result.setAttributeNS( + null, EncryptionConstants._ATT_ENCODING, +- super.getEncoding().toString()); ++ super.getEncoding()); + } + if (null != super.getEncryptionMethod()) { + result.appendChild(((EncryptionMethodImpl) +@@ -3383,8 +3288,7 @@ + } + if (null != super.getType()) { + result.setAttributeNS( +- null, EncryptionConstants._ATT_TYPE, +- super.getType().toString()); ++ null, EncryptionConstants._ATT_TYPE, super.getType()); + } + if (null != super.getMimeType()) { + result.setAttributeNS(null, +@@ -3392,7 +3296,7 @@ + } + if (null != super.getEncoding()) { + result.setAttributeNS(null, Constants._ATT_ENCODING, +- super.getEncoding().toString()); ++ super.getEncoding()); + } + if (null != getRecipient()) { + result.setAttributeNS(null, +@@ -3468,13 +3372,17 @@ + * @param type + */ + public void setType(String type) { +- URI tmpType = null; +- try { +- tmpType = new URI(type); +- } catch (URI.MalformedURIException mfue) { +- // complain ++ if (type == null || type.length() == 0) { ++ this.type = null; ++ } else { ++ URI tmpType = null; ++ try { ++ tmpType = new URI(type); ++ } catch (URI.MalformedURIException mfue) { ++ // complain ++ } ++ this.type = tmpType.toString(); + } +- this.type = tmpType.toString(); + } + /** + * +@@ -3502,13 +3410,17 @@ + * @param encoding + */ + public void setEncoding(String encoding) { +- URI tmpEncoding = null; +- try { +- tmpEncoding = new URI(encoding); +- } catch (URI.MalformedURIException mfue) { +- // complain ++ if (encoding == null || encoding.length() == 0) { ++ this.encoding = null; ++ } else { ++ URI tmpEncoding = null; ++ try { ++ tmpEncoding = new URI(encoding); ++ } catch (URI.MalformedURIException mfue) { ++ // complain ++ } ++ this.encoding = tmpEncoding.toString(); + } +- this.encoding = tmpEncoding.toString(); + } + /** + * +@@ -3635,7 +3547,7 @@ + _contextDocument, EncryptionConstants.EncryptionSpecNS, + EncryptionConstants._TAG_ENCRYPTIONMETHOD); + result.setAttributeNS(null, EncryptionConstants._ATT_ALGORITHM, +- algorithm.toString()); ++ algorithm); + if (keySize > 0) { + result.appendChild( + ElementProxy.createElementForFamily(_contextDocument, +@@ -3735,8 +3647,7 @@ + private class EncryptionPropertyImpl implements EncryptionProperty { + private String target = null; + private String id = null; +- private String attributeName = null; +- private String attributeValue = null; ++ private HashMap attributeMap = new HashMap(); + private List encryptionInformation = null; + + /** +@@ -3752,13 +3663,24 @@ + } + /** @inheritDoc */ + public void setTarget(String target) { +- URI tmpTarget = null; +- try { +- tmpTarget = new URI(target); +- } catch (URI.MalformedURIException mfue) { +- // complain ++ if (target == null || target.length() == 0) { ++ this.target = null; ++ } else if (target.startsWith("#")) { ++ /* ++ * This is a same document URI reference. Do not parse, ++ * because com.sun.org.apache.xml.internal.utils.URI considers this an ++ * illegal URI because it has no scheme. ++ */ ++ this.target = target; ++ } else { ++ URI tmpTarget = null; ++ try { ++ tmpTarget = new URI(target); ++ } catch (URI.MalformedURIException mfue) { ++ // complain ++ } ++ this.target = tmpTarget.toString(); + } +- this.target = tmpTarget.toString(); + } + /** @inheritDoc */ + public String getId() { +@@ -3770,12 +3692,11 @@ + } + /** @inheritDoc */ + public String getAttribute(String attribute) { +- return (attributeValue); ++ return (String) attributeMap.get(attribute); + } + /** @inheritDoc */ + public void setAttribute(String attribute, String value) { +- attributeName = attribute; +- attributeValue = value; ++ attributeMap.put(attribute, value); + } + /** @inheritDoc */ + public Iterator getEncryptionInformation() { +@@ -3805,7 +3726,7 @@ + EncryptionConstants._TAG_ENCRYPTIONPROPERTY); + if (null != target) { + result.setAttributeNS(null, EncryptionConstants._ATT_TARGET, +- target.toString()); ++ target); + } + if (null != id) { + result.setAttributeNS(null, EncryptionConstants._ATT_ID, +@@ -3839,7 +3760,13 @@ + * @param doc + */ + public TransformsImpl(Document doc) { +- super(doc); ++ if (doc == null) { ++ throw new RuntimeException("Document is null"); ++ } ++ ++ this._doc = doc; ++ this._constructionElement = createElementForFamilyLocal(this._doc, ++ this.getBaseNamespace(), this.getBaseLocalName()); + } + /** + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java b/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java +@@ -108,84 +108,78 @@ + return null; + } + +- /** +- * Internal method to get bytes in decryption mode ++ /** ++ * Internal method to get bytes in decryption mode + * @return the decripted bytes + * @throws XMLEncryptionException +- */ ++ */ ++ private byte[] getDecryptBytes() throws XMLEncryptionException { + +- private byte[] getDecryptBytes() throws XMLEncryptionException { +- +- String base64EncodedEncryptedOctets = null; ++ String base64EncodedEncryptedOctets = null; + + if (_cipherData.getDataType() == CipherData.REFERENCE_TYPE) { +- // Fun time! +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData"); +- CipherReference cr = _cipherData.getCipherReference(); ++ // Fun time! ++ logger.log(java.util.logging.Level.FINE, "Found a reference type CipherData"); ++ CipherReference cr = _cipherData.getCipherReference(); + +- // Need to wrap the uri in an Attribute node so that we can +- // Pass to the resource resolvers ++ // Need to wrap the uri in an Attribute node so that we can ++ // Pass to the resource resolvers + +- Attr uriAttr = cr.getURIAsAttr(); +- XMLSignatureInput input = null; ++ Attr uriAttr = cr.getURIAsAttr(); ++ XMLSignatureInput input = null; + +- try { +- ResourceResolver resolver = +- ResourceResolver.getInstance(uriAttr, null); +- input = resolver.resolve(uriAttr, null); +- } catch (ResourceResolverException ex) { +- throw new XMLEncryptionException("empty", ex); +- } ++ try { ++ ResourceResolver resolver = ++ ResourceResolver.getInstance(uriAttr, null); ++ input = resolver.resolve(uriAttr, null); ++ } catch (ResourceResolverException ex) { ++ throw new XMLEncryptionException("empty", ex); ++ } + +- if (input != null) { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\""); +- } +- else { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\""); +- } ++ if (input != null) { ++ logger.log(java.util.logging.Level.FINE, "Managed to resolve URI \"" + cr.getURI() + "\""); ++ } else { ++ logger.log(java.util.logging.Level.FINE, "Failed to resolve URI \"" + cr.getURI() + "\""); ++ } + +- // Lets see if there are any transforms +- Transforms transforms = cr.getTransforms(); +- if (transforms != null) { +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference"); +- try { +- com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms = +- transforms.getDSTransforms(); +- input = dsTransforms.performTransforms(input); +- } catch (TransformationException ex) { +- throw new XMLEncryptionException("empty", ex); +- } +- } ++ // Lets see if there are any transforms ++ Transforms transforms = cr.getTransforms(); ++ if (transforms != null) { ++ logger.log(java.util.logging.Level.FINE, "Have transforms in cipher reference"); ++ try { ++ com.sun.org.apache.xml.internal.security.transforms.Transforms dsTransforms = ++ transforms.getDSTransforms(); ++ input = dsTransforms.performTransforms(input); ++ } catch (TransformationException ex) { ++ throw new XMLEncryptionException("empty", ex); ++ } ++ } + +- try { +- return input.getBytes(); +- } +- catch (IOException ex) { +- throw new XMLEncryptionException("empty", ex); +- } catch (CanonicalizationException ex) { +- throw new XMLEncryptionException("empty", ex); +- } ++ try { ++ return input.getBytes(); ++ } catch (IOException ex) { ++ throw new XMLEncryptionException("empty", ex); ++ } catch (CanonicalizationException ex) { ++ throw new XMLEncryptionException("empty", ex); ++ } + +- // retrieve the cipher text ++ // retrieve the cipher text + } else if (_cipherData.getDataType() == CipherData.VALUE_TYPE) { +- CipherValue cv = _cipherData.getCipherValue(); +- base64EncodedEncryptedOctets = new String(cv.getValue()); ++ base64EncodedEncryptedOctets = ++ _cipherData.getCipherValue().getValue(); + } else { +- throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value"); +- } ++ throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value"); ++ } + +- if (logger.isLoggable(java.util.logging.Level.FINE)) logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets); ++ logger.log(java.util.logging.Level.FINE, "Encrypted octets:\n" + base64EncodedEncryptedOctets); + + byte[] encryptedBytes = null; +- + try { +- encryptedBytes = Base64.decode(base64EncodedEncryptedOctets); ++ encryptedBytes = Base64.decode(base64EncodedEncryptedOctets); + } catch (Base64DecodingException bde) { + throw new XMLEncryptionException("empty", bde); + } + +- return (encryptedBytes); +- +- } +- ++ return (encryptedBytes); ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/ContentHandlerAlreadyRegisteredException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -28,7 +27,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class ContentHandlerAlreadyRegisteredException + extends XMLSecurityException { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java +@@ -25,6 +25,8 @@ + import java.security.PublicKey; + import java.security.cert.X509Certificate; + import java.util.ArrayList; ++import java.util.Collections; ++import java.util.Iterator; + import java.util.List; + + import javax.crypto.SecretKey; +@@ -88,15 +90,22 @@ + * The containsXXX() methods return whether the KeyInfo + * contains the corresponding type. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class KeyInfo extends SignatureElementProxy { + + /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(KeyInfo.class.getName()); ++ List x509Datas=null; ++ List encryptedKeys=null; + +- ++ static final List nullList; ++ static { ++ List list = new ArrayList(); ++ list.add(null); ++ nullList = Collections.unmodifiableList(list); ++ } + + /** + * Constructor KeyInfo +@@ -108,7 +117,6 @@ + + XMLUtils.addReturnToElement(this._constructionElement); + +- + } + + /** +@@ -119,8 +127,8 @@ + * @throws XMLSecurityException + */ + public KeyInfo(Element element, String BaseURI) throws XMLSecurityException { +- + super(element, BaseURI); ++ // _storageResolvers.add(null); + + } + +@@ -131,7 +139,7 @@ + */ + public void setId(String Id) { + +- if ((this._state == MODE_SIGN) && (Id != null)) { ++ if ((Id != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); + IdResolver.registerElementById(this._constructionElement, Id); + } +@@ -162,10 +170,8 @@ + */ + public void add(KeyName keyname) { + +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(keyname.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -219,11 +225,8 @@ + * @param keyvalue + */ + public void add(KeyValue keyvalue) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(keyvalue.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -241,11 +244,8 @@ + * @param mgmtdata + */ + public void add(MgmtData mgmtdata) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(mgmtdata.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -254,11 +254,8 @@ + * @param pgpdata + */ + public void add(PGPData pgpdata) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(pgpdata.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -279,11 +276,8 @@ + * @param retrievalmethod + */ + public void add(RetrievalMethod retrievalmethod) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(retrievalmethod.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -292,11 +286,8 @@ + * @param spkidata + */ + public void add(SPKIData spkidata) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(spkidata.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -305,11 +296,11 @@ + * @param x509data + */ + public void add(X509Data x509data) { +- +- if (this._state == MODE_SIGN) { ++ if (x509Datas==null) ++ x509Datas=new ArrayList(); ++ x509Datas.add(x509data); + this._constructionElement.appendChild(x509data.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -321,12 +312,11 @@ + + public void add(EncryptedKey encryptedKey) + throws XMLEncryptionException { +- +- if (this._state == MODE_SIGN) { ++ if (encryptedKeys==null) ++ encryptedKeys=new ArrayList(); ++ encryptedKeys.add(encryptedKey); + XMLCipher cipher = XMLCipher.getInstance(); + this._constructionElement.appendChild(cipher.martial(encryptedKey)); +- } +- + } + + /** +@@ -335,11 +325,8 @@ + * @param element + */ + public void addUnknownElement(Element element) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(element); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -403,6 +390,9 @@ + *@return the number of the X509Data tags + */ + public int lengthX509Data() { ++ if (x509Datas!=null) { ++ return x509Datas.size(); ++ } + return this.length(Constants.SignatureSpecNS, Constants._TAG_X509DATA); + } + +@@ -550,7 +540,9 @@ + * @throws XMLSecurityException + */ + public X509Data itemX509Data(int i) throws XMLSecurityException { +- ++ if (x509Datas!=null) { ++ return (X509Data) x509Datas.get(i); ++ } + Element e = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), + Constants._TAG_X509DATA,i); + +@@ -569,7 +561,9 @@ + */ + + public EncryptedKey itemEncryptedKey(int i) throws XMLSecurityException { +- ++ if (encryptedKeys!=null) { ++ return (EncryptedKey) encryptedKeys.get(i); ++ } + Element e = + XMLUtils.selectXencNode(this._constructionElement.getFirstChild(), + EncryptionConstants._TAG_ENCRYPTEDKEY,i); +@@ -707,20 +701,20 @@ + PublicKey pk = this.getPublicKeyFromInternalResolvers(); + + if (pk != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers"); ++ log.log(java.util.logging.Level.FINE, "I could find a key using the per-KeyInfo key resolvers"); + + return pk; + } +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers"); ++ log.log(java.util.logging.Level.FINE, "I couldn't find a key using the per-KeyInfo key resolvers"); + + pk = this.getPublicKeyFromStaticResolvers(); + + if (pk != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers"); ++ log.log(java.util.logging.Level.FINE, "I could find a key using the system-wide key resolvers"); + + return pk; + } +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers"); ++ log.log(java.util.logging.Level.FINE, "I couldn't find a key using the system-wide key resolvers"); + + return null; + } +@@ -732,46 +726,29 @@ + * @throws KeyResolverException + */ + PublicKey getPublicKeyFromStaticResolvers() throws KeyResolverException { +- +- for (int i = 0; i < KeyResolver.length(); i++) { +- KeyResolver keyResolver = KeyResolver.item(i); ++ int length=KeyResolver.length(); ++ int storageLength=this._storageResolvers.size(); ++ Iterator it= KeyResolver.iterator(); ++ for (int i = 0; i < length; i++) { ++ KeyResolverSpi keyResolver = (KeyResolverSpi) it.next(); + Node currentChild=this._constructionElement.getFirstChild(); ++ String uri= this.getBaseURI(); + while (currentChild!=null) { + if (currentChild.getNodeType() == Node.ELEMENT_NODE) { +- if (this._storageResolvers.size() == 0) { +- +- // if we do not have storage resolvers, we verify with null +- StorageResolver storage = null; +- +- if (keyResolver.canResolve((Element) currentChild, +- this.getBaseURI(), storage)) { +- PublicKey pk = +- keyResolver.resolvePublicKey((Element) currentChild, +- this.getBaseURI(), +- storage); +- +- if (pk != null) { +- return pk; +- } +- } +- } else { +- for (int k = 0; k < this._storageResolvers.size(); k++) { ++ for (int k = 0; k < storageLength; k++) { + StorageResolver storage = + (StorageResolver) this._storageResolvers.get(k); + +- if (keyResolver.canResolve((Element) currentChild, +- this.getBaseURI(), storage)) { +- PublicKey pk = +- keyResolver.resolvePublicKey((Element) currentChild, +- this.getBaseURI(), ++ PublicKey pk = ++ keyResolver.engineLookupAndResolvePublicKey((Element) currentChild, ++ uri, + storage); + +- if (pk != null) { +- return pk; +- } ++ if (pk != null) { ++ KeyResolver.hit(it); ++ return pk; + } + } +- } + } + currentChild=currentChild.getNextSibling(); + } +@@ -786,50 +763,27 @@ + * @throws KeyResolverException + */ + PublicKey getPublicKeyFromInternalResolvers() throws KeyResolverException { +- +- for (int i = 0; i < this.lengthInternalKeyResolver(); i++) { ++ int length=lengthInternalKeyResolver(); ++ int storageLength=this._storageResolvers.size(); ++ for (int i = 0; i < length; i++) { + KeyResolverSpi keyResolver = this.itemInternalKeyResolver(i); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName()); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Try " + keyResolver.getClass().getName()); + + Node currentChild=this._constructionElement.getFirstChild(); ++ String uri=this.getBaseURI(); + while (currentChild!=null) { + if (currentChild.getNodeType() == Node.ELEMENT_NODE) { +- if (this._storageResolvers.size() == 0) { +- +- // if we do not have storage resolvers, we verify with null +- StorageResolver storage = null; +- +- if (keyResolver.engineCanResolve((Element) currentChild, +- this.getBaseURI(), +- storage)) { +- PublicKey pk = +- keyResolver +- .engineResolvePublicKey((Element) currentChild, this +- .getBaseURI(), storage); ++ for (int k = 0; k < storageLength; k++) { ++ StorageResolver storage = ++ (StorageResolver) this._storageResolvers.get(k); ++ PublicKey pk = keyResolver ++ .engineLookupAndResolvePublicKey((Element) currentChild, uri, storage); + + if (pk != null) { +- return pk; ++ return pk; + } + } +- } else { +- for (int k = 0; k < this._storageResolvers.size(); k++) { +- StorageResolver storage = +- (StorageResolver) this._storageResolvers.get(k); +- +- if (keyResolver.engineCanResolve((Element) currentChild, +- this.getBaseURI(), +- storage)) { +- PublicKey pk = keyResolver +- .engineResolvePublicKey((Element) currentChild, this +- .getBaseURI(), storage); +- +- if (pk != null) { +- return pk; +- } +- } +- } +- } + } + currentChild=currentChild.getNextSibling(); + } +@@ -850,12 +804,12 @@ + X509Certificate cert = this.getX509CertificateFromInternalResolvers(); + + if (cert != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, ++ log.log(java.util.logging.Level.FINE, + "I could find a X509Certificate using the per-KeyInfo key resolvers"); + + return cert; + } +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, ++ log.log(java.util.logging.Level.FINE, + "I couldn't find a X509Certificate using the per-KeyInfo key resolvers"); + + +@@ -863,12 +817,12 @@ + cert = this.getX509CertificateFromStaticResolvers(); + + if (cert != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, ++ log.log(java.util.logging.Level.FINE, + "I could find a X509Certificate using the system-wide key resolvers"); + + return cert; + } +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, ++ log.log(java.util.logging.Level.FINE, + "I couldn't find a X509Certificate using the system-wide key resolvers"); + + +@@ -885,53 +839,44 @@ + */ + X509Certificate getX509CertificateFromStaticResolvers() + throws KeyResolverException { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromStaticResolvers() with " ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Start getX509CertificateFromStaticResolvers() with " + + KeyResolver.length() + " resolvers"); ++ String uri=this.getBaseURI(); ++ int length= KeyResolver.length(); ++ int storageLength=this._storageResolvers.size(); ++ Iterator it = KeyResolver.iterator(); ++ for (int i = 0; i com.sun.org.apache.xml.internal.security.keys package. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class KeyUtils { + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyInfoContent.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -28,7 +27,7 @@ + /** + * Empty interface just to identify Elements that can be cildren of ds:KeyInfo. + * +- * @author $Author: blautenb $ ++ * @author $Author: mullan $ + */ + public interface KeyInfoContent { + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyName.java +@@ -20,25 +20,18 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content; + +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.utils.Constants; + import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class KeyName extends SignatureElementProxy implements KeyInfoContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(KeyName.class.getName()); +- + /** + * Constructor KeyName + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/KeyValue.java +@@ -20,11 +20,8 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content; + +- +- + import java.security.PublicKey; + +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.DSAKeyValue; + import com.sun.org.apache.xml.internal.security.keys.content.keyvalues.RSAKeyValue; +@@ -34,140 +31,131 @@ + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * The KeyValue element contains a single public key that may be useful in + * validating the signature. Structured formats for defining DSA (REQUIRED) + * and RSA (RECOMMENDED) public keys are defined in Signature Algorithms + * (section 6.4). The KeyValue element may include externally defined public +- * keys values represented as PCDATA or element types from an external namespace. ++ * keys values represented as PCDATA or element types from an external ++ * namespace. + * +- * @author $Author: vishal $ ++ * @author $Author: mullan $ + */ + public class KeyValue extends SignatureElementProxy implements KeyInfoContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(KeyValue.class.getName()); ++ /** ++ * Constructor KeyValue ++ * ++ * @param doc ++ * @param dsaKeyValue ++ */ ++ public KeyValue(Document doc, DSAKeyValue dsaKeyValue) { + +- /** +- * Constructor KeyValue +- * +- * @param doc +- * @param dsaKeyValue +- */ +- public KeyValue(Document doc, DSAKeyValue dsaKeyValue) { ++ super(doc); + +- super(doc); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ this._constructionElement.appendChild(dsaKeyValue.getElement()); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } + +- XMLUtils.addReturnToElement(this._constructionElement); +- this._constructionElement.appendChild(dsaKeyValue.getElement()); +- XMLUtils.addReturnToElement(this._constructionElement); +- } ++ /** ++ * Constructor KeyValue ++ * ++ * @param doc ++ * @param rsaKeyValue ++ */ ++ public KeyValue(Document doc, RSAKeyValue rsaKeyValue) { + +- /** +- * Constructor KeyValue +- * +- * @param doc +- * @param rsaKeyValue +- */ +- public KeyValue(Document doc, RSAKeyValue rsaKeyValue) { ++ super(doc); + +- super(doc); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ this._constructionElement.appendChild(rsaKeyValue.getElement()); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } + +- XMLUtils.addReturnToElement(this._constructionElement); +- this._constructionElement.appendChild(rsaKeyValue.getElement()); +- XMLUtils.addReturnToElement(this._constructionElement); +- } ++ /** ++ * Constructor KeyValue ++ * ++ * @param doc ++ * @param unknownKeyValue ++ */ ++ public KeyValue(Document doc, Element unknownKeyValue) { + +- /** +- * Constructor KeyValue +- * +- * @param doc +- * @param unknownKeyValue +- */ +- public KeyValue(Document doc, Element unknownKeyValue) { ++ super(doc); + +- super(doc); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ this._constructionElement.appendChild(unknownKeyValue); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } + +- XMLUtils.addReturnToElement(this._constructionElement); +- this._constructionElement.appendChild(unknownKeyValue); +- XMLUtils.addReturnToElement(this._constructionElement); +- } ++ /** ++ * Constructor KeyValue ++ * ++ * @param doc ++ * @param pk ++ */ ++ public KeyValue(Document doc, PublicKey pk) { + +- /** +- * Constructor KeyValue +- * +- * @param doc +- * @param pk +- */ +- public KeyValue(Document doc, PublicKey pk) { ++ super(doc); + +- super(doc); ++ XMLUtils.addReturnToElement(this._constructionElement); + +- XMLUtils.addReturnToElement(this._constructionElement); ++ if (pk instanceof java.security.interfaces.DSAPublicKey) { ++ DSAKeyValue dsa = new DSAKeyValue(this._doc, pk); + +- if (pk instanceof java.security.interfaces.DSAPublicKey) { +- DSAKeyValue dsa = new DSAKeyValue(this._doc, pk); ++ this._constructionElement.appendChild(dsa.getElement()); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } else if (pk instanceof java.security.interfaces.RSAPublicKey) { ++ RSAKeyValue rsa = new RSAKeyValue(this._doc, pk); + +- this._constructionElement.appendChild(dsa.getElement()); +- XMLUtils.addReturnToElement(this._constructionElement); +- } else if (pk instanceof java.security.interfaces.RSAPublicKey) { +- RSAKeyValue rsa = new RSAKeyValue(this._doc, pk); ++ this._constructionElement.appendChild(rsa.getElement()); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } ++ } + +- this._constructionElement.appendChild(rsa.getElement()); +- XMLUtils.addReturnToElement(this._constructionElement); +- } +- } ++ /** ++ * Constructor KeyValue ++ * ++ * @param element ++ * @param BaseURI ++ * @throws XMLSecurityException ++ */ ++ public KeyValue(Element element, String BaseURI) ++ throws XMLSecurityException { ++ super(element, BaseURI); ++ } + +- /** +- * Constructor KeyValue +- * +- * @param element +- * @param BaseURI +- * @throws XMLSecurityException +- */ +- public KeyValue(Element element, String BaseURI) +- throws XMLSecurityException { +- super(element, BaseURI); +- } ++ /** ++ * Method getPublicKey ++ * ++ * @return the public key ++ * @throws XMLSecurityException ++ */ ++ public PublicKey getPublicKey() throws XMLSecurityException { + +- /** +- * Method getPublicKey +- * +- * @return the public key +- * @throws XMLSecurityException +- */ +- public PublicKey getPublicKey() throws XMLSecurityException { ++ Element rsa = XMLUtils.selectDsNode ++ (this._constructionElement.getFirstChild(), ++ Constants._TAG_RSAKEYVALUE,0); + ++ if (rsa != null) { ++ RSAKeyValue kv = new RSAKeyValue(rsa, this._baseURI); ++ return kv.getPublicKey(); ++ } + +- Element rsa = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_RSAKEYVALUE,0); ++ Element dsa = XMLUtils.selectDsNode ++ (this._constructionElement.getFirstChild(), ++ Constants._TAG_DSAKEYVALUE,0); + +- if (rsa != null) { +- RSAKeyValue kv = new RSAKeyValue(rsa, +- this._baseURI); ++ if (dsa != null) { ++ DSAKeyValue kv = new DSAKeyValue(dsa, this._baseURI); ++ return kv.getPublicKey(); ++ } + +- return kv.getPublicKey(); +- } ++ return null; ++ } + +- Element dsa = XMLUtils.selectDsNode(this._constructionElement, +- Constants._TAG_DSAKEYVALUE,0); +- +- +- if (dsa != null) { +- DSAKeyValue kv = new DSAKeyValue(dsa, +- this._baseURI); +- +- return kv.getPublicKey(); +- } +- +- +- return null; +- } +- +- /** @inheritDoc */ +- public String getBaseLocalName() { +- return Constants._TAG_KEYVALUE; +- } ++ /** @inheritDoc */ ++ public String getBaseLocalName() { ++ return Constants._TAG_KEYVALUE; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/MgmtData.java +@@ -20,25 +20,18 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content; + +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.utils.Constants; + import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class MgmtData extends SignatureElementProxy implements KeyInfoContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(MgmtData.class.getName()); +- + /** + * Constructor MgmtData + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/PGPData.java +@@ -20,25 +20,18 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content; + +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.utils.Constants; + import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * $todo$ Implement + */ + public class PGPData extends SignatureElementProxy implements KeyInfoContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(PGPData.class.getName()); +- + /** + * Constructor PGPData + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/RetrievalMethod.java +@@ -20,9 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content; + +- +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; +@@ -33,17 +30,13 @@ + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class RetrievalMethod extends SignatureElementProxy + implements KeyInfoContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(RetrievalMethod.class.getName()); + //J- + /** DSA retrieval */ + public static final String TYPE_DSA = Constants.SignatureSpecNS + "DSAKeyValue"; +@@ -133,7 +126,7 @@ + + try { + Element transformsElem = +- XMLUtils.selectDsNode(this._constructionElement, ++ XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), + Constants + ._TAG_TRANSFORMS, 0); + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/SPKIData.java +@@ -20,25 +20,18 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content; + +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.utils.Constants; + import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * $todo$ implement + */ + public class SPKIData extends SignatureElementProxy implements KeyInfoContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(SPKIData.class.getName()); +- + /** + * Constructor SPKIData + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/X509Data.java +@@ -41,7 +41,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class X509Data extends SignatureElementProxy implements KeyInfoContent { + +@@ -72,60 +72,17 @@ + throws XMLSecurityException { + + super(element, BaseURI); +- +- boolean noElements=true; + Node sibling=this._constructionElement.getFirstChild(); + while (sibling!=null) { + if (sibling.getNodeType()!=Node.ELEMENT_NODE) { + sibling=sibling.getNextSibling(); + continue; + } +- noElements=false; +- Element currentElem = (Element) sibling; +- sibling=sibling.getNextSibling(); +- String localname = currentElem.getLocalName(); +- +- if (currentElem.getNamespaceURI().equals(Constants.SignatureSpecNS)) { +- if (localname.equals(Constants._TAG_X509ISSUERSERIAL)) { +- XMLX509IssuerSerial is = new XMLX509IssuerSerial(currentElem, +- BaseURI); +- +- this.add(is); +- } else if (localname.equals(Constants._TAG_X509SKI)) { +- XMLX509SKI ski = new XMLX509SKI(currentElem, BaseURI); +- +- this.add(ski); +- } else if (localname.equals(Constants._TAG_X509SUBJECTNAME)) { +- XMLX509SubjectName sn = new XMLX509SubjectName(currentElem, +- BaseURI); +- +- this.add(sn); +- } else if (localname.equals(Constants._TAG_X509CERTIFICATE)) { +- XMLX509Certificate cert = new XMLX509Certificate(currentElem, +- BaseURI); +- +- this.add(cert); +- } else if (localname.equals(Constants._TAG_X509CRL)) { +- XMLX509CRL crl = new XMLX509CRL(currentElem, BaseURI); +- +- this.add(crl); +- } else { +- log.log(java.util.logging.Level.WARNING, "Found a " + currentElem.getTagName() + " element in " +- + Constants._TAG_X509DATA); +- this.addUnknownElement(currentElem); +- } +- } else { +- log.log(java.util.logging.Level.WARNING, "Found a " + currentElem.getTagName() + " element in " +- + Constants._TAG_X509DATA); +- this.addUnknownElement(currentElem); +- } ++ return; + } +- if (noElements) { +- Object exArgs[] = { "Elements", Constants._TAG_X509DATA }; +- +- throw new XMLSecurityException("xml.WrongContent", exArgs); +- } +- ++ /* No Elements found */ ++ Object exArgs[] = { "Elements", Constants._TAG_X509DATA }; ++ throw new XMLSecurityException("xml.WrongContent", exArgs); + } + + /** +@@ -169,11 +126,9 @@ + */ + public void add(XMLX509IssuerSerial xmlX509IssuerSerial) { + +- if (this._state == MODE_SIGN) { + this._constructionElement + .appendChild(xmlX509IssuerSerial.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -202,11 +157,8 @@ + * @param xmlX509SKI + */ + public void add(XMLX509SKI xmlX509SKI) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(xmlX509SKI.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -233,11 +185,8 @@ + * @param xmlX509SubjectName + */ + public void add(XMLX509SubjectName xmlX509SubjectName) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(xmlX509SubjectName.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -266,11 +215,8 @@ + * @param xmlX509Certificate + */ + public void add(XMLX509Certificate xmlX509Certificate) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(xmlX509Certificate.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -288,11 +234,8 @@ + * @param xmlX509CRL + */ + public void add(XMLX509CRL xmlX509CRL) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(xmlX509CRL.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -301,11 +244,8 @@ + * @param element + */ + public void addUnknownElement(Element element) { +- +- if (this._state == MODE_SIGN) { + this._constructionElement.appendChild(element); + XMLUtils.addReturnToElement(this._constructionElement); +- } + } + + /** +@@ -479,7 +419,7 @@ + * TODO implement + **/ + public Element itemUnknownElement(int i) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:"+i); ++ log.log(java.util.logging.Level.FINE, "itemUnknownElement not implemented:"+i); + return null; + } + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/DSAKeyValue.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content.keyvalues; + +- +- + import java.math.BigInteger; + import java.security.Key; + import java.security.KeyFactory; +@@ -39,18 +37,13 @@ + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class DSAKeyValue extends SignatureElementProxy + implements KeyValueContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(DSAKeyValue.class.getName()); +- + /** + * Constructor DSAKeyValue + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/KeyValueContent.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -32,7 +31,7 @@ + * + * + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * + */ + public interface KeyValueContent { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/keyvalues/RSAKeyValue.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content.keyvalues; + +- +- + import java.math.BigInteger; + import java.security.Key; + import java.security.KeyFactory; +@@ -39,19 +37,13 @@ + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class RSAKeyValue extends SignatureElementProxy + implements KeyValueContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger( +- RSAKeyValue.class.getName()); +- + /** + * Constructor RSAKeyValue + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509CRL.java +@@ -20,30 +20,20 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content.x509; + +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.utils.Constants; + import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * +- * +- * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * + */ + public class XMLX509CRL extends SignatureElementProxy + implements XMLX509DataContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(XMLX509CRL.class.getName()); +- + /** + * Constructor XMLX509CRL + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509Certificate.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content.x509; + +- +- + import java.io.ByteArrayInputStream; + import java.security.PublicKey; + import java.security.cert.CertificateException; +@@ -34,18 +32,13 @@ + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class XMLX509Certificate extends SignatureElementProxy + implements XMLX509DataContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(XMLX509Certificate.class.getName()); +- + /** Field JCA_CERT_ID */ + public static final String JCA_CERT_ID = "X.509"; + +@@ -146,23 +139,25 @@ + return null; + } + +- /** @inheritDoc */ +- public boolean equals(Object obj) { ++ /** @inheritDoc */ ++ public boolean equals(Object obj) { + +- try { +- if (!obj.getClass().getName().equals(this.getClass().getName())) { ++ if (obj == null) { + return false; +- } ++ } ++ if (!this.getClass().getName().equals(obj.getClass().getName())) { ++ return false; ++ } ++ XMLX509Certificate other = (XMLX509Certificate) obj; ++ try { + +- XMLX509Certificate other = (XMLX509Certificate) obj; +- +- /** $todo$ or should be create X509Certificates and use the equals() from the Certs */ +- return java.security.MessageDigest.isEqual(other.getCertificateBytes(), +- this.getCertificateBytes()); +- } catch (XMLSecurityException ex) { +- return false; +- } +- } ++ /** $todo$ or should be create X509Certificates and use the equals() from the Certs */ ++ return java.security.MessageDigest.isEqual ++ (other.getCertificateBytes(), this.getCertificateBytes()); ++ } catch (XMLSecurityException ex) { ++ return false; ++ } ++ } + + /** @inheritDoc */ + public String getBaseLocalName() { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509DataContent.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -28,7 +27,7 @@ + /** + * Just used for tagging contents that are allowed inside a ds:X509Data Element. + * +- * @author $Author: blautenb $ ++ * @author $Author: mullan $ + */ + public interface XMLX509DataContent { + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509IssuerSerial.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content.x509; + +- +- + import java.math.BigInteger; + import java.security.cert.X509Certificate; + +@@ -33,148 +31,139 @@ + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +- + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class XMLX509IssuerSerial extends SignatureElementProxy + implements XMLX509DataContent { + +- /** {@link java.util.logging} logging facility */ ++ /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger( + XMLX509IssuerSerial.class.getName()); + +- /** +- * Constructor XMLX509IssuerSerial +- * +- * @param element +- * @param BaseURI +- * @throws XMLSecurityException +- */ +- public XMLX509IssuerSerial(Element element, String BaseURI) ++ /** ++ * Constructor XMLX509IssuerSerial ++ * ++ * @param element ++ * @param baseURI ++ * @throws XMLSecurityException ++ */ ++ public XMLX509IssuerSerial(Element element, String baseURI) + throws XMLSecurityException { +- super(element, BaseURI); +- } ++ super(element, baseURI); ++ } + +- /** +- * Constructor XMLX509IssuerSerial +- * +- * @param doc +- * @param X509IssuerName +- * @param X509SerialNumber +- */ +- public XMLX509IssuerSerial(Document doc, String X509IssuerName, +- BigInteger X509SerialNumber) { ++ /** ++ * Constructor XMLX509IssuerSerial ++ * ++ * @param doc ++ * @param x509IssuerName ++ * @param x509SerialNumber ++ */ ++ public XMLX509IssuerSerial(Document doc, String x509IssuerName, ++ BigInteger x509SerialNumber) { + +- super(doc); ++ super(doc); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ addTextElement(x509IssuerName, Constants._TAG_X509ISSUERNAME); ++ addTextElement(x509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER); ++ } + +- XMLUtils.addReturnToElement(this._constructionElement); +- this.addTextElement(X509IssuerName, Constants._TAG_X509ISSUERNAME); +- XMLUtils.addReturnToElement(this._constructionElement); +- this.addTextElement(X509SerialNumber.toString(), Constants._TAG_X509SERIALNUMBER); +- } ++ /** ++ * Constructor XMLX509IssuerSerial ++ * ++ * @param doc ++ * @param x509IssuerName ++ * @param x509SerialNumber ++ */ ++ public XMLX509IssuerSerial(Document doc, String x509IssuerName, ++ String x509SerialNumber) { ++ this(doc, x509IssuerName, new BigInteger(x509SerialNumber)); ++ } + +- /** +- * Constructor XMLX509IssuerSerial +- * +- * @param doc +- * @param X509IssuerName +- * @param X509SerialNumber +- */ +- public XMLX509IssuerSerial(Document doc, String X509IssuerName, +- String X509SerialNumber) { +- this(doc, X509IssuerName, new BigInteger(X509SerialNumber)); +- } ++ /** ++ * Constructor XMLX509IssuerSerial ++ * ++ * @param doc ++ * @param x509IssuerName ++ * @param x509SerialNumber ++ */ ++ public XMLX509IssuerSerial(Document doc, String x509IssuerName, ++ int x509SerialNumber) { ++ this(doc, x509IssuerName, ++ new BigInteger(Integer.toString(x509SerialNumber))); ++ } + +- /** +- * Constructor XMLX509IssuerSerial +- * +- * @param doc +- * @param X509IssuerName +- * @param X509SerialNumber +- */ +- public XMLX509IssuerSerial(Document doc, String X509IssuerName, +- int X509SerialNumber) { +- this(doc, X509IssuerName, +- new BigInteger(Integer.toString(X509SerialNumber))); +- } ++ /** ++ * Constructor XMLX509IssuerSerial ++ * ++ * @param doc ++ * @param x509certificate ++ */ ++ public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) { + +- /** +- * Constructor XMLX509IssuerSerial +- * +- * @param doc +- * @param x509certificate +- */ +- public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) { ++ this(doc, ++ RFC2253Parser.normalize(x509certificate.getIssuerDN().getName()), ++ x509certificate.getSerialNumber()); ++ } + +- this(doc, +- RFC2253Parser.normalize(x509certificate.getIssuerDN().getName()), +- x509certificate.getSerialNumber()); +- } ++ /** ++ * Method getSerialNumber ++ * ++ * @return the serial number ++ */ ++ public BigInteger getSerialNumber() { + +- /** +- * Method getSerialNumber +- * +- * +- * @return the serial number +- */ +- public BigInteger getSerialNumber() { ++ String text = this.getTextFromChildElement ++ (Constants._TAG_X509SERIALNUMBER, Constants.SignatureSpecNS); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "X509SerialNumber text: " + text); + +- String text = +- this.getTextFromChildElement(Constants._TAG_X509SERIALNUMBER, +- Constants.SignatureSpecNS); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "In dem X509SerialNumber wurde gefunden: " + text); ++ return new BigInteger(text); ++ } + +- return new BigInteger(text); +- } ++ /** ++ * Method getSerialNumberInteger ++ * ++ * @return the serial number as plain int ++ */ ++ public int getSerialNumberInteger() { ++ return this.getSerialNumber().intValue(); ++ } + +- /** +- * Method getSerialNumberInteger +- * +- * +- * @return the serial number as plain int +- */ +- public int getSerialNumberInteger() { +- return this.getSerialNumber().intValue(); +- } ++ /** ++ * Method getIssuerName ++ * ++ * @return the issuer name ++ */ ++ public String getIssuerName() { + +- /** +- * Method getIssuerName +- * +- * +- * @return the issuer name +- */ +- public String getIssuerName() { ++ return RFC2253Parser ++ .normalize(this ++ .getTextFromChildElement(Constants._TAG_X509ISSUERNAME, ++ Constants.SignatureSpecNS)); ++ } + +- return RFC2253Parser +- .normalize(this +- .getTextFromChildElement(Constants._TAG_X509ISSUERNAME, +- Constants.SignatureSpecNS)); +- } ++ /** @inheritDoc */ ++ public boolean equals(Object obj) { + +- /** @inheritDoc */ +- public boolean equals(Object obj) { ++ if (obj == null) { ++ return false; ++ } ++ if (!this.getClass().getName().equals(obj.getClass().getName())) { ++ return false; ++ } + +- if (!obj.getClass().getName().equals(this.getClass().getName())) { +- return false; +- } ++ XMLX509IssuerSerial other = (XMLX509IssuerSerial) obj; + +- XMLX509IssuerSerial other = (XMLX509IssuerSerial) obj; ++ return this.getSerialNumber().equals(other.getSerialNumber()) ++ && this.getIssuerName().equals(other.getIssuerName()); ++ } + +- +- if (other.getSerialNumber().equals(this.getSerialNumber()) +- && other.getIssuerName().equals(this.getIssuerName())) { +- return true; +- } +- +- return false; +- } +- +- /** @inheritDoc */ +- public String getBaseLocalName() { +- return Constants._TAG_X509ISSUERSERIAL; +- } ++ /** @inheritDoc */ ++ public String getBaseLocalName() { ++ return Constants._TAG_X509ISSUERSERIAL; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SKI.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content.x509; + +- +- + import java.io.IOException; + import java.io.ByteArrayInputStream; + import java.io.InputStream; +@@ -36,192 +34,143 @@ + import org.w3c.dom.Document; + import org.w3c.dom.Element; + +-import sun.security.util.DerValue; +- +- + /** + * Handles SubjectKeyIdentifier (SKI) for X.509v3. + * +- * @author $Author: raul $ +- * @see Interface X509Extension ++ * @author $Author: mullan $ ++ * @see Interface X509Extension + */ + public class XMLX509SKI extends SignatureElementProxy + implements XMLX509DataContent { + +- /** {@link java.util.logging} logging facility */ ++ /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(XMLX509SKI.class.getName()); + +- /** +- * SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14): +- * This extension identifies the public key being certified. It enables +- * distinct keys used by the same subject to be differentiated +- * (e.g., as key updating occurs). +- *
+- * A key identifer shall be unique with respect to all key identifiers +- * for the subject with which it is used. This extension is always non-critical. +- */ +- public static final String SKI_OID = "2.5.29.14"; ++ /** ++ * SubjectKeyIdentifier (id-ce-subjectKeyIdentifier) (2.5.29.14): ++ * This extension identifies the public key being certified. It enables ++ * distinct keys used by the same subject to be differentiated ++ * (e.g., as key updating occurs). ++ *
++ * A key identifer shall be unique with respect to all key identifiers ++ * for the subject with which it is used. This extension is always non-critical. ++ */ ++ public static final String SKI_OID = "2.5.29.14"; + +- /** +- * Constructor X509SKI +- * +- * @param doc +- * @param skiBytes +- */ +- public XMLX509SKI(Document doc, byte[] skiBytes) { ++ /** ++ * Constructor X509SKI ++ * ++ * @param doc ++ * @param skiBytes ++ */ ++ public XMLX509SKI(Document doc, byte[] skiBytes) { ++ super(doc); ++ this.addBase64Text(skiBytes); ++ } + +- super(doc); ++ /** ++ * Constructor XMLX509SKI ++ * ++ * @param doc ++ * @param x509certificate ++ * @throws XMLSecurityException ++ */ ++ public XMLX509SKI(Document doc, X509Certificate x509certificate) ++ throws XMLSecurityException { ++ super(doc); ++ this.addBase64Text(XMLX509SKI.getSKIBytesFromCert(x509certificate)); ++ } + +- this.addBase64Text(skiBytes); +- } ++ /** ++ * Constructor XMLX509SKI ++ * ++ * @param element ++ * @param BaseURI ++ * @throws XMLSecurityException ++ */ ++ public XMLX509SKI(Element element, String BaseURI) ++ throws XMLSecurityException { ++ super(element, BaseURI); ++ } + +- /** +- * Constructor XMLX509SKI +- * +- * @param doc +- * @param x509certificate +- * @throws XMLSecurityException +- */ +- public XMLX509SKI(Document doc, X509Certificate x509certificate) +- throws XMLSecurityException { ++ /** ++ * Method getSKIBytes ++ * ++ * @return the skibytes ++ * @throws XMLSecurityException ++ */ ++ public byte[] getSKIBytes() throws XMLSecurityException { ++ return this.getBytesFromTextChild(); ++ } + +- super(doc); ++ /** ++ * Method getSKIBytesFromCert ++ * ++ * @param cert ++ * @return ski bytes from the given certificate ++ * ++ * @throws XMLSecurityException ++ * @see java.security.cert.X509Extension#getExtensionValue(java.lang.String) ++ */ ++ public static byte[] getSKIBytesFromCert(X509Certificate cert) ++ throws XMLSecurityException { + +- this.addBase64Text(XMLX509SKI.getSKIBytesFromCert(x509certificate)); +- } +- +- /** +- * Constructor XMLX509SKI +- * +- * @param element +- * @param BaseURI +- * @throws XMLSecurityException +- */ +- public XMLX509SKI(Element element, String BaseURI) +- throws XMLSecurityException { +- super(element, BaseURI); +- } +- +- /** +- * Method getSKIBytes +- * +- * @return the skibytes +- * @throws XMLSecurityException +- */ +- public byte[] getSKIBytes() throws XMLSecurityException { +- return this.getBytesFromTextChild(); +- } +- +- /** +- * Method getSKIBytesFromCert +- * +- * @param cert +- * @return sky bytes from the given certificate +- * +- * @throws XMLSecurityException +- * @see java.security.cert.X509Extension#getExtensionValue(java.lang.String) +- */ +- public static byte[] getSKIBytesFromCert(X509Certificate cert) +- throws XMLSecurityException { +- +- try { +- +- /* +- * Gets the DER-encoded OCTET string for the extension value (extnValue) +- * identified by the passed-in oid String. The oid string is +- * represented by a set of positive whole numbers separated by periods. +- */ +- byte[] derEncodedValue = cert.getExtensionValue(XMLX509SKI.SKI_OID); +- +- if (cert.getVersion() < 3) { ++ if (cert.getVersion() < 3) { + Object exArgs[] = { new Integer(cert.getVersion()) }; +- + throw new XMLSecurityException("certificate.noSki.lowVersion", + exArgs); +- } ++ } + +- byte[] extensionValue = null; ++ /* ++ * Gets the DER-encoded OCTET string for the extension value ++ * (extnValue) identified by the passed-in oid String. The oid ++ * string is represented by a set of positive whole numbers ++ * separated by periods. ++ */ ++ byte[] extensionValue = cert.getExtensionValue(XMLX509SKI.SKI_OID); ++ if (extensionValue == null) { ++ throw new XMLSecurityException("certificate.noSki.null"); ++ } + +- /** +- * Use sun.security.util.DerValue if it is present. +- */ +- try { +- DerValue dervalue = new DerValue(derEncodedValue); +- if (dervalue == null) { +- throw new XMLSecurityException("certificate.noSki.null"); +- } +- if (dervalue.tag != DerValue.tag_OctetString) { +- throw new XMLSecurityException("certificate.noSki.notOctetString"); +- } +- extensionValue = dervalue.getOctetString(); +- } catch (NoClassDefFoundError e) { +- } ++ /** ++ * Strip away first four bytes from the extensionValue ++ * The first two bytes are the tag and length of the extensionValue ++ * OCTET STRING, and the next two bytes are the tag and length of ++ * the skid OCTET STRING. ++ */ ++ byte skidValue[] = new byte[extensionValue.length - 4]; + +- /** +- * Fall back to org.bouncycastle.asn1.DERInputStream +- */ +- if (extensionValue == null) { +- try { +- Class clazz = Class.forName("org.bouncycastle.asn1.DERInputStream"); +- if (clazz != null) { +- Constructor constructor = clazz.getConstructor(new Class[]{InputStream.class}); +- InputStream is = (InputStream) constructor.newInstance(new Object[]{new ByteArrayInputStream(derEncodedValue)}); +- Method method = clazz.getMethod("readObject", new Class[]{}); +- Object obj = method.invoke(is, new Object[]{}); +- if (obj == null) { +- throw new XMLSecurityException("certificate.noSki.null"); +- } +- Class clazz2 = Class.forName("org.bouncycastle.asn1.ASN1OctetString"); +- if (!clazz2.isInstance(obj)) { +- throw new XMLSecurityException("certificate.noSki.notOctetString"); +- } +- Method method2 = clazz2.getMethod("getOctets", new Class[]{}); +- extensionValue = (byte[]) method2.invoke(obj, new Object[]{}); +- } +- } catch (Throwable t) { +- } +- } ++ System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length); + +- /** +- * Strip away first two bytes from the DerValue (tag and length) +- */ +- byte abyte0[] = new byte[extensionValue.length - 2]; ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue)); ++ } + +- System.arraycopy(extensionValue, 2, abyte0, 0, abyte0.length); ++ return skidValue; ++ } + +- /* +- byte abyte0[] = new byte[derEncodedValue.length - 4]; +- System.arraycopy(derEncodedValue, 4, abyte0, 0, abyte0.length); +- */ +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(abyte0)); ++ /** @inheritDoc */ ++ public boolean equals(Object obj) { ++ if (obj == null) { ++ return false; ++ } ++ if (!this.getClass().getName().equals(obj.getClass().getName())) { ++ return false; ++ } + +- return abyte0; +- } catch (IOException ex) { +- throw new XMLSecurityException("generic.EmptyMessage", ex); +- } +- } ++ XMLX509SKI other = (XMLX509SKI) obj; + +- /** @inheritDoc */ +- public boolean equals(Object obj) { ++ try { ++ return java.security.MessageDigest.isEqual(other.getSKIBytes(), ++ this.getSKIBytes()); ++ } catch (XMLSecurityException ex) { ++ return false; ++ } ++ } + +- if (!obj.getClass().getName().equals(this.getClass().getName())) { +- return false; +- } +- +- XMLX509SKI other = (XMLX509SKI) obj; +- +- try { +- return java.security.MessageDigest.isEqual(other.getSKIBytes(), +- this.getSKIBytes()); +- } catch (XMLSecurityException ex) { +- return false; +- } +- } +- +- /** @inheritDoc */ +- public String getBaseLocalName() { +- return Constants._TAG_X509SKI; +- } ++ /** @inheritDoc */ ++ public String getBaseLocalName() { ++ return Constants._TAG_X509SKI; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/content/x509/XMLX509SubjectName.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.content.x509; + +- +- + import java.security.cert.X509Certificate; + + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; +@@ -33,15 +31,11 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class XMLX509SubjectName extends SignatureElementProxy + implements XMLX509DataContent { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(XMLX509SubjectName.class.getName()); +- + /** + * Constructor X509SubjectName + * +@@ -88,23 +82,21 @@ + return RFC2253Parser.normalize(this.getTextFromTextChild()); + } + +- /** @inheritDoc */ +- public boolean equals(Object obj) { ++ /** @inheritDoc */ ++ public boolean equals(Object obj) { ++ if (obj == null) { ++ return false; ++ } + +- if (!obj.getClass().getName().equals(this.getClass().getName())) { +- return false; +- } ++ if (!this.getClass().getName().equals(obj.getClass().getName())) { ++ return false; ++ } + +- XMLX509SubjectName other = (XMLX509SubjectName) obj; +- String otherSubject = other.getSubjectName(); +- String thisSubject = this.getSubjectName(); ++ XMLX509SubjectName other = (XMLX509SubjectName) obj; ++ String otherSubject = other.getSubjectName(); ++ String thisSubject = this.getSubjectName(); + +- if (otherSubject.equals(thisSubject)) { +- return true; +- } +- +- return false; +- ++ return thisSubject.equals(otherSubject); + } + + /** @inheritDoc */ +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/InvalidKeyResolverException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -29,7 +28,7 @@ + /** + * + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class InvalidKeyResolverException extends XMLSecurityException { + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -26,6 +25,7 @@ + import java.security.PublicKey; + import java.security.cert.X509Certificate; + import java.util.ArrayList; ++import java.util.Iterator; + import java.util.List; + + import javax.crypto.SecretKey; +@@ -39,7 +39,8 @@ + * KeyResolver is factory class for subclass of KeyResolverSpi that + * represent child element of KeyInfo. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version %I%, %G% + */ + public class KeyResolver { + +@@ -72,6 +73,7 @@ + InstantiationException { + this._resolverSpi = + (KeyResolverSpi) Class.forName(className).newInstance(); ++ this._resolverSpi.setGlobalResolver(true); + } + + /** +@@ -83,21 +85,17 @@ + return KeyResolver._resolverVector.size(); + } + +- /** +- * Method item +- * +- * @param i +- * @return the number i resolver registerd +- * @throws KeyResolverException +- */ +- public static KeyResolver item(int i) throws KeyResolverException { +- +- KeyResolver resolver = (KeyResolver) KeyResolver._resolverVector.get(i); +- if (resolver==null) { +- throw new KeyResolverException("utils.resolver.noClass"); +- } +- +- return resolver; ++ public static void hit(Iterator hintI) { ++ ResolverIterator hint = (ResolverIterator) hintI; ++ int i = hint.i; ++ if (i!=1 && hint.res ==_resolverVector) { ++ List resolverVector=(List)((ArrayList)_resolverVector).clone(); ++ Object ob=resolverVector.remove(i-1); ++ resolverVector.add(0,ob); ++ _resolverVector=resolverVector; ++ } else { ++ //System.out.println("KeyResolver hitting"); ++ } + } + + /** +@@ -106,17 +104,19 @@ + * @param element + * @param BaseURI + * @param storage +- * @return the instance that happends to implement the thing. ++ * @return The certificate represented by the element. + * + * @throws KeyResolverException + */ +- public static final KeyResolver getInstance( ++ public static final X509Certificate getX509Certificate( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { + +- for (int i = 0; i < KeyResolver._resolverVector.size(); i++) { ++ // use the old vector to not be hit by updates ++ List resolverVector = KeyResolver._resolverVector; ++ for (int i = 0; i < resolverVector.size(); i++) { + KeyResolver resolver= +- (KeyResolver) KeyResolver._resolverVector.get(i); ++ (KeyResolver) resolverVector.get(i); + + if (resolver==null) { + Object exArgs[] = { +@@ -127,11 +127,63 @@ + + throw new KeyResolverException("utils.resolver.noClass", exArgs); + } +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass()); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass()); + +- if (resolver.canResolve(element, BaseURI, storage)) { +- return resolver; ++ X509Certificate cert=resolver.resolveX509Certificate(element, BaseURI, storage); ++ if (cert!=null) { ++ return cert; ++ } ++ } ++ ++ Object exArgs[] = { ++ (((element != null) && (element.getNodeType() == Node.ELEMENT_NODE)) ++ ? element.getTagName() ++ : "null") }; ++ ++ throw new KeyResolverException("utils.resolver.noClass", exArgs); ++ } ++ /** ++ * Method getInstance ++ * ++ * @param element ++ * @param BaseURI ++ * @param storage ++ * @return the public key contained in the element ++ * ++ * @throws KeyResolverException ++ */ ++ public static final PublicKey getPublicKey( ++ Element element, String BaseURI, StorageResolver storage) ++ throws KeyResolverException { ++ ++ List resolverVector = KeyResolver._resolverVector; ++ for (int i = 0; i < resolverVector.size(); i++) { ++ KeyResolver resolver= ++ (KeyResolver) resolverVector.get(i); ++ ++ if (resolver==null) { ++ Object exArgs[] = { ++ (((element != null) ++ && (element.getNodeType() == Node.ELEMENT_NODE)) ++ ? element.getTagName() ++ : "null") }; ++ ++ throw new KeyResolverException("utils.resolver.noClass", exArgs); ++ } ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass()); ++ ++ PublicKey cert=resolver.resolvePublicKey(element, BaseURI, storage); ++ if (cert!=null) { ++ if (i!=0 && resolverVector==_resolverVector) { ++ //update resolver. ++ resolverVector=(List)((ArrayList)_resolverVector).clone(); ++ Object ob=resolverVector.remove(i); ++ resolverVector.add(0,ob); ++ _resolverVector=resolverVector; ++ } ++ return cert; + } + } + +@@ -182,34 +234,6 @@ + KeyResolver._resolverVector.add(0, className); + } + +- /* +- * Method resolve +- * +- * @param element +- * +- * @throws KeyResolverException +- */ +- +- /** +- * Method resolveStatic +- * +- * @param element +- * @param BaseURI +- * @param storage +- * @return resolve from the static register an element +- * +- * @throws KeyResolverException +- */ +- public static PublicKey resolveStatic( +- Element element, String BaseURI, StorageResolver storage) +- throws KeyResolverException { +- +- KeyResolver myResolver = KeyResolver.getInstance(element, BaseURI, +- storage); +- +- return myResolver.resolvePublicKey(element, BaseURI, storage); +- } +- + /** + * Method resolve + * +@@ -223,7 +247,7 @@ + public PublicKey resolvePublicKey( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { +- return this._resolverSpi.engineResolvePublicKey(element, BaseURI, storage); ++ return this._resolverSpi.engineLookupAndResolvePublicKey(element, BaseURI, storage); + } + + /** +@@ -239,7 +263,7 @@ + public X509Certificate resolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { +- return this._resolverSpi.engineResolveX509Certificate(element, BaseURI, ++ return this._resolverSpi.engineLookupResolveX509Certificate(element, BaseURI, + storage); + } + +@@ -253,7 +277,7 @@ + public SecretKey resolveSecretKey( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { +- return this._resolverSpi.engineResolveSecretKey(element, BaseURI, ++ return this._resolverSpi.engineLookupAndResolveSecretKey(element, BaseURI, + storage); + } + +@@ -277,14 +301,6 @@ + return this._resolverSpi.engineGetProperty(key); + } + +- /** +- * Method getPropertyKeys +- * +- * @return the properties key registerd in this resolver +- */ +- public String[] getPropertyKeys() { +- return this._resolverSpi.engineGetPropertyKeys(); +- } + + /** + * Method understandsProperty +@@ -296,18 +312,6 @@ + return this._resolverSpi.understandsProperty(propertyToTest); + } + +- /** +- * Method canResolve +- * +- * @param element +- * @param BaseURI +- * @param storage +- * @return true if can resolve the key in the element +- */ +- public boolean canResolve(Element element, String BaseURI, +- StorageResolver storage) { +- return this._resolverSpi.engineCanResolve(element, BaseURI, storage); +- } + + /** + * Method resolverClassName +@@ -317,4 +321,37 @@ + public String resolverClassName() { + return this._resolverSpi.getClass().getName(); + } ++ ++ static class ResolverIterator implements Iterator { ++ List res; ++ Iterator it; ++ int i; ++ public ResolverIterator(List list) { ++ res = list; ++ it = res.iterator(); ++ } ++ public boolean hasNext() { ++ // TODO Auto-generated method stub ++ return it.hasNext(); ++ } ++ ++ public Object next() { ++ i++; ++ KeyResolver resolver = (KeyResolver) it.next(); ++ if (resolver==null) { ++ throw new RuntimeException("utils.resolver.noClass"); ++ } ++ ++ return resolver._resolverSpi; ++ } ++ ++ public void remove() { ++ // TODO Auto-generated method stub ++ ++ } ++ ++ }; ++ public static Iterator iterator() { ++ return new ResolverIterator(_resolverVector); ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -31,7 +30,7 @@ + * + * + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * + */ + public class KeyResolverException extends XMLSecurityException { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java +@@ -20,17 +20,15 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.keyresolver; + +- +- + import java.security.PublicKey; + import java.security.cert.X509Certificate; ++import java.util.HashMap; + + import javax.crypto.SecretKey; + + import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; + import org.w3c.dom.Element; + +- + /** + * This class is abstract class for a child KeyInfo Elemnet. + * +@@ -41,14 +39,10 @@ + * JAVACLASS="MyPackage.MyKeyValueImpl"//gt; + * + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public abstract class KeyResolverSpi { +- +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(KeyResolverSpi.class.getName()); +- + /** + * This method helps the {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver} to decide whether a + * {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi} is able to perform the requested action. +@@ -56,10 +50,12 @@ + * @param element + * @param BaseURI + * @param storage +- * @return true if can resolve the key in the element ++ * @return + */ +- abstract public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage); ++ public boolean engineCanResolve(Element element, String BaseURI, ++ StorageResolver storage) { ++ throw new UnsupportedOperationException(); ++ } + + /** + * Method engineResolvePublicKey +@@ -71,9 +67,60 @@ + * + * @throws KeyResolverException + */ +- abstract public PublicKey engineResolvePublicKey( ++ public PublicKey engineResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) +- throws KeyResolverException; ++ throws KeyResolverException { ++ throw new UnsupportedOperationException(); ++ }; ++ ++ /** ++ * Method engineResolvePublicKey ++ * ++ * @param element ++ * @param BaseURI ++ * @param storage ++ * @return resolved public key from the registered from the element. ++ * ++ * @throws KeyResolverException ++ */ ++ public PublicKey engineLookupAndResolvePublicKey( ++ Element element, String BaseURI, StorageResolver storage) ++ throws KeyResolverException { ++ KeyResolverSpi tmp = cloneIfNeeded(); ++ if (!tmp.engineCanResolve(element, BaseURI, storage)) ++ return null; ++ return tmp.engineResolvePublicKey(element, BaseURI, storage); ++ } ++ ++ private KeyResolverSpi cloneIfNeeded() throws KeyResolverException { ++ KeyResolverSpi tmp=this; ++ if (globalResolver) { ++ try { ++ tmp = (KeyResolverSpi) getClass().newInstance(); ++ } catch (InstantiationException e) { ++ throw new KeyResolverException("",e); ++ } catch (IllegalAccessException e) { ++ throw new KeyResolverException("",e); ++ } ++ } ++ return tmp; ++ } ++ ++ /** ++ * Method engineResolveCertificate ++ * ++ * @param element ++ * @param BaseURI ++ * @param storage ++ * @return resolved X509Certificate key from the registered from the elements ++ * ++ * @throws KeyResolverException ++ */ ++ public X509Certificate engineResolveX509Certificate( ++ Element element, String BaseURI, StorageResolver storage) ++ throws KeyResolverException{ ++ throw new UnsupportedOperationException(); ++ }; + + /** + * Method engineResolveCertificate +@@ -85,9 +132,30 @@ + * + * @throws KeyResolverException + */ +- abstract public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) +- throws KeyResolverException; ++ throws KeyResolverException { ++ KeyResolverSpi tmp = cloneIfNeeded(); ++ if (!tmp.engineCanResolve(element, BaseURI, storage)) ++ return null; ++ return tmp.engineResolveX509Certificate(element, BaseURI, storage); ++ ++ } ++ /** ++ * Method engineResolveSecretKey ++ * ++ * @param element ++ * @param BaseURI ++ * @param storage ++ * @return resolved SecretKey key from the registered from the elements ++ * ++ * @throws KeyResolverException ++ */ ++ public SecretKey engineResolveSecretKey( ++ Element element, String BaseURI, StorageResolver storage) ++ throws KeyResolverException{ ++ throw new UnsupportedOperationException(); ++ }; + + /** + * Method engineResolveSecretKey +@@ -99,12 +167,19 @@ + * + * @throws KeyResolverException + */ +- abstract public SecretKey engineResolveSecretKey( ++ public SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage) +- throws KeyResolverException; ++ throws KeyResolverException { ++ KeyResolverSpi tmp = cloneIfNeeded(); ++ if (!tmp.engineCanResolve(element, BaseURI, storage)) ++ return null; ++ return tmp.engineResolveSecretKey(element, BaseURI, storage); ++ } + + /** Field _properties */ +- protected java.util.Map _properties = new java.util.HashMap(10); ++ protected java.util.Map _properties = null; ++ ++ protected boolean globalResolver=false; + + /** + * Method engineSetProperty +@@ -113,19 +188,8 @@ + * @param value + */ + public void engineSetProperty(String key, String value) { +- +- java.util.Iterator i = this._properties.keySet().iterator(); +- +- while (i.hasNext()) { +- String c = (String) i.next(); +- +- if (c.equals(key)) { +- key = c; +- +- break; +- } +- } +- ++ if (_properties==null) ++ _properties=new HashMap(); + this._properties.put(key, value); + } + +@@ -136,49 +200,26 @@ + * @return obtain the property appointed by key + */ + public String engineGetProperty(String key) { +- +- java.util.Iterator i = this._properties.keySet().iterator(); +- +- while (i.hasNext()) { +- String c = (String) i.next(); +- +- if (c.equals(key)) { +- key = c; +- +- break; +- } +- } ++ if (_properties==null) ++ return null; + + return (String) this._properties.get(key); + } + + /** +- * Method engineGetPropertyKeys +- * +- * @return the keys of properties known by this resolver +- */ +- public String[] engineGetPropertyKeys() { +- return new String[0]; +- } +- +- /** + * Method understandsProperty + * + * @param propertyToTest + * @return true if understood the property + */ + public boolean understandsProperty(String propertyToTest) { ++ if (_properties==null) ++ return false; + +- String[] understood = this.engineGetPropertyKeys(); ++ return this._properties.get(propertyToTest)!=null; ++ } ++ public void setGlobalResolver(boolean globalResolver) { ++ this.globalResolver = globalResolver; ++ } + +- if (understood != null) { +- for (int i = 0; i < understood.length; i++) { +- if (understood[i].equals(propertyToTest)) { +- return true; +- } +- } +- } +- +- return false; +- } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/DSAKeyValueResolver.java +@@ -37,46 +37,10 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class DSAKeyValueResolver extends KeyResolverSpi { + +- /** Field _dsaKeyElement */ +- private Element _dsaKeyElement = null; +- +- /** @inheritDoc */ +- public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage) { +- +- if (element == null) { +- return false; +- } +- +- boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element, +- Constants._TAG_KEYVALUE); +- boolean isDSAKeyValue = XMLUtils.elementIsInSignatureSpace(element, +- Constants._TAG_DSAKEYVALUE); +- +- if (isKeyValue) { +- +- this._dsaKeyElement = +- XMLUtils.selectDsNode(element.getFirstChild(),Constants._TAG_DSAKEYVALUE,0); +- +- if (this._dsaKeyElement != null) { +- return true; +- } +- } else if (isDSAKeyValue) { +- +- // this trick is needed to allow the RetrievalMethodResolver to eat a +- // ds:DSAKeyValue directly (without KeyValue) +- this._dsaKeyElement = element; +- +- return true; +- } +- +- return false; +- } +- + /** + * Method engineResolvePublicKey + * +@@ -85,20 +49,30 @@ + * @param storage + * @return null if no {@link PublicKey} could be obtained + */ +- public PublicKey engineResolvePublicKey( ++ public PublicKey engineLookupAndResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) { ++ if (element == null) { ++ return null; ++ } ++ Element dsaKeyElement=null; ++ boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_KEYVALUE); ++ if (isKeyValue) { ++ dsaKeyElement = ++ XMLUtils.selectDsNode(element.getFirstChild(),Constants._TAG_DSAKEYVALUE,0); ++ } else if (XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_DSAKEYVALUE)) { ++ // this trick is needed to allow the RetrievalMethodResolver to eat a ++ // ds:DSAKeyValue directly (without KeyValue) ++ dsaKeyElement = element; ++ } + +- if (this._dsaKeyElement == null) { +- boolean weCanResolve = this.engineCanResolve(element, BaseURI, +- storage); +- +- if (!weCanResolve || (this._dsaKeyElement == null)) { +- return null; +- } ++ if (dsaKeyElement == null) { ++ return null; + } + + try { +- DSAKeyValue dsaKeyValue = new DSAKeyValue(this._dsaKeyElement, ++ DSAKeyValue dsaKeyValue = new DSAKeyValue(dsaKeyElement, + BaseURI); + PublicKey pk = dsaKeyValue.getPublicKey(); + +@@ -112,13 +86,13 @@ + + + /** @inheritDoc */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) { + return null; + } + + /** @inheritDoc */ +- public javax.crypto.SecretKey engineResolveSecretKey( ++ public javax.crypto.SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage){ + return null; + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/EncryptedKeyResolver.java +@@ -56,7 +56,6 @@ + RSAKeyValueResolver.class.getName()); + + +- Key _key; + Key _kek; + String _algorithm; + +@@ -66,7 +65,6 @@ + * @param algorithm + */ + public EncryptedKeyResolver(String algorithm) { +- _key = null; + _kek = null; + _algorithm=algorithm; + } +@@ -78,64 +76,49 @@ + */ + + public EncryptedKeyResolver(String algorithm, Key kek) { +- _key = null; + _algorithm = algorithm; + _kek = kek; + + } + +- /** +- * Method engineCanResolve +- * +- * @param element +- * @param BaseURI +- * @param storage +- * @return true if can resolve the key in the element +- * +- */ +- +- public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName()); +- +- if (element == null) { +- return false; +- } +- +- boolean isEncryptedKey = XMLUtils.elementIsInEncryptionSpace(element, +- EncryptionConstants._TAG_ENCRYPTEDKEY); +- +- if (isEncryptedKey) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key"); +- try { +- XMLCipher cipher = XMLCipher.getInstance(); +- cipher.init(XMLCipher.UNWRAP_MODE, _kek); +- EncryptedKey ek = cipher.loadEncryptedKey(element); +- _key = cipher.decryptKey(ek, _algorithm); +- } +- catch (Exception e) {} +- } +- +- return (_key != null); +- } +- + /** @inheritDoc */ +- public PublicKey engineResolvePublicKey( ++ public PublicKey engineLookupAndResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) { + + return null; + } + + /** @inheritDoc */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) { + return null; + } + + /** @inheritDoc */ +- public javax.crypto.SecretKey engineResolveSecretKey( ++ public javax.crypto.SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage) { +- return (SecretKey) _key; ++ SecretKey key=null; ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName()); ++ ++ if (element == null) { ++ return null; ++ } ++ ++ boolean isEncryptedKey = XMLUtils.elementIsInEncryptionSpace(element, ++ EncryptionConstants._TAG_ENCRYPTEDKEY); ++ ++ if (isEncryptedKey) { ++ log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key"); ++ try { ++ XMLCipher cipher = XMLCipher.getInstance(); ++ cipher.init(XMLCipher.UNWRAP_MODE, _kek); ++ EncryptedKey ek = cipher.loadEncryptedKey(element); ++ key = (SecretKey) cipher.decryptKey(ek, _algorithm); ++ } ++ catch (Exception e) {} ++ } ++ ++ return key; + } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RSAKeyValueResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -38,7 +37,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class RSAKeyValueResolver extends KeyResolverSpi { + +@@ -48,75 +47,55 @@ + RSAKeyValueResolver.class.getName()); + + /** Field _rsaKeyElement */ +- private Element _rsaKeyElement = null; ++ + + /** @inheritDoc */ +- public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName()); +- ++ public PublicKey engineLookupAndResolvePublicKey( ++ Element element, String BaseURI, StorageResolver storage) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName()); + if (element == null) { +- return false; ++ return null; + } + +- boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element, +- Constants._TAG_KEYVALUE); +- boolean isRSAKeyValue = XMLUtils.elementIsInSignatureSpace(element, +- Constants._TAG_RSAKEYVALUE); +- +- if (isKeyValue) { +- this._rsaKeyElement = XMLUtils.selectDsNode(element.getFirstChild(), +- Constants._TAG_RSAKEYVALUE, 0); +- +- if (this._rsaKeyElement != null) { +- return true; +- } +- } else if (isRSAKeyValue) { +- ++ boolean isKeyValue = XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_KEYVALUE); ++ Element rsaKeyElement=null; ++ if (isKeyValue) { ++ rsaKeyElement = XMLUtils.selectDsNode(element.getFirstChild(), ++ Constants._TAG_RSAKEYVALUE, 0); ++ } else if (XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_RSAKEYVALUE)) { + // this trick is needed to allow the RetrievalMethodResolver to eat a + // ds:RSAKeyValue directly (without KeyValue) +- this._rsaKeyElement = element; ++ rsaKeyElement = element; ++ } + +- return true; +- } + +- return false; +- } +- +- /** @inheritDoc */ +- public PublicKey engineResolvePublicKey( +- Element element, String BaseURI, StorageResolver storage) { +- +- if (this._rsaKeyElement == null) { +- boolean weCanResolve = this.engineCanResolve(element, BaseURI, +- storage); +- +- if (!weCanResolve || (this._rsaKeyElement == null)) { +- return null; +- } ++ if (rsaKeyElement == null) { ++ return null; + } + + try { +- RSAKeyValue rsaKeyValue = new RSAKeyValue(this._rsaKeyElement, ++ RSAKeyValue rsaKeyValue = new RSAKeyValue(rsaKeyElement, + BaseURI); + + return rsaKeyValue.getPublicKey(); + } catch (XMLSecurityException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); ++ log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); + } + + return null; + } + + /** @inheritDoc */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) { + return null; + } + + /** @inheritDoc */ +- public javax.crypto.SecretKey engineResolveSecretKey( ++ public javax.crypto.SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage) { + return null; + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java +@@ -28,7 +28,15 @@ + import java.security.cert.CertificateException; + import java.security.cert.CertificateFactory; + import java.security.cert.X509Certificate; ++import java.util.ArrayList; ++import java.util.Iterator; ++import java.util.List; ++import java.util.ListIterator; ++import java.util.Set; + ++import javax.xml.parsers.ParserConfigurationException; ++ ++import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod; + import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate; +@@ -44,6 +52,7 @@ + import org.w3c.dom.Attr; + import org.w3c.dom.Element; + import org.w3c.dom.Node; ++import org.xml.sax.SAXException; + + + /** +@@ -55,7 +64,7 @@ + * RetrievalMethodResolver cannot handle itself, resolving of the extracted + * element is delegated back to the KeyResolver mechanism. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ modified by Dave Garcia + */ + public class RetrievalMethodResolver extends KeyResolverSpi { + +@@ -65,26 +74,6 @@ + RetrievalMethodResolver.class.getName()); + + /** +- * Method engineCanResolve +- * @inheritDoc +- * @param element +- * @param BaseURI +- * @param storage +- * +- */ +- public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage) { +- +- if +- (!XMLUtils.elementIsInSignatureSpace(element, +- Constants._TAG_RETRIEVALMETHOD)) { +- return false; +- } +- +- return true; +- } +- +- /** + * Method engineResolvePublicKey + * @inheritDoc + * @param element +@@ -92,82 +81,59 @@ + * @param storage + * + */ +- public PublicKey engineResolvePublicKey( ++ public PublicKey engineLookupAndResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) + { ++ if (!XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_RETRIEVALMETHOD)) { ++ return null; ++ } + + try { +- RetrievalMethod rm = new RetrievalMethod(element, BaseURI); +- Attr uri = rm.getURIAttr(); ++ //Create a retrieval method over the given element ++ RetrievalMethod rm = new RetrievalMethod(element, BaseURI); ++ String type = rm.getType(); ++ XMLSignatureInput resource=resolveInput(rm,BaseURI); ++ if (RetrievalMethod.TYPE_RAWX509.equals(type)) { ++ //a raw certificate, direct parsing is done! ++ X509Certificate cert=getRawCertificate(resource); ++ if (cert != null) { ++ return cert.getPublicKey(); ++ } ++ return null; ++ }; ++ Element e = obtainRefrenceElement(resource); ++ return resolveKey(e,BaseURI,storage); ++ } catch (XMLSecurityException ex) { ++ log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); ++ } catch (CertificateException ex) { ++ log.log(java.util.logging.Level.FINE, "CertificateException", ex); ++ } catch (IOException ex) { ++ log.log(java.util.logging.Level.FINE, "IOException", ex); ++ } catch (ParserConfigurationException e) { ++ log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e); ++ } catch (SAXException e) { ++ log.log(java.util.logging.Level.FINE, "SAXException", e); ++ } ++ return null; ++ } + +- // type can be null because it's optional +- String type = rm.getType(); +- Transforms transforms = rm.getTransforms(); +- ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI); +- +- if (resRes != null) { +- XMLSignatureInput resource = resRes.resolve(uri, BaseURI); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has " +- + resource.getBytes().length + "bytes"); +- +- if (transforms != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms"); +- +- resource = transforms.performTransforms(resource); +- } +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has " +- + resource.getBytes().length + "bytes"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI()); +- } +- +- byte inputBytes[] = resource.getBytes(); +- +- if ((type != null) && type.equals(RetrievalMethod.TYPE_RAWX509)) { +- +- // if the resource stores a raw certificate, we have to handle it +- CertificateFactory certFact = +- CertificateFactory +- .getInstance(XMLX509Certificate.JCA_CERT_ID); +- X509Certificate cert = +- (X509Certificate) certFact +- .generateCertificate(new ByteArrayInputStream(inputBytes)); +- +- if (cert != null) { +- return cert.getPublicKey(); +- } +- } else { +- +- // otherwise, we parse the resource, create an Element and delegate +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes"); +- +- Element e = this.getDocFromBytes(inputBytes); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}" +- + e.getLocalName() + " Element"); +- +- if (e != null) { +- KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e), +- BaseURI, storage); +- +- if (newKeyResolver != null) { +- return newKeyResolver.resolvePublicKey(getFirstElementChild(e), BaseURI, +- storage); +- } +- } +- } +- } +- } catch (XMLSecurityException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); +- } catch (CertificateException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex); +- } catch (IOException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex); +- } +- +- return null; ++ static private Element obtainRefrenceElement(XMLSignatureInput resource) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException, KeyResolverException { ++ Element e; ++ if (resource.isElement()){ ++ e=(Element) resource.getSubNode(); ++ } else if (resource.isNodeSet()) { ++ //Retrieved resource is a nodeSet ++ e=getDocumentElement(resource.getNodeSet()); ++ } else { ++ //Retrieved resource is an inputStream ++ byte inputBytes[] = resource.getBytes(); ++ e = getDocFromBytes(inputBytes); ++ //otherwise, we parse the resource, create an Element and delegate ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes"); ++ } ++ return e; + } + + /** +@@ -178,85 +144,100 @@ + * @param storage + * + */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) + { ++ if (!XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_RETRIEVALMETHOD)) { ++ return null; ++ } + +- try { ++ try { + RetrievalMethod rm = new RetrievalMethod(element, BaseURI); +- Attr uri = rm.getURIAttr(); +- Transforms transforms = rm.getTransforms(); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Asked to resolve URI " + uri); ++ String type = rm.getType(); ++ XMLSignatureInput resource=resolveInput(rm,BaseURI); ++ if (RetrievalMethod.TYPE_RAWX509.equals(type)) { ++ X509Certificate cert=getRawCertificate(resource); ++ return cert; ++ } ++ Element e = obtainRefrenceElement(resource); ++ return resolveCertificate(e,BaseURI,storage); ++ } catch (XMLSecurityException ex) { ++ log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); ++ } catch (CertificateException ex) { ++ log.log(java.util.logging.Level.FINE, "CertificateException", ex); ++ } catch (IOException ex) { ++ log.log(java.util.logging.Level.FINE, "IOException", ex); ++ } catch (ParserConfigurationException e) { ++ log.log(java.util.logging.Level.FINE, "ParserConfigurationException", e); ++ } catch (SAXException e) { ++ log.log(java.util.logging.Level.FINE, "SAXException", e); ++ } ++ return null; ++ } + +- ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI); ++ /** ++ * Retrieves a x509Certificate from the given information ++ * @param e ++ * @param BaseURI ++ * @param storage ++ * @return ++ * @throws KeyResolverException ++ */ ++ static private X509Certificate resolveCertificate(Element e,String BaseURI,StorageResolver storage) throws KeyResolverException{ ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"+ e.getLocalName() + " Element"); ++ //An element has been provided ++ if (e != null) { ++ return KeyResolver.getX509Certificate(e,BaseURI, storage); ++ } ++ return null; ++ } + +- if (resRes != null) { +- XMLSignatureInput resource = resRes.resolve(uri, BaseURI); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has " +- + resource.getBytes().length + "bytes"); ++ /** ++ * Retrieves a x509Certificate from the given information ++ * @param e ++ * @param BaseURI ++ * @param storage ++ * @return ++ * @throws KeyResolverException ++ */ ++ static private PublicKey resolveKey(Element e,String BaseURI,StorageResolver storage) throws KeyResolverException{ ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"+ e.getLocalName() + " Element"); ++ //An element has been provided ++ if (e != null) { ++ return KeyResolver.getPublicKey(e,BaseURI, storage); ++ } ++ return null; ++ } + +- if (transforms != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms"); +- +- resource = transforms.performTransforms(resource); +- } +- +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has " +- + resource.getBytes().length + "bytes"); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI()); +- } +- +- byte inputBytes[] = resource.getBytes(); +- +- if ((rm.getType() != null) +- && rm.getType().equals(RetrievalMethod.TYPE_RAWX509)) { +- +- // if the resource stores a raw certificate, we have to handle it +- CertificateFactory certFact = +- CertificateFactory +- .getInstance(XMLX509Certificate.JCA_CERT_ID); +- X509Certificate cert = +- (X509Certificate) certFact +- .generateCertificate(new ByteArrayInputStream(inputBytes)); +- +- if (cert != null) { +- return cert; +- } +- } else { +- +- // otherwise, we parse the resource, create an Element and delegate +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes"); +- +- Element e = this.getDocFromBytes(inputBytes); +- +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}" +- + e.getLocalName() + " Element"); +- +- if (e != null) { +- KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e), +- BaseURI, storage); +- +- if (newKeyResolver != null) { +- return newKeyResolver.resolveX509Certificate(getFirstElementChild(e), BaseURI, +- storage); +- } +- } +- } +- } +- } catch (XMLSecurityException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); +- } catch (CertificateException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex); +- } catch (IOException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex); +- } +- +- return null; ++ static private X509Certificate getRawCertificate(XMLSignatureInput resource) throws CanonicalizationException, IOException, CertificateException{ ++ byte inputBytes[] = resource.getBytes(); ++ // if the resource stores a raw certificate, we have to handle it ++ CertificateFactory certFact =CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID); ++ X509Certificate cert =(X509Certificate) certFact.generateCertificate(new ByteArrayInputStream(inputBytes)); ++ return cert; ++ } ++ /** ++ * Resolves the input from the given retrieval method ++ * @return ++ * @throws XMLSecurityException ++ */ ++ static private XMLSignatureInput resolveInput(RetrievalMethod rm,String BaseURI) throws XMLSecurityException{ ++ Attr uri = rm.getURIAttr(); ++ //Apply the trnasforms ++ Transforms transforms = rm.getTransforms(); ++ ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI); ++ if (resRes != null) { ++ XMLSignatureInput resource = resRes.resolve(uri, BaseURI); ++ if (transforms != null) { ++ log.log(java.util.logging.Level.FINE, "We have Transforms"); ++ resource = transforms.performTransforms(resource); ++ } ++ return resource; ++ } ++ return null; + } + + /** +@@ -266,18 +247,13 @@ + * @return the Document Element after parsing bytes + * @throws KeyResolverException if something goes wrong + */ +- Element getDocFromBytes(byte[] bytes) throws KeyResolverException { +- ++ static Element getDocFromBytes(byte[] bytes) throws KeyResolverException { + try { +- javax.xml.parsers.DocumentBuilderFactory dbf = +- javax.xml.parsers.DocumentBuilderFactory.newInstance(); +- ++ javax.xml.parsers.DocumentBuilderFactory dbf =javax.xml.parsers.DocumentBuilderFactory.newInstance(); + dbf.setNamespaceAware(true); +- + javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); + org.w3c.dom.Document doc = + db.parse(new java.io.ByteArrayInputStream(bytes)); +- + return doc.getDocumentElement(); + } catch (org.xml.sax.SAXException ex) { + throw new KeyResolverException("empty", ex); +@@ -296,16 +272,43 @@ + * @param storage + * + */ +- public javax.crypto.SecretKey engineResolveSecretKey( ++ public javax.crypto.SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage) + { + return null; + } +- static Element getFirstElementChild(Element e){ +- Node n=e.getFirstChild(); +- while (n!=null && n.getNodeType()!=Node.ELEMENT_NODE) { +- n=n.getNextSibling(); +- } +- return (Element)n; ++ ++ static Element getDocumentElement(Set set) { ++ Iterator it=set.iterator(); ++ Element e=null; ++ while (it.hasNext()) { ++ Node currentNode=(Node)it.next(); ++ if (currentNode != null && currentNode.getNodeType() == Node.ELEMENT_NODE) { ++ e=(Element)currentNode; ++ break; ++ } ++ ++ } ++ List parents=new ArrayList(10); ++ ++ //Obtain all the parents of the elemnt ++ while (e != null) { ++ parents.add(e); ++ Node n=e.getParentNode(); ++ if (n == null || n.getNodeType() != Node.ELEMENT_NODE) { ++ break; ++ } ++ e=(Element)n; ++ } ++ //Visit them in reverse order. ++ ListIterator it2=parents.listIterator(parents.size()-1); ++ Element ele=null; ++ while (it2.hasPrevious()) { ++ ele=(Element)it2.previous(); ++ if (set.contains(ele)) { ++ return ele; ++ } ++ } ++ return null; + } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509CertificateResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509CertificateResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509CertificateResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509CertificateResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -41,7 +40,7 @@ + * Resolves Certificates which are directly contained inside a + * ds:X509Certificate Element. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class X509CertificateResolver extends KeyResolverSpi { + +@@ -49,47 +48,7 @@ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(X509CertificateResolver.class.getName()); + +- /** Field _dsaKeyElement */ +- Element[] _x509CertKeyElements = null; + +- /** +- * Method engineCanResolve +- * @inheritDoc +- * @param element +- * @param BaseURI +- * @param storage +- * +- */ +- public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); +- +- if (!XMLUtils.elementIsInSignatureSpace(element, +- Constants._TAG_X509DATA)) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- +- return false; +- } +- +- +- this._x509CertKeyElements = XMLUtils.selectDsNodes(element.getFirstChild(), +- Constants._TAG_X509CERTIFICATE); +- +- if ((this._x509CertKeyElements != null) +- && (this._x509CertKeyElements.length > 0)) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can"); +- +- return true; +- } +- +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- +- return false; +- } +- +- /** Field _x509certObject[] */ +- XMLX509Certificate _x509certObject[] = null; + + /** + * Method engineResolvePublicKey +@@ -100,11 +59,11 @@ + * + * @throws KeyResolverException + */ +- public PublicKey engineResolvePublicKey( ++ public PublicKey engineLookupAndResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { + +- X509Certificate cert = this.engineResolveX509Certificate(element, ++ X509Certificate cert = this.engineLookupResolveX509Certificate(element, + BaseURI, storage); + + if (cert != null) { +@@ -123,43 +82,33 @@ + * + * @throws KeyResolverException + */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { + + try { +- if ((this._x509CertKeyElements == null) +- || (this._x509CertKeyElements.length == 0)) { +- boolean weCanResolve = this.engineCanResolve(element, BaseURI, +- storage); ++ Element[] els=XMLUtils.selectDsNodes(element.getFirstChild(), ++ Constants._TAG_X509CERTIFICATE); ++ if ((els == null) || (els.length == 0)) { ++ Element el=XMLUtils.selectDsNode(element.getFirstChild(), ++ Constants._TAG_X509DATA,0); ++ if (el!=null) { ++ return engineLookupResolveX509Certificate(el, BaseURI, storage); ++ } ++ return null; ++ } + +- if (!weCanResolve || (this._x509CertKeyElements == null) +- || (this._x509CertKeyElements.length == 0)) { +- return null; ++ // populate Object array ++ for (int i = 0; i < els.length; i++) { ++ XMLX509Certificate xmlCert=new XMLX509Certificate(els[i], BaseURI); ++ X509Certificate cert = xmlCert.getX509Certificate(); ++ if (cert!=null) { ++ return cert; + } + } +- +- this._x509certObject = +- new XMLX509Certificate[this._x509CertKeyElements.length]; +- +- // populate Object array +- for (int i = 0; i < this._x509CertKeyElements.length; i++) { +- this._x509certObject[i] = +- new XMLX509Certificate(this._x509CertKeyElements[i] +- , BaseURI); +- } +- +- for (int i = 0; i < this._x509certObject.length; i++) { +- X509Certificate cert = this._x509certObject[i].getX509Certificate(); +- +- if (cert != null) { +- return cert; +- } +- } +- + return null; + } catch (XMLSecurityException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); ++ log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); + + throw new KeyResolverException("generic.EmptyMessage", ex); + } +@@ -173,7 +122,7 @@ + * @param storage + * + */ +- public javax.crypto.SecretKey engineResolveSecretKey( ++ public javax.crypto.SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage) + { + return null; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509IssuerSerialResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509IssuerSerialResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509IssuerSerialResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509IssuerSerialResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -39,7 +38,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class X509IssuerSerialResolver extends KeyResolverSpi { + +@@ -48,44 +47,13 @@ + java.util.logging.Logger.getLogger( + X509IssuerSerialResolver.class.getName()); + +- /** @inheritDoc */ +- public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); +- +- X509Data x509data = null; +- try { +- x509data = new X509Data(element, BaseURI); +- } catch (XMLSignatureException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- +- return false; +- } catch (XMLSecurityException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- +- return false; +- } +- +- if (x509data == null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- return false; +- } +- +- if (x509data.containsIssuerSerial()) { +- return true; +- } +- +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- return false; +- } + + /** @inheritDoc */ +- public PublicKey engineResolvePublicKey( ++ public PublicKey engineLookupAndResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { + +- X509Certificate cert = this.engineResolveX509Certificate(element, ++ X509Certificate cert = this.engineLookupResolveX509Certificate(element, + BaseURI, storage); + + if (cert != null) { +@@ -96,10 +64,31 @@ + } + + /** @inheritDoc */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); + ++ X509Data x509data = null; ++ try { ++ x509data = new X509Data(element, BaseURI); ++ } catch (XMLSignatureException ex) { ++ log.log(java.util.logging.Level.FINE, "I can't"); ++ return null; ++ } catch (XMLSecurityException ex) { ++ log.log(java.util.logging.Level.FINE, "I can't"); ++ return null; ++ } ++ ++ if (x509data == null) { ++ log.log(java.util.logging.Level.FINE, "I can't"); ++ return null; ++ } ++ ++ if (!x509data.containsIssuerSerial()) { ++ return null; ++ } + try { + if (storage == null) { + Object exArgs[] = { Constants._TAG_X509ISSUERSERIAL }; +@@ -107,53 +96,52 @@ + new KeyResolverException("KeyResolver.needStorageResolver", + exArgs); + +- if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex); ++ log.log(java.util.logging.Level.INFO, "", ex); + throw ex; + } + +- X509Data x509data = new X509Data(element, BaseURI); + int noOfISS = x509data.lengthIssuerSerial(); + + while (storage.hasNext()) { + X509Certificate cert = storage.next(); + XMLX509IssuerSerial certSerial = new XMLX509IssuerSerial(element.getOwnerDocument(), cert); + +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: " ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: " + + certSerial.getIssuerName()); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate Serial: " ++ log.log(java.util.logging.Level.FINE, "Found Certificate Serial: " + + certSerial.getSerialNumber().toString()); + } + + for (int i=0; i 0)) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can"); +- +- return true; +- } +- +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- +- return false; +- } + + /** + * Method engineResolvePublicKey +@@ -102,11 +57,11 @@ + * @return null if no {@link PublicKey} could be obtained + * @throws KeyResolverException + */ +- public PublicKey engineResolvePublicKey( ++ public PublicKey engineLookupAndResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { + +- X509Certificate cert = this.engineResolveX509Certificate(element, ++ X509Certificate cert = this.engineLookupResolveX509Certificate(element, + BaseURI, storage); + + if (cert != null) { +@@ -125,46 +80,55 @@ + * + * @throws KeyResolverException + */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); ++ } ++ if (!XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_X509DATA)) { ++ log.log(java.util.logging.Level.FINE, "I can't"); ++ return null; ++ } ++ /** Field _x509childObject[] */ ++ XMLX509SKI x509childObject[] = null; + +- try { +- if (this._x509childNodes == null) { +- boolean weCanResolve = this.engineCanResolve(element, BaseURI, +- storage); ++ Element x509childNodes[] = null; ++ x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(), ++ Constants._TAG_X509SKI); + +- if (!weCanResolve || (this._x509childNodes == null)) { +- return null; +- } +- } +- ++ if (!((x509childNodes != null) ++ && (x509childNodes.length > 0))) { ++ log.log(java.util.logging.Level.FINE, "I can't"); ++ return null; ++ } ++ try { + if (storage == null) { + Object exArgs[] = { Constants._TAG_X509SKI }; + KeyResolverException ex = + new KeyResolverException("KeyResolver.needStorageResolver", + exArgs); + +- if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex); ++ log.log(java.util.logging.Level.INFO, "", ex); + + throw ex; + } + +- this._x509childObject = +- new XMLX509SKI[this._x509childNodes.length]; ++ x509childObject = new XMLX509SKI[x509childNodes.length]; + +- for (int i = 0; i < this._x509childNodes.length; i++) { +- this._x509childObject[i] = +- new XMLX509SKI(this._x509childNodes[i], BaseURI); ++ for (int i = 0; i < x509childNodes.length; i++) { ++ x509childObject[i] = ++ new XMLX509SKI(x509childNodes[i], BaseURI); + } + + while (storage.hasNext()) { + X509Certificate cert = storage.next(); + XMLX509SKI certSKI = new XMLX509SKI(element.getOwnerDocument(), cert); + +- for (int i = 0; i < this._x509childObject.length; i++) { +- if (certSKI.equals(this._x509childObject[i])) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Return PublicKey from " ++ for (int i = 0; i < x509childObject.length; i++) { ++ if (certSKI.equals(x509childObject[i])) { ++ log.log(java.util.logging.Level.FINE, "Return PublicKey from " + + cert.getSubjectDN().getName()); + + return cert; +@@ -186,7 +150,7 @@ + * @param storage + * + */ +- public javax.crypto.SecretKey engineResolveSecretKey( ++ public javax.crypto.SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage) + { + return null; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SubjectNameResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SubjectNameResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SubjectNameResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SubjectNameResolver.java +@@ -38,7 +38,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class X509SubjectNameResolver extends KeyResolverSpi { + +@@ -47,50 +47,6 @@ + java.util.logging.Logger.getLogger( + X509SubjectNameResolver.class.getName()); + +- /** Field _x509childNodes */ +- private Element[] _x509childNodes = null; +- +- /** Field _x509childObject[] */ +- private XMLX509SubjectName _x509childObject[] = null; +- +- /** +- * Method engineCanResolve +- * @inheritDoc +- * @param element +- * @param BaseURI +- * @param storage +- * +- */ +- public boolean engineCanResolve(Element element, String BaseURI, +- StorageResolver storage) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); +- +- +- if (!XMLUtils.elementIsInSignatureSpace(element, +- Constants._TAG_X509DATA) ) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- +- return false; +- } +- +- +- +- this._x509childNodes = XMLUtils.selectDsNodes(element, +- Constants._TAG_X509SUBJECTNAME); +- +- if ((this._x509childNodes != null) +- && (this._x509childNodes.length > 0)) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Yes Sir, I can"); +- +- return true; +- } +- +- +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I can't"); +- +- return false; +- } + + /** + * Method engineResolvePublicKey +@@ -101,11 +57,11 @@ + * @return null if no {@link PublicKey} could be obtained + * @throws KeyResolverException + */ +- public PublicKey engineResolvePublicKey( ++ public PublicKey engineLookupAndResolvePublicKey( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { + +- X509Certificate cert = this.engineResolveX509Certificate(element, ++ X509Certificate cert = this.engineLookupResolveX509Certificate(element, + BaseURI, storage); + + if (cert != null) { +@@ -124,37 +80,46 @@ + * + * @throws KeyResolverException + */ +- public X509Certificate engineResolveX509Certificate( ++ public X509Certificate engineLookupResolveX509Certificate( + Element element, String BaseURI, StorageResolver storage) + throws KeyResolverException { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); ++ Element[] x509childNodes = null; ++ XMLX509SubjectName x509childObject[] = null; ++ ++ if (!XMLUtils.elementIsInSignatureSpace(element, ++ Constants._TAG_X509DATA) ) { ++ log.log(java.util.logging.Level.FINE, "I can't"); ++ return null; ++ } ++ x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(), ++ Constants._TAG_X509SUBJECTNAME); ++ ++ if (!((x509childNodes != null) ++ && (x509childNodes.length > 0))) { ++ log.log(java.util.logging.Level.FINE, "I can't"); ++ return null; ++ } + + try { +- if (this._x509childNodes == null) { +- boolean weCanResolve = this.engineCanResolve(element, BaseURI, +- storage); +- +- if (!weCanResolve || (this._x509childNodes == null)) { +- return null; +- } +- } +- + if (storage == null) { + Object exArgs[] = { Constants._TAG_X509SUBJECTNAME }; + KeyResolverException ex = + new KeyResolverException("KeyResolver.needStorageResolver", + exArgs); + +- if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "", ex); ++ log.log(java.util.logging.Level.INFO, "", ex); + + throw ex; + } + +- this._x509childObject = +- new XMLX509SubjectName[this._x509childNodes.length]; ++ x509childObject = ++ new XMLX509SubjectName[x509childNodes.length]; + +- for (int i = 0; i < this._x509childNodes.length; i++) { +- this._x509childObject[i] = +- new XMLX509SubjectName(this._x509childNodes[i], ++ for (int i = 0; i < x509childNodes.length; i++) { ++ x509childObject[i] = ++ new XMLX509SubjectName(x509childNodes[i], + BaseURI); + } + +@@ -163,24 +128,24 @@ + XMLX509SubjectName certSN = + new XMLX509SubjectName(element.getOwnerDocument(), cert); + +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName()); ++ log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName()); + +- for (int i = 0; i < this._x509childObject.length; i++) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found Element SN: " +- + this._x509childObject[i].getSubjectName()); ++ for (int i = 0; i < x509childObject.length; i++) { ++ log.log(java.util.logging.Level.FINE, "Found Element SN: " ++ + x509childObject[i].getSubjectName()); + +- if (certSN.equals(this._x509childObject[i])) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "match !!! "); ++ if (certSN.equals(x509childObject[i])) { ++ log.log(java.util.logging.Level.FINE, "match !!! "); + + return cert; + } +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "no match..."); ++ log.log(java.util.logging.Level.FINE, "no match..."); + } + } + + return null; + } catch (XMLSecurityException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); ++ log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); + + throw new KeyResolverException("generic.EmptyMessage", ex); + } +@@ -194,7 +159,7 @@ + * @param storage + * + */ +- public javax.crypto.SecretKey engineResolveSecretKey( ++ public javax.crypto.SecretKey engineLookupAndResolveSecretKey( + Element element, String BaseURI, StorageResolver storage) + { + return null; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.storage; + +- +- + import java.security.KeyStore; + import java.security.cert.X509Certificate; + import java.util.ArrayList; +@@ -36,7 +33,7 @@ + /** + * This class collects customized resolvers for Certificates. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class StorageResolver { + +@@ -45,7 +42,7 @@ + java.util.logging.Logger.getLogger(StorageResolver.class.getName()); + + /** Field _storageResolvers */ +- List _storageResolvers = new ArrayList(); ++ List _storageResolvers = null; + + /** Field _iterator */ + Iterator _iterator = null; +@@ -71,7 +68,8 @@ + * @param resolver + */ + public void add(StorageResolverSpi resolver) { +- ++ if (_storageResolvers==null) ++ _storageResolvers=new ArrayList(); + this._storageResolvers.add(resolver); + + this._iterator = null; +@@ -126,6 +124,8 @@ + public Iterator getIterator() { + + if (this._iterator == null) { ++ if (_storageResolvers==null) ++ _storageResolvers=new ArrayList(); + this._iterator = new StorageResolverIterator(this._storageResolvers.iterator()); + } + +@@ -140,6 +140,8 @@ + public boolean hasNext() { + + if (this._iterator == null) { ++ if (_storageResolvers==null) ++ _storageResolvers=new ArrayList(); + this._iterator = new StorageResolverIterator(this._storageResolvers.iterator()); + } + +@@ -158,15 +160,13 @@ + /** + * Class StorageResolverIterator + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ +- class StorageResolverIterator implements Iterator { ++ static class StorageResolverIterator implements Iterator { + + /** Field _resolvers */ +- Iterator _resolvers = null; +- +- /** Field _currentResolver */ +- int _currentResolver = 0; ++ Iterator _resolvers = null; + + /** + * Constructor FilesystemIterator +@@ -179,17 +179,16 @@ + + /** @inheritDoc */ + public boolean hasNext() { +- return _resolvers.hasNext(); ++ return _resolvers.hasNext(); + } + + /** @inheritDoc */ + public Object next() { +- return _resolvers.next(); ++ return _resolvers.next(); + } + + /** + * Method remove +- * + */ + public void remove() { + throw new UnsupportedOperationException( +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -28,7 +27,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class StorageResolverException extends XMLSecurityException { + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -28,7 +27,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public abstract class StorageResolverSpi { + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.storage.implementations; + +- +- + import java.io.File; + import java.io.FileInputStream; + import java.io.FileNotFoundException; +@@ -40,12 +37,11 @@ + import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi; + import com.sun.org.apache.xml.internal.security.utils.Base64; + +- + /** + * This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s + * which reside as files in a single directory available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi { + +@@ -131,20 +127,20 @@ + dn = cert.getSubjectDN().getName(); + added = true; + } catch (FileNotFoundException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); ++ log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); + } catch (IOException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); ++ log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); + } catch (CertificateNotYetValidException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); ++ log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); + } catch (CertificateExpiredException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); ++ log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); + } catch (CertificateException ex) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); ++ log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); + } + + if (added) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Added certificate: " + dn); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Added certificate: " + dn); + } + } + } +@@ -157,9 +153,10 @@ + /** + * Class FilesystemIterator + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ +- class FilesystemIterator implements Iterator { ++ private static class FilesystemIterator implements Iterator { + + /** Field _certs */ + List _certs = null; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.storage.implementations; + +- +- + import java.security.KeyStore; + import java.security.KeyStoreException; + import java.security.cert.X509Certificate; +@@ -37,7 +34,7 @@ + * Makes the Certificates from a JAVA {@link KeyStore} object available to the + * {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class KeyStoreResolver extends StorageResolverSpi { + +@@ -66,9 +63,10 @@ + /** + * Class KeyStoreIterator + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ +- class KeyStoreIterator implements Iterator { ++ static class KeyStoreIterator implements Iterator { + + /** Field _keyStore */ + KeyStore _keyStore = null; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.keys.storage.implementations; + +- +- + import java.security.cert.X509Certificate; + import java.util.Iterator; + +@@ -33,7 +30,7 @@ + * This {@link StorageResolverSpi} makes a single {@link X509Certificate} + * available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class SingleCertificateResolver extends StorageResolverSpi { + +@@ -61,9 +58,10 @@ + /** + * Class InternalIterator + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ +- class InternalIterator implements Iterator { ++ static class InternalIterator implements Iterator { + + /** Field _alreadyReturned */ + boolean _alreadyReturned = false; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml b/src/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/resource/config.xml +@@ -14,6 +14,10 @@ + JAVACLASS="com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments"/> + ++ ++ + + + +@@ -25,6 +29,12 @@ + + ++ ++ ++ ++ + + +@@ -66,6 +76,8 @@ + JAVACLASS="com.sun.org.apache.xml.internal.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384" /> + ++ + + +@@ -166,6 +178,13 @@ + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" + JCEName="SHA512withRSA"/> ++ ++ + + + <ds:Object> elements + * Object {@link Element} supply facility which can contain any kind data + * +- * + * @author Christian Geuer-Pollmann + * $todo$ if we remove childen, the boolean values are not updated + */ + public class ObjectContainer extends SignatureElementProxy { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(ObjectContainer.class.getName()); +- + /** + * Constructs {@link ObjectContainer} + * +@@ -75,7 +68,7 @@ + */ + public void setId(String Id) { + +- if ((this._state == MODE_SIGN) && (Id != null)) { ++ if ((Id != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); + IdResolver.registerElementById(this._constructionElement, Id); + } +@@ -97,7 +90,7 @@ + */ + public void setMimeType(String MimeType) { + +- if ((this._state == MODE_SIGN) && (MimeType != null)) { ++ if ( (MimeType != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_MIMETYPE, + MimeType); + } +@@ -119,7 +112,7 @@ + */ + public void setEncoding(String Encoding) { + +- if ((this._state == MODE_SIGN) && (Encoding != null)) { ++ if ((Encoding != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ENCODING, + Encoding); + } +@@ -135,18 +128,16 @@ + } + + /** +- * Adds childe Node ++ * Adds child Node + * +- * @param node childe Node ++ * @param node child Node + * @return the new node in the tree. + */ + public Node appendChild(Node node) { + + Node result = null; + +- if (this._state == MODE_SIGN) { +- result = this._constructionElement.appendChild(node); +- } ++ result = this._constructionElement.appendChild(node); + + return result; + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -25,6 +24,8 @@ + + import java.io.IOException; + import java.io.OutputStream; ++import java.security.AccessController; ++import java.security.PrivilegedAction; + import java.util.HashSet; + import java.util.Set; + +@@ -102,6 +103,32 @@ + */ + public class Reference extends SignatureElementProxy { + ++ /** ++ * Look up useC14N11 system property. If true, an explicit C14N11 transform ++ * will be added if necessary when generating the signature. See section ++ * 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info. ++ */ ++ private static boolean useC14N11 = ++ AccessController.doPrivileged(new PrivilegedAction() { ++ public Boolean run() { ++ return Boolean.getBoolean ++ ("com.sun.org.apache.xml.internal.security.useC14N11"); ++ } ++ }); ++ ++/* ++ static { ++ try { ++ useC14N11 = Boolean.getBoolean("com.sun.org.apache.xml.internal.security.useC14N11"); ++ } catch (Exception e) { ++ // ignore exceptions ++ } ++ } ++*/ ++ ++ /** Field CacheSignedNodes */ ++ public final static boolean CacheSignedNodes = false; ++ + /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(Reference.class.getName()); +@@ -118,6 +145,12 @@ + XMLSignatureInput _transformsOutput; + //J+ + ++private Transforms transforms; ++ ++private Element digestMethodElem; ++ ++private Element digestValueElement; ++ + /** + * Constructor Reference + * +@@ -148,6 +181,7 @@ + // this._manifest.appendChild(this._doc.createTextNode("\n")); + + if (transforms != null) { ++ this.transforms=transforms; + this._constructionElement.appendChild(transforms.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); + } +@@ -156,11 +190,12 @@ + MessageDigestAlgorithm.getInstance(this._doc, + messageDigestAlgorithm); + +- this._constructionElement.appendChild(mda.getElement()); ++ digestMethodElem=mda.getElement(); ++ this._constructionElement.appendChild(digestMethodElem); + XMLUtils.addReturnToElement(this._constructionElement); + } + { +- Element digestValueElement = ++ digestValueElement = + XMLUtils.createElementInSignatureSpace(this._doc, + Constants._TAG_DIGESTVALUE); + +@@ -182,7 +217,15 @@ + throws XMLSecurityException { + + super(element, BaseURI); +- ++ this._baseURI=BaseURI; ++ Element el=XMLUtils.getNextElement(element.getFirstChild()); ++ if (Constants._TAG_TRANSFORMS.equals(el.getLocalName()) && ++ Constants.SignatureSpecNS.equals(el.getNamespaceURI())) { ++ transforms = new Transforms(el,this._baseURI); ++ el=XMLUtils.getNextElement(el.getNextSibling()); ++ } ++ digestMethodElem = el; ++ digestValueElement =XMLUtils.getNextElement(digestMethodElem.getNextSibling());; + this._manifest = manifest; + } + +@@ -197,9 +240,6 @@ + public MessageDigestAlgorithm getMessageDigestAlgorithm() + throws XMLSignatureException { + +- Element digestMethodElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_DIGESTMETHOD,0); +- + if (digestMethodElem == null) { + return null; + } +@@ -221,7 +261,7 @@ + */ + public void setURI(String URI) { + +- if ((this._state == MODE_SIGN) && (URI != null)) { ++ if ( URI != null) { + this._constructionElement.setAttributeNS(null, Constants._ATT_URI, + URI); + } +@@ -243,7 +283,7 @@ + */ + public void setId(String Id) { + +- if ((this._state == MODE_SIGN) && (Id != null)) { ++ if ( Id != null ) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); + IdResolver.registerElementById(this._constructionElement, Id); + } +@@ -265,7 +305,7 @@ + */ + public void setType(String Type) { + +- if ((this._state == MODE_SIGN) && (Type != null)) { ++ if (Type != null) { + this._constructionElement.setAttributeNS(null, Constants._ATT_TYPE, + Type); + } +@@ -291,8 +331,7 @@ + */ + public boolean typeIsReferenceToObject() { + +- if ((this.getType() != null) +- && this.getType().equals(Reference.OBJECT_URI)) { ++ if (Reference.OBJECT_URI.equals(this.getType())) { + return true; + } + +@@ -309,8 +348,7 @@ + */ + public boolean typeIsReferenceToManifest() { + +- if ((this.getType() != null) +- && this.getType().equals(Reference.MANIFEST_URI)) { ++ if (Reference.MANIFEST_URI.equals(this.getType())) { + return true; + } + +@@ -324,10 +362,6 @@ + */ + private void setDigestValueElement(byte[] digestValue) + { +- +- if (this._state == MODE_SIGN) { +- Element digestValueElement =XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_DIGESTVALUE,0); + Node n=digestValueElement.getFirstChild(); + while (n!=null) { + digestValueElement.removeChild(n); +@@ -338,7 +372,6 @@ + Text t = this._doc.createTextNode(base64codedValue); + + digestValueElement.appendChild(t); +- } + } + + /** +@@ -349,11 +382,7 @@ + */ + public void generateDigestValue() + throws XMLSignatureException, ReferenceNotInitializedException { +- +- if (this._state == MODE_SIGN) { +- +- this.setDigestValueElement(this.calculateDigest()); +- } ++ this.setDigestValueElement(this.calculateDigest(false)); + } + + /** +@@ -608,9 +637,12 @@ + * but only preserve the octets, the memory footprint is dramatically + * reduced. + */ ++ if (!Reference.CacheSignedNodes) { + +- this._transformsOutput = output; ++ this._transformsOutput = output;//new XMLSignatureInput(output.getBytes()); + ++ //this._transformsOutput.setSourceURI(output.getSourceURI()); ++ } + return output; + } catch (XMLSecurityException ex) { + throw new ReferenceNotInitializedException("empty", ex); +@@ -630,16 +662,7 @@ + throws XMLSignatureException, InvalidTransformException, + TransformationException, XMLSecurityException { + +- Element transformsElement = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_TRANSFORMS,0); +- +- if (transformsElement != null) { +- Transforms transforms = new Transforms(transformsElement, +- this._baseURI); +- +- return transforms; +- } +- return null; ++ return transforms; + } + + /** +@@ -667,13 +690,14 @@ + + + /** +- * Method resolverResult ++ * Method calculateDigest + * ++ * @param validating true if validating the reference + * @return reference Calculate the digest of this reference. + * @throws ReferenceNotInitializedException + * @throws XMLSignatureException + */ +- private byte[] calculateDigest() ++ private byte[] calculateDigest(boolean validating) + throws ReferenceNotInitializedException, XMLSignatureException { + + try { +@@ -684,7 +708,20 @@ + DigesterOutputStream diOs=new DigesterOutputStream(mda); + OutputStream os=new UnsyncBufferedOutputStream(diOs); + XMLSignatureInput output=this.dereferenceURIandPerformTransforms(os); +- output.updateOutputStream(os); ++ // if signing and c14n11 property == true explicitly add ++ // C14N11 transform if needed ++ if (this.useC14N11 && !validating && ++ !output.isOutputStreamSet() && !output.isOctetStream()) { ++ if (transforms == null) { ++ transforms = new Transforms(this._doc); ++ this._constructionElement.insertBefore ++ (transforms.getElement(), digestMethodElem); ++ } ++ transforms.addTransform(Transforms.TRANSFORM_C14N11_OMIT_COMMENTS); ++ output.updateOutputStream(os, true); ++ } else { ++ output.updateOutputStream(os); ++ } + os.flush(); + //this.getReferencedBytes(diOs); + //mda.update(data); +@@ -694,7 +731,7 @@ + throw new ReferenceNotInitializedException("empty", ex); + } catch (IOException ex) { + throw new ReferenceNotInitializedException("empty", ex); +- } ++ } + } + + /** +@@ -702,12 +739,10 @@ + * + * @return the digest value. + * @throws Base64DecodingException if Reference contains no proper base64 encoded data. +- * @throws XMLSecurityException if the Reference does not contain a DigestValue element ++ * @throws XMLSecurityException if the Reference does not contain a DigestValue element + */ + public byte[] getDigestValue() throws Base64DecodingException, XMLSecurityException { +- Element digestValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild() +- ,Constants._TAG_DIGESTVALUE,0); +- if (digestValueElem == null) { ++ if (digestValueElement == null) { + // The required element is not in the XML! + Object[] exArgs ={ Constants._TAG_DIGESTVALUE, + Constants.SignatureSpecNS }; +@@ -715,7 +750,7 @@ + "signature.Verification.NoSignatureElement", + exArgs); + } +- byte[] elemDig = Base64.decode(digestValueElem); ++ byte[] elemDig = Base64.decode(digestValueElement); + return elemDig; + } + +@@ -731,13 +766,15 @@ + throws ReferenceNotInitializedException, XMLSecurityException { + + byte[] elemDig = this.getDigestValue(); +- byte[] calcDig = this.calculateDigest(); ++ byte[] calcDig = this.calculateDigest(true); + boolean equal = MessageDigestAlgorithm.isEqual(elemDig, calcDig); + + if (!equal) { + log.log(java.util.logging.Level.WARNING, "Verification failed for URI \"" + this.getURI() + "\""); ++ log.log(java.util.logging.Level.WARNING, "Expected Digest: " + Base64.encode(elemDig)); ++ log.log(java.util.logging.Level.WARNING, "Actual Digest: " + Base64.encode(calcDig)); + } else { +- if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "Verification successful for URI \"" + this.getURI() + "\""); ++ log.log(java.util.logging.Level.INFO, "Verification successful for URI \"" + this.getURI() + "\""); + } + + return equal; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ReferenceNotInitializedException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ReferenceNotInitializedException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ReferenceNotInitializedException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/ReferenceNotInitializedException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperties.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperties.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperties.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperties.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.signature; + +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.utils.Constants; + import com.sun.org.apache.xml.internal.security.utils.IdResolver; +@@ -42,10 +40,6 @@ + */ + public class SignatureProperties extends SignatureElementProxy { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(SignatureProperties.class.getName()); +- + /** + * Constructor SignatureProperties + * +@@ -115,7 +109,7 @@ + */ + public void setId(String Id) { + +- if ((this._state == MODE_SIGN) && (Id != null)) { ++ if ((Id != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); + IdResolver.registerElementById(this._constructionElement, Id); + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperty.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperty.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperty.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignatureProperty.java +@@ -30,18 +30,13 @@ + + /** + * Handles <ds:SignatureProperty> elements +- * Addittional information item concerning the generation of the signature(s) can ++ * Additional information item concerning the generation of the signature(s) can + * be placed in this Element + * + * @author Christian Geuer-Pollmann + */ + public class SignatureProperty extends SignatureElementProxy { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger( +- SignatureProperty.class.getName()); +- + /** + * Constructs{@link SignatureProperty} using specified Target attribute + * +@@ -85,7 +80,7 @@ + */ + public void setId(String Id) { + +- if ((this._state == MODE_SIGN) && (Id != null)) { ++ if ((Id != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); + IdResolver.registerElementById(this._constructionElement, Id); + } +@@ -107,7 +102,7 @@ + */ + public void setTarget(String Target) { + +- if ((this._state == MODE_SIGN) && (Target != null)) { ++ if ((Target != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_TARGET, Target); + } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignedInfo.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignedInfo.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignedInfo.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/SignedInfo.java +@@ -20,12 +20,9 @@ + */ + package com.sun.org.apache.xml.internal.security.signature; + +- +- + import java.io.ByteArrayInputStream; + import java.io.IOException; + import java.io.OutputStream; +- + import javax.crypto.SecretKey; + import javax.crypto.spec.SecretKeySpec; + import javax.xml.parsers.ParserConfigurationException; +@@ -43,165 +40,174 @@ + import org.w3c.dom.Node; + import org.xml.sax.SAXException; + +- + /** + * Handles <ds:SignedInfo> elements + * This SignedInfo element includes the canonicalization algorithm, +- * a signature algorithm, and one or more references ++ * a signature algorithm, and one or more references. ++ * + * @author Christian Geuer-Pollmann + */ + public class SignedInfo extends Manifest { + +- /** Field _signatureAlgorithm */ +- private SignatureAlgorithm _signatureAlgorithm = null; ++ /** Field _signatureAlgorithm */ ++ private SignatureAlgorithm _signatureAlgorithm = null; + +- /** Field _c14nizedBytes */ +- private byte[] _c14nizedBytes = null; ++ /** Field _c14nizedBytes */ ++ private byte[] _c14nizedBytes = null; + +- /** +- * Overwrites {@link Manifest#addDocument} because it creates another Element. +- * +- * @param doc the {@link Document} in which XMLsignature will be placed +- * @throws XMLSecurityException +- */ +- public SignedInfo(Document doc) throws XMLSecurityException { +- this(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA, Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS); +- } ++ private Element c14nMethod; ++ private Element signatureMethod; + +- /** +- * Constructs {@link SignedInfo} using given Canoicaliztion algorithm and Signature algorithm +- * +- * @param doc SignedInfo is placed in this document +- * @param CanonicalizationMethodURI URI representation of the Canonicalization method +- * @param SignatureMethodURI URI representation of the Digest and Signature algorithm +- * @throws XMLSecurityException +- */ +- public SignedInfo( +- Document doc, String SignatureMethodURI, String CanonicalizationMethodURI) ++ /** ++ * Overwrites {@link Manifest#addDocument} because it creates another ++ * Element. ++ * ++ * @param doc the {@link Document} in which XMLsignature will ++ * be placed ++ * @throws XMLSecurityException ++ */ ++ public SignedInfo(Document doc) throws XMLSecurityException { ++ this(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA, ++ Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS); ++ } ++ ++ /** ++ * Constructs {@link SignedInfo} using given Canonicalization algorithm and ++ * Signature algorithm. ++ * ++ * @param doc SignedInfo is placed in this document ++ * @param signatureMethodURI URI representation of the Digest and ++ * Signature algorithm ++ * @param canonicalizationMethodURI URI representation of the ++ * Canonicalization method ++ * @throws XMLSecurityException ++ */ ++ public SignedInfo(Document doc, String signatureMethodURI, ++ String canonicalizationMethodURI) + throws XMLSecurityException { +- this(doc, SignatureMethodURI, 0, CanonicalizationMethodURI); +- } ++ this(doc, signatureMethodURI, 0, canonicalizationMethodURI); ++ } + +- /** +- * Constructor SignedInfo +- * +- * @param doc +- * @param CanonicalizationMethodURI +- * @param SignatureMethodURI +- * @param HMACOutputLength +- * @throws XMLSecurityException +- */ +- public SignedInfo( +- Document doc, String SignatureMethodURI, int HMACOutputLength, String CanonicalizationMethodURI) ++ /** ++ * Constructor SignedInfo ++ * ++ * @param doc SignedInfo is placed in this document ++ * @param signatureMethodURI URI representation of the Digest and ++ * Signature algorithm ++ * @param hMACOutputLength ++ * @param canonicalizationMethodURI URI representation of the ++ * Canonicalization method ++ * @throws XMLSecurityException ++ */ ++ public SignedInfo(Document doc, String signatureMethodURI, ++ int hMACOutputLength, String canonicalizationMethodURI) + throws XMLSecurityException { + +- super(doc); ++ super(doc); + +- // XMLUtils.addReturnToElement(this._constructionElement); +- { +- Element canonElem = XMLUtils.createElementInSignatureSpace(this._doc, ++ c14nMethod = XMLUtils.createElementInSignatureSpace(this._doc, + Constants._TAG_CANONICALIZATIONMETHOD); + +- canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, +- CanonicalizationMethodURI); +- this._constructionElement.appendChild(canonElem); +- XMLUtils.addReturnToElement(this._constructionElement); +- } +- { +- if (HMACOutputLength > 0) { ++ c14nMethod.setAttributeNS(null, Constants._ATT_ALGORITHM, ++ canonicalizationMethodURI); ++ this._constructionElement.appendChild(c14nMethod); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ ++ if (hMACOutputLength > 0) { + this._signatureAlgorithm = new SignatureAlgorithm(this._doc, +- SignatureMethodURI, HMACOutputLength); +- } else { ++ signatureMethodURI, hMACOutputLength); ++ } else { + this._signatureAlgorithm = new SignatureAlgorithm(this._doc, +- SignatureMethodURI); +- } ++ signatureMethodURI); ++ } + +- this._constructionElement +- .appendChild(this._signatureAlgorithm.getElement()); +- XMLUtils.addReturnToElement(this._constructionElement); +- } +- } ++ signatureMethod = this._signatureAlgorithm.getElement(); ++ this._constructionElement.appendChild(signatureMethod); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } + +- /** +- * @param doc +- * @param SignatureMethodElem +- * @param CanonicalizationMethodElem +- * @throws XMLSecurityException +- */ +- public SignedInfo( +- Document doc, Element SignatureMethodElem, Element CanonicalizationMethodElem) +- throws XMLSecurityException { ++ /** ++ * @param doc ++ * @param signatureMethodElem ++ * @param canonicalizationMethodElem ++ * @throws XMLSecurityException ++ */ ++ public SignedInfo(Document doc, Element signatureMethodElem, ++ Element canonicalizationMethodElem) throws XMLSecurityException { + +- super(doc); ++ super(doc); ++ // Check this? ++ this.c14nMethod = canonicalizationMethodElem; ++ this._constructionElement.appendChild(c14nMethod); ++ XMLUtils.addReturnToElement(this._constructionElement); + +- this._constructionElement.appendChild(CanonicalizationMethodElem); +- XMLUtils.addReturnToElement(this._constructionElement); ++ this._signatureAlgorithm = ++ new SignatureAlgorithm(signatureMethodElem, null); + +- this._signatureAlgorithm = new SignatureAlgorithm(SignatureMethodElem, null); ++ signatureMethod = this._signatureAlgorithm.getElement(); ++ this._constructionElement.appendChild(signatureMethod); + +- this._constructionElement +- .appendChild(this._signatureAlgorithm.getElement()); +- XMLUtils.addReturnToElement(this._constructionElement); +- } ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } + +- /** +- * Build a {@link SignedInfo} from an {@link Element} +- * +- * @param element SignedInfo +- * @param BaseURI the URI of the resource where the XML instance was stored +- * @throws XMLSecurityException +- * @see Question +- * @see Answer +- */ +- public SignedInfo(Element element, String BaseURI) ++ /** ++ * Build a {@link SignedInfo} from an {@link Element} ++ * ++ * @param element SignedInfo ++ * @param baseURI the URI of the resource where the XML instance was stored ++ * @throws XMLSecurityException ++ * @see Question ++ * @see Answer ++ */ ++ public SignedInfo(Element element, String baseURI) + throws XMLSecurityException { + +- // Parse the Reference children and Id attribute in the Manifest +- super(element, BaseURI); ++ // Parse the Reference children and Id attribute in the Manifest ++ super(element, baseURI); + +- /* canonicalize ds:SignedInfo, reparse it into a new document +- * and replace the original not-canonicalized ds:SignedInfo by +- * the re-parsed canonicalized one. +- */ +- String c14nMethodURI=this.getCanonicalizationMethodURI(); +- if (!(c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315") || +- c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments") || +- c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") || +- c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) { +- //The c14n is not a secure one and can rewrite the URIs or like that reparse the SignedInfo to be sure +- try { +- Canonicalizer c14nizer = +- Canonicalizer.getInstance(this.getCanonicalizationMethodURI()); ++ /* canonicalize ds:SignedInfo, reparse it into a new document ++ * and replace the original not-canonicalized ds:SignedInfo by ++ * the re-parsed canonicalized one. ++ */ ++ c14nMethod = XMLUtils.getNextElement(element.getFirstChild()); ++ String c14nMethodURI = this.getCanonicalizationMethodURI(); ++ if (!(c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS) || ++ c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS) || ++ c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS) || ++ c14nMethodURI.equals(Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS))) { ++ // the c14n is not a secure one and can rewrite the URIs or like ++ // that reparse the SignedInfo to be sure ++ try { ++ Canonicalizer c14nizer = ++ Canonicalizer.getInstance(this.getCanonicalizationMethodURI()); + +- this._c14nizedBytes = +- c14nizer.canonicalizeSubtree(this._constructionElement); +- javax.xml.parsers.DocumentBuilderFactory dbf = +- javax.xml.parsers.DocumentBuilderFactory.newInstance(); ++ this._c14nizedBytes = ++ c14nizer.canonicalizeSubtree(this._constructionElement); ++ javax.xml.parsers.DocumentBuilderFactory dbf = ++ javax.xml.parsers.DocumentBuilderFactory.newInstance(); ++ dbf.setNamespaceAware(true); ++ javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); ++ org.w3c.dom.Document newdoc = ++ db.parse(new ByteArrayInputStream(this._c14nizedBytes)); ++ Node imported = ++ this._doc.importNode(newdoc.getDocumentElement(), true); + +- dbf.setNamespaceAware(true); ++ this._constructionElement.getParentNode().replaceChild(imported, ++ this._constructionElement); + +- javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); +- org.w3c.dom.Document newdoc = +- db.parse(new ByteArrayInputStream(this._c14nizedBytes)); +- Node imported = this._doc.importNode(newdoc.getDocumentElement(), +- true); +- +- this._constructionElement.getParentNode().replaceChild(imported, +- this._constructionElement); +- +- this._constructionElement = (Element) imported; +- } catch (ParserConfigurationException ex) { +- throw new XMLSecurityException("empty", ex); +- } catch (IOException ex) { +- throw new XMLSecurityException("empty", ex); +- } catch (SAXException ex) { +- throw new XMLSecurityException("empty", ex); +- } +- } +- this._signatureAlgorithm = +- new SignatureAlgorithm(this.getSignatureMethodElement(), +- this.getBaseURI()); +- } ++ this._constructionElement = (Element) imported; ++ } catch (ParserConfigurationException ex) { ++ throw new XMLSecurityException("empty", ex); ++ } catch (IOException ex) { ++ throw new XMLSecurityException("empty", ex); ++ } catch (SAXException ex) { ++ throw new XMLSecurityException("empty", ex); ++ } ++ } ++ signatureMethod = XMLUtils.getNextElement(c14nMethod.getNextSibling()); ++ this._signatureAlgorithm = ++ new SignatureAlgorithm(signatureMethod, this.getBaseURI()); ++ } + + /** + * Tests core validation process +@@ -294,12 +300,8 @@ + */ + public String getCanonicalizationMethodURI() { + +- Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_CANONICALIZATIONMETHOD,0); +- if (el==null) { +- return null; +- } +- return el.getAttributeNS(null, Constants._ATT_ALGORITHM); ++ ++ return c14nMethod.getAttributeNS(null, Constants._ATT_ALGORITHM); + } + + /** +@@ -324,8 +326,7 @@ + * + */ + public Element getSignatureMethodElement() { +- return XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_SIGNATUREMETHOD,0); ++ return signatureMethod; + } + + /** +@@ -343,6 +344,9 @@ + .getJCEAlgorithmString()); + } + ++ protected SignatureAlgorithm getSignatureAlgorithm() { ++ return _signatureAlgorithm; ++ } + /** + * Method getBaseLocalName + * @inheritDoc +@@ -354,21 +358,16 @@ + + public String getInclusiveNamespaces() { + +- Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_CANONICALIZATIONMETHOD,0); +- if (el==null) { +- return null; +- } + +- String c14nMethodURI = el.getAttributeNS(null, Constants._ATT_ALGORITHM); ++ ++ String c14nMethodURI = c14nMethod.getAttributeNS(null, Constants._ATT_ALGORITHM); + if(!(c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") || + c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) { + return null; + } + +- Element inclusiveElement = XMLUtils.selectNode( +- el.getFirstChild(),InclusiveNamespaces.ExclusiveCanonicalizationNamespace, +- InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0); ++ Element inclusiveElement = XMLUtils.getNextElement( ++ c14nMethod.getFirstChild()); + + if(inclusiveElement != null) + { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java +@@ -75,7 +75,7 @@ + *
  • sign and checkSignatureValue methods are used to sign and validate the + * signature.
    • + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public final class XMLSignature extends SignatureElementProxy { + +@@ -115,6 +115,10 @@ + public static final String ALGO_ID_MAC_HMAC_SHA384 = Constants.MoreAlgorithmsSpecNS + "hmac-sha384"; + /** HMAC - Optional HMAC-SHA512 */ + public static final String ALGO_ID_MAC_HMAC_SHA512 = Constants.MoreAlgorithmsSpecNS + "hmac-sha512"; ++ /**Signature - Optional ECDSAwithSHA1 */ ++ public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"; ++ ++ + //J+ + + /** ds:Signature.ds:SignedInfo element */ +@@ -130,6 +134,8 @@ + */ + private boolean _followManifestsDuringValidation = false; + ++private Element signatureValueElement; ++ + /** + * This creates a new ds:Signature Element and adds an empty + * ds:SignedInfo. +@@ -195,6 +201,15 @@ + + super(doc); + ++ String xmlnsDsPrefix = ++ getDefaultPrefixBindings(Constants.SignatureSpecNS); ++ if (xmlnsDsPrefix == null) { ++ this._constructionElement.setAttributeNS ++ (Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS); ++ } else { ++ this._constructionElement.setAttributeNS ++ (Constants.NamespaceSpecNS, xmlnsDsPrefix, Constants.SignatureSpecNS); ++ } + XMLUtils.addReturnToElement(this._constructionElement); + + this._baseURI = BaseURI; +@@ -206,7 +221,7 @@ + XMLUtils.addReturnToElement(this._constructionElement); + + // create an empty SignatureValue; this is filled by setSignatureValueElement +- Element signatureValueElement = ++ signatureValueElement = + XMLUtils.createElementInSignatureSpace(this._doc, + Constants._TAG_SIGNATUREVALUE); + +@@ -227,6 +242,15 @@ + + super(doc); + ++ String xmlnsDsPrefix = ++ getDefaultPrefixBindings(Constants.SignatureSpecNS); ++ if (xmlnsDsPrefix == null) { ++ this._constructionElement.setAttributeNS ++ (Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS); ++ } else { ++ this._constructionElement.setAttributeNS ++ (Constants.NamespaceSpecNS, xmlnsDsPrefix, Constants.SignatureSpecNS); ++ } + XMLUtils.addReturnToElement(this._constructionElement); + + this._baseURI = BaseURI; +@@ -236,7 +260,7 @@ + XMLUtils.addReturnToElement(this._constructionElement); + + // create an empty SignatureValue; this is filled by setSignatureValueElement +- Element signatureValueElement = ++ signatureValueElement = + XMLUtils.createElementInSignatureSpace(this._doc, + Constants._TAG_SIGNATUREVALUE); + +@@ -259,8 +283,8 @@ + super(element, BaseURI); + + // check out SignedInfo child +- Element signedInfoElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_SIGNEDINFO,0); ++ Element signedInfoElem = XMLUtils.getNextElement(element.getFirstChild());// XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), ++ //Constants._TAG_SIGNEDINFO,0); + + // check to see if it is there + if (signedInfoElem == null) { +@@ -274,8 +298,8 @@ + this._signedInfo = new SignedInfo(signedInfoElem, BaseURI); + + // check out SignatureValue child +- Element signatureValueElement = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_SIGNATUREVALUE,0); ++ this.signatureValueElement =XMLUtils.getNextElement(signedInfoElem.getNextSibling()); //XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), ++ // Constants._TAG_SIGNATUREVALUE,0); + + // check to see if it exists + if (signatureValueElement == null) { +@@ -286,11 +310,12 @@ + } + + // +- Element keyInfoElem =XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_KEYINFO,0); ++ Element keyInfoElem = XMLUtils.getNextElement(signatureValueElement.getNextSibling());//XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), ++ // Constants._TAG_KEYINFO,0); + + // If it exists use it, but it's not mandatory +- if (keyInfoElem != null) { ++ if ((keyInfoElem != null) && (keyInfoElem.getNamespaceURI().equals(Constants.SignatureSpecNS) && ++ keyInfoElem.getLocalName().equals(Constants._TAG_KEYINFO)) ) { + this._keyInfo = new KeyInfo(keyInfoElem, BaseURI); + } + } +@@ -302,7 +327,7 @@ + */ + public void setId(String Id) { + +- if ((this._state == MODE_SIGN) && (Id != null)) { ++ if ( (Id != null)) { + this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id); + IdResolver.registerElementById(this._constructionElement, Id); + } +@@ -336,9 +361,7 @@ + public byte[] getSignatureValue() throws XMLSignatureException { + + try { +- Element signatureValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_SIGNATUREVALUE,0); +- byte[] signatureValue = Base64.decode(signatureValueElem); ++ byte[] signatureValue = Base64.decode(signatureValueElement); + + return signatureValue; + } catch (Base64DecodingException ex) { +@@ -346,33 +369,28 @@ + } + } + +- /** +- * Base64 encodes and sets the bytes as the content of the SignatureValue +- * Node. +- * +- * @param bytes bytes to be used by SignatureValue before Base64 encoding +- */ +- private void setSignatureValueElement(byte[] bytes) +- { ++ /** ++ * Base64 encodes and sets the bytes as the content of the SignatureValue ++ * Node. ++ * ++ * @param bytes bytes to be used by SignatureValue before Base64 encoding ++ */ ++ private void setSignatureValueElement(byte[] bytes) { + +- if (this._state == MODE_SIGN) { +- Element signatureValueElem = XMLUtils.selectDsNode(this._constructionElement.getFirstChild(), +- Constants._TAG_SIGNATUREVALUE,0); +- while (signatureValueElem.hasChildNodes()) { +- signatureValueElem.removeChild(signatureValueElem.getFirstChild()); +- } ++ while (signatureValueElement.hasChildNodes()) { ++ signatureValueElement.removeChild ++ (signatureValueElement.getFirstChild()); ++ } + +- String base64codedValue = Base64.encode(bytes); ++ String base64codedValue = Base64.encode(bytes); + +- if (base64codedValue.length() > 76) { ++ if (base64codedValue.length() > 76 && !XMLUtils.ignoreLineBreaks()) { + base64codedValue = "\n" + base64codedValue + "\n"; +- } ++ } + +- Text t = this._doc.createTextNode(base64codedValue); +- +- signatureValueElem.appendChild(t); +- } +- } ++ Text t = this._doc.createTextNode(base64codedValue); ++ signatureValueElement.appendChild(t); ++ } + + /** + * Returns the KeyInfo child. If we are in signing mode and the KeyInfo +@@ -385,7 +403,7 @@ + public KeyInfo getKeyInfo() { + + // check to see if we are signing and if we have to create a keyinfo +- if ((this._state == MODE_SIGN) && (this._keyInfo == null)) { ++ if ( (this._keyInfo == null)) { + + // create the KeyInfo + this._keyInfo = new KeyInfo(this._doc); +@@ -401,8 +419,7 @@ + // add it before the object + this._constructionElement.insertBefore(keyInfoElement, + firstObject); +- this._constructionElement +- .insertBefore(this._doc.createTextNode("\n"), firstObject); ++ XMLUtils.addReturnBeforeChild(this._constructionElement, firstObject); + } else { + + // add it as the last element to the signature +@@ -425,17 +442,17 @@ + public void appendObject(ObjectContainer object) + throws XMLSignatureException { + +- try { +- if (this._state != MODE_SIGN) { +- throw new XMLSignatureException( +- "signature.operationOnlyBeforeSign"); +- } ++ //try { ++ //if (this._state != MODE_SIGN) { ++ // throw new XMLSignatureException( ++ // "signature.operationOnlyBeforeSign"); ++ //} + + this._constructionElement.appendChild(object.getElement()); + XMLUtils.addReturnToElement(this._constructionElement); +- } catch (XMLSecurityException ex) { +- throw new XMLSignatureException("empty", ex); +- } ++ //} catch (XMLSecurityException ex) { ++ // throw new XMLSignatureException("empty", ex); ++ //} + } + + /** +@@ -481,23 +498,13 @@ + } + + try { +- if (this._state == MODE_SIGN) { +- +- // XMLUtils.indentSignature(this._constructionElement, " ", 0); +- // get the SignatureMethodElement +- Element signatureMethodElement = +- this._signedInfo.getSignatureMethodElement(); +- ++ // if (this._state == MODE_SIGN) { + //Create a SignatureAlgorithm object +- SignatureAlgorithm sa = +- new SignatureAlgorithm(signatureMethodElement, +- this.getBaseURI()); +- ++ SignedInfo si = this.getSignedInfo(); ++ SignatureAlgorithm sa = si.getSignatureAlgorithm(); + // initialize SignatureAlgorithm for signing + sa.initSign(signingKey); + +- SignedInfo si = this.getSignedInfo(); +- + // generate digest values for all References in this SignedInfo + si.generateDigestValues(); + OutputStream so=new UnsyncBufferedOutputStream(new SignerOutputStream(sa)); +@@ -513,7 +520,7 @@ + + // set them on the SignateValue element + this.setSignatureValueElement(jcebytes); +- } ++ //} + } catch (CanonicalizationException ex) { + throw new XMLSignatureException("empty", ex); + } catch (InvalidCanonicalizerException ex) { +@@ -584,50 +591,45 @@ + + throw new XMLSignatureException("empty", exArgs); + } +- + // all references inside the signedinfo need to be dereferenced and + // digested again to see if the outcome matches the stored value in the + // SignedInfo. + // If _followManifestsDuringValidation is true it will do the same for + // References inside a Manifest. + try { +- if (!this.getSignedInfo() +- .verify(this._followManifestsDuringValidation)) { +- return false; +- } +- ++ SignedInfo si=this.getSignedInfo(); + //create a SignatureAlgorithms from the SignatureMethod inside + //SignedInfo. This is used to validate the signature. +- SignatureAlgorithm sa = +- new SignatureAlgorithm(this.getSignedInfo() +- .getSignatureMethodElement(), this.getBaseURI()); +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "SignatureMethodURI = " + sa.getAlgorithmURI()); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString()); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName()); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "PublicKey = " + pk); ++ SignatureAlgorithm sa =si.getSignatureAlgorithm(); ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "SignatureMethodURI = " + sa.getAlgorithmURI()); ++ log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString()); ++ log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName()); ++ log.log(java.util.logging.Level.FINE, "PublicKey = " + pk); + } + sa.initVerify(pk); + + // Get the canonicalized (normalized) SignedInfo + SignerOutputStream so=new SignerOutputStream(sa); + OutputStream bos=new UnsyncBufferedOutputStream(so); +- this._signedInfo.signInOctectStream(bos); ++ si.signInOctectStream(bos); + try { +- bos.close(); +- } catch (IOException e) { +- //Imposible +- } ++ bos.close(); ++ } catch (IOException e) { ++ //Imposible ++ } + + //retrieve the byte[] from the stored signature + byte sigBytes[] = this.getSignatureValue(); + +- + //Have SignatureAlgorithm sign the input bytes and compare them to the + //bytes that were stored in the signature. +- boolean verify = sa.verify(sigBytes); ++ if (!sa.verify(sigBytes)) { ++ log.log(java.util.logging.Level.WARNING, "Signature verification failed."); ++ return false; ++ } + +- return verify; ++ return si.verify(this._followManifestsDuringValidation); + } catch (XMLSecurityException ex) { + throw new XMLSignatureException("empty", ex); + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java +@@ -2,9 +2,8 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 1999-2008 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. +@@ -21,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.signature; + +- +- + import java.io.ByteArrayInputStream; + import java.io.ByteArrayOutputStream; + import java.io.IOException; +@@ -39,7 +36,9 @@ + import javax.xml.parsers.ParserConfigurationException; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; ++import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerBase; + import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments; ++import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments; + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityRuntimeException; + import com.sun.org.apache.xml.internal.security.utils.JavaUtils; + import com.sun.org.apache.xml.internal.security.utils.XMLUtils; +@@ -47,463 +46,483 @@ + import org.w3c.dom.Node; + import org.xml.sax.SAXException; + +- + /** + * Class XMLSignatureInput + * + * @author Christian Geuer-Pollmann + * $todo$ check whether an XMLSignatureInput can be _both_, octet stream _and_ node set? + */ +-public class XMLSignatureInput implements Cloneable { +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(XMLSignatureInput.class.getName()); ++public class XMLSignatureInput implements Cloneable { ++ static java.util.logging.Logger log = ++ java.util.logging.Logger.getLogger ++ (XMLSignatureInput.class.getName()); + +- /* ++ /* + * The XMLSignature Input can be either: + * A byteArray like with/or without InputStream. +- * Or a nodeSet like defined either: +- * * as a collection of nodes +- * * or as subnode excluding or not commets and excluding or +- * not other nodes. +- */ +- /** +- * Some InputStreams do not support the {@link java.io.InputStream#reset} +- * method, so we read it in completely and work on our Proxy. +- */ +- InputStream _inputOctetStreamProxy = null; +- /** +- * The original NodeSet for this XMLSignatureInput +- */ +- Set _inputNodeSet = null; +- /** +- * The original Element +- */ +- Node _subNode=null; +- /** +- * Exclude Node *for enveloped transformations* +- */ +- Node excludeNode=null; +- /** +- * +- */ +- boolean excludeComments=false; ++ * Or a nodeSet like defined either: ++ * * as a collection of nodes ++ * * or as subnode excluding or not commets and excluding or ++ * not other nodes. ++ */ + +- boolean isNodeSet=false; +- /** +- * A cached bytes +- */ +- byte []bytes=null; ++ /** ++ * Some InputStreams do not support the {@link java.io.InputStream#reset} ++ * method, so we read it in completely and work on our Proxy. ++ */ ++ InputStream _inputOctetStreamProxy = null; ++ /** ++ * The original NodeSet for this XMLSignatureInput ++ */ ++ Set _inputNodeSet = null; ++ /** ++ * The original Element ++ */ ++ Node _subNode=null; ++ /** ++ * Exclude Node *for enveloped transformations* ++ */ ++ Node excludeNode=null; ++ /** ++ * ++ */ ++ boolean excludeComments=false; + +- /** +- * Some Transforms may require explicit MIME type, charset (IANA registered "character set"), or other such information concerning the data they are receiving from an earlier Transform or the source data, although no Transform algorithm specified in this document needs such explicit information. Such data characteristics are provided as parameters to the Transform algorithm and should be described in the specification for the algorithm. +- */ +- private String _MIMEType = null; ++ boolean isNodeSet=false; ++ /** ++ * A cached bytes ++ */ ++ byte []bytes=null; + +- /** +- * Field _SourceURI +- */ +- private String _SourceURI = null; ++ /** ++ * Some Transforms may require explicit MIME type, charset (IANA registered "character set"), or other such information concerning the data they are receiving from an earlier Transform or the source data, although no Transform algorithm specified in this document needs such explicit information. Such data characteristics are provided as parameters to the Transform algorithm and should be described in the specification for the algorithm. ++ */ ++ private String _MIMEType = null; + +- /** +- * Node Filter list. +- */ +- List nodeFilters=new ArrayList(); ++ /** ++ * Field _SourceURI ++ */ ++ private String _SourceURI = null; + +- boolean needsToBeExpanded=false; +- /** +- * Check if the structured is needed to be circumbented. +- * @return true if so. +- */ +- public boolean isNeedsToBeExpanded() { +- return needsToBeExpanded; +- } ++ /** ++ * Node Filter list. ++ */ ++ List nodeFilters=new ArrayList(); + +- /** +- * Set if the structured is needed to be circumbented. +- * @param needsToBeExpanded true if so. +- */ +- public void setNeedsToBeExpanded(boolean needsToBeExpanded) { ++ boolean needsToBeExpanded=false; ++ OutputStream outputStream=null; ++ ++ /** ++ * Check if the structured is needed to be circumbented. ++ * @return true if so. ++ */ ++ public boolean isNeedsToBeExpanded() { ++ return needsToBeExpanded; ++ } ++ ++ /** ++ * Set if the structured is needed to be circumbented. ++ * @param needsToBeExpanded true if so. ++ */ ++ public void setNeedsToBeExpanded(boolean needsToBeExpanded) { + this.needsToBeExpanded = needsToBeExpanded; +- } +- OutputStream outputStream=null; ++ } + +- /** +- * Construct a XMLSignatureInput from an octet array. +- *

    +- * This is a comfort method, which internally converts the byte[] array into an InputStream +- *

    NOTE: no defensive copy

    +- * @param inputOctets an octet array which including XML document or node +- */ +- public XMLSignatureInput(byte[] inputOctets) { ++ /** ++ * Construct a XMLSignatureInput from an octet array. ++ *

    ++ * This is a comfort method, which internally converts the byte[] array into ++ * an InputStream ++ *

    NOTE: no defensive copy

    ++ * @param inputOctets an octet array which including XML document or node ++ */ ++ public XMLSignatureInput(byte[] inputOctets) { + +- // NO defensive copy ++ // NO defensive copy + +- //this._inputOctetStreamProxy = new ByteArrayInputStream(inputOctets); +- this.bytes=inputOctets; +- } ++ //this._inputOctetStreamProxy = new ByteArrayInputStream(inputOctets); ++ this.bytes=inputOctets; ++ } + ++ /** ++ * Constructs a XMLSignatureInput from an octet stream. The ++ * stream is directly read. ++ * ++ * @param inputOctetStream ++ */ ++ public XMLSignatureInput(InputStream inputOctetStream) { ++ this._inputOctetStreamProxy=inputOctetStream; + +- /** +- * Constructs a XMLSignatureInput from an octet stream. The +- * stream is directly read. +- * +- * @param inputOctetStream +- */ +- public XMLSignatureInput(InputStream inputOctetStream) { +- this._inputOctetStreamProxy=inputOctetStream; ++ //this(JavaUtils.getBytesFromStream(inputOctetStream)); ++ } + +- //this(JavaUtils.getBytesFromStream(inputOctetStream)); ++ /** ++ * Construct a XMLSignatureInput from a String. ++ *

    ++ * This is a comfort method, which internally converts the String into a byte ++ * [] array using the {@link java.lang.String#getBytes()} method. ++ * @deprecated ++ * @param inputStr the input String which including XML document or node ++ */ ++ public XMLSignatureInput(String inputStr) { ++ this(inputStr.getBytes()); ++ } + +- } ++ /** ++ * Construct a XMLSignatureInput from a String with a given encoding. ++ *

    ++ * This is a comfort method, which internally converts the String into a byte ++ * [] array using the {@link java.lang.String#getBytes()} method. ++ * ++ * @deprecated ++ * @param inputStr the input String with encoding encoding ++ * @param encoding the encoding of inputStr ++ * @throws UnsupportedEncodingException ++ */ ++ public XMLSignatureInput(String inputStr, String encoding) ++ throws UnsupportedEncodingException { ++ this(inputStr.getBytes(encoding)); ++ } + +- /** +- * Construct a XMLSignatureInput from a String. +- *

    +- * This is a comfort method, which internally converts the String into a byte[] array using the {@link java.lang.String#getBytes()} method. +- * @deprecated +- * @param inputStr the input String which including XML document or node +- */ +- public XMLSignatureInput(String inputStr) { +- this(inputStr.getBytes()); +- } ++ /** ++ * Construct a XMLSignatureInput from a subtree rooted by rootNode. This ++ * method included the node and all his descendants in the output. ++ * ++ * @param rootNode ++ */ ++ public XMLSignatureInput(Node rootNode) ++ { ++ this._subNode = rootNode; ++ } + +- /** +- * Construct a XMLSignatureInput from a String with a given encoding. +- *

    +- * This is a comfort method, which internally converts the String into a byte[] array using the {@link java.lang.String#getBytes()} method. +- * +- * @deprecated +- * @param inputStr the input String with encoding encoding +- * @param encoding the encoding of inputStr +- * @throws UnsupportedEncodingException +- */ +- public XMLSignatureInput(String inputStr, String encoding) +- throws UnsupportedEncodingException { +- this(inputStr.getBytes(encoding)); +- } ++ /** ++ * Constructor XMLSignatureInput ++ * ++ * @param inputNodeSet ++ * @param usedXPathAPI ++ */ ++ public XMLSignatureInput(Set inputNodeSet) { ++ this._inputNodeSet = inputNodeSet; ++ } + +- /** +- * Construct a XMLSignatureInput from a subtree rooted by rootNode. This +- * method included the node and all his descendants in the output. +- * +- * @param rootNode +- */ +- public XMLSignatureInput(Node rootNode) +- { +- this._subNode = rootNode; +- } ++ /** ++ * Returns the node set from input which was specified as the parameter of ++ * {@link XMLSignatureInput} constructor ++ * ++ * @return the node set ++ * @throws SAXException ++ * @throws IOException ++ * @throws ParserConfigurationException ++ * @throws CanonicalizationException ++ */ ++ public Set getNodeSet() throws CanonicalizationException, ++ ParserConfigurationException, IOException, SAXException { ++ return getNodeSet(false); ++ } + +- /** +- * Constructor XMLSignatureInput +- * +- * @param inputNodeSet +- * @param usedXPathAPI +- */ +- public XMLSignatureInput(Set inputNodeSet) { +- this._inputNodeSet = inputNodeSet; +- } +- +- /** +- * Returns the node set from input which was specified as the parameter of {@link XMLSignatureInput} constructor +- * +- * @return the node set +- * @throws SAXException +- * @throws IOException +- * @throws ParserConfigurationException +- * @throws CanonicalizationException +- * @throws CanonicalizationException +- * @throws IOException +- * @throws ParserConfigurationException +- * @throws SAXException +- */ +- public Set getNodeSet() throws CanonicalizationException, ParserConfigurationException, IOException, SAXException { +- return getNodeSet(false); +- } +- /** +- * Returns the node set from input which was specified as the parameter of {@link XMLSignatureInput} constructor +- * @param circunvent +- * +- * @return the node set +- * @throws SAXException +- * @throws IOException +- * @throws ParserConfigurationException +- * @throws CanonicalizationException +- * @throws CanonicalizationException +- * @throws IOException +- * @throws ParserConfigurationException +- * @throws SAXException +- */ +- public Set getNodeSet(boolean circunvent) ++ /** ++ * Returns the node set from input which was specified as the parameter of ++ * {@link XMLSignatureInput} constructor ++ * @param circumvent ++ * ++ * @return the node set ++ * @throws SAXException ++ * @throws IOException ++ * @throws ParserConfigurationException ++ * @throws CanonicalizationException ++ */ ++ public Set getNodeSet(boolean circumvent) + throws ParserConfigurationException, IOException, SAXException, + CanonicalizationException { +- if (this._inputNodeSet!=null) { +- return this._inputNodeSet; +- } +- if (this.isElement()) { ++ if (this._inputNodeSet!=null) { ++ return this._inputNodeSet; ++ } ++ if ((this._inputOctetStreamProxy==null)&& (this._subNode!=null) ) { + +- if (circunvent) { +- XMLUtils.circumventBug2650(XMLUtils.getOwnerDocument(_subNode)); ++ if (circumvent) { ++ XMLUtils.circumventBug2650(XMLUtils.getOwnerDocument(_subNode)); + } + this._inputNodeSet = new HashSet(); + XMLUtils.getSet(_subNode,this._inputNodeSet, excludeNode, this.excludeComments); + +- return this._inputNodeSet; +- } +- else if (this.isOctetStream()) { +- convertToNodes(); +- HashSet result=new HashSet(); +- XMLUtils.getSet(_subNode, result,null,false); ++ return this._inputNodeSet; ++ } else if (this.isOctetStream()) { ++ convertToNodes(); ++ HashSet result=new HashSet(); ++ XMLUtils.getSet(_subNode, result,null,false); + //this._inputNodeSet=result; + return result; +- } ++ } + +- throw new RuntimeException( +- "getNodeSet() called but no input data present"); +- } ++ throw new RuntimeException( ++ "getNodeSet() called but no input data present"); ++ } + +- /** +- * Returns the Octect stream(byte Stream) from input which was specified as the parameter of {@link XMLSignatureInput} constructor +- * +- * @return the Octect stream(byte Stream) from input which was specified as the parameter of {@link XMLSignatureInput} constructor +- * @throws IOException +- */ +- public InputStream getOctetStream() +- throws IOException { ++ /** ++ * Returns the Octect stream(byte Stream) from input which was specified as ++ * the parameter of {@link XMLSignatureInput} constructor ++ * ++ * @return the Octect stream(byte Stream) from input which was specified as ++ * the parameter of {@link XMLSignatureInput} constructor ++ * @throws IOException ++ */ ++ public InputStream getOctetStream() throws IOException { + +- return getResetableInputStream(); ++ return getResetableInputStream(); ++ } + +- } +- /** ++ /** + * @return real octect stream + */ + public InputStream getOctetStreamReal () { +- return this._inputOctetStreamProxy; +- } +- /** +- * Returns the byte array from input which was specified as the parameter of {@link XMLSignatureInput} constructor +- * +- * @return the byte[] from input which was specified as the parameter of {@link XMLSignatureInput} constructor +- * +- * @throws CanonicalizationException +- * @throws IOException +- */ +- public byte[] getBytes() +- throws IOException, CanonicalizationException { +- if (bytes!=null) { +- return bytes; +- } +- InputStream is = getResetableInputStream(); +- if (is!=null) { +- //reseatable can read again bytes. +- if (bytes==null) { +- is.reset(); +- bytes=JavaUtils.getBytesFromStream(is); +- } +- return bytes; +- } +- Canonicalizer20010315OmitComments c14nizer = +- new Canonicalizer20010315OmitComments(); ++ return this._inputOctetStreamProxy; ++ } ++ ++ /** ++ * Returns the byte array from input which was specified as the parameter of ++ * {@link XMLSignatureInput} constructor ++ * ++ * @return the byte[] from input which was specified as the parameter of ++ * {@link XMLSignatureInput} constructor ++ * ++ * @throws CanonicalizationException ++ * @throws IOException ++ */ ++ public byte[] getBytes() throws IOException, CanonicalizationException { ++ if (bytes!=null) { ++ return bytes; ++ } ++ InputStream is = getResetableInputStream(); ++ if (is!=null) { ++ //resetable can read again bytes. ++ if (bytes==null) { ++ is.reset(); ++ bytes=JavaUtils.getBytesFromStream(is); ++ } ++ return bytes; ++ } ++ Canonicalizer20010315OmitComments c14nizer = ++ new Canonicalizer20010315OmitComments(); + bytes=c14nizer.engineCanonicalize(this); + return bytes; +- } ++ } + ++ /** ++ * Determines if the object has been set up with a Node set ++ * ++ * @return true if the object has been set up with a Node set ++ */ ++ public boolean isNodeSet() { ++ return (( (this._inputOctetStreamProxy == null) ++ && (this._inputNodeSet != null) ) || isNodeSet); ++ } + +- /** +- * Determines if the object has been set up with a Node set +- * +- * @return true is the object has been set up with a Node set +- */ +- public boolean isNodeSet() { +- return (( (this._inputOctetStreamProxy == null) +- && (this._inputNodeSet != null) ) || isNodeSet); +- } +- /** +- * Determines if the object has been set up with an Element +- * +- * @return true is the object has been set up with a Node set +- */ +- public boolean isElement() { +- return ((this._inputOctetStreamProxy==null)&& (this._subNode!=null) +- && (this._inputNodeSet==null) && !isNodeSet +- ); +- } ++ /** ++ * Determines if the object has been set up with an Element ++ * ++ * @return true if the object has been set up with a Node set ++ */ ++ public boolean isElement() { ++ return ((this._inputOctetStreamProxy==null)&& (this._subNode!=null) ++ && (this._inputNodeSet==null) && !isNodeSet); ++ } + +- /** +- * Determines if the object has been set up with an octet stream +- * +- * @return true is the object has been set up with an octet stream +- */ +- public boolean isOctetStream() { +- return ( ((this._inputOctetStreamProxy != null) || bytes!=null) ++ /** ++ * Determines if the object has been set up with an octet stream ++ * ++ * @return true if the object has been set up with an octet stream ++ */ ++ public boolean isOctetStream() { ++ return ( ((this._inputOctetStreamProxy != null) || bytes!=null) + && ((this._inputNodeSet == null) && _subNode ==null)); +- } ++ } + +- /** +- * Determines if the object has been set up with a ByteArray +- * +- * @return true is the object has been set up with an octet stream +- */ +- public boolean isByteArray() { +- return ( (bytes!=null) ++ /** ++ * Determines if {@link #setOutputStream} has been called with a ++ * non-null OutputStream. ++ * ++ * @return true if {@link #setOutputStream} has been called with a ++ * non-null OutputStream ++ */ ++ public boolean isOutputStreamSet() { ++ return outputStream != null; ++ } ++ ++ /** ++ * Determines if the object has been set up with a ByteArray ++ * ++ * @return true is the object has been set up with an octet stream ++ */ ++ public boolean isByteArray() { ++ return ( (bytes!=null) + && ((this._inputNodeSet == null) && _subNode ==null)); +- } ++ } + +- /** +- * Is the object correctly set up? +- * +- * @return true if the object has been set up correctly +- */ +- public boolean isInitialized() { +- return (this.isOctetStream() || this.isNodeSet()); +- } ++ /** ++ * Is the object correctly set up? ++ * ++ * @return true if the object has been set up correctly ++ */ ++ public boolean isInitialized() { ++ return (this.isOctetStream() || this.isNodeSet()); ++ } + +- /** +- * Returns MIMEType +- * +- * @return MIMEType +- */ +- public String getMIMEType() { +- return this._MIMEType; +- } ++ /** ++ * Returns MIMEType ++ * ++ * @return MIMEType ++ */ ++ public String getMIMEType() { ++ return this._MIMEType; ++ } + +- /** +- * Sets MIMEType +- * +- * @param MIMEType +- */ +- public void setMIMEType(String MIMEType) { +- this._MIMEType = MIMEType; +- } ++ /** ++ * Sets MIMEType ++ * ++ * @param MIMEType ++ */ ++ public void setMIMEType(String MIMEType) { ++ this._MIMEType = MIMEType; ++ } + +- /** +- * Return SourceURI +- * +- * @return SourceURI +- */ +- public String getSourceURI() { +- return this._SourceURI; +- } ++ /** ++ * Return SourceURI ++ * ++ * @return SourceURI ++ */ ++ public String getSourceURI() { ++ return this._SourceURI; ++ } + +- /** +- * Sets SourceURI +- * +- * @param SourceURI +- */ +- public void setSourceURI(String SourceURI) { +- this._SourceURI = SourceURI; +- } ++ /** ++ * Sets SourceURI ++ * ++ * @param SourceURI ++ */ ++ public void setSourceURI(String SourceURI) { ++ this._SourceURI = SourceURI; ++ } + +- +- /** +- * Method toString +- * @inheritDoc +- * +- */ +- public String toString() { +- +- if (this.isNodeSet()) { +- return "XMLSignatureInput/NodeSet/" + this._inputNodeSet.size() ++ /** ++ * Method toString ++ * @inheritDoc ++ */ ++ public String toString() { ++ if (this.isNodeSet()) { ++ return "XMLSignatureInput/NodeSet/" + this._inputNodeSet.size() + + " nodes/" + this.getSourceURI(); +- } +- if (this.isElement()) { +- return "XMLSignatureInput/Element/" + this._subNode +- + " exclude "+ this.excludeNode + " comments:" + +- this.excludeComments +- +"/" + this.getSourceURI(); +- } +- try { ++ } ++ if (this.isElement()) { ++ return "XMLSignatureInput/Element/" + this._subNode ++ + " exclude "+ this.excludeNode + " comments:" + ++ this.excludeComments +"/" + this.getSourceURI(); ++ } ++ try { + return "XMLSignatureInput/OctetStream/" + this.getBytes().length + + " octets/" + this.getSourceURI(); +- } catch (Exception ex) { ++ } catch (IOException iex) { + return "XMLSignatureInput/OctetStream//" + this.getSourceURI(); +- } ++ } catch (CanonicalizationException cex) { ++ return "XMLSignatureInput/OctetStream//" + this.getSourceURI(); ++ } ++ } + +- } ++ /** ++ * Method getHTMLRepresentation ++ * ++ * @throws XMLSignatureException ++ * @return The HTML representation for this XMLSignature ++ */ ++ public String getHTMLRepresentation() throws XMLSignatureException { + +- /** +- * Method getHTMLRepresentation +- * +- * @throws XMLSignatureException +- * @return The HTML representation for this XMLSignature +- */ +- public String getHTMLRepresentation() throws XMLSignatureException { ++ XMLSignatureInputDebugger db = new XMLSignatureInputDebugger(this); + +- XMLSignatureInputDebugger db = new XMLSignatureInputDebugger(this); ++ return db.getHTMLRepresentation(); ++ } + +- return db.getHTMLRepresentation(); +- } +- +- /** +- * Method getHTMLRepresentation +- * +- * @param inclusiveNamespaces +- * @throws XMLSignatureException +- * @return The HTML representation for this XMLSignature +- */ +- public String getHTMLRepresentation(Set inclusiveNamespaces) ++ /** ++ * Method getHTMLRepresentation ++ * ++ * @param inclusiveNamespaces ++ * @throws XMLSignatureException ++ * @return The HTML representation for this XMLSignature ++ */ ++ public String getHTMLRepresentation(Set inclusiveNamespaces) + throws XMLSignatureException { + +- XMLSignatureInputDebugger db = new XMLSignatureInputDebugger( this, ++ XMLSignatureInputDebugger db = new XMLSignatureInputDebugger( this, + inclusiveNamespaces); + +- return db.getHTMLRepresentation(); +- } ++ return db.getHTMLRepresentation(); ++ } + +- /** +- * Gets the exclude node of this XMLSignatureInput +- * @return Returns the excludeNode. +- */ ++ /** ++ * Gets the exclude node of this XMLSignatureInput ++ * @return Returns the excludeNode. ++ */ + public Node getExcludeNode() { +- return excludeNode; ++ return excludeNode; + } + + /** + * Sets the exclude node of this XMLSignatureInput + * @param excludeNode The excludeNode to set. + */ +- public void setExcludeNode(Node excludeNode) { +- this.excludeNode = excludeNode; +- } ++ public void setExcludeNode(Node excludeNode) { ++ this.excludeNode = excludeNode; ++ } + +- /** +- * Gets the node of this XMLSignatureInput +- * @return The excludeNode set. +- */ +- public Node getSubNode() { +- return _subNode; +- } +- /** +- * @return Returns the excludeComments. +- */ +- public boolean isExcludeComments() { ++ /** ++ * Gets the node of this XMLSignatureInput ++ * @return The excludeNode set. ++ */ ++ public Node getSubNode() { ++ return _subNode; ++ } ++ ++ /** ++ * @return Returns the excludeComments. ++ */ ++ public boolean isExcludeComments() { + return excludeComments; +- } +- /** +- * @param excludeComments The excludeComments to set. +- */ +- public void setExcludeComments(boolean excludeComments) { ++ } ++ ++ /** ++ * @param excludeComments The excludeComments to set. ++ */ ++ public void setExcludeComments(boolean excludeComments) { + this.excludeComments = excludeComments; +- } ++ } + +- /** +- * @param diOs +- * @throws IOException +- * @throws CanonicalizationException +- */ +- public void updateOutputStream(OutputStream diOs) throws CanonicalizationException, IOException { ++ /** ++ * @param diOs ++ * @throws IOException ++ * @throws CanonicalizationException ++ */ ++ public void updateOutputStream(OutputStream diOs) ++ throws CanonicalizationException, IOException { ++ updateOutputStream(diOs, false); ++ } ++ ++ public void updateOutputStream(OutputStream diOs, boolean c14n11) ++ throws CanonicalizationException, IOException { + if (diOs==outputStream) { +- return; ++ return; + } + if (bytes!=null) { + diOs.write(bytes); + return; +- }else if (_inputOctetStreamProxy==null) { +- Canonicalizer20010315OmitComments c14nizer = +- new Canonicalizer20010315OmitComments(); +- c14nizer.setWriter(diOs); ++ } else if (_inputOctetStreamProxy==null) { ++ CanonicalizerBase c14nizer = null; ++ if (c14n11) { ++ c14nizer = new Canonicalizer11_OmitComments(); ++ } else { ++ c14nizer = new Canonicalizer20010315OmitComments(); ++ } ++ c14nizer.setWriter(diOs); + c14nizer.engineCanonicalize(this); + return; +- } else { ++ } else { + InputStream is = getResetableInputStream(); + if (bytes!=null) { + //already read write it, can be rea. +@@ -516,25 +535,22 @@ + while ((num=is.read(bytesT))>0) { + diOs.write(bytesT,0,num); + } ++ } ++ } + +- } ++ /** ++ * @param os ++ */ ++ public void setOutputStream(OutputStream os) { ++ outputStream=os; ++ } + +- } +- +- +- /** +- * @param os +- */ +- public void setOutputStream(OutputStream os) { +- outputStream=os; +- +- } + protected InputStream getResetableInputStream() throws IOException{ + if ((_inputOctetStreamProxy instanceof ByteArrayInputStream) ) { + if (!_inputOctetStreamProxy.markSupported()) { + throw new RuntimeException("Accepted as Markable but not truly been"+_inputOctetStreamProxy); + } +- return _inputOctetStreamProxy; ++ return _inputOctetStreamProxy; + } + if (bytes!=null) { + _inputOctetStreamProxy=new ByteArrayInputStream(bytes); +@@ -543,7 +559,7 @@ + if (_inputOctetStreamProxy ==null) + return null; + if (_inputOctetStreamProxy.markSupported()) { +- if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "Mark Suported but not used as reset"); ++ log.log(java.util.logging.Level.INFO, "Mark Suported but not used as reset"); + } + bytes=JavaUtils.getBytesFromStream(_inputOctetStreamProxy); + _inputOctetStreamProxy.close(); +@@ -551,66 +567,63 @@ + return _inputOctetStreamProxy; + } + ++ /** ++ * @param filter ++ */ ++ public void addNodeFilter(NodeFilter filter) { ++ if (isOctetStream()) { ++ try { ++ convertToNodes(); ++ } catch (Exception e) { ++ throw new XMLSecurityRuntimeException("signature.XMLSignatureInput.nodesetReference",e); ++ } ++ } ++ nodeFilters.add(filter); ++ } + +- /** +- * @param filter +- */ +- public void addNodeFilter(NodeFilter filter) { +- if (isOctetStream()) { +- try { +- convertToNodes(); +- } catch (Exception e) { +- throw new XMLSecurityRuntimeException("signature.XMLSignatureInput.nodesetReference",e); +- } +- } +- nodeFilters.add(filter); ++ /** ++ * @return the node filters ++ */ ++ public List getNodeFilters() { ++ // TODO Auto-generated method stub ++ return nodeFilters; ++ } + +- } ++ /** ++ * @param b ++ */ ++ public void setNodeSet(boolean b) { ++ isNodeSet=b; ++ } + +- /** +- * @return the node filters +- */ +- public List getNodeFilters() { +- // TODO Auto-generated method stub +- return nodeFilters; +- } +- +- /** +- * @param b +- */ +- public void setNodeSet(boolean b) { +- isNodeSet=b; +- +- } +- +- void convertToNodes() throws CanonicalizationException, ParserConfigurationException, IOException, SAXException{ +- DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance(); ++ void convertToNodes() throws CanonicalizationException, ++ ParserConfigurationException, IOException, SAXException { ++ DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance(); + dfactory.setValidating(false); + dfactory.setNamespaceAware(true); + DocumentBuilder db = dfactory.newDocumentBuilder(); + // select all nodes, also the comments. + try { +- db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils +- .IgnoreAllErrorHandler()); ++ db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils ++ .IgnoreAllErrorHandler()); + +- Document doc = db.parse(this.getOctetStream()); ++ Document doc = db.parse(this.getOctetStream()); + +- XMLUtils.circumventBug2650(doc); +- this._subNode=doc.getDocumentElement(); ++ this._subNode=doc.getDocumentElement(); + } catch (SAXException ex) { + +- // if a not-wellformed nodeset exists, put a container around it... +- ByteArrayOutputStream baos = new ByteArrayOutputStream(); ++ // if a not-wellformed nodeset exists, put a container around it... ++ ByteArrayOutputStream baos = new ByteArrayOutputStream(); + +- baos.write("".getBytes()); +- baos.write(this.getBytes()); +- baos.write("".getBytes()); ++ baos.write("".getBytes()); ++ baos.write(this.getBytes()); ++ baos.write("".getBytes()); + +- byte result[] = baos.toByteArray(); +- Document document = db.parse(new ByteArrayInputStream(result)); +- this._subNode=document.getDocumentElement().getFirstChild().getFirstChild(); ++ byte result[] = baos.toByteArray(); ++ Document document = db.parse(new ByteArrayInputStream(result)); ++ this._subNode=document.getDocumentElement().getFirstChild().getFirstChild(); + } + this._inputOctetStreamProxy=null; + this.bytes=null; +- } ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java b/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java +@@ -39,7 +39,8 @@ + /** + * Class XMLSignatureInputDebugger + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.3 $ + */ + public class XMLSignatureInputDebugger { + +@@ -599,23 +600,23 @@ + + length = data.length(); + +- if ((data != null) && (length > 0)) { +- this._writer.write(" "); ++ if (length > 0) { ++ this._writer.write(" "); + +- for (int i = 0; i < length; i++) { +- char c = data.charAt(i); ++ for (int i = 0; i < length; i++) { ++ char c = data.charAt(i); + +- switch (c) { ++ switch (c) { + +- case 0x0D: +- this._writer.write("&#xD;"); +- break; ++ case 0x0D: ++ this._writer.write("&#xD;"); ++ break; + +- default: +- this._writer.write(c); +- break; +- } ++ default: ++ this._writer.write(c); ++ break; + } ++ } + } + + this._writer.write("?>"); +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/InvalidTransformException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/InvalidTransformException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/InvalidTransformException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/InvalidTransformException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java +@@ -20,14 +20,11 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms; + +- +- + import java.io.IOException; + import java.io.OutputStream; +-import java.util.HashMap; + import java.security.AccessController; + import java.security.PrivilegedAction; +- ++import java.util.HashMap; + import javax.xml.parsers.ParserConfigurationException; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; +@@ -38,17 +35,17 @@ + import com.sun.org.apache.xml.internal.security.utils.Constants; + import com.sun.org.apache.xml.internal.security.utils.HelperNodeList; + import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; ++import com.sun.org.apache.xml.internal.security.utils.XMLUtils; + import org.w3c.dom.Document; + import org.w3c.dom.Element; + import org.w3c.dom.NodeList; + import org.xml.sax.SAXException; + +- + /** + * Implements the behaviour of the ds:Transform element. + * +- * This Transform(Factory) class role as the Factory and Proxy of +- * implemanting class that have the functionality of Transform(Factory) class acts as the Factory and Proxy of ++ * the implementing class that supports the functionality of a Transform + * algorithm. + * Implements the Factory and Proxy pattern for ds:Transform algorithms. +@@ -60,322 +57,311 @@ + */ + public final class Transform extends SignatureElementProxy { + +- /** {@link java.util.logging} logging facility */ ++ /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(Transform.class.getName()); + +- /** Field _alreadyInitialized */ +- static boolean _alreadyInitialized = false; ++ /** Field _alreadyInitialized */ ++ private static boolean alreadyInitialized = false; + +- /** All available Transform classes are registered here */ +- static HashMap _transformHash = null; ++ /** All available Transform classes are registered here */ ++ private static HashMap transformClassHash = null; + +- /** Field transformSpi */ +- protected TransformSpi transformSpi = null; ++ private static HashMap transformSpiHash = new HashMap(); + +- /** +- * Constructs {@link Transform} +- * +- * @param doc the {@link Document} in which Transform will be placed +- * @param algorithmURI URI representation of +- * Transform algorithm will be specified as parameter of +- * {@link #getInstance(Document, String)}, when generate.
    +- * @param contextNodes the child node list of Transform element +- * @throws InvalidTransformException +- */ +- public Transform(Document doc, String algorithmURI, NodeList contextNodes) +- throws InvalidTransformException { ++ private TransformSpi transformSpi = null; + +- super(doc); ++ /** ++ * Constructs {@link Transform} ++ * ++ * @param doc the {@link Document} in which Transform will be ++ * placed ++ * @param algorithmURI URI representation of ++ * Transform algorithm which will be specified as parameter of ++ * {@link #getInstance(Document, String)}, when generated.
    ++ * @param contextNodes the child node list of Transform element ++ * @throws InvalidTransformException ++ */ ++ public Transform(Document doc, String algorithmURI, NodeList contextNodes) ++ throws InvalidTransformException { + +- try { +- this._constructionElement.setAttributeNS(null, Constants._ATT_ALGORITHM, +- algorithmURI); ++ super(doc); + +- Class implementingClass = +- Transform.getImplementingClass(algorithmURI); ++ this._constructionElement.setAttributeNS ++ (null, Constants._ATT_ALGORITHM, algorithmURI); + +- if(implementingClass == null) { ++ transformSpi = getTransformSpi(algorithmURI); ++ if (transformSpi == null) { + Object exArgs[] = { algorithmURI }; +- + throw new InvalidTransformException( + "signature.Transform.UnknownTransform", exArgs); +- } +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \"" +- + implementingClass + "\""); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The NodeList is " + contextNodes); +- } ++ } + +- // create the custom Transform object +- this.transformSpi = +- (TransformSpi) implementingClass.newInstance(); ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Create URI \"" + algorithmURI + "\" class \"" ++ + transformSpi.getClass() + "\""); ++ log.log(java.util.logging.Level.FINE, "The NodeList is " + contextNodes); ++ } + +- this.transformSpi.setTransform(this); ++ // give it to the current document ++ if (contextNodes != null) { ++ for (int i = 0; i < contextNodes.getLength(); i++) { ++ this._constructionElement.appendChild ++ (contextNodes.item(i).cloneNode(true)); ++ } ++ } ++ } + +- // give it to the current document +- if (contextNodes != null) { +- /* +- while (contextNodes.getLength() > 0) { +- this._constructionElement.appendChild(contextNodes.item(0)); +- } +- */ ++ /** ++ * This constructor can only be called from the {@link Transforms} object, ++ * so it's protected. ++ * ++ * @param element ds:Transform element ++ * @param BaseURI the URI of the resource where the XML instance was stored ++ * @throws InvalidTransformException ++ * @throws TransformationException ++ * @throws XMLSecurityException ++ */ ++ public Transform(Element element, String BaseURI) ++ throws InvalidTransformException, TransformationException, ++ XMLSecurityException { + +- for (int i = 0; i < contextNodes.getLength(); i++) { +- this._constructionElement.appendChild(contextNodes.item(i).cloneNode(true)); +- } ++ super(element, BaseURI); + +- } +- } catch (IllegalAccessException ex) { +- Object exArgs[] = { algorithmURI }; ++ // retrieve Algorithm Attribute from ds:Transform ++ String algorithmURI = element.getAttributeNS(null, Constants._ATT_ALGORITHM); + +- throw new InvalidTransformException( +- "signature.Transform.UnknownTransform", exArgs, ex); +- } catch (InstantiationException ex) { +- Object exArgs[] = { algorithmURI }; ++ if (algorithmURI == null || algorithmURI.length() == 0) { ++ Object exArgs[] = { Constants._ATT_ALGORITHM, ++ Constants._TAG_TRANSFORM }; ++ throw new TransformationException("xml.WrongContent", exArgs); ++ } + +- throw new InvalidTransformException( +- "signature.Transform.UnknownTransform", exArgs, ex); +- } +- } ++ transformSpi = getTransformSpi(algorithmURI); ++ if (transformSpi == null) { ++ Object exArgs[] = { algorithmURI }; ++ throw new InvalidTransformException( ++ "signature.Transform.UnknownTransform", exArgs); ++ } ++ } + +- /** +- * This constructor can only be called from the {@link Transforms} object, so +- * it's protected. +- * +- * @param element ds:Transform element +- * @param BaseURI the URI of the resource where the XML instance was stored +- * @throws InvalidTransformException +- * @throws TransformationException +- * @throws XMLSecurityException +- */ +- public Transform(Element element, String BaseURI) +- throws InvalidTransformException, TransformationException, +- XMLSecurityException { ++ /** ++ * Generates a Transform object that implements the specified ++ * Transform algorithm URI. ++ * ++ * @param algorithmURI Transform algorithm URI representation, ++ * such as specified in ++ * Transform algorithm ++ * @param doc the proxy {@link Document} ++ * @return {@link Transform} object ++ * @throws InvalidTransformException ++ */ ++ public static Transform getInstance( ++ Document doc, String algorithmURI) throws InvalidTransformException { ++ return getInstance(doc, algorithmURI, (NodeList) null); ++ } + +- super(element, BaseURI); ++ /** ++ * Generates a Transform object that implements the specified ++ * Transform algorithm URI. ++ * ++ * @param algorithmURI Transform algorithm URI representation, ++ * such as specified in ++ * Transform algorithm ++ * @param contextChild the child element of Transform element ++ * @param doc the proxy {@link Document} ++ * @return {@link Transform} object ++ * @throws InvalidTransformException ++ */ ++ public static Transform getInstance( ++ Document doc, String algorithmURI, Element contextChild) ++ throws InvalidTransformException { + +- // retrieve Algorithm Attribute from ds:Transform +- String AlgorithmURI = element.getAttributeNS(null, Constants._ATT_ALGORITHM); ++ HelperNodeList contextNodes = new HelperNodeList(); + +- if ((AlgorithmURI == null) || (AlgorithmURI.length() == 0)) { +- Object exArgs[] = { Constants._ATT_ALGORITHM, +- Constants._TAG_TRANSFORM }; ++ XMLUtils.addReturnToElement(doc, contextNodes); ++ contextNodes.appendChild(contextChild); ++ XMLUtils.addReturnToElement(doc, contextNodes); + +- throw new TransformationException("xml.WrongContent", exArgs); +- } ++ return getInstance(doc, algorithmURI, contextNodes); ++ } + +- try { +- Class implementingClass = (Class) _transformHash.get(AlgorithmURI); +- this.transformSpi = +- (TransformSpi) implementingClass.newInstance(); ++ /** ++ * Generates a Transform object that implements the specified ++ * Transform algorithm URI. ++ * ++ * @param algorithmURI Transform algorithm URI form, such as ++ * specified in ++ * Transform algorithm ++ * @param contextNodes the child node list of Transform element ++ * @param doc the proxy {@link Document} ++ * @return {@link Transform} object ++ * @throws InvalidTransformException ++ */ ++ public static Transform getInstance( ++ Document doc, String algorithmURI, NodeList contextNodes) ++ throws InvalidTransformException { ++ return new Transform(doc, algorithmURI, contextNodes); ++ } + +- this.transformSpi.setTransform(this); +- } catch (IllegalAccessException e) { +- Object exArgs[] = { AlgorithmURI }; ++ /** ++ * Initalizes for this {@link Transform}. ++ */ ++ public static void init() { ++ if (!alreadyInitialized) { ++ transformClassHash = new HashMap(10); ++ // make sure builtin algorithms are all registered first ++ com.sun.org.apache.xml.internal.security.Init.init(); ++ alreadyInitialized = true; ++ } ++ } + +- throw new InvalidTransformException( +- "signature.Transform.UnknownTransform", exArgs); +- } catch (InstantiationException e) { +- Object exArgs[] = { AlgorithmURI }; ++ /** ++ * Registers implementing class of the Transform algorithm with algorithmURI ++ * ++ * @param algorithmURI algorithmURI URI representation of ++ * Transform algorithm will be specified as parameter of ++ * {@link #getInstance(Document, String)}, when generate.
    ++ * @param implementingClass implementingClass the implementing ++ * class of {@link TransformSpi} ++ * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI ++ * is already registered ++ */ ++ public static void register(String algorithmURI, String implementingClass) ++ throws AlgorithmAlreadyRegisteredException { + +- throw new InvalidTransformException( +- "signature.Transform.UnknownTransform", exArgs); +- } catch (NullPointerException e) { +- Object exArgs[] = { AlgorithmURI }; +- +- throw new InvalidTransformException( +- "signature.Transform.UnknownTransform", exArgs); +- } +- } +- +- /** +- * Generates a Transform object that implements the specified Transform algorithm URI. +- * +- * @param algorithmURI Transform algorithm URI representation, such as specified in Transform algorithm +- * @param doc the proxy {@link Document} +- * @return {@link Transform} object +- * @throws InvalidTransformException +- */ +- public static final Transform getInstance( +- Document doc, String algorithmURI) throws InvalidTransformException { +- return Transform.getInstance(doc, algorithmURI, (NodeList) null); +- } +- +- /** +- * Generates a Transform object that implements the specified Transform algorithm URI. +- * +- * @param algorithmURI Transform algorithm URI representation, such as specified in Transform algorithm +- * @param contextChild the child element of Transform element +- * @param doc the proxy {@link Document} +- * @return {@link Transform} object +- * @throws InvalidTransformException +- */ +- public static final Transform getInstance( +- Document doc, String algorithmURI, Element contextChild) +- throws InvalidTransformException { +- +- HelperNodeList contextNodes = new HelperNodeList(); +- +- contextNodes.appendChild(doc.createTextNode("\n")); +- contextNodes.appendChild(contextChild); +- contextNodes.appendChild(doc.createTextNode("\n")); +- +- return Transform.getInstance(doc, algorithmURI, contextNodes); +- } +- +- /** +- * Generates a Transform object that implements the specified Transform algorithm URI. +- * +- * @param algorithmURI Transform algorithm URI form, such as specified in Transform algorithm +- * @param contextNodes the child node list of Transform element +- * @param doc the proxy {@link Document} +- * @return {@link Transform} object +- * @throws InvalidTransformException +- */ +- public static final Transform getInstance( +- Document doc, String algorithmURI, NodeList contextNodes) +- throws InvalidTransformException { +- return new Transform(doc, algorithmURI, contextNodes); +- } +- +- /** +- * Initalizes for this {@link Transform} +- * +- */ +- public static void init() { +- +- if (!_alreadyInitialized) { +- _transformHash = new HashMap(10); +- // make sure builtin algorithms are all registered first +- com.sun.org.apache.xml.internal.security.Init.init(); +- _alreadyInitialized = true; +- } +- } +- +- /** +- * Registers implementing class of the Transform algorithm with algorithmURI +- * +- * @param algorithmURI algorithmURI URI representation of Transform algorithm +- * will be specified as parameter of {@link #getInstance(Document, String)}, when generate.
    +- * @param implementingClass implementingClass the implementing class of {@link TransformSpi} +- * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered +- */ +- public static void register(String algorithmURI, String implementingClass) +- throws AlgorithmAlreadyRegisteredException { +- +- { +- +- // are we already registered? +- Class registeredClass = Transform.getImplementingClass(algorithmURI); +- +- if ((registeredClass != null) ) { ++ // are we already registered? ++ Class registeredClass = getImplementingClass(algorithmURI); ++ if ((registeredClass != null) ) { + Object exArgs[] = { algorithmURI, registeredClass }; +- + throw new AlgorithmAlreadyRegisteredException( + "algorithm.alreadyRegistered", exArgs); +- } ++ } + +- ClassLoader cl = Thread.currentThread().getContextClassLoader(); ++ ClassLoader cl = Thread.currentThread().getContextClassLoader(); + +- try { +- Transform._transformHash.put +- (algorithmURI, Class.forName(implementingClass, true, cl)); +- } catch (ClassNotFoundException e) { +- throw new RuntimeException(e); +- } +- } +- } ++ try { ++ transformClassHash.put ++ (algorithmURI, Class.forName(implementingClass, true, cl)); ++ } catch (ClassNotFoundException e) { ++ throw new RuntimeException(e); ++ } ++ } + +- /** +- * Returns the URI representation of Transformation algorithm +- * +- * @return the URI representation of Transformation algorithm +- */ +- public final String getURI() { +- return this._constructionElement.getAttributeNS(null, Constants._ATT_ALGORITHM); +- } ++ /** ++ * Returns the URI representation of Transformation algorithm ++ * ++ * @return the URI representation of Transformation algorithm ++ */ ++ public String getURI() { ++ return this._constructionElement.getAttributeNS ++ (null, Constants._ATT_ALGORITHM); ++ } + +- /** +- * Transforms the input, and generats {@link XMLSignatureInput} as output. +- * @param input input {@link XMLSignatureInput} which can supplied Octect Stream and NodeSet as Input of Transformation +- * +- * @return the {@link XMLSignatureInput} class as the result of transformation +- * @throws CanonicalizationException +- * @throws IOException +- * @throws InvalidCanonicalizerException +- * @throws TransformationException +- */ +- public XMLSignatureInput performTransform(XMLSignatureInput input) +- throws IOException, CanonicalizationException, +- InvalidCanonicalizerException, TransformationException { ++ /** ++ * Transforms the input, and generates {@link XMLSignatureInput} as output. ++ * ++ * @param input input {@link XMLSignatureInput} which can supplied Octet ++ * Stream and NodeSet as Input of Transformation ++ * @return the {@link XMLSignatureInput} class as the result of ++ * transformation ++ * @throws CanonicalizationException ++ * @throws IOException ++ * @throws InvalidCanonicalizerException ++ * @throws TransformationException ++ */ ++ public XMLSignatureInput performTransform(XMLSignatureInput input) ++ throws IOException, CanonicalizationException, ++ InvalidCanonicalizerException, TransformationException { + +- XMLSignatureInput result = null; ++ XMLSignatureInput result = null; + +- try { +- result = transformSpi.enginePerformTransform(input); +- } catch (ParserConfigurationException ex) { +- Object exArgs[] = { this.getURI(), "ParserConfigurationException" }; ++ try { ++ result = transformSpi.enginePerformTransform(input, this); ++ } catch (ParserConfigurationException ex) { ++ Object exArgs[] = { this.getURI(), "ParserConfigurationException" }; ++ throw new CanonicalizationException( ++ "signature.Transform.ErrorDuringTransform", exArgs, ex); ++ } catch (SAXException ex) { ++ Object exArgs[] = { this.getURI(), "SAXException" }; ++ throw new CanonicalizationException( ++ "signature.Transform.ErrorDuringTransform", exArgs, ex); ++ } + +- throw new CanonicalizationException( +- "signature.Transform.ErrorDuringTransform", exArgs, ex); +- } catch (SAXException ex) { +- Object exArgs[] = { this.getURI(), "SAXException" }; ++ return result; ++ } + +- throw new CanonicalizationException( +- "signature.Transform.ErrorDuringTransform", exArgs, ex); +- } ++ /** ++ * Transforms the input, and generates {@link XMLSignatureInput} as output. ++ * ++ * @param input input {@link XMLSignatureInput} which can supplied Octet ++ * Stream and NodeSet as Input of Transformation ++ * @param os where to output the result of the last transformation ++ * @return the {@link XMLSignatureInput} class as the result of ++ * transformation ++ * @throws CanonicalizationException ++ * @throws IOException ++ * @throws InvalidCanonicalizerException ++ * @throws TransformationException ++ */ ++ public XMLSignatureInput performTransform(XMLSignatureInput input, ++ OutputStream os) throws IOException, CanonicalizationException, ++ InvalidCanonicalizerException, TransformationException { + +- return result; +- } ++ XMLSignatureInput result = null; + +- /** +- * Transforms the input, and generats {@link XMLSignatureInput} as output. +- * @param input input {@link XMLSignatureInput} which can supplied Octect Stream and NodeSet as Input of Transformation +- * @param os where to output the result of the last transformation +- * +- * @return the {@link XMLSignatureInput} class as the result of transformation +- * @throws CanonicalizationException +- * @throws IOException +- * @throws InvalidCanonicalizerException +- * @throws TransformationException +- */ +- public XMLSignatureInput performTransform(XMLSignatureInput input, OutputStream os) +- throws IOException, CanonicalizationException, +- InvalidCanonicalizerException, TransformationException { ++ try { ++ result = transformSpi.enginePerformTransform(input, os, this); ++ } catch (ParserConfigurationException ex) { ++ Object exArgs[] = { this.getURI(), "ParserConfigurationException" }; ++ throw new CanonicalizationException( ++ "signature.Transform.ErrorDuringTransform", exArgs, ex); ++ } catch (SAXException ex) { ++ Object exArgs[] = { this.getURI(), "SAXException" }; ++ throw new CanonicalizationException( ++ "signature.Transform.ErrorDuringTransform", exArgs, ex); ++ } + +- XMLSignatureInput result = null; ++ return result; ++ } + +- try { +- result = transformSpi.enginePerformTransform(input,os); +- } catch (ParserConfigurationException ex) { +- Object exArgs[] = { this.getURI(), "ParserConfigurationException" }; ++ /** ++ * Method getImplementingClass ++ * ++ * @param URI ++ * @return The name of the class implementing the URI. ++ */ ++ private static Class getImplementingClass(String URI) { ++ return (Class) transformClassHash.get(URI); ++ } + +- throw new CanonicalizationException( +- "signature.Transform.ErrorDuringTransform", exArgs, ex); +- } catch (SAXException ex) { +- Object exArgs[] = { this.getURI(), "SAXException" }; ++ private static TransformSpi getTransformSpi(String URI) ++ throws InvalidTransformException { ++ try { ++ Object value = transformSpiHash.get(URI); ++ if (value != null) { ++ return (TransformSpi) value; ++ } ++ Class cl = (Class) transformClassHash.get(URI); ++ if (cl != null) { ++ TransformSpi tr = (TransformSpi) cl.newInstance(); ++ transformSpiHash.put(URI, tr); ++ return tr; ++ } ++ } catch (InstantiationException ex) { ++ Object exArgs[] = { URI }; ++ throw new InvalidTransformException( ++ "signature.Transform.UnknownTransform", exArgs, ex); ++ } catch (IllegalAccessException ex) { ++ Object exArgs[] = { URI }; ++ throw new InvalidTransformException( ++ "signature.Transform.UnknownTransform", exArgs, ex); ++ } ++ return null; ++ } + +- throw new CanonicalizationException( +- "signature.Transform.ErrorDuringTransform", exArgs, ex); +- } +- +- return result; +- } +- +- /** +- * Method getImplementingClass +- * +- * @param URI +- * @return The name of the class implementing the URI. +- */ +- private static Class getImplementingClass(String URI) { +- return (Class)Transform._transformHash.get(URI); +- } +- +- +- /** @inheritDoc */ +- public String getBaseLocalName() { +- return Constants._TAG_TRANSFORM; +- } ++ /** @inheritDoc */ ++ public String getBaseLocalName() { ++ return Constants._TAG_TRANSFORM; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformParam.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformParam.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformParam.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformParam.java +@@ -23,7 +23,7 @@ + + /** + * +- * @author $Author: blautenb $ ++ * @author $Author: mullan $ + */ + + public interface TransformParam { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,11 +20,8 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms; + +- +- + import java.io.IOException; + import java.io.OutputStream; +- + import javax.xml.parsers.ParserConfigurationException; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; +@@ -33,68 +29,109 @@ + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; + import org.xml.sax.SAXException; + +- + /** + * Base class which all Transform algorithms extend. The common methods that +- * have to be overridden are the {@link #enginePerformTransform(XMLSignatureInput)} method. ++ * have to be overridden are the ++ * {@link #enginePerformTransform(XMLSignatureInput, Transform)} method. + * + * @author Christian Geuer-Pollmann + */ + public abstract class TransformSpi { ++ /** ++ * For API compatibility not thread safe. ++ * @deprecated ++ */ ++ protected Transform _transformObject = null; ++ /** ++ * Set the transform object. ++ * Depeprecated For API compatibility. ++ * @param transform the Transform ++ * @deprecated ++ */ ++ protected void setTransform(Transform transform) { ++ this._transformObject = transform; ++ } ++ /** ++ * The mega method which MUST be implemented by the Transformation Algorithm. ++ * ++ * @param input {@link XMLSignatureInput} as the input of transformation ++ * @param os where to output this transformation. ++ * @param _transformObject the Transform ++ * @return {@link XMLSignatureInput} as the result of transformation ++ * @throws CanonicalizationException ++ * @throws IOException ++ * @throws InvalidCanonicalizerException ++ * @throws ParserConfigurationException ++ * @throws SAXException ++ * @throws TransformationException ++ */ ++ protected XMLSignatureInput enginePerformTransform( ++ XMLSignatureInput input, OutputStream os, Transform _transformObject) ++ throws IOException, ++ CanonicalizationException, InvalidCanonicalizerException, ++ TransformationException, ParserConfigurationException, ++ SAXException { ++ return enginePerformTransform(input, _transformObject); ++ } ++ /** ++ * The mega method which MUST be implemented by the Transformation Algorithm. ++ * In order to be compatible with preexisting Transform implementations, ++ * by default this implementation invokes the deprecated, thread-unsafe ++ * methods. Subclasses should override this with a thread-safe ++ * implementation. ++ * ++ * @param input {@link XMLSignatureInput} as the input of transformation ++ * @param _transformObject the Transform ++ * @return {@link XMLSignatureInput} as the result of transformation ++ * @throws CanonicalizationException ++ * @throws IOException ++ * @throws InvalidCanonicalizerException ++ * @throws ParserConfigurationException ++ * @throws SAXException ++ * @throws TransformationException ++ */ ++ protected XMLSignatureInput enginePerformTransform( ++ XMLSignatureInput input, Transform _transformObject) ++ throws IOException, ++ CanonicalizationException, InvalidCanonicalizerException, ++ TransformationException, ParserConfigurationException, ++ SAXException { ++ //Default implementation overide with a much better ++ try { ++ TransformSpi tmp = (TransformSpi) getClass().newInstance(); ++ tmp.setTransform(_transformObject); ++ return tmp.enginePerformTransform(input); ++ } catch (InstantiationException e) { ++ throw new TransformationException("",e); ++ } catch (IllegalAccessException e) { ++ throw new TransformationException("",e); ++ } ++ } + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(TransformSpi.class.getName()); +- +- protected Transform _transformObject = null; +- protected void setTransform(Transform transform) { +- this._transformObject = transform; +- } +- +- /** +- * The mega method which MUST be implemented by the Transformation Algorithm. +- * +- * @param input {@link XMLSignatureInput} as the input of transformation +- * @param os where to output this transformation. +- * @return {@link XMLSignatureInput} as the result of transformation +- * @throws CanonicalizationException +- * @throws IOException +- * @throws InvalidCanonicalizerException +- * @throws ParserConfigurationException +- * @throws SAXException +- * @throws TransformationException +- */ +- protected XMLSignatureInput enginePerformTransform( +- XMLSignatureInput input, OutputStream os) +- throws IOException, +- CanonicalizationException, InvalidCanonicalizerException, +- TransformationException, ParserConfigurationException, +- SAXException { +- return enginePerformTransform(input); +- } +- /** +- * The mega method which MUST be implemented by the Transformation Algorithm. +- * +- * @param input {@link XMLSignatureInput} as the input of transformation +- * @return {@link XMLSignatureInput} as the result of transformation +- * @throws CanonicalizationException +- * @throws IOException +- * @throws InvalidCanonicalizerException +- * @throws ParserConfigurationException +- * @throws SAXException +- * @throws TransformationException +- */ +- protected abstract XMLSignatureInput enginePerformTransform( +- XMLSignatureInput input) +- throws IOException, +- CanonicalizationException, InvalidCanonicalizerException, +- TransformationException, ParserConfigurationException, +- SAXException; +- +- /** +- * Returns the URI representation of Transformation algorithm +- * +- * @return the URI representation of Transformation algorithm +- */ +- protected abstract String engineGetURI(); ++ /** ++ * The mega method which MUST be implemented by the Transformation Algorithm. ++ * @deprecated ++ * @param input {@link XMLSignatureInput} as the input of transformation ++ * @return {@link XMLSignatureInput} as the result of transformation ++ * @throws CanonicalizationException ++ * @throws IOException ++ * @throws InvalidCanonicalizerException ++ * @throws ParserConfigurationException ++ * @throws SAXException ++ * @throws TransformationException ++ */ ++ protected XMLSignatureInput enginePerformTransform( ++ XMLSignatureInput input) ++ throws IOException, ++ CanonicalizationException, InvalidCanonicalizerException, ++ TransformationException, ParserConfigurationException, ++ SAXException { ++ throw new UnsupportedOperationException(); ++ } ++ /** ++ * Returns the URI representation of Transformation algorithm ++ * ++ * @return the URI representation of Transformation algorithm ++ */ ++ protected abstract String engineGetURI(); + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformationException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformationException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformationException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformationException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transforms.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transforms.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transforms.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transforms.java +@@ -3,7 +3,7 @@ + * DO NOT REMOVE OR ALTER! + */ + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 1999-2008 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms; + +- +- + import java.io.IOException; + import java.io.OutputStream; + +@@ -39,11 +37,13 @@ + import org.w3c.dom.Element; + import org.w3c.dom.NodeList; + +- + /** +- * Holder of the {@link com.sun.org.apache.xml.internal.security.transforms.Transform} steps to be performed on the data. +- * The input to the first Transform is the result of dereferencing the URI attribute of the Reference element. +- * The output from the last Transform is the input for the DigestMethod algorithm ++ * Holder of the {@link com.sun.org.apache.xml.internal.security.transforms.Transform} steps to ++ * be performed on the data. ++ * The input to the first Transform is the result of dereferencing the ++ * URI attribute of the Reference element. ++ * The output from the last Transform is the input for the ++ * DigestMethod algorithm + * + * @author Christian Geuer-Pollmann + * @see Transform +@@ -51,252 +51,273 @@ + */ + public class Transforms extends SignatureElementProxy { + +- /** {@link java.util.logging} logging facility */ ++ /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(Transforms.class.getName()); +- //J- +- /** Canonicalization - Required Canonical XML (omits comments) */ +- public static final String TRANSFORM_C14N_OMIT_COMMENTS = Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS; +- /** Canonicalization - Recommended Canonical XML with Comments */ +- public static final String TRANSFORM_C14N_WITH_COMMENTS = Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS; +- /** Canonicalization - Required Exclusive Canonicalization (omits comments) */ +- public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS; +- /** Canonicalization - Recommended Exclusive Canonicalization with Comments */ +- public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS = Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS; +- /** Transform - Optional XSLT */ +- public static final String TRANSFORM_XSLT = "http://www.w3.org/TR/1999/REC-xslt-19991116"; +- /** Transform - Required base64 decoding */ +- public static final String TRANSFORM_BASE64_DECODE = Constants.SignatureSpecNS + "base64"; +- /** Transform - Recommended XPath */ +- public static final String TRANSFORM_XPATH = "http://www.w3.org/TR/1999/REC-xpath-19991116"; +- /** Transform - Required Enveloped Signature */ +- public static final String TRANSFORM_ENVELOPED_SIGNATURE = Constants.SignatureSpecNS + "enveloped-signature"; +- /** Transform - XPointer */ +- public static final String TRANSFORM_XPOINTER = "http://www.w3.org/TR/2001/WD-xptr-20010108"; +- /** Transform - XPath Filter v2.0 */ +- public static final String TRANSFORM_XPATH2FILTER04 = "http://www.w3.org/2002/04/xmldsig-filter2"; +- /** Transform - XPath Filter */ +- public static final String TRANSFORM_XPATH2FILTER = "http://www.w3.org/2002/06/xmldsig-filter2"; +- /** Transform - XPath Filter CHGP private*/ +- public static final String TRANSFORM_XPATHFILTERCHGP = "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"; +- //J+ +- Element []transforms; +- /** +- * Consturcts {@link Transforms} +- * +- * @param doc the {@link Document} in which XMLsignature will be placed +- */ +- public Transforms(Document doc) { ++ /** Canonicalization - Required Canonical XML (omits comments) */ ++ public static final String TRANSFORM_C14N_OMIT_COMMENTS ++ = Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS; ++ /** Canonicalization - Recommended Canonical XML with Comments */ ++ public static final String TRANSFORM_C14N_WITH_COMMENTS ++ = Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS; ++ /** Canonicalization - Required Canonical XML 1.1 (omits comments) */ ++ public static final String TRANSFORM_C14N11_OMIT_COMMENTS ++ = Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS; ++ /** Canonicalization - Recommended Canonical XML 1.1 with Comments */ ++ public static final String TRANSFORM_C14N11_WITH_COMMENTS ++ = Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS; ++ /** Canonicalization - Required Exclusive Canonicalization (omits comments) */ ++ public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS ++ = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS; ++ /** Canonicalization - Recommended Exclusive Canonicalization with Comments */ ++ public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS ++ = Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS; ++ /** Transform - Optional XSLT */ ++ public static final String TRANSFORM_XSLT ++ = "http://www.w3.org/TR/1999/REC-xslt-19991116"; ++ /** Transform - Required base64 decoding */ ++ public static final String TRANSFORM_BASE64_DECODE ++ = Constants.SignatureSpecNS + "base64"; ++ /** Transform - Recommended XPath */ ++ public static final String TRANSFORM_XPATH ++ = "http://www.w3.org/TR/1999/REC-xpath-19991116"; ++ /** Transform - Required Enveloped Signature */ ++ public static final String TRANSFORM_ENVELOPED_SIGNATURE ++ = Constants.SignatureSpecNS + "enveloped-signature"; ++ /** Transform - XPointer */ ++ public static final String TRANSFORM_XPOINTER ++ = "http://www.w3.org/TR/2001/WD-xptr-20010108"; ++ /** Transform - XPath Filter v2.0 */ ++ public static final String TRANSFORM_XPATH2FILTER04 ++ = "http://www.w3.org/2002/04/xmldsig-filter2"; ++ /** Transform - XPath Filter */ ++ public static final String TRANSFORM_XPATH2FILTER ++ = "http://www.w3.org/2002/06/xmldsig-filter2"; ++ /** Transform - XPath Filter CHGP private */ ++ public static final String TRANSFORM_XPATHFILTERCHGP ++ = "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"; + +- super(doc); ++ Element []transforms; + +- XMLUtils.addReturnToElement(this._constructionElement); +- } ++ protected Transforms() { }; + +- /** +- * Consturcts {@link Transforms} from {@link Element} which is Transforms Element +- * +- * @param element is Transforms element +- * @param BaseURI the URI where the XML instance was stored +- * @throws DOMException +- * @throws InvalidTransformException +- * @throws TransformationException +- * @throws XMLSecurityException +- * @throws XMLSignatureException +- */ +- public Transforms(Element element, String BaseURI) ++ /** ++ * Constructs {@link Transforms}. ++ * ++ * @param doc the {@link Document} in which XMLSignature will ++ * be placed ++ */ ++ public Transforms(Document doc) { ++ super(doc); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } ++ ++ /** ++ * Constructs {@link Transforms} from {@link Element} which is ++ * Transforms Element ++ * ++ * @param element is Transforms element ++ * @param BaseURI the URI where the XML instance was stored ++ * @throws DOMException ++ * @throws InvalidTransformException ++ * @throws TransformationException ++ * @throws XMLSecurityException ++ * @throws XMLSignatureException ++ */ ++ public Transforms(Element element, String BaseURI) + throws DOMException, XMLSignatureException, + InvalidTransformException, TransformationException, + XMLSecurityException { + +- super(element, BaseURI); ++ super(element, BaseURI); + +- int numberOfTransformElems = this.getLength(); ++ int numberOfTransformElems = this.getLength(); + +- if (numberOfTransformElems == 0) { ++ if (numberOfTransformElems == 0) { + +- // At least ont Transform element must be present. Bad. +- Object exArgs[] = { Constants._TAG_TRANSFORM, +- Constants._TAG_TRANSFORMS }; ++ // At least one Transform element must be present. Bad. ++ Object exArgs[] = { Constants._TAG_TRANSFORM, ++ Constants._TAG_TRANSFORMS }; + +- throw new TransformationException("xml.WrongContent", exArgs); +- } +- } ++ throw new TransformationException("xml.WrongContent", exArgs); ++ } ++ } + +- /** +- * Adds the Transform with the specified Transform algorithm URI +- * +- * @param transformURI the URI form of transform that indicates which transformation is applied to data +- * @throws TransformationException +- */ +- public void addTransform(String transformURI) ++ /** ++ * Adds the Transform with the specified Transform ++ * algorithm URI ++ * ++ * @param transformURI the URI form of transform that indicates which ++ * transformation is applied to data ++ * @throws TransformationException ++ */ ++ public void addTransform(String transformURI) + throws TransformationException { + +- try { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")"); ++ try { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")"); + +- Transform transform = Transform.getInstance(this._doc, transformURI); ++ Transform transform = ++ Transform.getInstance(this._doc, transformURI); + +- this.addTransform(transform); +- } catch (InvalidTransformException ex) { +- throw new TransformationException("empty", ex); +- } +- } ++ this.addTransform(transform); ++ } catch (InvalidTransformException ex) { ++ throw new TransformationException("empty", ex); ++ } ++ } + +- /** +- * Adds the Transform with the specified Transform algorithm URI +- * +- * @param transformURI the URI form of transform that indicates which transformation is applied to data +- * @param contextElement +- * @throws TransformationException +- * @see Transform#getInstance(Document doc, String algorithmURI, Element childElement) +- */ +- public void addTransform(String transformURI, Element contextElement) ++ /** ++ * Adds the Transform with the specified Transform ++ * algorithm URI ++ * ++ * @param transformURI the URI form of transform that indicates which ++ * transformation is applied to data ++ * @param contextElement ++ * @throws TransformationException ++ * @see Transform#getInstance(Document doc, String algorithmURI, Element childElement) ++ */ ++ public void addTransform(String transformURI, Element contextElement) + throws TransformationException { + +- try { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")"); ++ try { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transformURI + ")"); + +- Transform transform = Transform.getInstance(this._doc, transformURI, +- contextElement); ++ Transform transform = ++ Transform.getInstance(this._doc, transformURI, contextElement); + +- this.addTransform(transform); +- } catch (InvalidTransformException ex) { +- throw new TransformationException("empty", ex); +- } +- } ++ this.addTransform(transform); ++ } catch (InvalidTransformException ex) { ++ throw new TransformationException("empty", ex); ++ } ++ } + +- /** +- * Adds the Transform with the specified Transform algorithm URI +- * +- * @param transformURI the URI form of transform that indicates which transformation is applied to data +- * @param contextNodes +- * @throws TransformationException +- * @see Transform#getInstance(Document doc, String algorithmURI, NodeList contextNodes) +- */ +- public void addTransform(String transformURI, NodeList contextNodes) ++ /** ++ * Adds the Transform with the specified Transform ++ * algorithm URI. ++ * ++ * @param transformURI the URI form of transform that indicates which ++ * transformation is applied to data ++ * @param contextNodes ++ * @throws TransformationException ++ * @see Transform#getInstance(Document doc, String algorithmURI, NodeList contextNodes) ++ */ ++ public void addTransform(String transformURI, NodeList contextNodes) + throws TransformationException { + +- try { +- Transform transform = Transform.getInstance(this._doc, transformURI, +- contextNodes); ++ try { ++ Transform transform = ++ Transform.getInstance(this._doc, transformURI, contextNodes); ++ this.addTransform(transform); ++ } catch (InvalidTransformException ex) { ++ throw new TransformationException("empty", ex); ++ } ++ } + +- this.addTransform(transform); +- } catch (InvalidTransformException ex) { +- throw new TransformationException("empty", ex); +- } +- } ++ /** ++ * Adds a user-provided Transform step. ++ * ++ * @param transform {@link Transform} object ++ */ ++ private void addTransform(Transform transform) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transform.getURI() + ")"); + +- /** +- * Adds a user-provided Transform step. +- * +- * @param transform {@link Transform} object +- */ +- private void addTransform(Transform transform) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Transforms.addTransform(" + transform.getURI() + ")"); ++ Element transformElement = transform.getElement(); + +- Element transformElement = transform.getElement(); ++ this._constructionElement.appendChild(transformElement); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ } + +- this._constructionElement.appendChild(transformElement); +- XMLUtils.addReturnToElement(this._constructionElement); +- } ++ /** ++ * Applies all included Transforms to xmlSignatureInput and ++ * returns the result of these transformations. ++ * ++ * @param xmlSignatureInput the input for the Transforms ++ * @return the result of the Transforms ++ * @throws TransformationException ++ */ ++ public XMLSignatureInput performTransforms( ++ XMLSignatureInput xmlSignatureInput) throws TransformationException { ++ return performTransforms(xmlSignatureInput, null); ++ } + +- /** +- * Applies all included Transforms to xmlSignatureInput and returns the result of these transformations. +- * +- * @param xmlSignatureInput the input for the Transforms +- * @return the result of the Transforms +- * @throws TransformationException +- */ +- public XMLSignatureInput performTransforms( +- XMLSignatureInput xmlSignatureInput) throws TransformationException { +- return performTransforms(xmlSignatureInput,null); +- } ++ /** ++ * Applies all included Transforms to xmlSignatureInput and ++ * returns the result of these transformations. ++ * ++ * @param xmlSignatureInput the input for the Transforms ++ * @param os where to output the last transformation. ++ * @return the result of the Transforms ++ * @throws TransformationException ++ */ ++ public XMLSignatureInput performTransforms( ++ XMLSignatureInput xmlSignatureInput, OutputStream os) ++ throws TransformationException { + +- /** +- * Applies all included Transforms to xmlSignatureInput and returns the result of these transformations. +- * +- * @param xmlSignatureInput the input for the Transforms +- * @param os where to output the last transformation. +- * @return the result of the Transforms +- * @throws TransformationException +- */ +- public XMLSignatureInput performTransforms( +- XMLSignatureInput xmlSignatureInput,OutputStream os) throws TransformationException { ++ try { ++ int last=this.getLength()-1; ++ for (int i = 0; i < last; i++) { ++ Transform t = this.item(i); ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Perform the (" + i + ")th " + t.getURI() ++ + " transform"); ++ } ++ xmlSignatureInput = t.performTransform(xmlSignatureInput); ++ } ++ if (last>=0) { ++ Transform t = this.item(last); ++ xmlSignatureInput = t.performTransform(xmlSignatureInput, os); ++ } + +- try { +- int last=this.getLength()-1; +- for (int i = 0; i < last; i++) { +- Transform t = this.item(i); +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Preform the (" + i + ")th " + t.getURI() + " transform"); ++ return xmlSignatureInput; ++ } catch (IOException ex) { ++ throw new TransformationException("empty", ex); ++ } catch (CanonicalizationException ex) { ++ throw new TransformationException("empty", ex); ++ } catch (InvalidCanonicalizerException ex) { ++ throw new TransformationException("empty", ex); ++ } ++ } ++ ++ /** ++ * Return the nonnegative number of transformations. ++ * ++ * @return the number of transformations ++ */ ++ public int getLength() ++ { ++ if (transforms == null) { ++ transforms = XMLUtils.selectDsNodes ++ (this._constructionElement.getFirstChild(), "Transform"); ++ } ++ return transforms.length; ++ } ++ ++ /** ++ * Return the ith {@link Transform}. ++ * Valid i values are 0 to {@link #getLength}-1. ++ * ++ * @param i index of {@link Transform} to return ++ * @return the ith Transform ++ * @throws TransformationException ++ */ ++ public Transform item(int i) throws TransformationException { ++ ++ try { ++ if (transforms == null) { ++ transforms = XMLUtils.selectDsNodes ++ (this._constructionElement.getFirstChild(), "Transform"); + } +- xmlSignatureInput = t.performTransform(xmlSignatureInput); +- } +- if (last>=0) { +- Transform t = this.item(last); +- xmlSignatureInput = t.performTransform(xmlSignatureInput, os); +- } ++ return new Transform(transforms[i], this._baseURI); ++ } catch (XMLSecurityException ex) { ++ throw new TransformationException("empty", ex); ++ } ++ } + +- +- return xmlSignatureInput; +- } catch (IOException ex) { +- throw new TransformationException("empty", ex); +- // } catch (ParserConfigurationException ex) { throw new TransformationException("empty", ex); +- // } catch (SAXException ex) { throw new TransformationException("empty", ex); +- } catch (CanonicalizationException ex) { +- throw new TransformationException("empty", ex); +- } catch (InvalidCanonicalizerException ex) { +- throw new TransformationException("empty", ex); +- } +- } +- +- /** +- * Return the nonnegative number of transformations. +- * +- * @return the number of transformations +- */ +- public int getLength() +- { +- /*Element nscontext = XMLUtils.createDSctx(this._doc, "ds", +- Constants.SignatureSpecNS); +- NodeList transformElems = +- XPathAPI.selectNodeList(this._constructionElement, +- "./ds:Transform", nscontext); +- return transformElems.getLength();*/ +- if (transforms==null) { +- transforms=XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(), +- "Transform"); +- } +- return transforms.length; +- } +- +- /** +- * Return the ith {@link Transform}. +- * Valid i values are 0 to {@link #getLength}-1. +- * +- * @param i index of {@link Transform} to return +- * @return the ith transforms +- * @throws TransformationException +- */ +- public Transform item(int i) throws TransformationException { +- +- try { +- if (transforms==null) { +- transforms=XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(), +- "Transform"); +- } +- return new Transform(transforms[i], this._baseURI); +- } catch (XMLSecurityException ex) { +- throw new TransformationException("empty", ex); +- } +- } +- +- /** @inheritDoc */ +- public String getBaseLocalName() { +- return Constants._TAG_TRANSFORMS; +- } ++ /** @inheritDoc */ ++ public String getBaseLocalName() { ++ return Constants._TAG_TRANSFORMS; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java +@@ -62,7 +62,7 @@ + * -scott + * + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * @see com.sun.org.apache.xml.internal.security.transforms.implementations.FuncHere + * @see com.sun.org.apache.xml.internal.security.utils.XPathFuncHereAPI + * @see XML Signature - The here() function +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformBase64Decode.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -33,6 +32,7 @@ + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.TransformationException; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; +@@ -43,7 +43,6 @@ + import org.w3c.dom.Text; + import org.xml.sax.SAXException; + +- + /** + * Implements the http://www.w3.org/2000/09/xmldsig#base64 decoding + * transform. +@@ -95,13 +94,15 @@ + * @throws IOException + * @throws TransformationException + */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, Transform _transformObject) + throws IOException, CanonicalizationException, + TransformationException { +- return enginePerformTransform(input,null); ++ return enginePerformTransform(input, null, _transformObject); + } ++ + protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, +- OutputStream os) ++ OutputStream os, Transform _transformObject) + throws IOException, CanonicalizationException, + TransformationException { + try { +@@ -116,7 +117,7 @@ + byte[] decodedBytes = Base64.decode(sb.toString()); + return new XMLSignatureInput(decodedBytes); + } +- Base64.decode(sb.toString().getBytes(),os); ++ Base64.decode(sb.toString(),os); + XMLSignatureInput output=new XMLSignatureInput((byte[])null); + output.setOutputStream(os); + return output; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N.java +@@ -20,17 +20,15 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms.implementations; + +- +- + import java.io.OutputStream; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; + +- + /** + * Implements the http://www.w3.org/TR/2001/REC-xml-c14n-20010315 + * transform. +@@ -54,18 +52,19 @@ + /** + * @inheritDoc + */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, Transform _transformObject) + throws CanonicalizationException { +- return enginePerformTransform(input,null); ++ return enginePerformTransform(input, null, _transformObject); + } +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os) ++ ++ protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject) + throws CanonicalizationException { + Canonicalizer20010315OmitComments c14n = new Canonicalizer20010315OmitComments(); + if (os!=null) { + c14n.setWriter(os); + } + byte[] result = null; +- input.setNeedsToBeExpanded(true); + result=c14n.engineCanonicalize(input); + XMLSignatureInput output=new XMLSignatureInput(result); + if (os!=null) { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11.java +@@ -0,0 +1,65 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2008 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++package com.sun.org.apache.xml.internal.security.transforms.implementations; ++ ++import java.io.OutputStream; ++ ++import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; ++import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments; ++import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; ++import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; ++import com.sun.org.apache.xml.internal.security.transforms.Transforms; ++ ++/** ++ * Implements the http://www.w3.org/2006/12/xml-c14n11 ++ * (C14N 1.1) transform. ++ * ++ * @author Sean Mullan ++ */ ++public class TransformC14N11 extends TransformSpi { ++ ++ protected String engineGetURI() { ++ return Transforms.TRANSFORM_C14N11_OMIT_COMMENTS; ++ } ++ ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, Transform transform) ++ throws CanonicalizationException { ++ return enginePerformTransform(input, null, transform); ++ } ++ ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, OutputStream os, Transform transform) ++ throws CanonicalizationException { ++ Canonicalizer11_OmitComments c14n = new Canonicalizer11_OmitComments(); ++ if (os != null) { ++ c14n.setWriter(os); ++ } ++ byte[] result = null; ++ result = c14n.engineCanonicalize(input); ++ XMLSignatureInput output = new XMLSignatureInput(result); ++ if (os != null) { ++ output.setOutputStream(os); ++ } ++ return output; ++ } ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11_WithComments.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11_WithComments.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14N11_WithComments.java +@@ -0,0 +1,67 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2008 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++package com.sun.org.apache.xml.internal.security.transforms.implementations; ++ ++import java.io.OutputStream; ++ ++import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; ++import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments; ++import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; ++import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; ++import com.sun.org.apache.xml.internal.security.transforms.Transforms; ++ ++/** ++ * Implements the http://www.w3.org/2006/12/xml-c14n-11#WithComments ++ * (C14N 1.1 With Comments) transform. ++ * ++ * @author Sean Mullan ++ */ ++public class TransformC14N11_WithComments extends TransformSpi { ++ ++ protected String engineGetURI() { ++ return Transforms.TRANSFORM_C14N11_WITH_COMMENTS; ++ } ++ ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, Transform transform) ++ throws CanonicalizationException { ++ return enginePerformTransform(input, null, transform); ++ } ++ ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, OutputStream os, Transform transform) ++ throws CanonicalizationException { ++ ++ Canonicalizer11_WithComments c14n = new Canonicalizer11_WithComments(); ++ if (os != null) { ++ c14n.setWriter(os); ++ } ++ ++ byte[] result = null; ++ result = c14n.engineCanonicalize(input); ++ XMLSignatureInput output = new XMLSignatureInput(result); ++ if (os != null) { ++ output.setOutputStream(os); ++ } ++ return output; ++ } ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusive.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusive.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusive.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusive.java +@@ -20,25 +20,24 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms.implementations; + +- +- + import java.io.OutputStream; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments; + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; + import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces; + import com.sun.org.apache.xml.internal.security.utils.XMLUtils; + import org.w3c.dom.Element; + +- + /** + * Class TransformC14NExclusive + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public class TransformC14NExclusive extends TransformSpi { + +@@ -46,7 +45,6 @@ + public static final String implementedTransformURI = + Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS; + +- + /** + * Method engineGetURI + * +@@ -63,27 +61,29 @@ + * @return the transformed of the input + * @throws CanonicalizationException + */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, Transform _transformObject) + throws CanonicalizationException { +- return enginePerformTransform(input,null); ++ return enginePerformTransform(input, null, _transformObject); + } +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os) ++ ++ protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject) + throws CanonicalizationException { + try { + String inclusiveNamespaces = null; + +- if (this._transformObject ++ if (_transformObject + .length(InclusiveNamespaces + .ExclusiveCanonicalizationNamespace, InclusiveNamespaces + ._TAG_EC_INCLUSIVENAMESPACES) == 1) { + Element inclusiveElement = + XMLUtils.selectNode( +- this._transformObject.getElement().getFirstChild(), ++ _transformObject.getElement().getFirstChild(), + InclusiveNamespaces.ExclusiveCanonicalizationNamespace, + InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0); + + inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement, +- this._transformObject.getBaseURI()).getInclusiveNamespaces(); ++ _transformObject.getBaseURI()).getInclusiveNamespaces(); + } + + Canonicalizer20010315ExclOmitComments c14n = +@@ -92,7 +92,6 @@ + c14n.setWriter(os); + } + byte []result; +- input.setNeedsToBeExpanded(true); + result =c14n.engineCanonicalize(input, inclusiveNamespaces); + + XMLSignatureInput output=new XMLSignatureInput(result); +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusiveWithComments.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusiveWithComments.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusiveWithComments.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NExclusiveWithComments.java +@@ -20,21 +20,19 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms.implementations; + +- +- + import java.io.OutputStream; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments; + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; + import com.sun.org.apache.xml.internal.security.transforms.params.InclusiveNamespaces; + import com.sun.org.apache.xml.internal.security.utils.XMLUtils; + import org.w3c.dom.Element; + +- + /** + * Implements the http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments + * transform. +@@ -47,7 +45,6 @@ + public static final String implementedTransformURI = + Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS; + +- + /** + * Method engineGetURI + *@inheritDoc +@@ -60,27 +57,29 @@ + /** + * @inheritDoc + */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, Transform _transformObject) + throws CanonicalizationException { +- return enginePerformTransform(input,null); ++ return enginePerformTransform(input, null, _transformObject); + } +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os) ++ ++ protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject) + throws CanonicalizationException { + try { + String inclusiveNamespaces = null; + +- if (this._transformObject ++ if (_transformObject + .length(InclusiveNamespaces + .ExclusiveCanonicalizationNamespace, InclusiveNamespaces + ._TAG_EC_INCLUSIVENAMESPACES) == 1) { + Element inclusiveElement = + XMLUtils.selectNode( +- this._transformObject.getElement().getFirstChild(), ++ _transformObject.getElement().getFirstChild(), + InclusiveNamespaces.ExclusiveCanonicalizationNamespace, + InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0); + + inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement, +- this._transformObject.getBaseURI()).getInclusiveNamespaces(); ++ _transformObject.getBaseURI()).getInclusiveNamespaces(); + } + + Canonicalizer20010315ExclWithComments c14n = +@@ -88,7 +87,6 @@ + if (os!=null) { + c14n.setWriter( os); + } +- input.setNeedsToBeExpanded(true); + byte []result; + result =c14n.engineCanonicalize(input, inclusiveNamespaces); + XMLSignatureInput output=new XMLSignatureInput(result); +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NWithComments.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NWithComments.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NWithComments.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformC14NWithComments.java +@@ -20,17 +20,15 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms.implementations; + +- +- + import java.io.OutputStream; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; + import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; + +- + /** + * Implements the http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments + * transform. +@@ -43,18 +41,20 @@ + public static final String implementedTransformURI = + Transforms.TRANSFORM_C14N_WITH_COMMENTS; + +- + /** @inheritDoc */ + protected String engineGetURI() { + return implementedTransformURI; + } ++ + /** @inheritDoc */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) +- throws CanonicalizationException { +- return enginePerformTransform(input,null); ++ protected XMLSignatureInput enginePerformTransform ++ (XMLSignatureInput input, Transform _transformObject) ++ throws CanonicalizationException { ++ return enginePerformTransform(input, null, _transformObject); + } ++ + /** @inheritDoc */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os) ++ protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream os, Transform _transformObject) + throws CanonicalizationException { + + Canonicalizer20010315WithComments c14n = new Canonicalizer20010315WithComments(); +@@ -63,7 +63,6 @@ + } + + byte[] result = null; +- input.setNeedsToBeExpanded(true); + result=c14n.engineCanonicalize(input); + XMLSignatureInput output=new XMLSignatureInput(result); + if (os!=null) { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformEnvelopedSignature.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformEnvelopedSignature.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformEnvelopedSignature.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformEnvelopedSignature.java +@@ -20,10 +20,9 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms.implementations; + +- +- + import com.sun.org.apache.xml.internal.security.signature.NodeFilter; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.TransformationException; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; +@@ -32,7 +31,6 @@ + import org.w3c.dom.Element; + import org.w3c.dom.Node; + +- + /** + * Implements the http://www.w3.org/2000/09/xmldsig#enveloped-signature + * transform. +@@ -57,7 +55,7 @@ + /** + * @inheritDoc + */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) ++ protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject) + throws TransformationException { + + +@@ -74,14 +72,7 @@ + * (including comments) in the node-set representing the octet stream. + */ + +- /* +- if (input.isOctetStream()) { +- input.setNodesetXPath(Canonicalizer.XPATH_C14N_WITH_COMMENTS); +- } +- */ +- +- Element transformElement = this._transformObject.getElement(); +- Node signatureElement = transformElement; ++ Node signatureElement = _transformObject.getElement(); + + + signatureElement = searchSignatureElement(signatureElement); +@@ -124,18 +115,24 @@ + } + return signatureElement; + } +- class EnvelopedNodeFilter implements NodeFilter { ++ static class EnvelopedNodeFilter implements NodeFilter { + Node exclude; + EnvelopedNodeFilter(Node n) { +- exclude=n; ++ exclude=n; + } +- /** +- * @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node) +- */ +- public boolean isNodeInclude(Node n) { +- // TODO Optimize me. +- return !XMLUtils.isDescendantOrSelf(exclude,n); +- } +- ++ public int isNodeIncludeDO(Node n, int level) { ++ if ((n==exclude)) ++ return -1; ++ return 1; ++ } ++ /** ++ * @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node) ++ */ ++ public int isNodeInclude(Node n) { ++ if ((n==exclude) || XMLUtils.isDescendantOrSelf(exclude,n)) ++ return -1; ++ return 1; ++ //return !XMLUtils.isDescendantOrSelf(exclude,n); ++ } + } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath.java +@@ -20,13 +20,12 @@ + */ + package com.sun.org.apache.xml.internal.security.transforms.implementations; + +- +- + import javax.xml.transform.TransformerException; + + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityRuntimeException; + import com.sun.org.apache.xml.internal.security.signature.NodeFilter; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.TransformationException; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; +@@ -40,7 +39,6 @@ + import org.w3c.dom.Element; + import org.w3c.dom.Node; + +- + /** + * Class TransformXPath + * +@@ -53,15 +51,10 @@ + */ + public class TransformXPath extends TransformSpi { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(TransformXPath.class.getName()); +- + /** Field implementedTransformURI */ + public static final String implementedTransformURI = + Transforms.TRANSFORM_XPATH; + +- + /** + * Method engineGetURI + * +@@ -78,7 +71,7 @@ + * + * @throws TransformationException + */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) ++ protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject) + throws TransformationException { + + try { +@@ -94,12 +87,12 @@ + * The evaluation of this expression includes all of the document's nodes + * (including comments) in the node-set representing the octet stream. + */ +- CachedXPathAPIHolder.setDoc(this._transformObject.getElement().getOwnerDocument()); ++ CachedXPathAPIHolder.setDoc(_transformObject.getElement().getOwnerDocument()); + + + + Element xpathElement =XMLUtils.selectDsNode( +- this._transformObject.getElement().getFirstChild(), ++ _transformObject.getElement().getFirstChild(), + Constants._TAG_XPATH,0); + + if (xpathElement == null) { +@@ -129,42 +122,47 @@ + * @return true if needs to be circunvent for bug. + */ + private boolean needsCircunvent(String str) { +- return true; +- //return str.contains("namespace"); ++ //return true; ++ //return false; ++ return (str.indexOf("namespace") != -1) || (str.indexOf("name()") != -1); ++ } + +- } +- class XPathNodeFilter implements NodeFilter { +- PrefixResolverDefault prefixResolver; +- CachedXPathFuncHereAPI xPathFuncHereAPI = +- new CachedXPathFuncHereAPI(CachedXPathAPIHolder.getCachedXPathAPI()); +- ; ++ static class XPathNodeFilter implements NodeFilter { ++ PrefixResolverDefault prefixResolver; ++ CachedXPathFuncHereAPI xPathFuncHereAPI = ++ new CachedXPathFuncHereAPI(CachedXPathAPIHolder.getCachedXPathAPI()); + Node xpathnode; + String str; + XPathNodeFilter(Element xpathElement, + Node xpathnode, String str) { +- this.xpathnode=xpathnode; +- this.str=str; +- prefixResolver =new PrefixResolverDefault(xpathElement); ++ this.xpathnode=xpathnode; ++ this.str=str; ++ prefixResolver =new PrefixResolverDefault(xpathElement); + } + +- +- /** +- * @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node) +- */ +- public boolean isNodeInclude(Node currentNode) { +- XObject includeInResult; +- try { +- includeInResult = xPathFuncHereAPI.eval(currentNode, +- xpathnode, str,prefixResolver); +- return includeInResult.bool(); +- } catch (TransformerException e) { ++ /** ++ * @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node) ++ */ ++ public int isNodeInclude(Node currentNode) { ++ XObject includeInResult; ++ try { ++ includeInResult = xPathFuncHereAPI.eval(currentNode, ++ xpathnode, str,prefixResolver); ++ if (includeInResult.bool()) ++ return 1; ++ return 0; ++ } catch (TransformerException e) { + Object[] eArgs = {currentNode}; +- throw new XMLSecurityRuntimeException("signature.Transform.node", eArgs, e); +- } +- catch (Exception e) { ++ throw new XMLSecurityRuntimeException ++ ("signature.Transform.node", eArgs, e); ++ } catch (Exception e) { + Object[] eArgs = {currentNode, new Short(currentNode.getNodeType())}; +- throw new XMLSecurityRuntimeException("signature.Transform.nodeAndType",eArgs, e); +- } +- } ++ throw new XMLSecurityRuntimeException ++ ("signature.Transform.nodeAndType",eArgs, e); ++ } ++ } ++ public int isNodeIncludeDO(Node n, int level) { ++ return isNodeInclude(n); ++ } + } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java +@@ -24,7 +24,10 @@ + + import java.io.IOException; + import java.util.ArrayList; ++import java.util.HashSet; ++import java.util.Iterator; + import java.util.List; ++import java.util.Set; + + import javax.xml.parsers.ParserConfigurationException; + import javax.xml.transform.TransformerException; +@@ -34,6 +37,7 @@ + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.signature.NodeFilter; + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; ++import com.sun.org.apache.xml.internal.security.transforms.Transform; + import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; + import com.sun.org.apache.xml.internal.security.transforms.TransformationException; + import com.sun.org.apache.xml.internal.security.transforms.Transforms; +@@ -88,9 +92,9 @@ + * + * @throws TransformationException + */ +- protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) ++ protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject) + throws TransformationException { +- CachedXPathAPIHolder.setDoc(this._transformObject.getElement().getOwnerDocument()); ++ CachedXPathAPIHolder.setDoc(_transformObject.getElement().getOwnerDocument()); + try { + List unionNodes=new ArrayList(); + List substractNodes=new ArrayList(); +@@ -101,7 +105,7 @@ + + + Element []xpathElements =XMLUtils.selectNodes( +- this._transformObject.getElement().getFirstChild(), ++ _transformObject.getElement().getFirstChild(), + XPath2FilterContainer.XPathFilter2NS, + XPath2FilterContainer._TAG_XPATH2); + int noOfSteps = xpathElements.length; +@@ -122,7 +126,7 @@ + + for (int i = 0; i < noOfSteps; i++) { + Element xpathElement =XMLUtils.selectNode( +- this._transformObject.getElement().getFirstChild(), ++ _transformObject.getElement().getFirstChild(), + XPath2FilterContainer.XPathFilter2NS, + XPath2FilterContainer._TAG_XPATH2,i); + XPath2FilterContainer xpathContainer = +@@ -143,9 +147,9 @@ + } + } + +- input.setNeedsToBeExpanded(true); + +- input.addNodeFilter(new XPath2NodeFilter(unionNodes,substractNodes,intersectNodes)); ++ input.addNodeFilter(new XPath2NodeFilter(convertNodeListToSet(unionNodes), ++ convertNodeListToSet(substractNodes),convertNodeListToSet(intersectNodes))); + input.setNodeSet(true); + return input; + } catch (TransformerException ex) { +@@ -166,37 +170,110 @@ + throw new TransformationException("empty", ex); + } + } ++ static Set convertNodeListToSet(List l){ ++ Set result=new HashSet(); ++ for (int j=0;jXPath Filter v2.0. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * @see XPath Filter v2.0 (TR) + * @see XPath Filter v2.0 (editors copy) + */ +@@ -188,7 +189,7 @@ + + HelperNodeList nl = new HelperNodeList(); + +- nl.appendChild(doc.createTextNode("\n")); ++ XMLUtils.addReturnToElement(doc, nl); + + for (int i = 0; i < params.length; i++) { + String type = params[i][0]; +@@ -207,7 +208,7 @@ + XPath2FilterContainer c = new XPath2FilterContainer(doc, xpath, type); + + nl.appendChild(c.getElement()); +- nl.appendChild(doc.createTextNode("\n")); ++ XMLUtils.addReturnToElement(doc, nl); + } + + return nl; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPath2FilterContainer04.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPath2FilterContainer04.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPath2FilterContainer04.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPath2FilterContainer04.java +@@ -25,6 +25,7 @@ + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + import com.sun.org.apache.xml.internal.security.transforms.TransformParam; + import com.sun.org.apache.xml.internal.security.utils.ElementProxy; ++import com.sun.org.apache.xml.internal.security.utils.XMLUtils; + import org.w3c.dom.Document; + import org.w3c.dom.Element; + import org.w3c.dom.Node; +@@ -35,7 +36,7 @@ + * Implements the parameters for the XPath Filter v2.0. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * @see XPath Filter v2.0 (TR) + * @see XPath Filter v2.0 (editors copy) + */ +@@ -87,8 +88,9 @@ + + if ((xpath2filter.length() > 2) + && (!Character.isWhitespace(xpath2filter.charAt(0)))) { +- this._constructionElement.appendChild(doc.createTextNode("\n" +- + xpath2filter + "\n")); ++ XMLUtils.addReturnToElement(this._constructionElement); ++ this._constructionElement.appendChild(doc.createTextNode(xpath2filter)); ++ XMLUtils.addReturnToElement(this._constructionElement); + } else { + this._constructionElement + .appendChild(doc.createTextNode(xpath2filter)); +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPathFilterCHGPContainer.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPathFilterCHGPContainer.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPathFilterCHGPContainer.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/XPathFilterCHGPContainer.java +@@ -36,7 +36,7 @@ + * Implements the parameters for a custom Transform which has a better performance + * thatn the xfilter2. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class XPathFilterCHGPContainer extends ElementProxy + implements TransformParam { +@@ -104,7 +104,7 @@ + includeButSearchElem + .appendChild(this._doc + .createTextNode(indentXPathText(includeButSearch))); +- this._constructionElement.appendChild(doc.createTextNode("\n")); ++ XMLUtils.addReturnToElement(this._constructionElement); + this._constructionElement.appendChild(includeButSearchElem); + } + +@@ -118,7 +118,7 @@ + excludeButSearchElem + .appendChild(this._doc + .createTextNode(indentXPathText(excludeButSearch))); +- this._constructionElement.appendChild(doc.createTextNode("\n")); ++ XMLUtils.addReturnToElement(this._constructionElement); + this._constructionElement.appendChild(excludeButSearchElem); + } + +@@ -129,11 +129,11 @@ + + excludeElem + .appendChild(this._doc.createTextNode(indentXPathText(exclude))); +- this._constructionElement.appendChild(doc.createTextNode("\n")); ++ XMLUtils.addReturnToElement(this._constructionElement); + this._constructionElement.appendChild(excludeElem); + } + +- this._constructionElement.appendChild(doc.createTextNode("\n")); ++ XMLUtils.addReturnToElement(this._constructionElement); + } + + /** +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Base64.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Base64.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Base64.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Base64.java +@@ -20,24 +20,17 @@ + */ + package com.sun.org.apache.xml.internal.security.utils; + +- +- + import java.io.BufferedReader; + import java.io.IOException; + import java.io.InputStream; + import java.io.OutputStream; +-import java.io.StringReader; + import java.math.BigInteger; + +-import javax.xml.parsers.DocumentBuilder; +-import javax.xml.parsers.DocumentBuilderFactory; +- + import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; + import org.w3c.dom.Document; + import org.w3c.dom.Element; + import org.w3c.dom.Node; + import org.w3c.dom.Text; +-import org.xml.sax.InputSource; + + + /** +@@ -53,17 +46,10 @@ + */ + public class Base64 { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(Base64.class.getName()); +- + + /** Field BASE64DEFAULTLENGTH */ + public static final int BASE64DEFAULTLENGTH = 76; + +- /** Field _base64length */ +- static int _base64length = Base64.BASE64DEFAULTLENGTH; +- + private Base64() { + // we don't allow instantiation + } +@@ -79,7 +65,7 @@ + * @param bitlen int the desired length in bits of the representation + * @return a byte array with bitlen bits of big + */ +- static byte[] getBytes(BigInteger big, int bitlen) { ++ static final byte[] getBytes(BigInteger big, int bitlen) { + + //round bitlen + bitlen = ((bitlen + 7) >> 3) << 3; +@@ -121,7 +107,7 @@ + * @param big + * @return String with Base64 encoding + */ +- public static String encode(BigInteger big) { ++ public static final String encode(BigInteger big) { + return encode(getBytes(big, big.bitLength())); + } + +@@ -136,7 +122,7 @@ + * @param bitlen int the desired length in bits of the representation + * @return a byte array with bitlen bits of big + */ +- public static byte[] encode(BigInteger big, int bitlen) { ++ public static final byte[] encode(BigInteger big, int bitlen) { + + //round bitlen + bitlen = ((bitlen + 7) >> 3) << 3; +@@ -179,7 +165,7 @@ + * @return the biginter obtained from the node + * @throws Base64DecodingException + */ +- public static BigInteger decodeBigIntegerFromElement(Element element) throws Base64DecodingException ++ public static final BigInteger decodeBigIntegerFromElement(Element element) throws Base64DecodingException + { + return new BigInteger(1, Base64.decode(element)); + } +@@ -191,7 +177,7 @@ + * @return the biginter obtained from the text node + * @throws Base64DecodingException + */ +- public static BigInteger decodeBigIntegerFromText(Text text) throws Base64DecodingException ++ public static final BigInteger decodeBigIntegerFromText(Text text) throws Base64DecodingException + { + return new BigInteger(1, Base64.decode(text.getData())); + } +@@ -203,7 +189,7 @@ + * @param element + * @param biginteger + */ +- public static void fillElementWithBigInteger(Element element, ++ public static final void fillElementWithBigInteger(Element element, + BigInteger biginteger) { + + String encodedInt = encode(biginteger); +@@ -229,7 +215,7 @@ + * $todo$ not tested yet + * @throws Base64DecodingException + */ +- public static byte[] decode(Element element) throws Base64DecodingException { ++ public static final byte[] decode(Element element) throws Base64DecodingException { + + Node sibling = element.getFirstChild(); + StringBuffer sb = new StringBuffer(); +@@ -255,7 +241,7 @@ + * @return an Element with the base64 encoded in the text. + * + */ +- public static Element encodeToElement(Document doc, String localName, ++ public static final Element encodeToElement(Document doc, String localName, + byte[] bytes) { + + Element el = XMLUtils.createElementInSignatureSpace(doc, localName); +@@ -275,20 +261,23 @@ + * @throws Base64DecodingException + * + */ +- public static byte[] decode(byte[] base64) throws Base64DecodingException { +- return decodeInternal(base64); ++ public final static byte[] decode(byte[] base64) throws Base64DecodingException { ++ return decodeInternal(base64, -1); + } + + + + /** +- * Encode a byte array and fold lines at the standard 76th character. ++ * Encode a byte array and fold lines at the standard 76th character unless ++ * ignore line breaks property is set. + * + * @param binaryData byte[] to be base64 encoded + * @return the String with encoded data + */ +- public static String encode(byte[] binaryData) { +- return encode(binaryData,BASE64DEFAULTLENGTH); ++ public static final String encode(byte[] binaryData) { ++ return XMLUtils.ignoreLineBreaks() ++ ? encode(binaryData, Integer.MAX_VALUE) ++ : encode(binaryData, BASE64DEFAULTLENGTH); + } + + /** +@@ -302,7 +291,7 @@ + * @throws IOException + * @throws Base64DecodingException + */ +- public static byte[] decode(BufferedReader reader) ++ public final static byte[] decode(BufferedReader reader) + throws IOException, Base64DecodingException { + + UnsyncByteArrayOutputStream baos = new UnsyncByteArrayOutputStream(); +@@ -317,28 +306,6 @@ + return baos.toByteArray(); + } + +- /** +- * Method main +- * +- * +- * @param args +- * +- * @throws Exception +- */ +- public static void main(String[] args) throws Exception { +- +- DocumentBuilderFactory docBuilderFactory = +- DocumentBuilderFactory.newInstance(); +- DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder(); +- String testString1 = +- "SGFsbG8="; +- InputSource inputSource = new InputSource(new StringReader(testString1)); +- Document doc = docBuilder.parse(inputSource); +- Element base64Elem = +- (Element) doc.getDocumentElement().getChildNodes().item(0); +- +- System.out.println(new String(decode(base64Elem))); +- } + static private final int BASELENGTH = 255; + static private final int LOOKUPLENGTH = 64; + static private final int TWENTYFOURBITGROUP = 24; +@@ -347,7 +314,6 @@ + static private final int FOURBYTE = 4; + static private final int SIGN = -128; + static private final char PAD = '='; +- static private final boolean fDebug = false; + static final private byte [] base64Alphabet = new byte[BASELENGTH]; + static final private char [] lookUpBase64Alphabet = new char[LOOKUPLENGTH]; + +@@ -406,7 +372,7 @@ + * @param length int length of wrapped lines; No wrapping if less than 4. + * @return a String with encoded data + */ +- public static String encode(byte[] binaryData,int length) { ++ public static final String encode(byte[] binaryData,int length) { + + if (length<4) { + length=Integer.MAX_VALUE; +@@ -434,9 +400,7 @@ + int encodedIndex = 0; + int dataIndex = 0; + int i = 0; +- if (fDebug) { +- System.out.println("number of triplets = " + numberTriplets ); +- } ++ + + for (int line = 0; line < numberLines; line++) { + for (int quartet = 0; quartet < 19; quartet++) { +@@ -444,9 +408,6 @@ + b2 = binaryData[dataIndex++]; + b3 = binaryData[dataIndex++]; + +- if (fDebug) { +- System.out.println( "b1= " + b1 +", b2= " + b2 + ", b3= " + b3 ); +- } + + l = (byte)(b2 & 0x0f); + k = (byte)(b1 & 0x03); +@@ -456,11 +417,6 @@ + byte val2 = ((b2 & SIGN)==0)?(byte)(b2>>4):(byte)((b2)>>4^0xf0); + byte val3 = ((b3 & SIGN)==0)?(byte)(b3>>6):(byte)((b3)>>6^0xfc); + +- if (fDebug) { +- System.out.println( "val2 = " + val2 ); +- System.out.println( "k4 = " + (k<<4)); +- System.out.println( "vak = " + (val2 | (k<<4))); +- } + + encodedData[encodedIndex++] = lookUpBase64Alphabet[ val1 ]; + encodedData[encodedIndex++] = lookUpBase64Alphabet[ val2 | ( k<<4 )]; +@@ -477,9 +433,6 @@ + b2 = binaryData[dataIndex++]; + b3 = binaryData[dataIndex++]; + +- if (fDebug) { +- System.out.println( "b1= " + b1 +", b2= " + b2 + ", b3= " + b3 ); +- } + + l = (byte)(b2 & 0x0f); + k = (byte)(b1 & 0x03); +@@ -489,11 +442,6 @@ + byte val2 = ((b2 & SIGN)==0)?(byte)(b2>>4):(byte)((b2)>>4^0xf0); + byte val3 = ((b3 & SIGN)==0)?(byte)(b3>>6):(byte)((b3)>>6^0xfc); + +- if (fDebug) { +- System.out.println( "val2 = " + val2 ); +- System.out.println( "k4 = " + (k<<4)); +- System.out.println( "vak = " + (val2 | (k<<4))); +- } + + encodedData[encodedIndex++] = lookUpBase64Alphabet[ val1 ]; + encodedData[encodedIndex++] = lookUpBase64Alphabet[ val2 | ( k<<4 )]; +@@ -505,11 +453,7 @@ + if (fewerThan24bits == EIGHTBIT) { + b1 = binaryData[dataIndex]; + k = (byte) ( b1 &0x03 ); +- if (fDebug) { +- System.out.println("b1=" + b1); +- System.out.println("b1<<2 = " + (b1>>2) ); +- } +- byte val1 = ((b1 & SIGN)==0)?(byte)(b1>>2):(byte)((b1)>>2^0xc0); ++ byte val1 = ((b1 & SIGN)==0)?(byte)(b1>>2):(byte)((b1)>>2^0xc0); + encodedData[encodedIndex++] = lookUpBase64Alphabet[ val1 ]; + encodedData[encodedIndex++] = lookUpBase64Alphabet[ k<<4 ]; + encodedData[encodedIndex++] = PAD; +@@ -534,23 +478,38 @@ + return new String(encodedData); + } + +- /** +- * Decodes Base64 data into octects +- * +- * @param encoded Byte array containing Base64 data +- * @return Array containind decoded data. +- * @throws Base64DecodingException +- */ +- public final static byte[] decode(String encoded) throws Base64DecodingException { ++ /** ++ * Decodes Base64 data into octects ++ * ++ * @param encoded String containing base64 encoded data ++ * @return byte array containing the decoded data ++ * @throws Base64DecodingException if there is a problem decoding the data ++ */ ++ public final static byte[] decode(String encoded) throws Base64DecodingException { + +- if (encoded == null) +- return null; ++ if (encoded == null) ++ return null; ++ byte []bytes=new byte[encoded.length()]; ++ int len=getBytesInternal(encoded, bytes); ++ return decodeInternal(bytes, len); ++ } + +- return decodeInternal(encoded.getBytes()); +- } +- protected final static byte[] decodeInternal(byte[] base64Data) throws Base64DecodingException { ++ protected static final int getBytesInternal(String s,byte[] result) { ++ int length=s.length(); ++ ++ int newSize=0; ++ for (int i = 0; i < length; i++) { ++ byte dataS=(byte)s.charAt(i); ++ if (!isWhiteSpace(dataS)) ++ result[newSize++] = dataS; ++ } ++ return newSize; ++ ++ } ++ protected final static byte[] decodeInternal(byte[] base64Data, int len) throws Base64DecodingException { + // remove white spaces +- int len = removeWhiteSpace(base64Data); ++ if (len==-1) ++ len = removeWhiteSpace(base64Data); + + if (len%FOURBYTE != 0) { + throw new Base64DecodingException("decoding.divisible.four"); +@@ -629,7 +588,20 @@ + } + return decodedData; + } +- ++ /** ++ * Decodes Base64 data into outputstream ++ * ++ * @param base64Data String containing Base64 data ++ * @param os the outputstream ++ * @throws IOException ++ * @throws Base64DecodingException ++ */ ++ public final static void decode(String base64Data, ++ OutputStream os) throws Base64DecodingException, IOException { ++ byte[] bytes=new byte[base64Data.length()]; ++ int len=getBytesInternal(base64Data, bytes); ++ decode(bytes,os,len); ++ } + /** + * Decodes Base64 data into outputstream + * +@@ -640,8 +612,14 @@ + */ + public final static void decode(byte[] base64Data, + OutputStream os) throws Base64DecodingException, IOException { +- // remove white spaces +- int len = removeWhiteSpace(base64Data); ++ decode(base64Data,os,-1); ++ } ++ protected final static void decode(byte[] base64Data, ++ OutputStream os,int len) throws Base64DecodingException, IOException { ++ ++ // remove white spaces ++ if (len==-1) ++ len = removeWhiteSpace(base64Data); + + if (len%FOURBYTE != 0) { + throw new Base64DecodingException("decoding.divisible.four"); +@@ -798,7 +776,7 @@ + * @param data the byte array of base64 data (with WS) + * @return the new length + */ +- protected static int removeWhiteSpace(byte[] data) { ++ protected static final int removeWhiteSpace(byte[] data) { + if (data == null) + return 0; + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java +@@ -23,35 +23,33 @@ + import com.sun.org.apache.xpath.internal.CachedXPathAPI; + import org.w3c.dom.Document; + +- + /** + * @author Raul Benito + */ + public class CachedXPathAPIHolder { +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(CachedXPathAPIHolder.class.getName()); + + static ThreadLocal local=new ThreadLocal(); + static ThreadLocal localDoc=new ThreadLocal(); + +- /** +- * Sets the doc for the xpath transformation. Resets the cache if needed +- * @param doc +- */ +- public static void setDoc(Document doc) { +- if (localDoc.get()!=doc) { ++ /** ++ * Sets the doc for the xpath transformation. Resets the cache if needed ++ * @param doc ++ */ ++ public static void setDoc(Document doc) { ++ if (localDoc.get()!=doc) { + CachedXPathAPI cx=(CachedXPathAPI)local.get(); + if (cx==null) { +- cx=new CachedXPathAPI(); +- local.set(cx); +- localDoc.set(doc); +- return; ++ cx=new CachedXPathAPI(); ++ local.set(cx); ++ localDoc.set(doc); ++ return; + } + //Different docs reset. + cx.getXPathContext().reset(); + localDoc.set(doc); + } +- } ++ } ++ + /** + * @return the cachexpathapi for this thread + */ +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java +@@ -45,7 +45,7 @@ + + /** + * +- * @author $Author: dims $ ++ * @author $Author: mullan $ + */ + public class CachedXPathFuncHereAPI { + +@@ -291,6 +291,7 @@ + .getDocumentElement() + : namespaceNode); + ++ // only check if string points to different object (for performance) + if (str!=xpathStr) { + if (str.indexOf("here()")>0) { + _context.reset(); +@@ -340,6 +341,7 @@ + // XPathContext should be done away with.) + // Create the XPath object. + //String str = CachedXPathFuncHereAPI.getStrFromNode(xpathnode); ++ // only check if string points to different object (for performance) + if (str!=xpathStr) { + if (str.indexOf("here()")>0) { + _context.reset(); +@@ -421,7 +423,7 @@ + + private static void fixupFunctionTable() { + boolean installed = false; +- if (log.isLoggable(java.util.logging.Level.INFO)) log.log(java.util.logging.Level.INFO, "Registering Here function"); ++ log.log(java.util.logging.Level.INFO, "Registering Here function"); + /** + * Try to register our here() implementation as internal function. + */ +@@ -434,7 +436,7 @@ + installed = true; + } + } catch (Throwable t) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Error installing function using the static installFunction method", t); ++ log.log(java.util.logging.Level.FINE, "Error installing function using the static installFunction method", t); + } + if(!installed) { + try { +@@ -445,15 +447,15 @@ + installFunction.invoke(_funcTable, params); + installed = true; + } catch (Throwable t) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Error installing function using the static installFunction method", t); ++ log.log(java.util.logging.Level.FINE, "Error installing function using the static installFunction method", t); + } + } +- if (true) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { + if (installed) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Registered class " + FuncHere.class.getName() ++ log.log(java.util.logging.Level.FINE, "Registered class " + FuncHere.class.getName() + + " for XPath function 'here()' function in internal table"); + } else { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Unable to register class " + FuncHere.class.getName() ++ log.log(java.util.logging.Level.FINE, "Unable to register class " + FuncHere.class.getName() + + " for XPath function 'here()' function in internal table"); + } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ClassLoaderUtils.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ClassLoaderUtils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ClassLoaderUtils.java +@@ -0,0 +1,277 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/** ++ * Licensed to the Apache Software Foundation (ASF) under one ++ * or more contributor license agreements. See the NOTICE file ++ * distributed with this work for additional information ++ * regarding copyright ownership. The ASF licenses this file ++ * to you under the Apache License, Version 2.0 (the ++ * "License"); you may not use this file except in compliance ++ * with the License. You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, ++ * software distributed under the License is distributed on an ++ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ++ * KIND, either express or implied. See the License for the ++ * specific language governing permissions and limitations ++ * under the License. ++ */ ++ ++package com.sun.org.apache.xml.internal.security.utils; ++ ++import java.io.IOException; ++import java.io.InputStream; ++import java.net.URL; ++import java.util.ArrayList; ++import java.util.Enumeration; ++import java.util.List; ++ ++/** ++ * This class is extremely useful for loading resources and classes in a fault ++ * tolerant manner that works across different applications servers. Do not ++ * touch this unless you're a grizzled classloading guru veteran who is going to ++ * verify any change on 6 different application servers. ++ */ ++public final class ClassLoaderUtils { ++ ++ /** {@link org.apache.commons.logging} logging facility */ ++ private static final java.util.logging.Logger log = ++ java.util.logging.Logger.getLogger(ClassLoaderUtils.class.getName()); ++ ++ private ClassLoaderUtils() { ++ } ++ ++ /** ++ * Load a given resource.

    This method will try to load the resource ++ * using the following methods (in order): ++ *

      ++ *
    • From Thread.currentThread().getContextClassLoader() ++ *
    • From ClassLoaderUtil.class.getClassLoader() ++ *
    • callingClass.getClassLoader() ++ *
    ++ * ++ * @param resourceName The name of the resource to load ++ * @param callingClass The Class object of the calling object ++ */ ++ public static URL getResource(String resourceName, Class callingClass) { ++ URL url = Thread.currentThread().getContextClassLoader().getResource(resourceName); ++ if (url == null && resourceName.startsWith("/")) { ++ //certain classloaders need it without the leading / ++ url = ++ Thread.currentThread().getContextClassLoader().getResource( ++ resourceName.substring(1) ++ ); ++ } ++ ++ ClassLoader cluClassloader = ClassLoaderUtils.class.getClassLoader(); ++ if (cluClassloader == null) { ++ cluClassloader = ClassLoader.getSystemClassLoader(); ++ } ++ if (url == null) { ++ url = cluClassloader.getResource(resourceName); ++ } ++ if (url == null && resourceName.startsWith("/")) { ++ //certain classloaders need it without the leading / ++ url = cluClassloader.getResource(resourceName.substring(1)); ++ } ++ ++ if (url == null) { ++ ClassLoader cl = callingClass.getClassLoader(); ++ ++ if (cl != null) { ++ url = cl.getResource(resourceName); ++ } ++ } ++ ++ if (url == null) { ++ url = callingClass.getResource(resourceName); ++ } ++ ++ if ((url == null) && (resourceName != null) && (resourceName.charAt(0) != '/')) { ++ return getResource('/' + resourceName, callingClass); ++ } ++ ++ return url; ++ } ++ ++ /** ++ * Load a given resources.

    This method will try to load the resources ++ * using the following methods (in order): ++ *

      ++ *
    • From Thread.currentThread().getContextClassLoader() ++ *
    • From ClassLoaderUtil.class.getClassLoader() ++ *
    • callingClass.getClassLoader() ++ *
    ++ * ++ * @param resourceName The name of the resource to load ++ * @param callingClass The Class object of the calling object ++ */ ++ public static List getResources(String resourceName, Class callingClass) { ++ List ret = new ArrayList(); ++ Enumeration urls = new Enumeration() { ++ public boolean hasMoreElements() { ++ return false; ++ } ++ public URL nextElement() { ++ return null; ++ } ++ ++ }; ++ try { ++ urls = Thread.currentThread().getContextClassLoader().getResources(resourceName); ++ } catch (IOException e) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, e.getMessage(), e); ++ } ++ //ignore ++ } ++ if (!urls.hasMoreElements() && resourceName.startsWith("/")) { ++ //certain classloaders need it without the leading / ++ try { ++ urls = ++ Thread.currentThread().getContextClassLoader().getResources( ++ resourceName.substring(1) ++ ); ++ } catch (IOException e) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, e.getMessage(), e); ++ } ++ // ignore ++ } ++ } ++ ++ ClassLoader cluClassloader = ClassLoaderUtils.class.getClassLoader(); ++ if (cluClassloader == null) { ++ cluClassloader = ClassLoader.getSystemClassLoader(); ++ } ++ if (!urls.hasMoreElements()) { ++ try { ++ urls = cluClassloader.getResources(resourceName); ++ } catch (IOException e) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, e.getMessage(), e); ++ } ++ // ignore ++ } ++ } ++ if (!urls.hasMoreElements() && resourceName.startsWith("/")) { ++ //certain classloaders need it without the leading / ++ try { ++ urls = cluClassloader.getResources(resourceName.substring(1)); ++ } catch (IOException e) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, e.getMessage(), e); ++ } ++ // ignore ++ } ++ } ++ ++ if (!urls.hasMoreElements()) { ++ ClassLoader cl = callingClass.getClassLoader(); ++ ++ if (cl != null) { ++ try { ++ urls = cl.getResources(resourceName); ++ } catch (IOException e) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, e.getMessage(), e); ++ } ++ // ignore ++ } ++ } ++ } ++ ++ if (!urls.hasMoreElements()) { ++ URL url = callingClass.getResource(resourceName); ++ if (url != null) { ++ ret.add(url); ++ } ++ } ++ while (urls.hasMoreElements()) { ++ ret.add(urls.nextElement()); ++ } ++ ++ ++ if (ret.isEmpty() && (resourceName != null) && (resourceName.charAt(0) != '/')) { ++ return getResources('/' + resourceName, callingClass); ++ } ++ return ret; ++ } ++ ++ ++ /** ++ * This is a convenience method to load a resource as a stream.

    The ++ * algorithm used to find the resource is given in getResource() ++ * ++ * @param resourceName The name of the resource to load ++ * @param callingClass The Class object of the calling object ++ */ ++ public static InputStream getResourceAsStream(String resourceName, Class callingClass) { ++ URL url = getResource(resourceName, callingClass); ++ ++ try { ++ return (url != null) ? url.openStream() : null; ++ } catch (IOException e) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, e.getMessage(), e); ++ } ++ return null; ++ } ++ } ++ ++ /** ++ * Load a class with a given name.

    It will try to load the class in the ++ * following order: ++ *

      ++ *
    • From Thread.currentThread().getContextClassLoader() ++ *
    • Using the basic Class.forName() ++ *
    • From ClassLoaderUtil.class.getClassLoader() ++ *
    • From the callingClass.getClassLoader() ++ *
    ++ * ++ * @param className The name of the class to load ++ * @param callingClass The Class object of the calling object ++ * @throws ClassNotFoundException If the class cannot be found anywhere. ++ */ ++ public static Class loadClass(String className, Class callingClass) ++ throws ClassNotFoundException { ++ try { ++ ClassLoader cl = Thread.currentThread().getContextClassLoader(); ++ ++ if (cl != null) { ++ return cl.loadClass(className); ++ } ++ } catch (ClassNotFoundException e) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, e.getMessage(), e); ++ } ++ //ignore ++ } ++ return loadClass2(className, callingClass); ++ } ++ ++ private static Class loadClass2(String className, Class callingClass) ++ throws ClassNotFoundException { ++ try { ++ return Class.forName(className); ++ } catch (ClassNotFoundException ex) { ++ try { ++ if (ClassLoaderUtils.class.getClassLoader() != null) { ++ return ClassLoaderUtils.class.getClassLoader().loadClass(className); ++ } ++ } catch (ClassNotFoundException exc) { ++ if (callingClass != null && callingClass.getClassLoader() != null) { ++ return callingClass.getClassLoader().loadClass(className); ++ } ++ } ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, ex.getMessage(), ex); ++ } ++ throw ex; ++ } ++ } ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Constants.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Constants.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Constants.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/Constants.java +@@ -20,11 +20,8 @@ + */ + package com.sun.org.apache.xml.internal.security.utils; + +- +- + import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; + +- + /** + * Provides all constants and some translation functions for i18n. + * +@@ -32,14 +29,10 @@ + * XML + * Signature specification. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class Constants { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(Constants.class.getName()); +- + /** Field configurationFile */ + public static final String configurationFile = "data/websig.conf"; + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/DigesterOutputStream.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/DigesterOutputStream.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/DigesterOutputStream.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/DigesterOutputStream.java +@@ -3,7 +3,7 @@ + * DO NOT REMOVE OR ALTER! + */ + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 1999-2008 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. +@@ -29,34 +29,40 @@ + * + */ + public class DigesterOutputStream extends ByteArrayOutputStream { +- final static byte none[]="error".getBytes(); + final MessageDigestAlgorithm mda; +- /** +- * @param mda +- */ +- public DigesterOutputStream(MessageDigestAlgorithm mda) { ++ static java.util.logging.Logger log = ++ java.util.logging.Logger.getLogger ++ (DigesterOutputStream.class.getName()); ++ ++ /** ++ * @param mda ++ */ ++ public DigesterOutputStream(MessageDigestAlgorithm mda) { + this.mda=mda; +- } ++ } + + /** @inheritDoc */ +- public byte[] toByteArray() { +- return none; +- } +- +- /** @inheritDoc */ +- public void write(byte[] arg0) { +- mda.update(arg0); +- } ++ public void write(byte[] arg0) { ++ write(arg0, 0, arg0.length); ++ } + + /** @inheritDoc */ +- public void write(int arg0) { +- mda.update((byte)arg0); +- } ++ public void write(int arg0) { ++ mda.update((byte)arg0); ++ } + + /** @inheritDoc */ +- public void write(byte[] arg0, int arg1, int arg2) { +- mda.update(arg0, arg1, arg2); ++ public void write(byte[] arg0, int arg1, int arg2) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Pre-digested input:"); ++ StringBuffer sb = new StringBuffer(arg2); ++ for (int i=arg1; i<(arg1+arg2); i++) { ++ sb.append((char) arg0[i]); ++ } ++ log.log(java.util.logging.Level.FINE, sb.toString()); + } ++ mda.update(arg0, arg1, arg2); ++ } + + /** + * @return the digest value +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementChecker.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementChecker.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementChecker.java +@@ -0,0 +1,17 @@ ++package com.sun.org.apache.xml.internal.security.utils; ++ ++import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; ++import org.w3c.dom.Element; ++import org.w3c.dom.Node; ++ ++public interface ElementChecker { ++ /** ++ * Check that the elemnt is the one expect ++ * ++ * @throws XMLSecurityException ++ */ ++ public void guaranteeThatElementInCorrectSpace(ElementProxy expected, Element actual) ++ throws XMLSecurityException; ++ ++ public boolean isNamespaceElement(Node el, String type, String ns); ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementCheckerImpl.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementCheckerImpl.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementCheckerImpl.java +@@ -0,0 +1,60 @@ ++package com.sun.org.apache.xml.internal.security.utils; ++ ++import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; ++import org.w3c.dom.Element; ++import org.w3c.dom.Node; ++ ++public abstract class ElementCheckerImpl implements ElementChecker { ++ public boolean isNamespaceElement(Node el, String type, String ns) { ++ if ((el == null) || ++ ns!=el.getNamespaceURI() || !el.getLocalName().equals(type)){ ++ return false; ++ } ++ ++ return true; ++ } ++ /** A checker for DOM that interns NS */ ++ public static class InternedNsChecker extends ElementCheckerImpl{ ++ public void guaranteeThatElementInCorrectSpace(ElementProxy expected, ++ Element actual) throws XMLSecurityException { ++ ++ String localnameSHOULDBE = expected.getBaseLocalName(); ++ String namespaceSHOULDBE = expected.getBaseNamespace(); ++ ++ String localnameIS = actual.getLocalName(); ++ String namespaceIS = actual.getNamespaceURI(); ++ if ((namespaceSHOULDBE!=namespaceIS) || ++ !localnameSHOULDBE.equals(localnameIS) ) { ++ Object exArgs[] = { namespaceIS +":"+ localnameIS, ++ namespaceSHOULDBE +":"+ localnameSHOULDBE}; ++ throw new XMLSecurityException("xml.WrongElement", exArgs); ++ } ++ } ++ } ++ ++ /** A checker for DOM that interns NS */ ++ public static class FullChecker extends ElementCheckerImpl { ++ public void guaranteeThatElementInCorrectSpace(ElementProxy expected, ++ Element actual) throws XMLSecurityException { ++ ++ String localnameSHOULDBE = expected.getBaseLocalName(); ++ String namespaceSHOULDBE = expected.getBaseNamespace(); ++ ++ String localnameIS = actual.getLocalName(); ++ String namespaceIS = actual.getNamespaceURI(); ++ if ((!namespaceSHOULDBE.equals(namespaceIS)) || ++ !localnameSHOULDBE.equals(localnameIS) ) { ++ Object exArgs[] = { namespaceIS +":"+ localnameIS, ++ namespaceSHOULDBE +":"+ localnameSHOULDBE}; ++ throw new XMLSecurityException("xml.WrongElement", exArgs); ++ } ++ } ++ } ++ ++ /** An empty checker if schema checking is used */ ++ public static class EmptyChecker extends ElementCheckerImpl { ++ public void guaranteeThatElementInCorrectSpace(ElementProxy expected, ++ Element actual) throws XMLSecurityException { ++ } ++ } ++} +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java +@@ -3,7 +3,7 @@ + * DO NOT REMOVE OR ALTER! + */ + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 1999-2008 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. +@@ -46,26 +46,6 @@ + /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(ElementProxy.class.getName()); +- //J- +- /** The element has been created by the code **/ +- public static final int MODE_CREATE = 0; +- /** The element has been readed from a DOM tree by the code **/ +- public static final int MODE_PROCESS = 1; +- /** The element isn't known if it is readen or created **/ +- public static final int MODE_UNKNOWN = 2; +- +- /** The element is going to be signed **/ +- public static final int MODE_SIGN = MODE_CREATE; +- /** The element is going to be verified **/ +- public static final int MODE_VERIFY = MODE_PROCESS; +- +- /** The element is going to be encrypted **/ +- public static final int MODE_ENCRYPT = MODE_CREATE; +- /** The element is going to be decrypted **/ +- public static final int MODE_DECRYPT = MODE_PROCESS; +- +- protected int _state = MODE_UNKNOWN; +- //J+ + + /** + * Returns the namespace of the Elements of the sub-class. +@@ -95,11 +75,6 @@ + * + */ + public ElementProxy() { +- +- this._doc = null; +- this._state = ElementProxy.MODE_UNKNOWN; +- this._baseURI = null; +- this._constructionElement = null; + } + + /** +@@ -108,18 +83,43 @@ + * @param doc + */ + public ElementProxy(Document doc) { +- +- this(); +- + if (doc == null) { + throw new RuntimeException("Document is null"); + } + + this._doc = doc; +- this._state = ElementProxy.MODE_CREATE; +- this._constructionElement = ElementProxy.createElementForFamily(this._doc, +- this.getBaseNamespace(), this.getBaseLocalName()); ++ this._constructionElement = createElementForFamilyLocal(this._doc, ++ this.getBaseNamespace(), this.getBaseLocalName()); + } ++ protected Element createElementForFamilyLocal(Document doc, String namespace, ++ String localName) { ++ Element result = null; ++ if (namespace == null) { ++ result = doc.createElementNS(null, localName); ++ } else { ++ String baseName=this.getBaseNamespace(); ++ String prefix=ElementProxy.getDefaultPrefix(baseName); ++ if ((prefix == null) || (prefix.length() == 0)) { ++ result = doc.createElementNS(namespace, localName); ++ ++ result.setAttributeNS(Constants.NamespaceSpecNS, "xmlns", ++ namespace); ++ } else { ++ String tagName=null; ++ String defaultPrefixNaming=ElementProxy.getDefaultPrefixBindings(baseName); ++ StringBuffer sb=new StringBuffer(prefix); ++ sb.append(':'); ++ sb.append(localName); ++ tagName=sb.toString(); ++ result = doc.createElementNS(namespace, tagName ); ++ ++ result.setAttributeNS(Constants.NamespaceSpecNS, defaultPrefixNaming, ++ namespace); ++ } ++ } ++ return result; ++} ++ + + /** + * This method creates an Element in a given namespace with a given localname. +@@ -150,7 +150,7 @@ + } else { + result = doc.createElementNS(namespace, prefix + ":" + localName); + +- result.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + prefix, ++ result.setAttributeNS(Constants.NamespaceSpecNS, ElementProxy.getDefaultPrefixBindings(namespace), + namespace); + } + } +@@ -171,15 +171,12 @@ + if (element == null) { + throw new XMLSecurityException("ElementProxy.nullElement"); + } +- if (true) { +- } + +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "setElement(" + element.getTagName() + ", \"" + BaseURI + "\""); ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "setElement(" + element.getTagName() + ", \"" + BaseURI + "\""); + } + + this._doc = element.getOwnerDocument(); +- this._state = ElementProxy.MODE_PROCESS; + this._constructionElement = element; + this._baseURI = BaseURI; + } +@@ -193,20 +190,16 @@ + */ + public ElementProxy(Element element, String BaseURI) + throws XMLSecurityException { +- +- this(); +- + if (element == null) { + throw new XMLSecurityException("ElementProxy.nullElement"); + } + +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "setElement(\"" + element.getTagName() + "\", \"" + BaseURI ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "setElement(\"" + element.getTagName() + "\", \"" + BaseURI + + "\")"); + } + + this._doc = element.getOwnerDocument(); +- this._state = ElementProxy.MODE_PROCESS; + this._constructionElement = element; + this._baseURI = BaseURI; + +@@ -256,25 +249,18 @@ + return this._baseURI; + } + ++ static ElementChecker checker = new ElementCheckerImpl.InternedNsChecker(); ++ + /** + * Method guaranteeThatElementInCorrectSpace + * + * @throws XMLSecurityException + */ +- public void guaranteeThatElementInCorrectSpace() ++ void guaranteeThatElementInCorrectSpace() + throws XMLSecurityException { + +- String localnameSHOULDBE = this.getBaseLocalName(); +- String namespaceSHOULDBE = this.getBaseNamespace(); ++ checker.guaranteeThatElementInCorrectSpace(this,this._constructionElement); + +- String localnameIS = this._constructionElement.getLocalName(); +- String namespaceIS = this._constructionElement.getNamespaceURI(); +- if ( !localnameSHOULDBE.equals(localnameIS) || +- !namespaceSHOULDBE.equals(namespaceIS)) { +- Object exArgs[] = { namespaceIS +":"+ localnameIS, +- namespaceSHOULDBE +":"+ localnameSHOULDBE}; +- throw new XMLSecurityException("xml.WrongElement", exArgs); +- } + } + + /** +@@ -308,7 +294,9 @@ + Element e = Base64.encodeToElement(this._doc, localname, bytes); + + this._constructionElement.appendChild(e); +- this._constructionElement.appendChild(this._doc.createTextNode("\n")); ++ if (!XMLUtils.ignoreLineBreaks()) { ++ this._constructionElement.appendChild(this._doc.createTextNode("\n")); ++ } + } + } + +@@ -336,8 +324,9 @@ + public void addBase64Text(byte[] bytes) { + + if (bytes != null) { +- Text t = this._doc.createTextNode("\n" + Base64.encode(bytes) + "\n"); +- ++ Text t = XMLUtils.ignoreLineBreaks() ++ ? this._doc.createTextNode(Base64.encode(bytes)) ++ : this._doc.createTextNode("\n" + Base64.encode(bytes) + "\n"); + this._constructionElement.appendChild(t); + } + } +@@ -375,7 +364,7 @@ + + /** + * Method getBytesFromChildElement +- * ++ * @deprecated + * @param localname + * @param namespace + * @return the bytes +@@ -416,28 +405,24 @@ + /** + * Method getBytesFromTextChild + * +- * @return The base64 bytes from the first text child of this element ++ * @return The base64 bytes from the text children of this element + * @throws XMLSecurityException + */ + public byte[] getBytesFromTextChild() throws XMLSecurityException { +- +- Text t = (Text)this._constructionElement.getFirstChild(); +- +- +- return Base64.decode(t.getData()); ++ return Base64.decode ++ (XMLUtils.getFullTextChildrenFromElement(this._constructionElement)); + } + + /** + * Method getTextFromTextChild + * +- * @return the Text obtained concatening all the the text nodes of this element ++ * @return the Text obtained by concatenating all the text nodes of this ++ * element + */ + public String getTextFromTextChild() { + return XMLUtils.getFullTextChildrenFromElement(this._constructionElement); + } + +- +- + /** + * Method length + * +@@ -451,7 +436,7 @@ + while (sibling!=null) { + if (localname.equals(sibling.getLocalName()) + && +- namespace.equals(sibling.getNamespaceURI())) { ++ namespace==sibling.getNamespaceURI() ) { + number++; + } + sibling=sibling.getNextSibling(); +@@ -509,39 +494,49 @@ + + /** Field _prefixMappings */ + static HashMap _prefixMappings = new HashMap(); ++ static HashMap _prefixMappingsBindings = new HashMap(); + +- /** +- * Method setDefaultPrefix +- * +- * @param namespace +- * @param prefix +- * @throws XMLSecurityException +- */ +- public static void setDefaultPrefix(String namespace, String prefix) +- throws XMLSecurityException { ++ /** ++ * Method setDefaultPrefix ++ * ++ * @param namespace ++ * @param prefix ++ * @throws XMLSecurityException ++ */ ++ public static void setDefaultPrefix(String namespace, String prefix) ++ throws XMLSecurityException { + + if (ElementProxy._prefixMappings.containsValue(prefix)) { + +- Object storedNamespace=ElementProxy._prefixMappings.get(namespace); +- if (!storedNamespace.equals(prefix)) { ++ Object storedNamespace=ElementProxy._prefixMappings.get(namespace); ++ if (!storedNamespace.equals(prefix)) { + Object exArgs[] = { prefix, namespace, storedNamespace }; + + throw new XMLSecurityException("prefix.AlreadyAssigned", exArgs); +- } +- } +- ElementProxy._prefixMappings.put(namespace, prefix); ++ } ++ } ++ if (Constants.SignatureSpecNS.equals(namespace)) { ++ XMLUtils.dsPrefix=prefix; ++ } ++ ElementProxy._prefixMappings.put(namespace, prefix.intern()); ++ if (prefix.length() == 0) { ++ ElementProxy._prefixMappingsBindings.put(namespace, "xmlns"); ++ } else { ++ ElementProxy._prefixMappingsBindings.put(namespace, ("xmlns:"+prefix).intern()); ++ } + } + +- /** +- * Method getDefaultPrefix +- * +- * @param namespace +- * @return the default prefix bind to this element. +- */ +- public static String getDefaultPrefix(String namespace) { ++ /** ++ * Method getDefaultPrefix ++ * ++ * @param namespace ++ * @return the default prefix bind to this element. ++ */ ++ public static String getDefaultPrefix(String namespace) { ++ return (String) ElementProxy._prefixMappings.get(namespace); ++ } + +- String prefix = (String) ElementProxy._prefixMappings.get(namespace); +- +- return prefix; +- } ++ public static String getDefaultPrefixBindings(String namespace) { ++ return (String) ElementProxy._prefixMappingsBindings.get(namespace); ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionConstants.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionConstants.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionConstants.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionConstants.java +@@ -27,7 +27,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class EncryptionConstants { + //J- +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionElementProxy.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionElementProxy.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionElementProxy.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/EncryptionElementProxy.java +@@ -31,7 +31,7 @@ + * This is the base object for all objects which map directly to an Element from + * the xenc spec. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public abstract class EncryptionElementProxy extends ElementProxy { + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/HelperNodeList.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/HelperNodeList.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/HelperNodeList.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/HelperNodeList.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,30 +20,21 @@ + */ + package com.sun.org.apache.xml.internal.security.utils; + +- +- + import java.util.ArrayList; + + import org.w3c.dom.Document; + import org.w3c.dom.Node; + import org.w3c.dom.NodeList; + +- + /** + * +- * + * @author Christian Geuer-Pollmann + * + */ + public class HelperNodeList implements NodeList { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger(HelperNodeList.class.getName()); +- + /** Field nodes */ + ArrayList nodes = new ArrayList(20); +- + boolean _allNodesMustHaveSameParent = false; + + /** +@@ -70,7 +60,7 @@ + */ + public Node item(int index) { + +- // if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "item(" + index + ") of " + this.getLength() + " nodes"); ++ // log.log(java.util.logging.Level.FINE, "item(" + index + ") of " + this.getLength() + " nodes"); + + return (Node) nodes.get(index); + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/I18n.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/I18n.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/I18n.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/I18n.java +@@ -20,18 +20,13 @@ + */ + package com.sun.org.apache.xml.internal.security.utils; + +- +- + import java.text.MessageFormat; + import java.util.Locale; + import java.util.ResourceBundle; + +- + /** + * The Internationalization (I18N) pack. + * +- * +- * + * @author Christian Geuer-Pollmann + */ + public class I18n { +@@ -50,8 +45,8 @@ + + /** Field resourceBundle */ + private static ResourceBundle resourceBundle = +- ResourceBundle.getBundle +- (Constants.exceptionMessagesResourceBundleBase, Locale.US); ++ ResourceBundle.getBundle ++ (Constants.exceptionMessagesResourceBundleBase, Locale.US); + + /** Field alreadyInitialized */ + private static boolean alreadyInitialized = false; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java +@@ -20,18 +20,16 @@ + */ + package com.sun.org.apache.xml.internal.security.utils; + +- +- ++import java.lang.ref.WeakReference; ++import java.util.Arrays; ++import java.util.WeakHashMap; + + import org.w3c.dom.Attr; + import org.w3c.dom.Document; + import org.w3c.dom.Element; ++import org.w3c.dom.NamedNodeMap; + import org.w3c.dom.Node; + +-import java.util.Arrays; +-import java.util.WeakHashMap; +-import java.lang.ref.WeakReference; +- + + /** + * Purpose of this class is to enable the XML Parser to keep track of ID +@@ -45,193 +43,242 @@ + * ID: We know that all @Id attributes in an Element from the XML + * Signature namespace are of type ID. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * @see "Identity Crisis" on xml.com + */ + public class IdResolver { + +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = ++ /** {@link java.util.logging} logging facility */ ++ private static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(IdResolver.class.getName()); + +- static WeakHashMap docMap = new WeakHashMap(); ++ private static WeakHashMap docMap = new WeakHashMap(); + +- /** +- * Constructor IdResolver +- * +- */ +- private IdResolver() { ++ /** ++ * Constructor IdResolver ++ * ++ */ ++ private IdResolver() { ++ // we don't allow instantiation ++ } + +- // we don't allow instantiation +- } ++ /** ++ * Method registerElementById ++ * ++ * @param element the element to register ++ * @param idValue the value of the ID attribute ++ */ ++ public static void registerElementById(Element element, String idValue) { ++ Document doc = element.getOwnerDocument(); ++ WeakHashMap elementMap = (WeakHashMap) docMap.get(doc); ++ if(elementMap == null) { ++ elementMap = new WeakHashMap(); ++ docMap.put(doc, elementMap); ++ } ++ elementMap.put(idValue, new WeakReference(element)); ++ } + +- /** +- * Method registerElementById +- * +- * @param element +- * @param idValue +- */ +- public static void registerElementById(Element element, String idValue) { +- Document doc = element.getOwnerDocument(); +- WeakHashMap elementMap = (WeakHashMap) docMap.get(doc); +- if(elementMap == null) { +- elementMap = new WeakHashMap(); +- docMap.put(doc, elementMap); +- } +- elementMap.put(idValue, new WeakReference(element)); +- } ++ /** ++ * Method registerElementById ++ * ++ * @param element the element to register ++ * @param id the ID attribute ++ */ ++ public static void registerElementById(Element element, Attr id) { ++ IdResolver.registerElementById(element, id.getNodeValue()); ++ } + +- /** +- * Method registerElementById +- * +- * @param element +- * @param id +- */ +- public static void registerElementById(Element element, Attr id) { +- IdResolver.registerElementById(element, id.getNodeValue()); +- } ++ /** ++ * Method getElementById ++ * ++ * @param doc the document ++ * @param id the value of the ID ++ * @return the element obtained by the id, or null if it is not found. ++ */ ++ public static Element getElementById(Document doc, String id) { + +- /** +- * Method getElementById +- * +- * @param doc +- * @param id +- * @return the element obtained by the Id, or null if it is not found. +- */ +- public static Element getElementById(Document doc, String id) { ++ Element result = IdResolver.getElementByIdType(doc, id); + +- Element result = null; +- +- result = IdResolver.getElementByIdType(doc, id); +- +- if (result != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, ++ if (result != null) { ++ log.log(java.util.logging.Level.FINE, + "I could find an Element using the simple getElementByIdType method: " + + result.getTagName()); + +- return result; +- } ++ return result; ++ } + +- result = IdResolver.getElementByIdUsingDOM(doc, id); ++ result = IdResolver.getElementByIdUsingDOM(doc, id); + +- if (result != null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, ++ if (result != null) { ++ log.log(java.util.logging.Level.FINE, + "I could find an Element using the simple getElementByIdUsingDOM method: " + + result.getTagName()); + +- return result; +- } +- // this must be done so that Xalan can catch ALL namespaces +- //XMLUtils.circumventBug2650(doc); +- result = IdResolver.getElementBySearching(doc, id); ++ return result; ++ } ++ // this must be done so that Xalan can catch ALL namespaces ++ //XMLUtils.circumventBug2650(doc); ++ result = IdResolver.getElementBySearching(doc, id); + +- if (result != null) { +- IdResolver.registerElementById(result, id); ++ if (result != null) { ++ IdResolver.registerElementById(result, id); + +- return result; +- } ++ return result; ++ } + +- return null; +- } ++ return null; ++ } + + + /** + * Method getElementByIdUsingDOM + * +- * @param doc +- * @param id +- * @return the element obtained by the Id, or null if it is not found. ++ * @param doc the document ++ * @param id the value of the ID ++ * @return the element obtained by the id, or null if it is not found. + */ + private static Element getElementByIdUsingDOM(Document doc, String id) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "getElementByIdUsingDOM() Search for ID " + id); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "getElementByIdUsingDOM() Search for ID " + id); + return doc.getElementById(id); + } + +- /** +- * Method getElementByIdType +- * +- * @param doc +- * @param id +- * @return the element obtained by the Id, or null if it is not found. +- */ +- private static Element getElementByIdType(Document doc, String id) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "getElementByIdType() Search for ID " + id); +- WeakHashMap elementMap = (WeakHashMap) docMap.get(doc); +- if (elementMap != null) { +- WeakReference weakReference = (WeakReference) elementMap.get(id); +- if (weakReference != null) +- { ++ /** ++ * Method getElementByIdType ++ * ++ * @param doc the document ++ * @param id the value of the ID ++ * @return the element obtained by the id, or null if it is not found. ++ */ ++ private static Element getElementByIdType(Document doc, String id) { ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "getElementByIdType() Search for ID " + id); ++ WeakHashMap elementMap = (WeakHashMap) docMap.get(doc); ++ if (elementMap != null) { ++ WeakReference weakReference = (WeakReference) elementMap.get(id); ++ if (weakReference != null) { + return (Element) weakReference.get(); +- } +- } +- return null; +- } ++ } ++ } ++ return null; ++ } + ++ private static java.util.List names; ++ private static int namesLength; ++ static { ++ String namespaces[]={ ++ Constants.SignatureSpecNS, ++ EncryptionConstants.EncryptionSpecNS, ++ "http://schemas.xmlsoap.org/soap/security/2000-12", ++ "http://www.w3.org/2002/03/xkms#", ++ "urn:oasis:names:tc:SAML:1.0:assertion", ++ "urn:oasis:names:tc:SAML:1.0:protocol" ++ }; ++ names = Arrays.asList(namespaces); ++ namesLength = names.size(); ++ } + +- static java.util.List names; +- static { +- String namespaces[]={ Constants.SignatureSpecNS, +- EncryptionConstants.EncryptionSpecNS, +- "http://schemas.xmlsoap.org/soap/security/2000-12", +- "http://www.w3.org/2002/03/xkms#" +- }; +- names=Arrays.asList(namespaces); +- } + ++ private static Element getElementBySearching(Node root,String id) { ++ Element []els=new Element[namesLength + 1]; ++ getEl(root,id,els); ++ for (int i=0;i2) ++ continue; ++ String value=n.getNodeValue(); ++ if (name.charAt(0)=='I') { ++ char ch=name.charAt(1); ++ if (ch=='d' && value.equals(id)) { ++ els[index]=el; ++ if (index==0) { + return 1; +- sibling=sibling.getNextSibling(); ++ } ++ } else if (ch=='D' &&value.endsWith(id)) { ++ if (index!=3) { ++ index=namesLength; ++ } ++ els[index]=el; + } +- } +- return 0; +- } +- ++ } else if ( "id".equals(name) && value.equals(id) ) { ++ if (index!=2) { ++ index=namesLength; ++ } ++ els[index]=el; ++ } ++ } ++ //For an element namespace search for importants ++ if ((elementIndex==3)&&( ++ el.getAttribute("OriginalRequestID").equals(id) || ++ el.getAttribute("RequestID").equals(id) || ++ el.getAttribute("ResponseID").equals(id))) { ++ els[3]=el; ++ } else if ((elementIndex==4)&&( ++ el.getAttribute("AssertionID").equals(id))) { ++ els[4]=el; ++ } else if ((elementIndex==5)&&( ++ el.getAttribute("RequestID").equals(id) || ++ el.getAttribute("ResponseID").equals(id))) { ++ els[5]=el; ++ } ++ return 0; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.utils; + +- +- + import java.io.File; + import java.io.FileInputStream; + import java.io.FileNotFoundException; +@@ -29,99 +27,105 @@ + import java.io.IOException; + import java.io.InputStream; + +- + /** + * A collection of different, general-purpose methods for JAVA-specific things + * @author Christian Geuer-Pollmann +- * + */ + public class JavaUtils { + +- /** {@link java.util.logging} logging facility */ ++ /** {@link java.util.logging} logging facility */ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger(JavaUtils.class.getName()); + +- private JavaUtils() { +- // we don't allow instantiation +- } +- /** +- * Method getBytesFromFile +- * +- * @param fileName +- * @return the bytes readed from the file +- * +- * @throws FileNotFoundException +- * @throws IOException +- */ +- public static byte[] getBytesFromFile(String fileName) +- throws FileNotFoundException, IOException { ++ private JavaUtils() { ++ // we don't allow instantiation ++ } + +- byte refBytes[] = null; ++ /** ++ * Method getBytesFromFile ++ * ++ * @param fileName ++ * @return the bytes readed from the file ++ * ++ * @throws FileNotFoundException ++ * @throws IOException ++ */ ++ public static byte[] getBytesFromFile(String fileName) ++ throws FileNotFoundException, IOException { + +- { +- FileInputStream fisRef = new FileInputStream(fileName); +- UnsyncByteArrayOutputStream baos = new UnsyncByteArrayOutputStream(); +- byte buf[] = new byte[1024]; +- int len; ++ byte refBytes[] = null; + +- while ((len = fisRef.read(buf)) > 0) { ++ FileInputStream fisRef = new FileInputStream(fileName); ++ try { ++ UnsyncByteArrayOutputStream baos = new UnsyncByteArrayOutputStream(); ++ byte buf[] = new byte[1024]; ++ int len; ++ ++ while ((len = fisRef.read(buf)) > 0) { ++ baos.write(buf, 0, len); ++ } ++ ++ refBytes = baos.toByteArray(); ++ } finally { ++ fisRef.close(); ++ } ++ ++ return refBytes; ++ } ++ ++ /** ++ * Method writeBytesToFilename ++ * ++ * @param filename ++ * @param bytes ++ */ ++ public static void writeBytesToFilename(String filename, byte[] bytes) { ++ ++ FileOutputStream fos = null; ++ try { ++ if (filename != null && bytes != null) { ++ File f = new File(filename); ++ ++ fos = new FileOutputStream(f); ++ ++ fos.write(bytes); ++ fos.close(); ++ } else { ++ log.log(java.util.logging.Level.FINE, "writeBytesToFilename got null byte[] pointed"); ++ } ++ } catch (IOException ex) { ++ if (fos != null) { ++ try { ++ fos.close(); ++ } catch (IOException ioe) {} ++ } ++ } ++ } ++ ++ /** ++ * This method reads all bytes from the given InputStream till EOF and ++ * returns them as a byte array. ++ * ++ * @param inputStream ++ * @return the bytes readed from the stream ++ * ++ * @throws FileNotFoundException ++ * @throws IOException ++ */ ++ public static byte[] getBytesFromStream(InputStream inputStream) ++ throws IOException { ++ ++ byte refBytes[] = null; ++ ++ UnsyncByteArrayOutputStream baos = new UnsyncByteArrayOutputStream(); ++ byte buf[] = new byte[1024]; ++ int len; ++ ++ while ((len = inputStream.read(buf)) > 0) { + baos.write(buf, 0, len); +- } ++ } + +- refBytes = baos.toByteArray(); +- } +- +- return refBytes; +- } +- +- /** +- * Method writeBytesToFilename +- * +- * @param filename +- * @param bytes +- */ +- public static void writeBytesToFilename(String filename, byte[] bytes) { +- +- try { +- if (filename != null && bytes != null) { +- File f = new File(filename); +- +- FileOutputStream fos = new FileOutputStream(f); +- +- fos.write(bytes); +- fos.close(); +- } else { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "writeBytesToFilename got null byte[] pointed"); +- } +- } catch (Exception ex) {} +- } +- +- /** +- * This method reads all bytes from the given InputStream till EOF and returns +- * them as a byte array. +- * +- * @param inputStream +- * @return the bytes readed from the stream +- * +- * @throws FileNotFoundException +- * @throws IOException +- */ +- public static byte[] getBytesFromStream(InputStream inputStream) throws IOException { +- +- byte refBytes[] = null; +- +- { +- UnsyncByteArrayOutputStream baos = new UnsyncByteArrayOutputStream(); +- byte buf[] = new byte[1024]; +- int len; +- +- while ((len = inputStream.read(buf)) > 0) { +- baos.write(buf, 0, len); +- } +- +- refBytes = baos.toByteArray(); +- } +- +- return refBytes; +- } ++ refBytes = baos.toByteArray(); ++ return refBytes; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/RFC2253Parser.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/RFC2253Parser.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/RFC2253Parser.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/RFC2253Parser.java +@@ -28,7 +28,7 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class RFC2253Parser { + +@@ -158,7 +158,13 @@ + return str; + } + String attrType = normalizeAT(str.substring(0, i)); +- String attrValue = normalizeV(str.substring(i + 1)); ++ // only normalize if value is a String ++ String attrValue = null; ++ if (attrType.charAt(0) >= '0' && attrType.charAt(0) <= '9') { ++ attrValue = str.substring(i + 1); ++ } else { ++ attrValue = normalizeV(str.substring(i + 1)); ++ } + + return attrType + "=" + attrValue; + +@@ -474,7 +480,7 @@ + static String trim(String str) { + + String trimed = str.trim(); +- int i = str.indexOf(trimed.substring(0)) + trimed.length(); ++ int i = str.indexOf(trimed) + trimed.length(); + + if ((str.length() > i) && trimed.endsWith("\\") + &&!trimed.endsWith("\\\\")) { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignatureElementProxy.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignatureElementProxy.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignatureElementProxy.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignatureElementProxy.java +@@ -30,19 +30,25 @@ + /** + * Class SignatureElementProxy + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ ++ * @version $Revision: 1.5 $ + */ + public abstract class SignatureElementProxy extends ElementProxy { +- ++ protected SignatureElementProxy() { ++ }; + /** + * Constructor SignatureElementProxy + * + * @param doc + */ + public SignatureElementProxy(Document doc) { +- super(doc); +- //this._constructionElement.setAttributeNS(Constants.NamespaceSpecNS,"xmlns:ds", +- // Constants.SignatureSpecNS); ++ if (doc == null) { ++ throw new RuntimeException("Document is null"); ++ } ++ ++ this._doc = doc; ++ this._constructionElement = XMLUtils.createElementInSignatureSpace(this._doc, ++ this.getBaseLocalName()); + } + + /** +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignerOutputStream.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignerOutputStream.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignerOutputStream.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/SignerOutputStream.java +@@ -3,7 +3,7 @@ + * DO NOT REMOVE OR ALTER! + */ + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 1999-2008 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. +@@ -30,8 +30,11 @@ + * + */ + public class SignerOutputStream extends ByteArrayOutputStream { +- final static byte none[]="error".getBytes(); + final SignatureAlgorithm sa; ++ static java.util.logging.Logger log = ++ java.util.logging.Logger.getLogger ++ (SignerOutputStream.class.getName()); ++ + /** + * @param sa + */ +@@ -40,21 +43,18 @@ + } + + /** @inheritDoc */ +- public byte[] toByteArray() { +- return none; +- } +- +- /** @inheritDoc */ + public void write(byte[] arg0) { ++ super.write(arg0, 0, arg0.length); + try { +- sa.update(arg0); +- } catch (XMLSignatureException e) { ++ sa.update(arg0); ++ } catch (XMLSignatureException e) { + throw new RuntimeException(""+e); +- } ++ } + } + + /** @inheritDoc */ + public void write(int arg0) { ++ super.write(arg0); + try { + sa.update((byte)arg0); + } catch (XMLSignatureException e) { +@@ -64,12 +64,19 @@ + + /** @inheritDoc */ + public void write(byte[] arg0, int arg1, int arg2) { ++ super.write(arg0, arg1, arg2); ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ log.log(java.util.logging.Level.FINE, "Canonicalized SignedInfo:"); ++ StringBuffer sb = new StringBuffer(arg2); ++ for (int i=arg1; i<(arg1+arg2); i++) { ++ sb.append((char) arg0[i]); ++ } ++ log.log(java.util.logging.Level.FINE, sb.toString()); ++ } + try { + sa.update(arg0,arg1,arg2); + } catch (XMLSignatureException e) { + throw new RuntimeException(""+e); + } + } +- +- + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncBufferedOutputStream.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncBufferedOutputStream.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncBufferedOutputStream.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncBufferedOutputStream.java +@@ -30,14 +30,21 @@ + */ + public class UnsyncBufferedOutputStream extends OutputStream { + final OutputStream out; ++ ++ final byte[] buf; + static final int size=8*1024; +- final byte[] buf=new byte[size]; ++ private static ThreadLocal bufCahce = new ThreadLocal() { ++ protected synchronized Object initialValue() { ++ return new byte[size]; ++ } ++ }; + int pointer=0; + /** + * Creates a buffered output stream without synchronization + * @param out the outputstream to buffer + */ + public UnsyncBufferedOutputStream(OutputStream out) { ++ buf=(byte[])bufCahce.get(); + this.out=out; + } + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java +@@ -20,17 +20,25 @@ + */ + package com.sun.org.apache.xml.internal.security.utils; + +-import java.io.ByteArrayOutputStream; ++import java.io.OutputStream; + + /** + * A simple Unsynced ByteArryOutputStream + * @author raul + * + */ +-public class UnsyncByteArrayOutputStream extends ByteArrayOutputStream { +- int size=4*1024; +- byte []buf=new byte[size]; +- int pos; ++public class UnsyncByteArrayOutputStream extends OutputStream { ++ private static ThreadLocal bufCahce = new ThreadLocal() { ++ protected synchronized Object initialValue() { ++ return new byte[8*1024]; ++ } ++ }; ++ byte[] buf; ++ int size=8*1024;//buf.length; ++ int pos=0; ++ public UnsyncByteArrayOutputStream() { ++ buf=(byte[])bufCahce.get(); ++ } + /** @inheritDoc */ + public void write(byte[] arg0) { + int newPos=pos+arg0.length; +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -25,8 +24,12 @@ + + import java.io.IOException; + import java.io.OutputStream; ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++import java.util.HashMap; + import java.util.HashSet; + import java.util.Iterator; ++import java.util.Map; + import java.util.Set; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; +@@ -49,6 +52,14 @@ + */ + public class XMLUtils { + ++ private static boolean ignoreLineBreaks = ++ AccessController.doPrivileged(new PrivilegedAction() { ++ public Boolean run() { ++ return Boolean.getBoolean ++ ("com.sun.org.apache.xml.internal.security.ignoreLineBreaks"); ++ } ++ }); ++ + /** + * Constructor XMLUtils + * +@@ -57,7 +68,13 @@ + + // we don't allow instantiation + } ++ public static Element getNextElement(Node el) { ++ while ((el!=null) && (el.getNodeType()!=Node.ELEMENT_NODE)) { ++ el=el.getNextSibling(); ++ } ++ return (Element)el; + ++ } + + /** + * @param rootNode +@@ -212,6 +229,8 @@ + } + + ++ static String dsPrefix=null; ++ static Map namePrefixes=new HashMap(); + /** + * Creates an Element in the XML Signature specification namespace. + * +@@ -226,28 +245,20 @@ + throw new RuntimeException("Document is null"); + } + +- String ds = Constants.getSignatureSpecNSprefix(); +- +- if ((ds == null) || (ds.length() == 0)) { +- Element element = doc.createElementNS(Constants.SignatureSpecNS, +- elementName); +- +- element.setAttributeNS(Constants.NamespaceSpecNS, "xmlns", +- Constants.SignatureSpecNS); +- +- return element; ++ if ((dsPrefix == null) || (dsPrefix.length() == 0)) { ++ return doc.createElementNS(Constants.SignatureSpecNS, elementName); + } +- Element element = doc.createElementNS(Constants.SignatureSpecNS, +- ds + ":" + elementName); +- +- element.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + ds, +- Constants.SignatureSpecNS); +- +- return element; +- ++ String namePrefix=(String) namePrefixes.get(elementName); ++ if (namePrefix==null) { ++ StringBuffer tag=new StringBuffer(dsPrefix); ++ tag.append(':'); ++ tag.append(elementName); ++ namePrefix=tag.toString(); ++ namePrefixes.put(elementName,namePrefix); ++ } ++ return doc.createElementNS(Constants.SignatureSpecNS, namePrefix); + } + +- + /** + * Returns true if the element is in XML Signature namespace and the local + * name equals the supplied one. +@@ -258,17 +269,7 @@ + */ + public static boolean elementIsInSignatureSpace(Element element, + String localName) { +- +- if ((element == null) || +- !Constants.SignatureSpecNS.equals(element.getNamespaceURI()) ){ +- return false; +- } +- +- if (!element.getLocalName().equals(localName)) { +- return false; +- } +- +- return true; ++ return ElementProxy.checker.isNamespaceElement(element, localName, Constants.SignatureSpecNS); + } + + /** +@@ -281,18 +282,7 @@ + */ + public static boolean elementIsInEncryptionSpace(Element element, + String localName) { +- +- if ((element == null) || +- !EncryptionConstants.EncryptionSpecNS.equals(element.getNamespaceURI()) +- ){ +- return false; +- } +- +- if (!element.getLocalName().equals(localName)) { +- return false; +- } +- +- return true; ++ return ElementProxy.checker.isNamespaceElement(element, localName, EncryptionConstants.EncryptionSpecNS); + } + + /** +@@ -352,32 +342,28 @@ + + (npe == null ? "" : npe.getMessage()) + "\""); + } + ++ /** ++ * Method createDSctx ++ * ++ * @param doc ++ * @param prefix ++ * @param namespace ++ * @return the element. ++ */ ++ public static Element createDSctx(Document doc, String prefix, ++ String namespace) { + ++ if ((prefix == null) || (prefix.trim().length() == 0)) { ++ throw new IllegalArgumentException("You must supply a prefix"); ++ } + +- /** +- * Method createDSctx +- * +- * @param doc +- * @param prefix +- * @param namespace +- * @return the element. +- */ +- public static Element createDSctx(Document doc, String prefix, +- String namespace) { ++ Element ctx = doc.createElementNS(null, "namespaceContext"); + +- if ((prefix == null) || (prefix.trim().length() == 0)) { +- throw new IllegalArgumentException("You must supply a prefix"); +- } ++ ctx.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + prefix.trim(), ++ namespace); + +- Element ctx = doc.createElementNS(null, "namespaceContext"); +- +- ctx.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + prefix.trim(), +- namespace); +- +- return ctx; +- } +- +- ++ return ctx; ++ } + + /** + * Method addReturnToElement +@@ -386,9 +372,23 @@ + */ + public static void addReturnToElement(Element e) { + +- Document doc = e.getOwnerDocument(); ++ if (!ignoreLineBreaks) { ++ Document doc = e.getOwnerDocument(); ++ e.appendChild(doc.createTextNode("\n")); ++ } ++ } + +- e.appendChild(doc.createTextNode("\n")); ++ public static void addReturnToElement(Document doc, HelperNodeList nl) { ++ if (!ignoreLineBreaks) { ++ nl.appendChild(doc.createTextNode("\n")); ++ } ++ } ++ ++ public static void addReturnBeforeChild(Element e, Node child) { ++ if (!ignoreLineBreaks) { ++ Document doc = e.getOwnerDocument(); ++ e.insertBefore(doc.createTextNode("\n"), child); ++ } + } + + /** +@@ -470,7 +470,7 @@ + + for (int i = 0; i < attributesLength; i++) { + Attr currentAttr = (Attr) attributes.item(i); +- if (!namespaceNs.equals(currentAttr.getNamespaceURI())) ++ if (namespaceNs!=currentAttr.getNamespaceURI()) + continue; + if (childElement.hasAttributeNS(namespaceNs, + currentAttr.getLocalName())) { +@@ -511,8 +511,7 @@ + */ + public static Element selectDsNode(Node sibling, String nodeName, int number) { + while (sibling!=null) { +- if (nodeName.equals(sibling.getLocalName()) +- && Constants.SignatureSpecNS.equals(sibling.getNamespaceURI())) { ++ if (ElementProxy.checker.isNamespaceElement(sibling, nodeName, Constants.SignatureSpecNS )) { + if (number==0){ + return (Element)sibling; + } +@@ -532,8 +531,7 @@ + + public static Element selectXencNode(Node sibling, String nodeName, int number) { + while (sibling!=null) { +- if (nodeName.equals(sibling.getLocalName()) +- && EncryptionConstants.EncryptionSpecNS.equals(sibling.getNamespaceURI())) { ++ if (ElementProxy.checker.isNamespaceElement(sibling, nodeName, EncryptionConstants.EncryptionSpecNS )) { + if (number==0){ + return (Element)sibling; + } +@@ -591,8 +589,7 @@ + */ + public static Element selectNode(Node sibling, String uri,String nodeName, int number) { + while (sibling!=null) { +- if (nodeName.equals(sibling.getLocalName()) +- && uri.equals(sibling.getNamespaceURI())) { ++ if (ElementProxy.checker.isNamespaceElement(sibling, nodeName, uri)) { + if (number==0){ + return (Element)sibling; + } +@@ -611,7 +608,6 @@ + public static Element[] selectDsNodes(Node sibling,String nodeName) { + return selectNodes(sibling,Constants.SignatureSpecNS,nodeName); + } +- + /** + * @param sibling + * @param uri +@@ -624,8 +620,7 @@ + int curr=0; + //List list=new ArrayList(); + while (sibling!=null) { +- if (nodeName.equals(sibling.getLocalName()) +- && uri.equals(sibling.getNamespaceURI())) { ++ if (ElementProxy.checker.isNamespaceElement(sibling, nodeName, uri)) { + a[curr++]=(Element)sibling; + if (size<=curr) { + int cursize= size<<2; +@@ -694,4 +689,8 @@ + } + } + } ++ ++ public static boolean ignoreLineBreaks() { ++ return ignoreLineBreaks; ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XPathFuncHereAPI.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XPathFuncHereAPI.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XPathFuncHereAPI.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XPathFuncHereAPI.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -53,7 +52,7 @@ + * XPaths using the low-level API, and then just use the XPaths + * over and over. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + * @see XPath Specification + */ + public class XPathFuncHereAPI { +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -21,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.utils.resolver; + +- +- + import java.util.ArrayList; + import java.util.List; + import java.util.Map; +@@ -30,7 +27,6 @@ + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; + import org.w3c.dom.Attr; + +- + /** + * During reference validation, we have to retrieve resources from somewhere. + * This is done by retrieving a Resolver. The resolver needs two arguments: The +@@ -48,7 +44,7 @@ + *
  • Die erste Implementierung, die die Aufgabe erf??llt, f??hrt die Aufl??sung durch. + * + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class ResourceResolver { + +@@ -62,8 +58,7 @@ + /** these are the system-wide resolvers */ + static List _resolverVector = null; + +- /** Field _individualResolverVector */ +- List _individualResolverVector = null; ++ static boolean allThreadSafeInList=true; + + /** Field transformSpi */ + protected ResourceResolverSpi _resolverSpi = null; +@@ -92,6 +87,7 @@ + this._resolverSpi = resourceResolver; + } + ++ + /** + * Method getInstance + * +@@ -107,13 +103,32 @@ + for (int i = 0; i < length; i++) { + ResourceResolver resolver = + (ResourceResolver) ResourceResolver._resolverVector.get(i); ++ ResourceResolver resolverTmp=null; ++ try { ++ resolverTmp = allThreadSafeInList || resolver._resolverSpi.engineIsThreadSafe() ? resolver : ++ new ResourceResolver((ResourceResolverSpi)resolver._resolverSpi.getClass().newInstance()); ++ } catch (InstantiationException e) { ++ throw new ResourceResolverException("",e,uri,BaseURI); ++ } catch (IllegalAccessException e) { ++ throw new ResourceResolverException("",e,uri,BaseURI); ++ } + ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver._resolverSpi.getClass().getName()); + +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass().getName()); ++ if ((resolver != null) && resolverTmp.canResolve(uri, BaseURI)) { ++ if (i!=0) { ++ //update resolver. ++ //System.out.println("Swaping"); ++ List resolverVector=(List)((ArrayList)_resolverVector).clone(); ++ resolverVector.remove(i); ++ resolverVector.add(0,resolver); ++ _resolverVector=resolverVector; ++ } else { ++ //System.out.println("hitting"); ++ } + +- if ((resolver != null) && resolver.canResolve(uri, BaseURI)) { +- return resolver; ++ return resolverTmp; + } + } + +@@ -137,9 +152,10 @@ + public static final ResourceResolver getInstance( + Attr uri, String BaseURI, List individualResolvers) + throws ResourceResolverException { +- if (true) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I was asked to create a ResourceResolver and got " + individualResolvers.size()); +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, " extra resolvers to my existing " + ResourceResolver._resolverVector.size() + " system-wide resolvers"); ++ if (log.isLoggable(java.util.logging.Level.FINE)) { ++ ++ log.log(java.util.logging.Level.FINE, "I was asked to create a ResourceResolver and got " + (individualResolvers==null? 0 : individualResolvers.size()) ); ++ log.log(java.util.logging.Level.FINE, " extra resolvers to my existing " + ResourceResolver._resolverVector.size() + " system-wide resolvers"); + } + + // first check the individual Resolvers +@@ -151,8 +167,8 @@ + + if (resolver != null) { + String currentClass = resolver._resolverSpi.getClass().getName(); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "check resolvability by class " + currentClass); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "check resolvability by class " + currentClass); + + if (resolver.canResolve(uri, BaseURI)) { + return resolver; +@@ -175,39 +191,46 @@ + } + } + +- /** +- * Method register +- * +- * @param className +- */ +- public static void register(String className) { +- ResourceResolver resolver = null; ++ /** ++ * Registers a ResourceResolverSpi class. This method logs a warning if ++ * the class cannot be registered. ++ * ++ * @param className the name of the ResourceResolverSpi class to be ++ * registered ++ */ ++ public static void register(String className) { ++ register(className, false); ++ } + ++ /** ++ * Registers a ResourceResolverSpi class at the beginning of the provider ++ * list. This method logs a warning if the class cannot be registered. ++ * ++ * @param className the name of the ResourceResolverSpi class to be ++ * registered ++ */ ++ public static void registerAtStart(String className) { ++ register(className, true); ++ } ++ ++ private static void register(String className, boolean start) { + try { +- resolver = new ResourceResolver(className); +- ResourceResolver._resolverVector.add(resolver); ++ ResourceResolver resolver = new ResourceResolver(className); ++ if (start) { ++ ResourceResolver._resolverVector.add(0, resolver); ++ log.log(java.util.logging.Level.FINE, "registered resolver"); ++ } else { ++ ResourceResolver._resolverVector.add(resolver); ++ } ++ if (!resolver._resolverSpi.engineIsThreadSafe()) { ++ allThreadSafeInList=false; ++ } + } catch (Exception e) { +-// Object exArgs[] = { ((uri != null) +-// ? uri.getNodeValue() +-// : "null"), BaseURI }; +-// +-// throw new ResourceResolverException("utils.resolver.noClass", +-// exArgs, e, uri, BaseURI); +- log.log(java.util.logging.Level.WARNING, "Error loading resolver " + className +" disabling it"); ++ log.log(java.util.logging.Level.WARNING, "Error loading resolver " + className +" disabling it"); + } catch (NoClassDefFoundError e) { +- log.log(java.util.logging.Level.WARNING, "Error loading resolver " + className +" disabling it"); ++ log.log(java.util.logging.Level.WARNING, "Error loading resolver " + className +" disabling it"); + } +- +- } +- +- /** +- * Method registerAtStart +- * +- * @param className +- */ +- public static void registerAtStart(String className) { +- ResourceResolver._resolverVector.add(0, className); +- } ++ } + + /** + * Method resolve +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverException.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverException.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverException.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverException.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -31,7 +30,7 @@ + * This Exception is thrown if something related to the + * {@link com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver} goes wrong. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class ResourceResolverException extends XMLSecurityException { + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverSpi.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverSpi.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverSpi.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverSpi.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -22,6 +21,7 @@ + package com.sun.org.apache.xml.internal.security.utils.resolver; + + ++import java.util.HashMap; + import java.util.Map; + + import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; +@@ -31,7 +31,7 @@ + /** + * During reference validation, we have to retrieve resources from somewhere. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public abstract class ResourceResolverSpi { + +@@ -41,7 +41,7 @@ + ResourceResolverSpi.class.getName()); + + /** Field _properties */ +- protected java.util.Map _properties = new java.util.HashMap(10); ++ protected java.util.Map _properties = null; + + /** + * This is the workhorse method used to resolve resources. +@@ -62,19 +62,9 @@ + * @param value + */ + public void engineSetProperty(String key, String value) { +- +- java.util.Iterator i = this._properties.keySet().iterator(); +- +- while (i.hasNext()) { +- String c = (String) i.next(); +- +- if (c.equals(key)) { +- key = c; +- +- break; +- } +- } +- ++ if (_properties==null) { ++ _properties=new HashMap(); ++ } + this._properties.put(key, value); + } + +@@ -85,19 +75,9 @@ + * @return the value of the property + */ + public String engineGetProperty(String key) { +- +- java.util.Iterator i = this._properties.keySet().iterator(); +- +- while (i.hasNext()) { +- String c = (String) i.next(); +- +- if (c.equals(key)) { +- key = c; +- +- break; +- } +- } +- ++ if (_properties==null) { ++ return null; ++ } + return (String) this._properties.get(key); + } + +@@ -106,9 +86,22 @@ + * @param properties + */ + public void engineAddProperies(Map properties) { +- this._properties.putAll(properties); ++ if (properties!=null) { ++ if (_properties==null) { ++ _properties=new HashMap(); ++ } ++ this._properties.putAll(properties); ++ } + } +- ++ /** ++ * Tells if the implementation does can be reused by several threads safely. ++ * It normally means that the implemantation does not have any member, or there is ++ * member change betwen engineCanResolve & engineResolve invocations. Or it mantians all ++ * member info in ThreadLocal methods. ++ */ ++ public boolean engineIsThreadSafe() { ++ return false; ++ } + /** + * This method helps the {@link ResourceResolver} to decide whether a + * {@link ResourceResolverSpi} is able to perform the requested action. +@@ -174,8 +167,8 @@ + && (ch3 != '/')); + + if (isDosFilename) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Found DOS filename: " + str); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Found DOS filename: " + str); + } + } + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverAnonymous.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverAnonymous.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverAnonymous.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverAnonymous.java +@@ -32,14 +32,10 @@ + + /** + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + + public class ResolverAnonymous extends ResourceResolverSpi { +- /** {@link java.util.logging} logging facility */ +- static java.util.logging.Logger log = +- java.util.logging.Logger.getLogger( +- ResolverAnonymous.class.getName()); + + private XMLSignatureInput _input = null; + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP.java +@@ -2,7 +2,6 @@ + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +- + /* + * Copyright 1999-2004 The Apache Software Foundation. + * +@@ -67,11 +66,12 @@ + ResolverDirectHTTP.class.getName()); + + /** Field properties[] */ +- static final String properties[] = { "http.proxy.host", "http.proxy.port", +- "http.proxy.username", +- "http.proxy.password", +- "http.basic.username", +- "http.basic.password" }; ++ private static final String properties[] = ++ { "http.proxy.host", "http.proxy.port", ++ "http.proxy.username", ++ "http.proxy.password", ++ "http.basic.username", ++ "http.basic.password" }; + + /** Field HttpProxyHost */ + private static final int HttpProxyHost = 0; +@@ -91,6 +91,9 @@ + /** Field HttpProxyPass */ + private static final int HttpBasicPass = 5; + ++ public boolean engineIsThreadSafe() { ++ return true; ++ } + /** + * Method resolve + * +@@ -117,15 +120,14 @@ + useProxy = true; + } + +- // switch on proxy usage + String oldProxySet = null; + String oldProxyHost = null; + String oldProxyPort = null; ++ // switch on proxy usage + if (useProxy) { + if (log.isLoggable(java.util.logging.Level.FINE)) { +- log.log(java.util.logging.Level.FINE, +- "Use of HTTP proxy enabled: " + proxyHost + ":" +- + proxyPort); ++ log.log(java.util.logging.Level.FINE, "Use of HTTP proxy enabled: " + proxyHost + ":" ++ + proxyPort); + } + oldProxySet = System.getProperty("http.proxySet"); + oldProxyHost = System.getProperty("http.proxyHost"); +@@ -215,11 +217,8 @@ + summarized += read; + } + +- if (log.isLoggable(java.util.logging.Level.FINE)) { +- log.log(java.util.logging.Level.FINE, +- "Fetched " + summarized + " bytes from URI " +- + uriNew.toString()); +- } ++ log.log(java.util.logging.Level.FINE, "Fetched " + summarized + " bytes from URI " ++ + uriNew.toString()); + + XMLSignatureInput result = new XMLSignatureInput(baos.toByteArray()); + +@@ -253,39 +252,36 @@ + */ + public boolean engineCanResolve(Attr uri, String BaseURI) { + if (uri == null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) { +- log.log(java.util.logging.Level.FINE, "quick fail, uri == null"); +- } ++ log.log(java.util.logging.Level.FINE, "quick fail, uri == null"); ++ + return false; + } + + String uriNodeValue = uri.getNodeValue(); + + if (uriNodeValue.equals("") || (uriNodeValue.charAt(0)=='#')) { +- if (log.isLoggable(java.util.logging.Level.FINE)) { +- log.log(java.util.logging.Level.FINE, +- "quick fail for empty URIs and local ones"); +- } ++ log.log(java.util.logging.Level.FINE, "quick fail for empty URIs and local ones"); ++ + return false; + } + + if (log.isLoggable(java.util.logging.Level.FINE)) { +- log.log(java.util.logging.Level.FINE, +- "I was asked whether I can resolve " + uriNodeValue); ++ log.log(java.util.logging.Level.FINE, "I was asked whether I can resolve " + uriNodeValue); + } ++ + if ( uriNodeValue.startsWith("http:") || +- BaseURI.startsWith("http:")) { ++ (BaseURI!=null && BaseURI.startsWith("http:") )) { + if (log.isLoggable(java.util.logging.Level.FINE)) { +- log.log(java.util.logging.Level.FINE, +- "I state that I can resolve " + uriNodeValue); ++ log.log(java.util.logging.Level.FINE, "I state that I can resolve " + uriNodeValue); + } ++ + return true; + } + + if (log.isLoggable(java.util.logging.Level.FINE)) { +- log.log(java.util.logging.Level.FINE, +- "I state that I can't resolve " + uriNodeValue); ++ log.log(java.util.logging.Level.FINE, "I state that I can't resolve " + uriNodeValue); + } ++ + return false; + } + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverFragment.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverFragment.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverFragment.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverFragment.java +@@ -34,7 +34,7 @@ + /** + * This resolver is used for resolving same-document URIs like URI="" of URI="#id". + * +- * @author $Author: dims $ ++ * @author $Author: mullan $ + * @see The Reference processing model in the XML Signature spec + * @see Same-Document URI-References in the XML Signature spec + * @see Section 4.2 of RFC 2396 +@@ -45,7 +45,9 @@ + static java.util.logging.Logger log = + java.util.logging.Logger.getLogger( + ResolverFragment.class.getName()); +- ++ public boolean engineIsThreadSafe() { ++ return true; ++ } + /** + * Method engineResolve + * +@@ -72,7 +74,7 @@ + * resource containing the signature + */ + +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "ResolverFragment with empty URI (means complete document)"); ++ log.log(java.util.logging.Level.FINE, "ResolverFragment with empty URI (means complete document)"); + selectedElem = doc; + } else { + +@@ -93,14 +95,14 @@ + throw new ResourceResolverException( + "signature.Verification.MissingID", exArgs, uri, BaseURI); + } +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Try to catch an Element with ID " + id + " and Element was " + selectedElem); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Try to catch an Element with ID " + id + " and Element was " + selectedElem); + } + + XMLSignatureInput result = new XMLSignatureInput(selectedElem); + result.setExcludeComments(true); + +- //if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We return a nodeset with " + resultSet.size() + " nodes"); ++ //log.log(java.util.logging.Level.FINE, "We return a nodeset with " + resultSet.size() + " nodes"); + result.setMIMEType("text/xml"); + result.setSourceURI((BaseURI != null) ? BaseURI.concat(uri.getNodeValue()) : + uri.getNodeValue()); +@@ -117,21 +119,24 @@ + public boolean engineCanResolve(Attr uri, String BaseURI) { + + if (uri == null) { +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Quick fail for null uri"); ++ log.log(java.util.logging.Level.FINE, "Quick fail for null uri"); + return false; + } + + String uriNodeValue = uri.getNodeValue(); + +- if (uriNodeValue.equals("") +- || ((uriNodeValue.charAt(0)=='#') +- &&!uriNodeValue.startsWith("#xpointer("))) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "State I can resolve reference: \"" + uriNodeValue + "\""); ++ if (uriNodeValue.equals("") || ++ ( ++ (uriNodeValue.charAt(0)=='#') ++ && !((uriNodeValue.charAt(1)=='x') && uriNodeValue.startsWith("#xpointer(")) ++ ) ++ ){ ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "State I can resolve reference: \"" + uriNodeValue + "\""); + return true; + } +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Do not seem to be able to resolve reference: \"" + uriNodeValue + "\""); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Do not seem to be able to resolve reference: \"" + uriNodeValue + "\""); + return false; + } + +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverLocalFilesystem.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverLocalFilesystem.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverLocalFilesystem.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverLocalFilesystem.java +@@ -20,8 +20,6 @@ + */ + package com.sun.org.apache.xml.internal.security.utils.resolver.implementations; + +- +- + import java.io.FileInputStream; + + import com.sun.org.apache.xml.internal.utils.URI; +@@ -30,11 +28,10 @@ + import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi; + import org.w3c.dom.Attr; + +- + /** + * A simple ResourceResolver for requests into the local filesystem. + * +- * @author $Author: raul $ ++ * @author $Author: mullan $ + */ + public class ResolverLocalFilesystem extends ResourceResolverSpi { + +@@ -43,6 +40,9 @@ + java.util.logging.Logger.getLogger( + ResolverLocalFilesystem.class.getName()); + ++ public boolean engineIsThreadSafe() { ++ return true; ++ } + /** + * @inheritDoc + */ +@@ -50,7 +50,7 @@ + throws ResourceResolverException { + + try { +- URI uriNew = new URI(new URI(BaseURI), uri.getNodeValue()); ++ URI uriNew = getNewURI(uri.getNodeValue(), BaseURI); + + // if the URI contains a fragment, ignore it + URI uriNewNoFrag = new URI(uriNew); +@@ -72,6 +72,7 @@ + } + } + ++ private static int FILE_URI_LENGTH="file:/".length(); + /** + * Method translateUriToFilename + * +@@ -80,7 +81,7 @@ + */ + private static String translateUriToFilename(String uri) { + +- String subStr = uri.substring("file:/".length()); ++ String subStr = uri.substring(FILE_URI_LENGTH); + + if (subStr.indexOf("%20") > -1) + { +@@ -121,26 +122,36 @@ + + String uriNodeValue = uri.getNodeValue(); + +- if (uriNodeValue.equals("") || (uriNodeValue.charAt(0)=='#')) { ++ if (uriNodeValue.equals("") || (uriNodeValue.charAt(0)=='#') || ++ uriNodeValue.startsWith("http:")) { + return false; + } + + try { + //URI uriNew = new URI(new URI(BaseURI), uri.getNodeValue()); +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I was asked whether I can resolve " + uriNodeValue/*uriNew.toString()*/); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "I was asked whether I can resolve " + uriNodeValue/*uriNew.toString()*/); + + if ( uriNodeValue.startsWith("file:") || + BaseURI.startsWith("file:")/*uriNew.getScheme().equals("file")*/) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I state that I can resolve " + uriNodeValue/*uriNew.toString()*/); ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "I state that I can resolve " + uriNodeValue/*uriNew.toString()*/); + + return true; + } + } catch (Exception e) {} + +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "But I can't"); ++ log.log(java.util.logging.Level.FINE, "But I can't"); + + return false; + } ++ ++ private static URI getNewURI(String uri, String BaseURI) ++ throws URI.MalformedURIException { ++ ++ if ((BaseURI == null) || "".equals(BaseURI)) { ++ return new URI(uri); ++ } ++ return new URI(new URI(BaseURI), uri); ++ } + } +diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverXPointer.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverXPointer.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverXPointer.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverXPointer.java +@@ -44,7 +44,7 @@ + * nodes of the parse tree (all descendants, plus all attributes, + * plus all namespaces nodes). + * +- * @author $Author: dims $ ++ * @author $Author: mullan $ + */ + public class ResolverXPointer extends ResourceResolverSpi { + +@@ -53,6 +53,9 @@ + java.util.logging.Logger.getLogger( + ResolverXPointer.class.getName()); + ++ public boolean engineIsThreadSafe() { ++ return true; ++ } + /** + * @inheritDoc + */ +@@ -70,7 +73,7 @@ + String id = getXPointerId(uriStr); + resultNode =IdResolver.getElementById(doc, id); + +- // if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Use #xpointer(id('" + id + "')) on element " + selectedElem); ++ // log.log(java.util.logging.Level.FINE, "Use #xpointer(id('" + id + "')) on element " + selectedElem); + + if (resultNode == null) { + Object exArgs[] = { id }; +@@ -148,14 +151,14 @@ + uri.length() + - 2); + +- // if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "idPlusDelim=" + idPlusDelim); ++ // log.log(java.util.logging.Level.FINE, "idPlusDelim=" + idPlusDelim); + int idLen=idPlusDelim.length() -1; + if (((idPlusDelim.charAt(0) == '"') && (idPlusDelim + .charAt(idLen) == '"')) || ((idPlusDelim + .charAt(0) == '\'') && (idPlusDelim + .charAt(idLen) == '\''))) { +- if (true) +- if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Id=" ++ if (log.isLoggable(java.util.logging.Level.FINE)) ++ log.log(java.util.logging.Level.FINE, "Id=" + + idPlusDelim.substring(1, idLen)); + + return true; +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/DigesterOutputStream.java b/src/share/classes/org/jcp/xml/dsig/internal/DigesterOutputStream.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/DigesterOutputStream.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/DigesterOutputStream.java +@@ -19,7 +19,10 @@ + * + */ + /* +- * $Id: DigesterOutputStream.java,v 1.1.2.2 2005/08/12 18:15:35 mullan Exp $ ++ * Copyright 2005 Sun Microsystems, Inc. All rights reserved. ++ */ ++/* ++ * $Id: DigesterOutputStream.java,v 1.2 2008/07/24 15:20:31 mullan Exp $ + */ + package org.jcp.xml.dsig.internal; + +@@ -35,10 +38,11 @@ + /** + * This class has been modified slightly to use java.security.MessageDigest + * objects as input, rather than +- * org.apache.xml.security.algorithms.MessageDigestAlgorithm objects. ++ * com.sun.org.apache.xml.internal.security.algorithms.MessageDigestAlgorithm objects. + * It also optionally caches the input bytes. + * + * @author raul ++ * @author Sean Mullan + */ + public class DigesterOutputStream extends OutputStream { + private boolean buffer = false; +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/MacOutputStream.java b/src/share/classes/org/jcp/xml/dsig/internal/MacOutputStream.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/MacOutputStream.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/MacOutputStream.java +@@ -24,15 +24,14 @@ + import javax.crypto.Mac; + + /** +- * Derived from Apache sources and changed to use Mac objects +- * objects instead of org.apache.xml.security.algorithms.SignatureAlgorithm +- * objects. ++ * Derived from Apache sources and changed to use Mac objects instead of ++ * com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm objects. + * + * @author raul ++ * @author Sean Mullan + * + */ + public class MacOutputStream extends ByteArrayOutputStream { +- private final static byte none[]="error".getBytes(); + private final Mac mac; + + public MacOutputStream(Mac mac) { +@@ -40,22 +39,20 @@ + } + + /** @inheritDoc */ +- public byte[] toByteArray() { +- return none; +- } +- +- /** @inheritDoc */ + public void write(byte[] arg0) { ++ super.write(arg0, 0, arg0.length); + mac.update(arg0); + } + + /** @inheritDoc */ + public void write(int arg0) { +- mac.update((byte)arg0); ++ super.write(arg0); ++ mac.update((byte) arg0); + } + + /** @inheritDoc */ + public void write(byte[] arg0, int arg1, int arg2) { +- mac.update(arg0,arg1,arg2); ++ super.write(arg0, arg1, arg2); ++ mac.update(arg0, arg1, arg2); + } + } +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/SignerOutputStream.java b/src/share/classes/org/jcp/xml/dsig/internal/SignerOutputStream.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/SignerOutputStream.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/SignerOutputStream.java +@@ -19,7 +19,10 @@ + * + */ + /* +- * $Id: SignerOutputStream.java,v 1.1.2.2 2005/08/12 18:01:58 mullan Exp $ ++ * Copyright 2005 Sun Microsystems, Inc. All rights reserved. ++ */ ++/* ++ * $Id: SignerOutputStream.java,v 1.2 2008/07/24 15:20:31 mullan Exp $ + */ + package org.jcp.xml.dsig.internal; + +@@ -29,10 +32,11 @@ + + /** + * Derived from Apache sources and changed to use java.security.Signature +- * objects as input instead of org.apache.xml.security.algorithms.SignatureAlgorithm ++ * objects as input instead of com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm + * objects. + * + * @author raul ++ * @author Sean Mullan + */ + public class SignerOutputStream extends ByteArrayOutputStream { + private final Signature sig; +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: ApacheCanonicalizer.java,v 1.17 2005/09/19 18:20:04 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: ApacheCanonicalizer.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -53,6 +52,10 @@ + + public abstract class ApacheCanonicalizer extends TransformService { + ++ static { ++ com.sun.org.apache.xml.internal.security.Init.init(); ++ } ++ + private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom"); + protected Canonicalizer apacheCanonicalizer; + private Transform apacheTransform; +@@ -235,13 +238,9 @@ + } + + try { +- if (os != null) { +- in = apacheTransform.performTransform(in, os); +- if (!in.isNodeSet() && !in.isElement()) { +- return null; +- } +- } else { +- in = apacheTransform.performTransform(in); ++ in = apacheTransform.performTransform(in, os); ++ if (!in.isNodeSet() && !in.isElement()) { ++ return null; + } + if (in.isOctetStream()) { + return new ApacheOctetStreamData(in); +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheData.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheData.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheData.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: ApacheData.java,v 1.4 2005/05/10 18:15:31 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: ApacheData.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: ApacheNodeSetData.java,v 1.4 2005/05/10 18:15:31 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: ApacheNodeSetData.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -83,7 +82,7 @@ + boolean skipNode = false; + while (it.hasNext() && !skipNode) { + NodeFilter nf = (NodeFilter) it.next(); +- if (!nf.isNodeInclude(currentNode)) { ++ if (nf.isNodeInclude(currentNode)!=1) { + skipNode = true; + } + } +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: ApacheOctetStreamData.java,v 1.4 2005/05/10 18:15:31 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: ApacheOctetStreamData.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: ApacheTransform.java,v 1.23 2005/09/15 14:29:03 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: ApacheTransform.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -54,6 +53,10 @@ + */ + public abstract class ApacheTransform extends TransformService { + ++ static { ++ com.sun.org.apache.xml.internal.security.Init.init(); ++ } ++ + private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom"); + private Transform apacheTransform; + protected Document ownerDoc; +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMBase64Transform.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMBase64Transform.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMBase64Transform.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMBase64Transform.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMBase64Transform.java,v 1.14 2005/05/10 18:15:31 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMBase64Transform.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14N11Method.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14N11Method.java +new file mode 100644 +--- /dev/null ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14N11Method.java +@@ -0,0 +1,79 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2008 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright 2008 Sun Microsystems, Inc. All rights reserved. ++ */ ++/* ++ * $Id: DOMCanonicalXMLC14N11Method.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ ++ */ ++package org.jcp.xml.dsig.internal.dom; ++ ++import javax.xml.crypto.*; ++import javax.xml.crypto.dsig.*; ++import javax.xml.crypto.dsig.spec.TransformParameterSpec; ++ ++import java.security.InvalidAlgorithmParameterException; ++ ++import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; ++import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException; ++ ++/** ++ * DOM-based implementation of CanonicalizationMethod for Canonical XML 1.1 ++ * (with or without comments). Uses Apache XML-Sec Canonicalizer. ++ * ++ * @author Sean Mullan ++ */ ++public final class DOMCanonicalXMLC14N11Method extends ApacheCanonicalizer { ++ ++ public static final String C14N_11 = "http://www.w3.org/2006/12/xml-c14n11"; ++ public static final String C14N_11_WITH_COMMENTS ++ = "http://www.w3.org/2006/12/xml-c14n11#WithComments"; ++ ++ public void init(TransformParameterSpec params) ++ throws InvalidAlgorithmParameterException { ++ if (params != null) { ++ throw new InvalidAlgorithmParameterException("no parameters " + ++ "should be specified for Canonical XML 1.1 algorithm"); ++ } ++ } ++ ++ public Data transform(Data data, XMLCryptoContext xc) ++ throws TransformException { ++ ++ // ignore comments if dereferencing same-document URI that requires ++ // you to omit comments, even if the Transform says otherwise - ++ // this is to be compliant with section 4.3.3.3 of W3C Rec. ++ if (data instanceof DOMSubTreeData) { ++ DOMSubTreeData subTree = (DOMSubTreeData) data; ++ if (subTree.excludeComments()) { ++ try { ++ apacheCanonicalizer = Canonicalizer.getInstance(C14N_11); ++ } catch (InvalidCanonicalizerException ice) { ++ throw new TransformException ++ ("Couldn't find Canonicalizer for: " + ++ C14N_11 + ": " + ice.getMessage(), ice); ++ } ++ } ++ } ++ ++ return canonicalize(data, xc); ++ } ++} +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14NMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14NMethod.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14NMethod.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14NMethod.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMCanonicalXMLC14NMethod.java,v 1.24.4.1 2005/08/12 15:27:49 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMCanonicalXMLC14NMethod.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java +@@ -1,34 +1,34 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMCanonicalizationMethod.java,v 1.25 2005/05/10 18:15:31 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMCanonicalizationMethod.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + + import java.io.OutputStream; + import java.security.InvalidAlgorithmParameterException; ++import java.security.Provider; + + import org.w3c.dom.Element; + +@@ -60,9 +60,9 @@ + * + * @param cmElem a CanonicalizationMethod element + */ +- public DOMCanonicalizationMethod(Element cmElem, XMLCryptoContext context) +- throws MarshalException{ +- super(cmElem, context); ++ public DOMCanonicalizationMethod(Element cmElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { ++ super(cmElem, context, provider); + } + + /** +@@ -75,7 +75,7 @@ + * additional context (may be null if not applicable) + * @return the canonicalized data + * @throws NullPointerException if data is null +- * @throws XMLSignatureException if an unexpected error occurs while ++ * @throws TransformException if an unexpected error occurs while + * canonicalizing the data + */ + public Data canonicalize(Data data, XMLCryptoContext xc) +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCryptoBinary.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCryptoBinary.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCryptoBinary.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCryptoBinary.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMCryptoBinary.java,v 1.14 2005/05/12 19:28:29 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMCryptoBinary.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMDigestMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMDigestMethod.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMDigestMethod.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMDigestMethod.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMDigestMethod.java,v 1.17 2005/05/10 18:15:32 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMDigestMethod.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -127,7 +126,7 @@ + + /** + * Unmarshals DigestMethodParameterSpec from the specified +- * Element. By default, this method throws an exception since ++ * Element. By default, this method throws an exception since + * most DigestMethod algorithms do not have parameters. Subclasses should + * override it if they have parameters. + * +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMEnvelopedTransform.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMEnvelopedTransform.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMEnvelopedTransform.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMEnvelopedTransform.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMEnvelopedTransform.java,v 1.16 2005/05/10 18:15:32 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMEnvelopedTransform.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMExcC14NMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMExcC14NMethod.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMExcC14NMethod.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMExcC14NMethod.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMExcC14NMethod.java,v 1.28 2005/09/23 20:20:41 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMExcC14NMethod.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -104,7 +103,7 @@ + Element excElem = DOMUtils.createElement + (ownerDoc, "InclusiveNamespaces", + CanonicalizationMethod.EXCLUSIVE, prefix); +- if (prefix == null) { ++ if (prefix == null || prefix.length() == 0) { + excElem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", + CanonicalizationMethod.EXCLUSIVE); + } else { +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java +@@ -1,29 +1,28 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ + /* + * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. + */ + /* +- * $Id: DOMHMACSignatureMethod.java,v 1.17 2005/09/15 14:29:04 mullan Exp $ ++ * $Id: DOMHMACSignatureMethod.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMKeyInfo.java,v 1.19 2005/05/12 19:28:30 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMKeyInfo.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -33,6 +32,7 @@ + import javax.xml.crypto.dsig.keyinfo.KeyInfo; + import javax.xml.crypto.dom.*; + ++import java.security.Provider; + import java.util.*; + import org.w3c.dom.Document; + import org.w3c.dom.Element; +@@ -82,10 +82,10 @@ + /** + * Creates a DOMKeyInfo from XML. + * +- * @param input XML input ++ * @param kiElem KeyInfo element + */ +- public DOMKeyInfo(Element kiElem, XMLCryptoContext context) +- throws MarshalException { ++ public DOMKeyInfo(Element kiElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + // get Id attribute, if specified + id = DOMUtils.getAttributeValue(kiElem, "Id"); + +@@ -112,7 +112,10 @@ + } else if (localName.equals("KeyValue")) { + content.add(new DOMKeyValue(childElem)); + } else if (localName.equals("RetrievalMethod")) { +- content.add(new DOMRetrievalMethod(childElem, context)); ++ content.add ++ (new DOMRetrievalMethod(childElem, context, provider)); ++ } else if (localName.equals("PGPData")) { ++ content.add(new DOMPGPData(childElem)); + } else { //may be MgmtData, SPKIData or element from other namespace + content.add(new javax.xml.crypto.dom.DOMStructure((childElem))); + } +@@ -139,7 +142,7 @@ + Element kiElem = DOMUtils.createElement + (DOMUtils.getOwnerDocument(pNode), "KeyInfo", + XMLSignature.XMLNS, dsPrefix); +- if (dsPrefix == null) { ++ if (dsPrefix == null || dsPrefix.length() == 0) { + kiElem.setAttributeNS + ("http://www.w3.org/2000/xmlns/", "xmlns", XMLSignature.XMLNS); + } else { +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java +@@ -1,34 +1,34 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMKeyInfoFactory.java,v 1.24 2005/09/23 20:18:50 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMKeyInfoFactory.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + + import java.math.BigInteger; +-import java.security.*; ++import java.security.KeyException; ++import java.security.PublicKey; + import java.util.List; + import javax.xml.crypto.*; + import javax.xml.crypto.dsig.*; +@@ -45,7 +45,6 @@ + */ + public final class DOMKeyInfoFactory extends KeyInfoFactory { + +- + public DOMKeyInfoFactory() { } + + public KeyInfo newKeyInfo(List content) { +@@ -135,7 +134,7 @@ + "support DOM Level 2 and be namespace aware"); + } + if (tag.equals("KeyInfo")) { +- return new DOMKeyInfo(element, null); ++ return new DOMKeyInfo(element, null, getProvider()); + } else { + throw new MarshalException("invalid KeyInfo tag: " + tag); + } +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyName.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyName.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyName.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyName.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMKeyName.java,v 1.12 2005/05/10 18:15:32 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMKeyName.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMKeyValue.java,v 1.18 2005/05/10 18:15:33 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMKeyValue.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMManifest.java,v 1.16 2005/05/12 19:28:31 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMManifest.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -31,6 +30,7 @@ + import javax.xml.crypto.dom.DOMCryptoContext; + import javax.xml.crypto.dsig.*; + ++import java.security.Provider; + import java.util.*; + import org.w3c.dom.Document; + import org.w3c.dom.Element; +@@ -83,13 +83,13 @@ + * + * @param manElem a Manifest element + */ +- public DOMManifest(Element manElem, XMLCryptoContext context) +- throws MarshalException { ++ public DOMManifest(Element manElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + this.id = DOMUtils.getAttributeValue(manElem, "Id"); + Element refElem = DOMUtils.getFirstChildElement(manElem); + List refs = new ArrayList(); + while (refElem != null) { +- refs.add(new DOMReference(refElem, context)); ++ refs.add(new DOMReference(refElem, context, provider)); + refElem = DOMUtils.getNextSiblingElement(refElem); + } + this.references = Collections.unmodifiableList(refs); +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMPGPData.java,v 1.18 2005/05/12 19:28:31 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMPGPData.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java +@@ -1,28 +1,26 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2005 The Apache Software Foundation. + * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at + * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). ++ * http://www.apache.org/licenses/LICENSE-2.0 + * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. + * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. + */ +- ++/* ++ * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. ++ */ + /* + * =========================================================================== + * +@@ -31,7 +29,7 @@ + * =========================================================================== + */ + /* +- * $Id: DOMReference.java,v 1.40 2005/09/19 18:27:04 mullan Exp $ ++ * $Id: DOMReference.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -67,13 +65,27 @@ + public final class DOMReference extends DOMStructure + implements Reference, DOMURIReference { + ++ /** ++ * Look up useC14N11 system property. If true, an explicit C14N11 transform ++ * will be added if necessary when generating the signature. See section ++ * 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info. ++ * ++ * If true, overrides the same property if set in the XMLSignContext. ++ */ ++ private static boolean useC14N11 = ++ AccessController.doPrivileged(new PrivilegedAction() { ++ public Boolean run() { ++ return Boolean.getBoolean ++ ("com.sun.org.apache.xml.internal.security.useC14N11"); ++ } ++ }); ++ + private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom"); + + private final DigestMethod digestMethod; + private final String id; +- private final List appliedTransforms; + private final List transforms; +- private final List allTransforms; ++ private List allTransforms; + private final Data appliedTransformData; + private Attr here; + private final String uri; +@@ -87,6 +99,7 @@ + private Data derefData; + private InputStream dis; + private MessageDigest md; ++ private Provider provider; + + /** + * Creates a Reference from the specified parameters. +@@ -104,24 +117,25 @@ + * not of type Transform + */ + public DOMReference(String uri, String type, DigestMethod dm, +- List transforms, String id) { +- this(uri, type, dm, null, null, transforms, id, null); +- } +- +- public DOMReference(String uri, String type, DigestMethod dm, +- List appliedTransforms, Data result, List transforms, String id) { +- this(uri, type, dm, appliedTransforms, result, transforms, id, null); ++ List transforms, String id, Provider provider) { ++ this(uri, type, dm, null, null, transforms, id, null, provider); + } + + public DOMReference(String uri, String type, DigestMethod dm, + List appliedTransforms, Data result, List transforms, String id, +- byte[] digestValue){ ++ Provider provider) { ++ this(uri, type, dm, appliedTransforms, ++ result, transforms, id, null, provider); ++ } ++ ++ public DOMReference(String uri, String type, DigestMethod dm, ++ List appliedTransforms, Data result, List transforms, String id, ++ byte[] digestValue, Provider provider) { + if (dm == null) { + throw new NullPointerException("DigestMethod must be non-null"); + } +- if (appliedTransforms == null || appliedTransforms.isEmpty()) { +- this.appliedTransforms = Collections.EMPTY_LIST; +- } else { ++ this.allTransforms = new ArrayList(); ++ if (appliedTransforms != null) { + List transformsCopy = new ArrayList(appliedTransforms); + for (int i = 0, size = transformsCopy.size(); i < size; i++) { + if (!(transformsCopy.get(i) instanceof Transform)) { +@@ -129,10 +143,9 @@ + ("appliedTransforms["+i+"] is not a valid type"); + } + } +- this.appliedTransforms = +- Collections.unmodifiableList(transformsCopy); ++ this.allTransforms = transformsCopy; + } +- if (transforms == null || transforms.isEmpty()) { ++ if (transforms == null) { + this.transforms = Collections.EMPTY_LIST; + } else { + List transformsCopy = new ArrayList(transforms); +@@ -142,11 +155,9 @@ + ("transforms["+i+"] is not a valid type"); + } + } +- this.transforms = Collections.unmodifiableList(transformsCopy); ++ this.transforms = transformsCopy; ++ this.allTransforms.addAll(transformsCopy); + } +- List all = new ArrayList(this.appliedTransforms); +- all.addAll(this.transforms); +- this.allTransforms = Collections.unmodifiableList(all); + this.digestMethod = dm; + this.uri = uri; + if ((uri != null) && (!uri.equals(""))) { +@@ -163,6 +174,7 @@ + this.digested = true; + } + this.appliedTransformData = result; ++ this.provider = provider; + } + + /** +@@ -170,15 +182,16 @@ + * + * @param refElem a Reference element + */ +- public DOMReference(Element refElem, XMLCryptoContext context) +- throws MarshalException { ++ public DOMReference(Element refElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + // unmarshal Transforms, if specified + Element nextSibling = DOMUtils.getFirstChildElement(refElem); + List transforms = new ArrayList(5); + if (nextSibling.getLocalName().equals("Transforms")) { + Element transformElem = DOMUtils.getFirstChildElement(nextSibling); + while (transformElem != null) { +- transforms.add(new DOMTransform(transformElem, context)); ++ transforms.add ++ (new DOMTransform(transformElem, context, provider)); + transformElem = DOMUtils.getNextSiblingElement(transformElem); + } + nextSibling = DOMUtils.getNextSiblingElement(nextSibling); +@@ -203,15 +216,10 @@ + this.type = DOMUtils.getAttributeValue(refElem, "Type"); + this.here = refElem.getAttributeNodeNS(null, "URI"); + this.refElem = refElem; +- +- if (transforms.isEmpty()) { +- this.transforms = Collections.EMPTY_LIST; +- } else { +- this.transforms = Collections.unmodifiableList(transforms); +- } +- this.appliedTransforms = Collections.EMPTY_LIST; ++ this.transforms = transforms; + this.allTransforms = transforms; + this.appliedTransformData = null; ++ this.provider = provider; + } + + public DigestMethod getDigestMethod() { +@@ -231,7 +239,7 @@ + } + + public List getTransforms() { +- return allTransforms; ++ return Collections.unmodifiableList(allTransforms); + } + + public byte[] getDigestValue() { +@@ -259,17 +267,13 @@ + DOMUtils.setAttribute(refElem, "Type", type); + + // create and append Transforms element +- if (!transforms.isEmpty() || !appliedTransforms.isEmpty()) { ++ if (!allTransforms.isEmpty()) { + Element transformsElem = DOMUtils.createElement + (ownerDoc, "Transforms", XMLSignature.XMLNS, dsPrefix); + refElem.appendChild(transformsElem); +- for (int i = 0, size = appliedTransforms.size(); i < size; i++) { ++ for (int i = 0, size = allTransforms.size(); i < size; i++) { + DOMStructure transform = +- (DOMStructure) appliedTransforms.get(i); +- transform.marshal(transformsElem, dsPrefix, context); +- } +- for (int i = 0, size = transforms.size(); i < size; i++) { +- DOMStructure transform = (DOMStructure) transforms.get(i); ++ (DOMStructure) allTransforms.get(i); + transform.marshal(transformsElem, dsPrefix, context); + } + } +@@ -416,21 +420,62 @@ + try { + if (data != null) { + XMLSignatureInput xi; ++ // explicitly use C14N 1.1 when generating signature ++ // first check system property, then context property ++ boolean c14n11 = useC14N11; ++ String c14nalg = CanonicalizationMethod.INCLUSIVE; ++ if (context instanceof XMLSignContext) { ++ if (!c14n11) { ++ Boolean prop = (Boolean) context.getProperty ++ ("com.sun.org.apache.xml.internal.security.useC14N11"); ++ c14n11 = (prop != null && prop.booleanValue() == true); ++ if (c14n11) { ++ c14nalg = "http://www.w3.org/2006/12/xml-c14n11"; ++ } ++ } else { ++ c14nalg = "http://www.w3.org/2006/12/xml-c14n11"; ++ } ++ } + if (data instanceof ApacheData) { + xi = ((ApacheData) data).getXMLSignatureInput(); + } else if (data instanceof OctetStreamData) { + xi = new XMLSignatureInput + (((OctetStreamData)data).getOctetStream()); + } else if (data instanceof NodeSetData) { +- TransformService spi = TransformService.getInstance +- (CanonicalizationMethod.INCLUSIVE, "DOM"); ++ TransformService spi = null; ++ try { ++ spi = TransformService.getInstance(c14nalg, "DOM"); ++ } catch (NoSuchAlgorithmException nsae) { ++ spi = TransformService.getInstance ++ (c14nalg, "DOM", provider); ++ } + data = spi.transform(data, context); + xi = new XMLSignatureInput + (((OctetStreamData)data).getOctetStream()); + } else { + throw new XMLSignatureException("unrecognized Data type"); + } +- xi.updateOutputStream(os); ++ if (context instanceof XMLSignContext && c14n11 ++ && !xi.isOctetStream() && !xi.isOutputStreamSet()) { ++ DOMTransform t = new DOMTransform ++ (TransformService.getInstance(c14nalg, "DOM")); ++ Element transformsElem = null; ++ String dsPrefix = DOMUtils.getSignaturePrefix(context); ++ if (allTransforms.isEmpty()) { ++ transformsElem = DOMUtils.createElement( ++ refElem.getOwnerDocument(), ++ "Transforms", XMLSignature.XMLNS, dsPrefix); ++ refElem.insertBefore(transformsElem, ++ DOMUtils.getFirstChildElement(refElem)); ++ } else { ++ transformsElem = DOMUtils.getFirstChildElement(refElem); ++ } ++ t.marshal(transformsElem, dsPrefix, (DOMCryptoContext) context); ++ allTransforms.add(t); ++ xi.updateOutputStream(os, true); ++ } else { ++ xi.updateOutputStream(os); ++ } + } + os.flush(); + if (cache != null && cache.booleanValue() == true) { +@@ -466,7 +511,7 @@ + Arrays.equals(digestValue, oref.getDigestValue()); + + return (digestMethod.equals(oref.getDigestMethod()) && idsEqual && +- urisEqual && typesEqual && transforms.equals(oref.getTransforms())); ++ urisEqual && typesEqual && allTransforms.equals(oref.getTransforms())); + } + + boolean isDigested() { +@@ -486,7 +531,7 @@ + }; + } catch (Exception e) { + // log a warning +- log.log(Level.WARNING, ++ log.log(Level.WARNING, + "cannot cache dereferenced data: " + e); + return null; + } +@@ -499,7 +544,7 @@ + (xsi.getOctetStream(), xsi.getSourceURI(), xsi.getMIMEType()); + } catch (IOException ioe) { + // log a warning +- log.log(Level.WARNING, ++ log.log(Level.WARNING, + "cannot cache dereferenced data: " + ioe); + return null; + } +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java +@@ -1,28 +1,26 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ + /* + * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. + */ +- + /* + * =========================================================================== + * +@@ -31,13 +29,14 @@ + * =========================================================================== + */ + /* +- * $Id: DOMRetrievalMethod.java,v 1.24 2005/05/12 19:28:32 mullan Exp $ ++ * $Id: DOMRetrievalMethod.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + + import java.io.ByteArrayInputStream; + import java.net.URI; + import java.net.URISyntaxException; ++import java.security.Provider; + import java.util.*; + import javax.xml.crypto.*; + import javax.xml.crypto.dsig.*; +@@ -116,8 +115,8 @@ + * + * @param rmElem a RetrievalMethod element + */ +- public DOMRetrievalMethod(Element rmElem, XMLCryptoContext context) +- throws MarshalException { ++ public DOMRetrievalMethod(Element rmElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + // get URI and Type attributes + uri = DOMUtils.getAttributeValue(rmElem, "URI"); + type = DOMUtils.getAttributeValue(rmElem, "Type"); +@@ -132,7 +131,8 @@ + Element transformElem = + DOMUtils.getFirstChildElement(transformsElem); + while (transformElem != null) { +- transforms.add(new DOMTransform(transformElem, context)); ++ transforms.add ++ (new DOMTransform(transformElem, context, provider)); + transformElem = DOMUtils.getNextSiblingElement(transformElem); + } + } +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureMethod.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureMethod.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureMethod.java +@@ -1,32 +1,28 @@ + /* +- * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * Copyright 1999-2004 The Apache Software Foundation. ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * + */ + /* +- * $Id: DOMSignatureMethod.java,v 1.20.4.1 2005/08/12 14:23:49 mullan Exp $ ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMSignatureMethod.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -226,7 +222,11 @@ + } + if (signature == null) { + try { +- signature = Signature.getInstance(getSignatureAlgorithm()); ++ Provider p = (Provider) context.getProperty ++ ("org.jcp.xml.dsig.internal.dom.SignatureProvider"); ++ signature = (p == null) ++ ? Signature.getInstance(getSignatureAlgorithm()) ++ : Signature.getInstance(getSignatureAlgorithm(), p); + } catch (NoSuchAlgorithmException nsae) { + throw new XMLSignatureException(nsae); + } +@@ -274,7 +274,11 @@ + } + if (signature == null) { + try { +- signature = Signature.getInstance(getSignatureAlgorithm()); ++ Provider p = (Provider) context.getProperty ++ ("org.jcp.xml.dsig.internal.dom.SignatureProvider"); ++ signature = (p == null) ++ ? Signature.getInstance(getSignatureAlgorithm()) ++ : Signature.getInstance(getSignatureAlgorithm(), p); + } catch (NoSuchAlgorithmException nsae) { + throw new XMLSignatureException(nsae); + } +@@ -302,7 +306,7 @@ + + /** + * Marshals the algorithm-specific parameters to an Element and +- * appends it to the specified parent element. By default, this method ++ * appends it to the specified parent element. By default, this method + * throws an exception since most SignatureMethod algorithms do not have + * parameters. Subclasses should override it if they have parameters. + * +@@ -360,7 +364,6 @@ + private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) + throws IOException { + +- // THIS CODE IS COPIED FROM APACHE (see copyright at top of file) + byte rLength = asn1Bytes[3]; + int i; + +@@ -401,7 +404,6 @@ + private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) + throws IOException { + +- // THIS CODE IS COPIED FROM APACHE (see copyright at top of file) + if (xmldsigBytes.length != 40) { + throw new IOException("Invalid XMLDSIG format of DSA signature"); + } +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMSignatureProperties.java,v 1.12 2005/05/12 19:28:32 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMSignatureProperties.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMSignatureProperty.java,v 1.14 2005/05/12 19:28:32 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMSignatureProperty.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMSignedInfo.java,v 1.30 2005/09/23 20:14:07 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMSignedInfo.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -37,6 +36,7 @@ + import java.io.IOException; + import java.io.InputStreamReader; + import java.io.OutputStream; ++import java.security.Provider; + import java.util.*; + import java.util.logging.Level; + import java.util.logging.Logger; +@@ -126,8 +126,8 @@ + * + * @param siElem a SignedInfo element + */ +- public DOMSignedInfo(Element siElem, XMLCryptoContext context) +- throws MarshalException { ++ public DOMSignedInfo(Element siElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + localSiElem = siElem; + ownerDoc = siElem.getOwnerDocument(); + +@@ -136,7 +136,8 @@ + + // unmarshal CanonicalizationMethod + Element cmElem = DOMUtils.getFirstChildElement(siElem); +- canonicalizationMethod = new DOMCanonicalizationMethod(cmElem, context); ++ canonicalizationMethod = new DOMCanonicalizationMethod ++ (cmElem, context, provider); + + // unmarshal SignatureMethod + Element smElem = DOMUtils.getNextSiblingElement(cmElem); +@@ -146,7 +147,7 @@ + ArrayList refList = new ArrayList(5); + Element refElem = DOMUtils.getNextSiblingElement(smElem); + while (refElem != null) { +- refList.add(new DOMReference(refElem, context)); ++ refList.add(new DOMReference(refElem, context, provider)); + refElem = DOMUtils.getNextSiblingElement(refElem); + } + references = Collections.unmodifiableList(refList); +@@ -188,9 +189,8 @@ + + DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true); + +- OctetStreamData data = null; + try { +- data = (OctetStreamData) ((DOMCanonicalizationMethod) ++ Data data = ((DOMCanonicalizationMethod) + canonicalizationMethod).canonicalize(subTree, context, os); + } catch (TransformException te) { + throw new XMLSignatureException(te); +@@ -205,9 +205,11 @@ + char[] siBytes = new char[signedInfoBytes.length]; + try { + isr.read(siBytes); +- } catch (IOException ioex) {} //ignore since this is logging code +- log.log(Level.FINE, "Canonicalized SignedInfo:\n" +- + new String(siBytes)); ++ log.log(Level.FINE, "Canonicalized SignedInfo:\n" ++ + new String(siBytes)); ++ } catch (IOException ioex) { ++ log.log(Level.FINE, "IOException reading SignedInfo bytes"); ++ } + log.log(Level.FINE, "Data to be signed/verified:" + + Base64.encode(signedInfoBytes)); + } +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMStructure.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMStructure.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMStructure.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMStructure.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMStructure.java,v 1.11 2005/05/10 18:15:34 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMStructure.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMSubTreeData.java,v 1.2 2005/09/15 14:29:04 mullan Exp $ ++ * Copyright 2006 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMSubTreeData.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMTransform.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMTransform.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMTransform.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMTransform.java +@@ -1,35 +1,35 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMTransform.java,v 1.25 2005/05/10 18:15:34 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMTransform.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + + import java.io.OutputStream; + import java.security.InvalidAlgorithmParameterException; + import java.security.NoSuchAlgorithmException; ++import java.security.Provider; + import java.security.spec.AlgorithmParameterSpec; + + import org.w3c.dom.Document; +@@ -68,14 +68,17 @@ + * + * @param transElem a Transform element + */ +- public DOMTransform(Element transElem, XMLCryptoContext context) +- throws MarshalException { +- Document ownerDoc = transElem.getOwnerDocument(); ++ public DOMTransform(Element transElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + String algorithm = DOMUtils.getAttributeValue(transElem, "Algorithm"); + try { + spi = TransformService.getInstance(algorithm, "DOM"); +- } catch (NoSuchAlgorithmException e) { +- throw new MarshalException(e); ++ } catch (NoSuchAlgorithmException e1) { ++ try { ++ spi = TransformService.getInstance(algorithm, "DOM", provider); ++ } catch (NoSuchAlgorithmException e2) { ++ throw new MarshalException(e2); ++ } + } + try { + spi.init(new javax.xml.crypto.dom.DOMStructure(transElem), context); +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMURIDereferencer.java,v 1.19 2005/09/23 20:09:34 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMURIDereferencer.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -83,11 +82,9 @@ + // this is a bit of a hack to check for registered + // IDRefs and manually register them with Apache's IdResolver + // map which includes builtin schema knowledge of DSig/Enc IDs +- if (context instanceof XMLSignContext) { +- Node referencedElem = dcc.getElementById(id); +- if (referencedElem != null) { +- IdResolver.registerElementById((Element) referencedElem, id); +- } ++ Node referencedElem = dcc.getElementById(id); ++ if (referencedElem != null) { ++ IdResolver.registerElementById((Element) referencedElem, id); + } + } + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMUtils.java,v 1.18 2005/05/12 19:28:34 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMUtils.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -77,7 +76,8 @@ + */ + public static Element createElement(Document doc, String tag, String nsURI, + String prefix) { +- String qName = prefix == null ? tag : prefix + ":" + tag; ++ String qName = (prefix == null || prefix.length() == 0) ++ ? tag : prefix + ":" + tag; + return doc.createElementNS(nsURI, qName); + } + +@@ -327,6 +327,7 @@ + XPathType type = (XPathType) types.get(i); + XPathType otype = (XPathType) otypes.get(i); + if (!type.getExpression().equals(otype.getExpression()) || ++ !type.getNamespaceMap().equals(otype.getNamespaceMap()) || + type.getFilter() != otype.getFilter()) { + return false; + } +@@ -341,8 +342,8 @@ + + private static boolean paramsEqual(XPathFilterParameterSpec spec1, + XPathFilterParameterSpec spec2) { +- +- return spec1.getXPath().equals(spec2.getXPath()); ++ return (spec1.getXPath().equals(spec2.getXPath()) && ++ spec1.getNamespaceMap().equals(spec2.getNamespaceMap())); + } + + private static boolean paramsEqual(XSLTTransformParameterSpec spec1, +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMX509Data.java,v 1.20 2005/05/12 19:28:34 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMX509Data.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -53,7 +52,7 @@ + public final class DOMX509Data extends DOMStructure implements X509Data { + + private final List content; +- private CertificateFactory cf; //FIX - make this static? ++ private CertificateFactory cf; + + /** + * Creates a DOMX509Data. +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMX509IssuerSerial.java,v 1.13 2005/05/10 18:15:35 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMX509IssuerSerial.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMXMLObject.java,v 1.16 2005/05/12 19:28:35 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMXMLObject.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -31,6 +30,7 @@ + import javax.xml.crypto.dom.DOMCryptoContext; + import javax.xml.crypto.dsig.*; + ++import java.security.Provider; + import java.util.*; + import org.w3c.dom.Document; + import org.w3c.dom.Element; +@@ -87,8 +87,8 @@ + * @param objElem an Object element + * @throws MarshalException if there is an error when unmarshalling + */ +- public DOMXMLObject(Element objElem, XMLCryptoContext context) +- throws MarshalException { ++ public DOMXMLObject(Element objElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + // unmarshal attributes + this.encoding = DOMUtils.getAttributeValue(objElem, "Encoding"); + this.id = DOMUtils.getAttributeValue(objElem, "Id"); +@@ -103,7 +103,7 @@ + Element childElem = (Element) child; + String tag = childElem.getLocalName(); + if (tag.equals("Manifest")) { +- content.add(new DOMManifest(childElem, context)); ++ content.add(new DOMManifest(childElem, context, provider)); + continue; + } else if (tag.equals("SignatureProperties")) { + content.add(new DOMSignatureProperties(childElem)); +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java +@@ -1,28 +1,26 @@ ++/* ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ + /* + * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. + */ +- + /* + * =========================================================================== + * +@@ -31,7 +29,7 @@ + * =========================================================================== + */ + /* +- * $Id: DOMXMLSignature.java,v 1.42 2005/09/23 20:29:04 mullan Exp $ ++ * $Id: DOMXMLSignature.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -45,6 +43,7 @@ + import java.io.*; + import java.security.InvalidKeyException; + import java.security.Key; ++import java.security.Provider; + import java.util.Collections; + import java.util.ArrayList; + import java.util.HashMap; +@@ -128,8 +127,8 @@ + * @param sigElem Signature element + * @throws MarshalException if XMLSignature cannot be unmarshalled + */ +- public DOMXMLSignature(Element sigElem, XMLCryptoContext context) +- throws MarshalException { ++ public DOMXMLSignature(Element sigElem, XMLCryptoContext context, ++ Provider provider) throws MarshalException { + localSigElem = sigElem; + ownerDoc = localSigElem.getOwnerDocument(); + +@@ -138,7 +137,7 @@ + + // unmarshal SignedInfo + Element siElem = DOMUtils.getFirstChildElement(localSigElem); +- si = new DOMSignedInfo(siElem, context); ++ si = new DOMSignedInfo(siElem, context, provider); + + // unmarshal SignatureValue + Element sigValElem = DOMUtils.getNextSiblingElement(siElem); +@@ -147,7 +146,7 @@ + // unmarshal KeyInfo, if specified + Element nextSibling = DOMUtils.getNextSiblingElement(sigValElem); + if (nextSibling != null && nextSibling.getLocalName().equals("KeyInfo")) { +- ki = new DOMKeyInfo(nextSibling, context); ++ ki = new DOMKeyInfo(nextSibling, context, provider); + nextSibling = DOMUtils.getNextSiblingElement(nextSibling); + } + +@@ -157,7 +156,8 @@ + } else { + List tempObjects = new ArrayList(); + while (nextSibling != null) { +- tempObjects.add(new DOMXMLObject(nextSibling, context)); ++ tempObjects.add ++ (new DOMXMLObject(nextSibling, context, provider)); + nextSibling = DOMUtils.getNextSiblingElement(nextSibling); + } + objects = Collections.unmodifiableList(tempObjects); +@@ -201,9 +201,7 @@ + (ownerDoc, "Signature", XMLSignature.XMLNS, dsPrefix); + + // append xmlns attribute +- //XXX I think this is supposed to be automatically inserted when +- //XXX serializing a DOM2 tree, but doesn't seem to work with JAXP/Xalan +- if (dsPrefix == null) { ++ if (dsPrefix == null || dsPrefix.length() == 0) { + sigElem.setAttributeNS + ("http://www.w3.org/2000/xmlns/", "xmlns", XMLSignature.XMLNS); + } else { +@@ -301,7 +299,7 @@ + Reference ref = (Reference) manRefs.get(k); + boolean refValid = ref.validate(vc); + if (log.isLoggable(Level.FINE)) { +- log.log(Level.FINE, "Manifest ref[" ++ log.log(Level.FINE, "Manifest ref[" + + ref.getURI() + "] is valid: " + refValid); + } + validateMans &= refValid; +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMXMLSignatureFactory.java,v 1.21 2005/09/23 19:59:11 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMXMLSignatureFactory.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -33,7 +32,8 @@ + import javax.xml.crypto.dsig.keyinfo.*; + import javax.xml.crypto.dsig.spec.*; + +-import java.security.*; ++import java.security.InvalidAlgorithmParameterException; ++import java.security.NoSuchAlgorithmException; + import java.security.spec.AlgorithmParameterSpec; + import java.util.List; + import org.w3c.dom.Document; +@@ -67,7 +67,7 @@ + + public Reference newReference(String uri, DigestMethod dm, List transforms, + String type, String id) { +- return new DOMReference(uri, type, dm, transforms, id); ++ return new DOMReference(uri, type, dm, transforms, id, getProvider()); + } + + public Reference newReference(String uri, DigestMethod dm, +@@ -83,7 +83,7 @@ + throw new NullPointerException("result cannot be null"); + } + return new DOMReference +- (uri, type, dm, appliedTransforms, result, transforms, id); ++ (uri, type, dm, appliedTransforms, result, transforms, id, getProvider()); + } + + public Reference newReference(String uri, DigestMethod dm, List transforms, +@@ -92,7 +92,7 @@ + throw new NullPointerException("digestValue cannot be null"); + } + return new DOMReference +- (uri, type, dm, null, null, transforms, id, digestValue); ++ (uri, type, dm, null, null, transforms, id, digestValue, getProvider()); + } + + public SignedInfo newSignedInfo(CanonicalizationMethod cm, +@@ -170,7 +170,7 @@ + "support DOM Level 2 and be namespace aware"); + } + if (tag.equals("Signature")) { +- return new DOMXMLSignature(element, context); ++ return new DOMXMLSignature(element, context, getProvider()); + } else { + throw new MarshalException("invalid Signature tag: " + tag); + } +@@ -235,7 +235,12 @@ + public Transform newTransform(String algorithm, + TransformParameterSpec params) throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException { +- TransformService spi = TransformService.getInstance(algorithm, "DOM"); ++ TransformService spi; ++ try { ++ spi = TransformService.getInstance(algorithm, "DOM"); ++ } catch (NoSuchAlgorithmException nsae) { ++ spi = TransformService.getInstance(algorithm, "DOM", getProvider()); ++ } + spi.init(params); + return new DOMTransform(spi); + } +@@ -243,7 +248,12 @@ + public Transform newTransform(String algorithm, + XMLStructure params) throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException { +- TransformService spi = TransformService.getInstance(algorithm, "DOM"); ++ TransformService spi; ++ try { ++ spi = TransformService.getInstance(algorithm, "DOM"); ++ } catch (NoSuchAlgorithmException nsae) { ++ spi = TransformService.getInstance(algorithm, "DOM", getProvider()); ++ } + if (params == null) { + spi.init(null); + } else { +@@ -255,7 +265,12 @@ + public CanonicalizationMethod newCanonicalizationMethod(String algorithm, + C14NMethodParameterSpec params) throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException { +- TransformService spi = TransformService.getInstance(algorithm, "DOM"); ++ TransformService spi; ++ try { ++ spi = TransformService.getInstance(algorithm, "DOM"); ++ } catch (NoSuchAlgorithmException nsae) { ++ spi = TransformService.getInstance(algorithm, "DOM", getProvider()); ++ } + spi.init(params); + return new DOMCanonicalizationMethod(spi); + } +@@ -263,7 +278,12 @@ + public CanonicalizationMethod newCanonicalizationMethod(String algorithm, + XMLStructure params) throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException { +- TransformService spi = TransformService.getInstance(algorithm, "DOM"); ++ TransformService spi; ++ try { ++ spi = TransformService.getInstance(algorithm, "DOM"); ++ } catch (NoSuchAlgorithmException nsae) { ++ spi = TransformService.getInstance(algorithm, "DOM", getProvider()); ++ } + if (params == null) { + spi.init(null); + } else { +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathFilter2Transform.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathFilter2Transform.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathFilter2Transform.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathFilter2Transform.java +@@ -1,28 +1,23 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2005 The Apache Software Foundation. + * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at + * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). ++ * http://www.apache.org/licenses/LICENSE-2.0 + * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. + * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. + */ +- + /* + * =========================================================================== + * +@@ -31,7 +26,10 @@ + * =========================================================================== + */ + /* +- * $Id: DOMXPathFilter2Transform.java,v 1.18 2005/09/19 18:30:30 mullan Exp $ ++ * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMXPathFilter2Transform.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -129,7 +127,8 @@ + XPathFilter2ParameterSpec xp = + (XPathFilter2ParameterSpec) getParameterSpec(); + String prefix = DOMUtils.getNSPrefix(context, Transform.XPATH2); +- String qname = (prefix == null) ? "xmlns" : "xmlns:" + prefix; ++ String qname = (prefix == null || prefix.length() == 0) ++ ? "xmlns" : "xmlns:" + prefix; + List list = xp.getXPathList(); + for (int i = 0, size = list.size(); i < size; i++) { + XPathType xpathType = (XPathType) list.get(i); +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathTransform.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathTransform.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathTransform.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXPathTransform.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMXPathTransform.java,v 1.16 2005/05/12 19:28:35 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMXPathTransform.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXSLTTransform.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXSLTTransform.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXSLTTransform.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXSLTTransform.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: DOMXSLTTransform.java,v 1.15 2005/05/10 18:15:36 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: DOMXSLTTransform.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/Utils.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/Utils.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/Utils.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/Utils.java +@@ -1,29 +1,28 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! + */ + /* +- * $Id: Utils.java,v 1.14 2005/09/23 19:49:20 mullan Exp $ ++ * Copyright 2005 The Apache Software Foundation. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++/* ++ * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: Utils.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java ++++ openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java +@@ -1,28 +1,23 @@ + /* +- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * reserved comment block ++ * DO NOT REMOVE OR ALTER! ++ */ ++/* ++ * Copyright 2005 The Apache Software Foundation. + * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at + * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). ++ * http://www.apache.org/licenses/LICENSE-2.0 + * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. + * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. + */ +- + /* + * =========================================================================== + * +@@ -31,7 +26,10 @@ + * =========================================================================== + */ + /* +- * $Id: XMLDSigRI.java,v 1.7 2005/05/12 19:28:36 mullan Exp $ ++ * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. ++ */ ++/* ++ * $Id: XMLDSigRI.java,v 1.2 2008/07/24 15:20:32 mullan Exp $ + */ + package org.jcp.xml.dsig.internal.dom; + +@@ -86,6 +84,22 @@ + CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS + + " MechanismType", "DOM"); + ++ // Inclusive C14N 1.1 ++ map.put((String)"TransformService." + ++ "http://www.w3.org/2006/12/xml-c14n11", ++ "org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14N11Method"); ++ map.put((String)"TransformService." + ++ "http://www.w3.org/2006/12/xml-c14n11" + ++ " MechanismType", "DOM"); ++ ++ // InclusiveWithComments C14N 1.1 ++ map.put((String)"TransformService." + ++ "http://www.w3.org/2006/12/xml-c14n11#WithComments", ++ "org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14N11Method"); ++ map.put((String)"TransformService." + ++ "http://www.w3.org/2006/12/xml-c14n11#WithComments" + ++ " MechanismType", "DOM"); ++ + // Exclusive C14N + map.put((String) "TransformService." + CanonicalizationMethod.EXCLUSIVE, + "org.jcp.xml.dsig.internal.dom.DOMExcC14NMethod"); +diff --git a/src/share/classes/org/jcp/xml/dsig/internal/package.html b/src/share/classes/org/jcp/xml/dsig/internal/package.html +deleted file mode 100644 +--- openjdk/jdk/src/share/classes/org/jcp/xml/dsig/internal/package.html ++++ /dev/null +@@ -1,5 +0,0 @@ +- +- +-Contains the classes of the Reference Implementation of JSR 105. +- +- +diff --git a/test/javax/xml/crypto/dsig/GenerationTests.java b/test/javax/xml/crypto/dsig/GenerationTests.java +--- openjdk/jdk/test/javax/xml/crypto/dsig/GenerationTests.java ++++ openjdk/jdk/test/javax/xml/crypto/dsig/GenerationTests.java +@@ -90,6 +90,7 @@ + private static Certificate signingCert; + private static KeyStore ks; + private final static String DIR = System.getProperty("test.src", "."); ++// private final static String DIR = "."; + private final static String DATA_DIR = + DIR + System.getProperty("file.separator") + "data"; + private final static String KEYSTORE = +@@ -200,6 +201,9 @@ + DOMSignContext dsc = new DOMSignContext(signingKey, envelope); + + sig.sign(dsc); ++// StringWriter sw = new StringWriter(); ++// dumpDocument(doc, sw); ++// System.out.println(sw.toString()); + + DOMValidateContext dvc = new DOMValidateContext + (kvks, envelope.getFirstChild()); diff -r 36d69d052be1 -r 08ce3247b5b0 patches/openjdk/6656651-windows_lcd_glyphs.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/6656651-windows_lcd_glyphs.patch Sat Jun 22 16:38:24 2013 -0500 @@ -0,0 +1,938 @@ +diff -Nru openjdk.orig/jdk/make/sun/font/FILES_c.gmk openjdk/jdk/make/sun/font/FILES_c.gmk +--- openjdk.orig/jdk/make/sun/font/FILES_c.gmk 2013-06-21 19:10:28.473006180 -0500 ++++ openjdk/jdk/make/sun/font/FILES_c.gmk 2013-06-21 19:11:27.994043654 -0500 +@@ -114,7 +114,9 @@ + + + ifeq ($(PLATFORM),windows) +-FILES_c_platform = fontpath.c ++FILES_c_platform = fontpath.c \ ++ lcdglyph.c ++ + FILES_cpp_platform = + else + FILES_c_platform = X11FontScaler.c \ +diff -Nru openjdk.orig/jdk/make/sun/font/Makefile openjdk/jdk/make/sun/font/Makefile +--- openjdk.orig/jdk/make/sun/font/Makefile 2013-06-21 19:10:28.473006180 -0500 ++++ openjdk/jdk/make/sun/font/Makefile 2013-06-21 19:11:05.272031592 -0500 +@@ -63,6 +63,7 @@ + java/awt/Font.java \ + java/text/Bidi.java \ + sun/font/FileFont.java \ ++ sun/font/FileFontStrike.java \ + sun/font/FontManager.java \ + sun/font/GlyphList.java \ + sun/font/NativeFont.java \ +diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/FileFontStrike.java openjdk/jdk/src/share/classes/sun/font/FileFontStrike.java +--- openjdk.orig/jdk/src/share/classes/sun/font/FileFontStrike.java 2011-11-14 16:11:59.000000000 -0600 ++++ openjdk/jdk/src/share/classes/sun/font/FileFontStrike.java 2013-06-21 19:11:05.273031593 -0500 +@@ -27,6 +27,7 @@ + + import java.lang.ref.SoftReference; + import java.awt.Font; ++import java.awt.GraphicsEnvironment; + import java.awt.Rectangle; + import java.awt.geom.AffineTransform; + import java.awt.geom.GeneralPath; +@@ -105,6 +106,19 @@ + boolean useNatives; + NativeStrike[] nativeStrikes; + ++ /* Used only for communication to native layer */ ++ private int intPtSize; ++ ++ /* Perform global initialisation needed for Windows native rasterizer */ ++ private static native boolean initNative(); ++ private static boolean isXPorLater = false; ++ static { ++ if (FontManager.isWindows && !FontManager.useT2K && ++ !GraphicsEnvironment.isHeadless()) { ++ isXPorLater = initNative(); ++ } ++ } ++ + FileFontStrike(FileFont fileFont, FontStrikeDesc desc) { + super(fileFont, desc); + this.fileFont = fileFont; +@@ -165,7 +179,7 @@ + * should not segment unless there's another reason to do so. + */ + float ptSize = (float)matrix[3]; // interpreted only when meaningful. +- int iSize = (int)ptSize; ++ int iSize = intPtSize = (int)ptSize; + boolean isSimpleTx = (at.getType() & complexTX) == 0; + segmentedCache = + (numGlyphs > SEGSIZE << 3) || +@@ -189,8 +203,26 @@ + FontManager.deRegisterBadFont(fileFont); + return; + } +- +- if (fileFont.checkUseNatives() && desc.aaHint==0 && !algoStyle) { ++ /* First, see if native code should be used to create the glyph. ++ * GDI will return the integer metrics, not fractional metrics, which ++ * may be requested for this strike, so we would require here that : ++ * desc.fmHint != INTVAL_FRACTIONALMETRICS_ON ++ * except that the advance returned by GDI is always overwritten by ++ * the JDK rasteriser supplied one (see getGlyphImageFromWindows()). ++ */ ++ if (FontManager.isWindows && isXPorLater && ++ !FontManager.useT2K && ++ !GraphicsEnvironment.isHeadless() && ++ !fileFont.useJavaRasterizer && ++ (desc.aaHint == INTVAL_TEXT_ANTIALIAS_LCD_HRGB || ++ desc.aaHint == INTVAL_TEXT_ANTIALIAS_LCD_HBGR) && ++ (matrix[1] == 0.0 && matrix[2] == 0.0 && ++ matrix[0] == matrix[3] && ++ matrix[0] >= 3.0 && matrix[0] <= 100.0) && ++ !((TrueTypeFont)fileFont).useEmbeddedBitmapsForSize(intPtSize)) { ++ useNatives = true; ++ } ++ else if (fileFont.checkUseNatives() && desc.aaHint==0 && !algoStyle) { + /* Check its a simple scale of a pt size in the range + * where native bitmaps typically exist (6-36 pts) */ + if (matrix[1] == 0.0 && matrix[2] == 0.0 && +@@ -208,7 +240,16 @@ + } + } + } +- ++ if (FontManager.logging && FontManager.isWindows) { ++ FontManager.logger.info ++ ("Strike for " + fileFont + " at size = " + intPtSize + ++ " use natives = " + useNatives + ++ " useJavaRasteriser = " + fileFont.useJavaRasterizer + ++ " AAHint = " + desc.aaHint + ++ " Has Embedded bitmaps = " + ++ ((TrueTypeFont)fileFont). ++ useEmbeddedBitmapsForSize(intPtSize)); ++ } + this.disposer = new FontStrikeDisposer(fileFont, desc, pScalerContext); + + /* Always get the image and the advance together for smaller sizes +@@ -250,8 +291,50 @@ + return fileFont.getNumGlyphs(); + } + +- /* Try the native strikes first, then try the fileFont strike */ + long getGlyphImageFromNative(int glyphCode) { ++ if (FontManager.isWindows) { ++ return getGlyphImageFromWindows(glyphCode); ++ } else { ++ return getGlyphImageFromX11(glyphCode); ++ } ++ } ++ ++ /* There's no global state conflicts, so this method is not ++ * presently synchronized. ++ */ ++ private native long _getGlyphImageFromWindows(String family, ++ int style, ++ int size, ++ int glyphCode, ++ boolean fracMetrics); ++ ++ long getGlyphImageFromWindows(int glyphCode) { ++ String family = fileFont.getFamilyName(null); ++ int style = desc.style & Font.BOLD | desc.style & Font.ITALIC ++ | fileFont.getStyle(); ++ int size = intPtSize; ++ long ptr = _getGlyphImageFromWindows ++ (family, style, size, glyphCode, ++ desc.fmHint == INTVAL_FRACTIONALMETRICS_ON); ++ if (ptr != 0) { ++ /* Get the advance from the JDK rasterizer. This is mostly ++ * necessary for the fractional metrics case, but there are ++ * also some very small number (<0.25%) of marginal cases where ++ * there is some rounding difference between windows and JDK. ++ * After these are resolved, we can restrict this extra ++ * work to the FM case. ++ */ ++ float advance = getGlyphAdvance(glyphCode, false); ++ StrikeCache.unsafe.putFloat(ptr + StrikeCache.xAdvanceOffset, ++ advance); ++ return ptr; ++ } else { ++ return fileFont.getGlyphImage(pScalerContext, glyphCode); ++ } ++ } ++ ++ /* Try the native strikes first, then try the fileFont strike */ ++ long getGlyphImageFromX11(int glyphCode) { + long glyphPtr; + char charCode = fileFont.glyphToCharMap[glyphCode]; + for (int i=0;i= INVISIBLE_GLYPHS) { + return StrikeCache.invisibleGlyphPtr; + } +- long glyphPtr; ++ long glyphPtr = 0L; + if ((glyphPtr = getCachedGlyphPtr(glyphCode)) != 0L) { + return glyphPtr; + } else { + if (useNatives) { + glyphPtr = getGlyphImageFromNative(glyphCode); +- } else { ++ if (glyphPtr == 0L && FontManager.logging) { ++ FontManager.logger.info ++ ("Strike for " + fileFont + ++ " at size = " + intPtSize + ++ " couldn't get native glyph for code = " + glyphCode); ++ } ++ } if (glyphPtr == 0L) { + glyphPtr = fileFont.getGlyphImage(pScalerContext, + glyphCode); + } +@@ -295,10 +384,10 @@ + } else if ((images[i] = getCachedGlyphPtr(glyphCode)) != 0L) { + continue; + } else { +- long glyphPtr; ++ long glyphPtr = 0L; + if (useNatives) { + glyphPtr = getGlyphImageFromNative(glyphCode); +- } else { ++ } if (glyphPtr == 0L) { + glyphPtr = fileFont.getGlyphImage(pScalerContext, + glyphCode); + } +@@ -327,10 +416,11 @@ + } else if ((images[i] = getCachedGlyphPtr(glyphCode)) != 0L) { + continue; + } else { +- long glyphPtr; ++ long glyphPtr = 0L; + if (useNatives) { + glyphPtr = getGlyphImageFromNative(glyphCode); +- } else { ++ } ++ if (glyphPtr == 0L) { + glyphPtr = fileFont.getGlyphImage(pScalerContext, + glyphCode); + } +@@ -454,11 +544,16 @@ + } + } + ++ float getGlyphAdvance(int glyphCode) { ++ return getGlyphAdvance(glyphCode, true); ++ } ++ + /* Metrics info is always retrieved. If the GlyphInfo address is non-zero + * then metrics info there is valid and can just be copied. +- * This is in user space coordinates. ++ * This is in user space coordinates unless getUserAdv == false. ++ * Device space advance should not be propagated out of this class. + */ +- float getGlyphAdvance(int glyphCode) { ++ private float getGlyphAdvance(int glyphCode, boolean getUserAdv) { + float advance; + + if (glyphCode >= INVISIBLE_GLYPHS) { +@@ -480,11 +575,11 @@ + } + } + +- if (invertDevTx != null) { ++ if (invertDevTx != null || !getUserAdv) { + /* If there is a device transform need x & y advance to + * transform back into user space. + */ +- advance = getGlyphMetrics(glyphCode).x; ++ advance = getGlyphMetrics(glyphCode, getUserAdv).x; + } else { + long glyphPtr; + if (getImageWithAdvance) { +@@ -620,6 +715,10 @@ + } + + Point2D.Float getGlyphMetrics(int glyphCode) { ++ return getGlyphMetrics(glyphCode, true); ++ } ++ ++ private Point2D.Float getGlyphMetrics(int glyphCode, boolean getUserAdv) { + Point2D.Float metrics = new Point2D.Float(); + + // !!! or do we force sgv user glyphs? +@@ -627,7 +726,7 @@ + return metrics; + } + long glyphPtr; +- if (getImageWithAdvance) { ++ if (getImageWithAdvance && getUserAdv) { + /* A heuristic optimisation says that for most cases its + * worthwhile retrieving the image at the same time as the + * metrics. So here we get the image data even if its not +@@ -644,9 +743,9 @@ + metrics.y = StrikeCache.unsafe.getFloat + (glyphPtr + StrikeCache.yAdvanceOffset); + /* advance is currently in device space, need to convert back +- * into user space. ++ * into user space, unless getUserAdv == false. + * This must not include the translation component. */ +- if (invertDevTx != null) { ++ if (invertDevTx != null && getUserAdv) { + invertDevTx.deltaTransform(metrics, metrics); + } + } else { +@@ -675,9 +774,9 @@ + if (value == null) { + fileFont.getGlyphMetrics(pScalerContext, glyphCode, metrics); + /* advance is currently in device space, need to convert back +- * into user space. ++ * into user space, unless getUserAdv == false. + */ +- if (invertDevTx != null) { ++ if (invertDevTx != null && getUserAdv) { + invertDevTx.deltaTransform(metrics, metrics); + } + value = new Point2D.Float(metrics.x, metrics.y); +diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/FontManager.java openjdk/jdk/src/share/classes/sun/font/FontManager.java +--- openjdk.orig/jdk/src/share/classes/sun/font/FontManager.java 2013-06-21 19:10:08.631992692 -0500 ++++ openjdk/jdk/src/share/classes/sun/font/FontManager.java 2013-06-21 19:11:05.273031593 -0500 +@@ -245,9 +245,11 @@ + osName = System.getProperty("os.name", "unknownOS"); + isSolaris = osName.startsWith("SunOS"); + +- if (isSolaris) { +- String t2kStr= System.getProperty("sun.java2d.font.scaler"); ++ String t2kStr = System.getProperty("sun.java2d.font.scaler"); ++ if (t2kStr != null) { + useT2K = "t2k".equals(t2kStr); ++ } ++ if (isSolaris) { + String version = System.getProperty("os.version", "unk"); + isSolaris8 = version.equals("5.8"); + isSolaris9 = version.equals("5.9"); +diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/TrueTypeFont.java openjdk/jdk/src/share/classes/sun/font/TrueTypeFont.java +--- openjdk.orig/jdk/src/share/classes/sun/font/TrueTypeFont.java 2011-11-14 16:11:59.000000000 -0600 ++++ openjdk/jdk/src/share/classes/sun/font/TrueTypeFont.java 2013-06-21 19:11:05.274031593 -0500 +@@ -905,6 +905,31 @@ + return null; + } + ++ /* Used to determine if this size has embedded bitmaps, which ++ * for CJK fonts should be used in preference to LCD glyphs. ++ */ ++ boolean useEmbeddedBitmapsForSize(int ptSize) { ++ if (!supportsCJK) { ++ return false; ++ } ++ if (getDirectoryEntry(EBLCTag) == null) { ++ return false; ++ } ++ ByteBuffer eblcTable = getTableBuffer(EBLCTag); ++ int numSizes = eblcTable.getInt(4); ++ /* The bitmapSizeTable's start at offset of 8. ++ * Each bitmapSizeTable entry is 48 bytes. ++ * The offset of ppemY in the entry is 45. ++ */ ++ for (int i=0;i ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include "fontscalerdefs.h" ++ ++/* Some of these are also defined in awtmsg.h but I don't want a dependency ++ * on that here. They are needed here - and in awtmsg.h - until we ++ * move up our build to define WIN32_WINNT >= 0x501 (ie XP), since MS ++ * headers will not define them otherwise. ++ */ ++#ifndef SPI_GETFONTSMOOTHINGTYPE ++#define SPI_GETFONTSMOOTHINGTYPE 0x200A ++#endif //SPI_GETFONTSMOOTHINGTYPE ++ ++#ifndef SPI_GETFONTSMOOTHINGCONTRAST ++#define SPI_GETFONTSMOOTHINGCONTRAST 0x200C ++#endif //SPI_GETFONTSMOOTHINGCONTRAST ++ ++#ifndef SPI_GETFONTSMOOTHINGORIENTATION ++#define SPI_GETFONTSMOOTHINGORIENTATION 0x2012 ++#endif //SPI_GETFONTSMOOTHINGORIENTATION ++ ++#ifndef FE_FONTSMOOTHINGORIENTATIONBGR ++#define FE_FONTSMOOTHINGORIENTATIONBGR 0x0000 ++#endif //FE_FONTSMOOTHINGORIENTATIONBGR ++ ++#ifndef FE_FONTSMOOTHINGORIENTATIONRGB ++#define FE_FONTSMOOTHINGORIENTATIONRGB 0x0001 ++#endif //FE_FONTSMOOTHINGORIENTATIONRGB ++ ++#define MIN_GAMMA 100 ++#define MAX_GAMMA 220 ++#define LCDLUTCOUNT (MAX_GAMMA-MIN_GAMMA+1) ++ ++static unsigned char* igLUTable[LCDLUTCOUNT]; ++ ++static unsigned char* getIGTable(int gamma) { ++ int i, index; ++ double ig; ++ char *igTable; ++ ++ if (gamma < MIN_GAMMA) { ++ gamma = MIN_GAMMA; ++ } else if (gamma > MAX_GAMMA) { ++ gamma = MAX_GAMMA; ++ } ++ ++ index = gamma - MIN_GAMMA; ++ ++ if (igLUTable[index] != NULL) { ++ return igLUTable[index]; ++ } ++ igTable = (unsigned char*)malloc(256); ++ if (igTable == NULL) { ++ return NULL; ++ } ++ igTable[0] = 0; ++ igTable[255] = 255; ++ ig = ((double)gamma)/100.0; ++ ++ for (i=1;i<255;i++) { ++ igTable[i] = (unsigned char)(pow(((double)i)/255.0, ig)*255); ++ } ++ igLUTable[index] = igTable; ++ return igTable; ++} ++ ++ ++JNIEXPORT jboolean JNICALL ++ Java_sun_font_FileFontStrike_initNative(JNIEnv *env, jclass unused) { ++ ++ DWORD osVersion = GetVersion(); ++ DWORD majorVersion = (DWORD)(LOBYTE(LOWORD(osVersion))); ++ DWORD minorVersion = (DWORD)(HIBYTE(LOWORD(osVersion))); ++ ++ /* Need at least XP which is 5.1 */ ++ if (majorVersion < 5 || (majorVersion == 5 && minorVersion < 1)) { ++ return JNI_FALSE; ++ } ++ ++ memset(igLUTable, 0, LCDLUTCOUNT); ++ ++ return JNI_TRUE; ++} ++ ++#ifndef CLEARTYPE_QUALITY ++#define CLEARTYPE_QUALITY 5 ++#endif ++ ++#ifndef CLEARTYPE_NATURAL_QUALITY ++#define CLEARTYPE_NATURAL_QUALITY 6 ++#endif ++ ++#define FREE_AND_RETURN \ ++ if (hDesktopDC != 0 && hWnd != 0) { \ ++ ReleaseDC(hWnd, hDesktopDC); \ ++ }\ ++ if (hMemoryDC != 0) { \ ++ DeleteObject(hMemoryDC); \ ++ } \ ++ if (hBitmap != 0) { \ ++ DeleteObject(hBitmap); \ ++ } \ ++ if (dibImage != NULL) { \ ++ free(dibImage); \ ++ } \ ++ if (glyphInfo != NULL) { \ ++ free(glyphInfo); \ ++ } \ ++ return (jlong)0; ++/* end define */ ++ ++JNIEXPORT jlong JNICALL ++Java_sun_font_FileFontStrike__1getGlyphImageFromWindows ++(JNIEnv *env, jobject unused, ++ jstring fontFamily, jint style, jint size, jint glyphCode, jboolean fm) { ++ ++ GLYPHMETRICS glyphMetrics; ++ LOGFONTW lf; ++ BITMAPINFO bmi; ++ TEXTMETRIC textMetric; ++ RECT rect; ++ int bytesWidth, dibBytesWidth, extra, imageSize, dibImageSize; ++ unsigned char* dibImage = NULL, *rowPtr, *pixelPtr, *dibPixPtr, *dibRowPtr; ++ unsigned char r,g,b; ++ unsigned char* igTable; ++ GlyphInfo* glyphInfo = NULL; ++ int nameLen; ++ LPWSTR name; ++ HFONT oldFont, hFont; ++ MAT2 mat2; ++ ++ unsigned short width; ++ unsigned short height; ++ short advanceX; ++ short advanceY; ++ int topLeftX; ++ int topLeftY; ++ int err; ++ int bmWidth, bmHeight; ++ int x, y; ++ HBITMAP hBitmap = NULL, hOrigBM; ++ int gamma, orient; ++ ++ HWND hWnd = NULL; ++ HDC hDesktopDC = NULL; ++ HDC hMemoryDC = NULL; ++ ++ hWnd = GetDesktopWindow(); ++ hDesktopDC = GetWindowDC(hWnd); ++ if (hDesktopDC == NULL) { ++ return (jlong)0; ++ } ++ if (GetDeviceCaps(hDesktopDC, BITSPIXEL) < 15) { ++ FREE_AND_RETURN; ++ } ++ ++ hMemoryDC = CreateCompatibleDC(hDesktopDC); ++ if (hMemoryDC == NULL || fontFamily == NULL) { ++ FREE_AND_RETURN; ++ } ++ err = SetMapMode(hMemoryDC, MM_TEXT); ++ if (err == 0) { ++ FREE_AND_RETURN; ++ } ++ ++ memset(&lf, 0, sizeof(LOGFONTW)); ++ lf.lfHeight = -size; ++ lf.lfWeight = (style & 1) ? FW_BOLD : FW_NORMAL; ++ lf.lfItalic = (style & 2) ? 0xff : 0; ++ lf.lfCharSet = DEFAULT_CHARSET; ++ lf.lfQuality = CLEARTYPE_QUALITY; ++ lf.lfOutPrecision = OUT_TT_PRECIS; ++ lf.lfClipPrecision = CLIP_DEFAULT_PRECIS; ++ lf.lfPitchAndFamily = DEFAULT_PITCH; ++ ++ nameLen = (*env)->GetStringLength(env, fontFamily); ++ name = (LPWSTR)alloca((nameLen+1)*2); ++ if (name == NULL) { ++ FREE_AND_RETURN; ++ } ++ (*env)->GetStringRegion(env, fontFamily, 0, nameLen, name); ++ name[nameLen] = '\0'; ++ ++ if (nameLen < (sizeof(lf.lfFaceName) / sizeof(lf.lfFaceName[0]))) { ++ wcscpy(lf.lfFaceName, name); ++ } else { ++ FREE_AND_RETURN; ++ } ++ ++ hFont = CreateFontIndirectW(&lf); ++ if (hFont == NULL) { ++ FREE_AND_RETURN; ++ } ++ oldFont = SelectObject(hMemoryDC, hFont); ++ ++ memset(&textMetric, 0, sizeof(TEXTMETRIC)); ++ err = GetTextMetrics(hMemoryDC, &textMetric); ++ if (err == 0) { ++ FREE_AND_RETURN; ++ } ++ memset(&glyphMetrics, 0, sizeof(GLYPHMETRICS)); ++ memset(&mat2, 0, sizeof(MAT2)); ++ mat2.eM11.value = 1; mat2.eM22.value = 1; ++ err = GetGlyphOutline(hMemoryDC, glyphCode, ++ GGO_METRICS|GGO_GLYPH_INDEX, ++ &glyphMetrics, ++ 0, NULL, &mat2); ++ if (err == GDI_ERROR) { ++ /* Probably no such glyph - ie the font wasn't the one we expected. */ ++ FREE_AND_RETURN; ++ } ++ ++ width = (unsigned short)glyphMetrics.gmBlackBoxX; ++ height = (unsigned short)glyphMetrics.gmBlackBoxY; ++ ++ /* Don't handle "invisible" glyphs in this code */ ++ if (width <= 0 || height == 0) { ++ FREE_AND_RETURN; ++ } ++ ++ advanceX = glyphMetrics.gmCellIncX; ++ advanceY = glyphMetrics.gmCellIncY; ++ topLeftX = glyphMetrics.gmptGlyphOrigin.x; ++ topLeftY = glyphMetrics.gmptGlyphOrigin.y; ++ ++ /* GetGlyphOutline pre-dates cleartype and I'm not sure that it will ++ * account for all pixels touched by the rendering. Need to widen, ++ * and also adjust by one the x position at which it is rendered. ++ * The extra pixels of width are used as follows : ++ * One extra pixel at the left and the right will be needed to absorb ++ * the pixels that will be touched by filtering by GDI to compensate ++ * for colour fringing. ++ * However there seem to be some cases where GDI renders two extra ++ * pixels to the right, so we add one additional pixel to the right, ++ * and in the code that copies this to the image cache we test for ++ * the (rare) cases when this is touched, and if its not reduce the ++ * stated image width for the blitting loops. ++ * For fractional metrics : ++ * One extra pixel at each end to account for sub-pixel positioning used ++ * when fractional metrics is on in LCD mode. ++ * The pixel at the left is needed so the blitting loop can index into ++ * that a byte at a time to more accurately position the glyph. ++ * The pixel at the right is needed so that when such indexing happens, ++ * the blitting still can use the same width. ++ * Consequently the width that is specified for the glyph is one less ++ * than that of the actual image. ++ * Note that in the FM case as a consequence we need to adjust the ++ * position at which GDI renders, and the declared width of the glyph ++ * See the if (fm) {} cases in the code. ++ * For the non-FM case, we not only save 3 bytes per row, but this ++ * prevents apparent glyph overlapping which affects the rendering ++ * performance of accelerated pipelines since it adds additional ++ * read-back requirements. ++ */ ++ width+=3; ++ if (fm) { ++ width+=1; ++ } ++ /* DIB scanline must end on a DWORD boundary. We specify 3 bytes per pixel, ++ * so must round up as needed to a multiple of 4 bytes. ++ */ ++ dibBytesWidth = bytesWidth = width*3; ++ extra = dibBytesWidth % 4; ++ if (extra != 0) { ++ dibBytesWidth += (4-extra); ++ } ++ /* The glyph cache image must be a multiple of 3 bytes wide. */ ++ extra = bytesWidth % 3; ++ if (extra != 0) { ++ bytesWidth += (3-extra); ++ } ++ bmWidth = width; ++ bmHeight = height; ++ ++ /* Must use desktop DC to create a bitmap of that depth */ ++ hBitmap = CreateCompatibleBitmap(hDesktopDC, bmWidth, bmHeight); ++ if (hBitmap == NULL) { ++ FREE_AND_RETURN; ++ } ++ hOrigBM = (HBITMAP)SelectObject(hMemoryDC, hBitmap); ++ ++ /* Fill in black */ ++ rect.left = 0; ++ rect.top = 0; ++ rect.right = bmWidth; ++ rect.bottom = bmHeight; ++ FillRect(hMemoryDC, (LPRECT)&rect, GetStockObject(BLACK_BRUSH)); ++ ++ /* Set text color to white, background to black. */ ++ SetBkColor(hMemoryDC, RGB(0,0,0)); ++ SetTextColor(hMemoryDC, RGB(255,255,255)); ++ ++ /* adjust rendering position */ ++ x = -topLeftX+1; ++ if (fm) { ++ x += 1; ++ } ++ y = topLeftY - textMetric.tmAscent; ++ err = ExtTextOutW(hMemoryDC, x, y, ETO_GLYPH_INDEX|ETO_OPAQUE, ++ (LPRECT)&rect, (LPCWSTR)&glyphCode, 1, NULL); ++ if (err == 0) { ++ FREE_AND_RETURN; ++ } ++ ++ /* Now get the image into a DIB. ++ * MS docs for GetDIBits says the compatible bitmap must not be ++ * selected into a DC, so restore the original first. ++ */ ++ SelectObject(hMemoryDC, hOrigBM); ++ SelectObject(hMemoryDC, oldFont); ++ DeleteObject(hFont); ++ ++ memset(&bmi, 0, sizeof(BITMAPINFO)); ++ bmi.bmiHeader.biSize = sizeof(bmi.bmiHeader); ++ bmi.bmiHeader.biWidth = width; ++ bmi.bmiHeader.biHeight = -height; ++ bmi.bmiHeader.biPlanes = 1; ++ bmi.bmiHeader.biBitCount = 24; ++ bmi.bmiHeader.biCompression = BI_RGB; ++ ++ dibImageSize = dibBytesWidth*height; ++ dibImage = malloc(dibImageSize); ++ if (dibImage == NULL) { ++ FREE_AND_RETURN; ++ } ++ memset(dibImage, 0, dibImageSize); ++ ++ err = GetDIBits(hMemoryDC, hBitmap, 0, height, dibImage, ++ &bmi, DIB_RGB_COLORS); ++ ++ if (err == 0) { /* GetDIBits failed. */ ++ FREE_AND_RETURN; ++ } ++ ++ err = SystemParametersInfo(SPI_GETFONTSMOOTHINGORIENTATION, 0, &orient, 0); ++ if (err == 0) { ++ FREE_AND_RETURN; ++ } ++ err = SystemParametersInfo(SPI_GETFONTSMOOTHINGCONTRAST, 0, &gamma, 0); ++ if (err == 0) { ++ FREE_AND_RETURN; ++ } ++ igTable = getIGTable(gamma/10); ++ if (igTable == NULL) { ++ FREE_AND_RETURN; ++ } ++ ++ /* Now copy glyph image into a GlyphInfo structure and return it. ++ * NB the xadvance calculated here may be overwritten by the caller. ++ * 1 is subtracted from the bitmap width to get the glyph width, since ++ * that extra "1" was added as padding, so the sub-pixel positioning of ++ * fractional metrics could index into it. ++ */ ++ imageSize = bytesWidth*height; ++ glyphInfo = (GlyphInfo*)malloc(sizeof(GlyphInfo)+imageSize); ++ if (malloc == NULL) { ++ FREE_AND_RETURN; ++ } ++ glyphInfo->cellInfo = NULL; ++ glyphInfo->rowBytes = bytesWidth; ++ glyphInfo->width = width; ++ if (fm) { ++ glyphInfo->width -= 1; // must subtract 1 ++ } ++ glyphInfo->height = height; ++ glyphInfo->advanceX = advanceX; ++ glyphInfo->advanceY = advanceY; ++ glyphInfo->topLeftX = (float)(topLeftX-1); ++ if (fm) { ++ glyphInfo->topLeftX -= 1; ++ } ++ glyphInfo->topLeftY = (float)-topLeftY; ++ glyphInfo->image = (unsigned char*)glyphInfo+sizeof(GlyphInfo); ++ memset(glyphInfo->image, 0, imageSize); ++ ++ /* DIB 24bpp data is always stored in BGR order, but we usually ++ * need this in RGB, so we can't just memcpy and need to swap B and R. ++ * Also need to apply inverse gamma adjustment here. ++ * We re-use the variable "extra" to see if the last pixel is touched ++ * at all. If its not we can reduce the glyph image width. This comes ++ * into play in some cases where GDI touches more pixels than accounted ++ * for by increasing width by two pixels over the B&W image. Whilst ++ * the bytes are in the cache, it doesn't affect rendering performance ++ * of the hardware pipelines. ++ */ ++ extra = 0; ++ if (fm) { ++ extra = 1; // always need it. ++ } ++ dibRowPtr = dibImage; ++ rowPtr = glyphInfo->image; ++ for (y=0;ywidth -= 1; ++ } ++ ++ free(dibImage); ++ ReleaseDC(hWnd, hDesktopDC); ++ DeleteObject(hMemoryDC); ++ DeleteObject(hBitmap); ++ ++ return ptr_to_jlong(glyphInfo); ++} +diff -Nru openjdk.orig/jdk/test/java/awt/Graphics2D/DrawString/ScaledLCDTextMetrics.java openjdk/jdk/test/java/awt/Graphics2D/DrawString/ScaledLCDTextMetrics.java +--- openjdk.orig/jdk/test/java/awt/Graphics2D/DrawString/ScaledLCDTextMetrics.java 1969-12-31 18:00:00.000000000 -0600 ++++ openjdk/jdk/test/java/awt/Graphics2D/DrawString/ScaledLCDTextMetrics.java 2013-06-21 19:11:05.275031593 -0500 +@@ -0,0 +1,82 @@ ++/* ++ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, ++ * CA 95054 USA or visit www.sun.com if you need additional information or ++ * have any questions. ++ */ ++ ++/** ++ * @test ++ * @bug 6685312 ++ * @summary Check advance of LCD text on a scaled graphics. ++ */ ++ ++import javax.swing.*; ++import java.awt.*; ++import static java.awt.RenderingHints.*; ++ ++public class ScaledLCDTextMetrics extends Component { ++ ++ public static void main(String[] args) { ++ JFrame f = new JFrame(); ++ f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); ++ f.add("Center", new ScaledLCDTextMetrics()); ++ f.pack(); ++ f.setVisible(true); ++ } ++ ++ public Dimension getPreferredSize() { ++ return new Dimension(200,100); ++ } ++ public void paint(Graphics g) { ++ Graphics2D g2 = (Graphics2D)g; ++ ++ Font f = new Font("Tahoma", Font.PLAIN, 11); ++ g.setFont(f); ++ g.setColor(Color.white); ++ g.fillRect(0,0,400,300); ++ g.setColor(Color.black); ++ g2.setRenderingHint(KEY_TEXT_ANTIALIASING,VALUE_TEXT_ANTIALIAS_LCD_HRGB); ++ String text = "ABCDEFGHIJKLI"; ++ ++ FontMetrics fm1 = g2.getFontMetrics(); ++ int adv1 = fm1.stringWidth(text); ++ g.drawString(text, 5, 20); ++ ++ g2.scale(2,2); ++ ++ FontMetrics fm2 = g2.getFontMetrics(); ++ int adv2 = fm2.stringWidth(text); ++ g.drawString(text, 5, 40); ++ ++ double frac = Math.abs(adv1/(double)adv2); ++ ++ System.out.println("scalex1: " + adv1); ++ System.out.println("scalex2: " + adv2); ++ System.out.println("Fraction : "+ frac); ++ ++ // adv1 will not be exactly the same as adv2, but should differ ++ // only by a fraction. ++ ++ if (frac < 0.8 || frac > 1.2) { ++ throw new RuntimeException("Metrics differ " + ++ "Adv1="+adv1+" Adv2="+adv2+" Fraction="+frac); ++ } ++ } ++} diff -r 36d69d052be1 -r 08ce3247b5b0 patches/openjdk/6764553-IdResolver_is_not_thread_safe.patch --- a/patches/openjdk/6764553-IdResolver_is_not_thread_safe.patch Thu Apr 25 14:14:05 2013 +0100 +++ b/patches/openjdk/6764553-IdResolver_is_not_thread_safe.patch Sat Jun 22 16:38:24 2013 -0500 @@ -29,8 +29,8 @@ } @@ -158,7 +161,10 @@ private static Element getElementByIdType(Document doc, String id) { - if (true) - if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "getElementByIdType() Search for ID " + id); + if (log.isLoggable(java.util.logging.Level.FINE)) + log.log(java.util.logging.Level.FINE, "getElementByIdType() Search for ID " + id); - WeakHashMap elementMap = (WeakHashMap) docMap.get(doc); + WeakHashMap elementMap; + synchronized (docMap) { diff -r 36d69d052be1 -r 08ce3247b5b0 patches/openjdk/6786028-wcag_bold_tags.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/6786028-wcag_bold_tags.patch Sat Jun 22 16:38:24 2013 -0500 @@ -0,0 +1,2914 @@ +# HG changeset patch +# User bpatel +# Date 1231460819 28800 +# Node ID a50f3556d6954decf0897aa984c8ba43def77b9e +# Parent 4ab5d66aaf2b9e5c09ab54748f6e2615b7818b12 +6786028: Javadoc HTML WCAG 2.0 accessibility issues in standard doclet - Bold tags should be strong +Reviewed-by: jjg + +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AbstractExecutableMemberWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/AbstractExecutableMemberWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractExecutableMemberWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractExecutableMemberWriter.java +@@ -71,7 +71,7 @@ + member.position().line() != classdoc.position().line()) { + writer.printSrcLink(member, member.name()); + } else { +- bold(member.name()); ++ strong(member.name()); + } + writeParameters(member); + writeExceptions(member); +@@ -87,10 +87,10 @@ + protected void writeSummaryLink(int context, ClassDoc cd, ProgramElementDoc member) { + ExecutableMemberDoc emd = (ExecutableMemberDoc)member; + String name = emd.name(); +- writer.bold(); ++ writer.strong(); + writer.printDocLink(context, cd, (MemberDoc) emd, + name, false); +- writer.boldEnd(); ++ writer.strongEnd(); + writer.displayLength = name.length(); + writeParameters(emd, false); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AbstractIndexWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/AbstractIndexWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractIndexWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractIndexWriter.java +@@ -78,12 +78,12 @@ + } + + /** +- * Print the text "Index" in bold format in the navigation bar. ++ * Print the text "Index" in strong format in the navigation bar. + */ + protected void navLinkIndex() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.Index"); ++ strongText("doclet.Index"); + fontEnd(); + navCellEnd(); + } +@@ -98,7 +98,7 @@ + protected void generateContents(Character unicode, List memberlist) { + anchor("_" + unicode + "_"); + h2(); +- bold(unicode.toString()); ++ strong(unicode.toString()); + h2End(); + dl(); + for (int i = 0; i < memberlist.size(); i++) { +@@ -195,14 +195,14 @@ + protected void printComment(ProgramElementDoc element) { + Tag[] tags; + if (Util.isDeprecated(element)) { +- boldText("doclet.Deprecated"); space(); ++ strongText("doclet.Deprecated"); space(); + if ((tags = element.tags("deprecated")).length > 0) + printInlineDeprecatedComment(element, tags[0]); + } else { + ClassDoc cont = element.containingClass(); + while (cont != null) { + if (Util.isDeprecated(cont)) { +- boldText("doclet.Deprecated"); space(); ++ strongText("doclet.Deprecated"); space(); + break; + } + cont = cont.containingClass(); +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AbstractMemberWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/AbstractMemberWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractMemberWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractMemberWriter.java +@@ -98,8 +98,8 @@ + writer.displayLength++; + } + +- protected void bold(String str) { +- writer.bold(str); ++ protected void strong(String str) { ++ writer.strong(str); + writer.displayLength += str.length(); + } + +@@ -321,7 +321,7 @@ + if (deprmembers.size() > 0) { + writer.tableIndexSummary(); + writer.tableHeaderStart("#CCCCFF"); +- writer.boldText(headingKey); ++ writer.strongText(headingKey); + writer.tableHeaderEnd(); + for (int i = 0; i < deprmembers.size(); i++) { + ProgramElementDoc member =(ProgramElementDoc)deprmembers.get(i); +@@ -363,7 +363,7 @@ + if (cd != null && !(pgmdoc instanceof ConstructorDoc) + && !(pgmdoc instanceof ClassDoc)) { + // Add class context +- writer.bold(cd.name() + "."); ++ writer.strong(cd.name() + "."); + } + writeSummaryLink( + pgmdoc instanceof ClassDoc ? +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AbstractPackageIndexWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/AbstractPackageIndexWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractPackageIndexWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractPackageIndexWriter.java +@@ -137,13 +137,13 @@ + } + + /** +- * Highlight "Overview" in the bold format, in the navigation bar as this ++ * Highlight "Overview" in the strong format, in the navigation bar as this + * is the overview page. + */ + protected void navLinkContents() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.Overview"); ++ strongText("doclet.Overview"); + fontEnd(); + navCellEnd(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AbstractTreeWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/AbstractTreeWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractTreeWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AbstractTreeWriter.java +@@ -173,7 +173,7 @@ + */ + protected void printPartialInfo(ClassDoc cd) { + li("circle"); +- printPreQualifiedBoldClassLink(LinkInfoImpl.CONTEXT_TREE, cd); ++ printPreQualifiedStrongClassLink(LinkInfoImpl.CONTEXT_TREE, cd); + } + + /** +@@ -193,7 +193,7 @@ + protected void navLinkTree() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.Tree"); ++ strongText("doclet.Tree"); + fontEnd(); + navCellEnd(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AllClassesFrameWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/AllClassesFrameWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AllClassesFrameWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AllClassesFrameWriter.java +@@ -160,7 +160,7 @@ + */ + protected void printAllClassesTableHeader() { + fontSizeStyle("+1", "FrameHeadingFont"); +- boldText("doclet.All_Classes"); ++ strongText("doclet.All_Classes"); + fontEnd(); + br(); + table(); +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeOptionalMemberWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeOptionalMemberWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeOptionalMemberWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeOptionalMemberWriterImpl.java +@@ -65,7 +65,7 @@ + public void writeDefaultValueInfo(MemberDoc member) { + writer.dl(); + writer.dt(); +- writer.bold(ConfigurationImpl.getInstance(). ++ writer.strong(ConfigurationImpl.getInstance(). + getText("doclet.Default")); + writer.dd(); + writer.print(((AnnotationTypeElementDoc) member).defaultValue()); +@@ -84,7 +84,7 @@ + * {@inheritDoc} + */ + public void printSummaryLabel(ClassDoc cd) { +- writer.boldText("doclet.Annotation_Type_Optional_Member_Summary"); ++ writer.strongText("doclet.Annotation_Type_Optional_Member_Summary"); + } + + /** +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeRequiredMemberWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeRequiredMemberWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeRequiredMemberWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeRequiredMemberWriterImpl.java +@@ -131,7 +131,7 @@ + if (configuration().linksource) { + writer.printSrcLink(member, member.name()); + } else { +- bold(member.name()); ++ strong(member.name()); + } + writer.preEnd(); + writer.dl(); +@@ -183,7 +183,7 @@ + * {@inheritDoc} + */ + public void printSummaryLabel(ClassDoc cd) { +- writer.boldText("doclet.Annotation_Type_Required_Member_Summary"); ++ writer.strongText("doclet.Annotation_Type_Required_Member_Summary"); + } + + /** +@@ -210,9 +210,9 @@ + * {@inheritDoc} + */ + protected void writeSummaryLink(int context, ClassDoc cd, ProgramElementDoc member) { +- writer.bold(); ++ writer.strong(); + writer.printDocLink(context, (MemberDoc) member, member.name(), false); +- writer.boldEnd(); ++ writer.strongEnd(); + } + + /** +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/AnnotationTypeWriterImpl.java +@@ -84,7 +84,7 @@ + protected void navLinkClass() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.Class"); ++ strongText("doclet.Class"); + fontEnd(); + navCellEnd(); + } +@@ -176,7 +176,7 @@ + if (configuration().linksource) { + printSrcLink(annotationType, name); + } else { +- bold(name); ++ strong(name); + } + dlEnd(); + preEnd(); +@@ -220,7 +220,7 @@ + hr(); + Tag[] deprs = annotationType.tags("deprecated"); + if (Util.isDeprecated(annotationType)) { +- boldText("doclet.Deprecated"); ++ strongText("doclet.Deprecated"); + if (deprs.length > 0) { + Tag[] commentTags = deprs[0].inlineTags(); + if (commentTags.length > 0) { +@@ -330,9 +330,9 @@ + dl(); + dt(); + if (annotationType.isInterface()) { +- boldText("doclet.Enclosing_Interface"); ++ strongText("doclet.Enclosing_Interface"); + } else { +- boldText("doclet.Enclosing_Class"); ++ strongText("doclet.Enclosing_Class"); + } + dd(); + printLink(new LinkInfoImpl(LinkInfoImpl.CONTEXT_CLASS, outerClass, +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/ClassUseWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/ClassUseWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ClassUseWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ClassUseWriter.java +@@ -394,7 +394,7 @@ + hr(); + center(); + h2(); +- boldText("doclet.ClassUse_Title", cltype, clname); ++ strongText("doclet.ClassUse_Title", cltype, clname); + h2End(); + centerEnd(); + } +@@ -436,7 +436,7 @@ + protected void navLinkClassUse() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.navClassUse"); ++ strongText("doclet.navClassUse"); + fontEnd(); + navCellEnd(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/ClassWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/ClassWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ClassWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ClassWriterImpl.java +@@ -91,7 +91,7 @@ + protected void navLinkClass() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.Class"); ++ strongText("doclet.Class"); + fontEnd(); + navCellEnd(); + } +@@ -185,7 +185,7 @@ + if (configuration().linksource) { + printSrcLink(classDoc, name); + } else { +- bold(name); ++ strong(name); + } + if (!isInterface) { + Type superclass = Util.getFirstVisibleSuperClass(classDoc, +@@ -258,7 +258,7 @@ + hr(); + Tag[] deprs = classDoc.tags("deprecated"); + if (Util.isDeprecated(classDoc)) { +- boldText("doclet.Deprecated"); ++ strongText("doclet.Deprecated"); + if (deprs.length > 0) { + Tag[] commentTags = deprs[0].inlineTags(); + if (commentTags.length > 0) { +@@ -307,9 +307,9 @@ + classDoc, false)); + if (configuration.shouldExcludeQualifier( + classDoc.containingPackage().name())) { +- bold(type.asClassDoc().name() + typeParameters); ++ strong(type.asClassDoc().name() + typeParameters); + } else { +- bold(type.asClassDoc().qualifiedName() + typeParameters); ++ strong(type.asClassDoc().qualifiedName() + typeParameters); + } + } else { + print(getLink(new LinkInfoImpl(LinkInfoImpl.CONTEXT_CLASS_TREE_PARENT, +@@ -359,7 +359,7 @@ + if (subclasses.size() > 0) { + dl(); + dt(); +- boldText("doclet.Subclasses"); ++ strongText("doclet.Subclasses"); + writeClassLinks(LinkInfoImpl.CONTEXT_SUBCLASSES, + subclasses); + } +@@ -375,7 +375,7 @@ + if (subInterfaces.size() > 0) { + dl(); + dt(); +- boldText("doclet.Subinterfaces"); ++ strongText("doclet.Subinterfaces"); + writeClassLinks(LinkInfoImpl.CONTEXT_SUBINTERFACES, + subInterfaces); + } +@@ -397,7 +397,7 @@ + if (implcl.size() > 0) { + dl(); + dt(); +- boldText("doclet.Implementing_Classes"); ++ strongText("doclet.Implementing_Classes"); + writeClassLinks(LinkInfoImpl.CONTEXT_IMPLEMENTED_CLASSES, + implcl); + } +@@ -413,7 +413,7 @@ + if (classDoc.isClass() && interfaceArray.size() > 0) { + dl(); + dt(); +- boldText("doclet.All_Implemented_Interfaces"); ++ strongText("doclet.All_Implemented_Interfaces"); + writeClassLinks(LinkInfoImpl.CONTEXT_IMPLEMENTED_INTERFACES, + interfaceArray); + } +@@ -429,7 +429,7 @@ + if (classDoc.isInterface() && interfaceArray.size() > 0) { + dl(); + dt(); +- boldText("doclet.All_Superinterfaces"); ++ strongText("doclet.All_Superinterfaces"); + writeClassLinks(LinkInfoImpl.CONTEXT_SUPER_INTERFACES, + interfaceArray); + } +@@ -570,9 +570,9 @@ + dl(); + dt(); + if (outerClass.isInterface()) { +- boldText("doclet.Enclosing_Interface"); ++ strongText("doclet.Enclosing_Interface"); + } else { +- boldText("doclet.Enclosing_Class"); ++ strongText("doclet.Enclosing_Class"); + } + dd(); + printLink(new LinkInfoImpl(LinkInfoImpl.CONTEXT_CLASS, outerClass, +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/ConstantsSummaryWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/ConstantsSummaryWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ConstantsSummaryWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ConstantsSummaryWriterImpl.java +@@ -92,7 +92,7 @@ + * {@inheritDoc} + */ + public void writeContentsHeader() { +- bold(configuration.getText("doclet.Contents")); ++ strong(configuration.getText("doclet.Contents")); + ul(); + } + +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/ConstructorWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/ConstructorWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ConstructorWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/ConstructorWriterImpl.java +@@ -144,7 +144,7 @@ + if (configuration().linksource) { + writer.printSrcLink(constructor, constructor.name()); + } else { +- bold(constructor.name()); ++ strong(constructor.name()); + } + writeParameters(constructor); + writeExceptions(constructor); +@@ -220,7 +220,7 @@ + } + + public void printSummaryLabel(ClassDoc cd) { +- writer.boldText("doclet.Constructor_Summary"); ++ writer.strongText("doclet.Constructor_Summary"); + } + + public void printSummaryAnchor(ClassDoc cd) { +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/DeprecatedListWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/DeprecatedListWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/DeprecatedListWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/DeprecatedListWriter.java +@@ -111,7 +111,7 @@ + throws IOException { + writeHeader(); + +- bold(configuration.getText("doclet.Contents")); ++ strong(configuration.getText("doclet.Contents")); + ul(); + for (int i = 0; i < DeprecatedAPIListBuilder.NUM_TYPES; i++) { + writeIndexLink(deprapi, i); +@@ -156,7 +156,7 @@ + hr(); + center(); + h2(); +- boldText("doclet.Deprecated_API"); ++ strongText("doclet.Deprecated_API"); + h2End(); + centerEnd(); + +@@ -180,7 +180,7 @@ + protected void navLinkDeprecated() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.navDeprecated"); ++ strongText("doclet.navDeprecated"); + fontEnd(); + navCellEnd(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/EnumConstantWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/EnumConstantWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/EnumConstantWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/EnumConstantWriterImpl.java +@@ -143,7 +143,7 @@ + if (configuration().linksource) { + writer.printSrcLink(enumConstant, enumConstant.name()); + } else { +- bold(enumConstant.name()); ++ strong(enumConstant.name()); + } + writer.preEnd(); + writer.dl(); +@@ -201,7 +201,7 @@ + } + + public void printSummaryLabel(ClassDoc cd) { +- writer.boldText("doclet.Enum_Constant_Summary"); ++ writer.strongText("doclet.Enum_Constant_Summary"); + } + + public void printSummaryAnchor(ClassDoc cd) { +@@ -216,9 +216,9 @@ + } + + protected void writeSummaryLink(int context, ClassDoc cd, ProgramElementDoc member) { +- writer.bold(); ++ writer.strong(); + writer.printDocLink(context, (MemberDoc) member, member.name(), false); +- writer.boldEnd(); ++ writer.strongEnd(); + } + + protected void writeInheritedSummaryLink(ClassDoc cd, +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/FieldWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/FieldWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/FieldWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/FieldWriterImpl.java +@@ -153,7 +153,7 @@ + if (configuration().linksource) { + writer.printSrcLink(field, field.name()); + } else { +- bold(field.name()); ++ strong(field.name()); + } + writer.preEnd(); + writer.dl(); +@@ -190,7 +190,7 @@ + holder.typeName() : holder.qualifiedTypeName(), + false)); + writer.dd(); +- writer.bold(configuration().getText(holder.isClass()? ++ writer.strong(configuration().getText(holder.isClass()? + "doclet.Description_From_Class" : + "doclet.Description_From_Interface", classlink)); + writer.ddEnd(); +@@ -237,7 +237,7 @@ + } + + public void printSummaryLabel(ClassDoc cd) { +- writer.boldText("doclet.Field_Summary"); ++ writer.strongText("doclet.Field_Summary"); + } + + public void printSummaryAnchor(ClassDoc cd) { +@@ -251,18 +251,18 @@ + public void printInheritedSummaryLabel(ClassDoc cd) { + String classlink = writer.getPreQualifiedClassLink( + LinkInfoImpl.CONTEXT_MEMBER, cd, false); +- writer.bold(); ++ writer.strong(); + String key = cd.isClass()? + "doclet.Fields_Inherited_From_Class" : + "doclet.Fields_Inherited_From_Interface"; + writer.printText(key, classlink); +- writer.boldEnd(); ++ writer.strongEnd(); + } + + protected void writeSummaryLink(int context, ClassDoc cd, ProgramElementDoc member) { +- writer.bold(); ++ writer.strong(); + writer.printDocLink(context, cd , (MemberDoc) member, member.name(), false); +- writer.boldEnd(); ++ writer.strongEnd(); + } + + protected void writeInheritedSummaryLink(ClassDoc cd, +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/HelpWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/HelpWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/HelpWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/HelpWriter.java +@@ -223,7 +223,7 @@ + protected void navLinkHelp() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.Help"); ++ strongText("doclet.Help"); + fontEnd(); + navCellEnd(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/HtmlDocletWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/HtmlDocletWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/HtmlDocletWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/HtmlDocletWriter.java +@@ -183,21 +183,21 @@ + * @param where Position in the file + * @param target Name of the target frame. + * @param label Tag for the link. +- * @param bold Whether the label should be bold or not? ++ * @param strong Whether the label should be strong or not? + */ + public void printNoFramesTargetHyperLink(String link, String where, + String target, String label, +- boolean bold) { ++ boolean strong) { + script(); + println(" "); + scriptEnd(); + noScript(); +- println(" " + getHyperLink(link, where, label, bold, "", "", target)); ++ println(" " + getHyperLink(link, where, label, strong, "", "", target)); + noScriptEnd(); + println(DocletConstants.NL); + } +@@ -958,10 +958,10 @@ + * + * @param pkg the package to link to. + * @param label the label for the link. +- * @param isBold true if the label should be bold. ++ * @param isStrong true if the label should be strong. + */ +- public void printPackageLink(PackageDoc pkg, String label, boolean isBold) { +- print(getPackageLink(pkg, label, isBold)); ++ public void printPackageLink(PackageDoc pkg, String label, boolean isStrong) { ++ print(getPackageLink(pkg, label, isStrong)); + } + + /** +@@ -969,12 +969,12 @@ + * + * @param pkg the package to link to. + * @param label the label for the link. +- * @param isBold true if the label should be bold. ++ * @param isStrong true if the label should be strong. + * @param style the font of the package link label. + */ +- public void printPackageLink(PackageDoc pkg, String label, boolean isBold, ++ public void printPackageLink(PackageDoc pkg, String label, boolean isStrong, + String style) { +- print(getPackageLink(pkg, label, isBold, style)); ++ print(getPackageLink(pkg, label, isStrong, style)); + } + + /** +@@ -982,12 +982,12 @@ + * + * @param pkg the package to link to. + * @param label the label for the link. +- * @param isBold true if the label should be bold. ++ * @param isStrong true if the label should be strong. + * @return the link to the given package. + */ + public String getPackageLink(PackageDoc pkg, String label, +- boolean isBold) { +- return getPackageLink(pkg, label, isBold, ""); ++ boolean isStrong) { ++ return getPackageLink(pkg, label, isStrong, ""); + } + + /** +@@ -995,11 +995,11 @@ + * + * @param pkg the package to link to. + * @param label the label for the link. +- * @param isBold true if the label should be bold. ++ * @param isStrong true if the label should be strong. + * @param style the font of the package link label. + * @return the link to the given package. + */ +- public String getPackageLink(PackageDoc pkg, String label, boolean isBold, ++ public String getPackageLink(PackageDoc pkg, String label, boolean isStrong, + String style) { + boolean included = pkg != null && pkg.isIncluded(); + if (! included) { +@@ -1013,11 +1013,11 @@ + } + if (included || pkg == null) { + return getHyperLink(pathString(pkg, "package-summary.html"), +- "", label, isBold, style); ++ "", label, isStrong, style); + } else { + String crossPkgLink = getCrossPackageLink(Util.getPackageName(pkg)); + if (crossPkgLink != null) { +- return getHyperLink(crossPkgLink, "", label, isBold, style); ++ return getHyperLink(crossPkgLink, "", label, isStrong, style); + } else { + return label; + } +@@ -1087,12 +1087,12 @@ + * @param refMemName the name of the member being referenced. This should + * be null or empty string if no member is being referenced. + * @param label the label for the external link. +- * @param bold true if the link should be bold. ++ * @param strong true if the link should be strong. + * @param style the style of the link. + * @param code true if the label should be code font. + */ + public String getCrossClassLink(String qualifiedClassName, String refMemName, +- String label, boolean bold, String style, ++ String label, boolean strong, String style, + boolean code) { + String className = "", + packageName = qualifiedClassName == null ? "" : qualifiedClassName; +@@ -1113,7 +1113,7 @@ + className + ".html?is-external=true"), + refMemName == null ? "" : refMemName, + label == null || label.length() == 0 ? defaultLabel : label, +- bold, style, ++ strong, style, + configuration.getText("doclet.Href_Class_Or_Interface_Title", packageName), + ""); + } +@@ -1152,26 +1152,26 @@ + * link label. + * + * @param cd the class to link to. +- * @param isBold true if the link should be bold. ++ * @param isStrong true if the link should be strong. + * @return the link with the package portion of the label in plain text. + */ + public String getPreQualifiedClassLink(int context, +- ClassDoc cd, boolean isBold) { ++ ClassDoc cd, boolean isStrong) { + String classlink = ""; + PackageDoc pd = cd.containingPackage(); + if(pd != null && ! configuration.shouldExcludeQualifier(pd.name())) { + classlink = getPkgName(cd); + } +- classlink += getLink(new LinkInfoImpl(context, cd, cd.name(), isBold)); ++ classlink += getLink(new LinkInfoImpl(context, cd, cd.name(), isStrong)); + return classlink; + } + + + /** +- * Print Class link, with only class name as the bold link and prefixing ++ * Print Class link, with only class name as the strong link and prefixing + * plain package name. + */ +- public void printPreQualifiedBoldClassLink(int context, ClassDoc cd) { ++ public void printPreQualifiedStrongClassLink(int context, ClassDoc cd) { + print(getPreQualifiedClassLink(context, cd, true)); + } + +@@ -1187,16 +1187,16 @@ + print(configuration.getText(key, a1, a2)); + } + +- public void boldText(String key) { +- bold(configuration.getText(key)); ++ public void strongText(String key) { ++ strong(configuration.getText(key)); + } + +- public void boldText(String key, String a1) { +- bold(configuration.getText(key, a1)); ++ public void strongText(String key, String a1) { ++ strong(configuration.getText(key, a1)); + } + +- public void boldText(String key, String a1, String a2) { +- bold(configuration.getText(key, a1, a2)); ++ public void strongText(String key, String a1, String a2) { ++ strong(configuration.getText(key, a1, a2)); + } + + /** +@@ -1205,11 +1205,11 @@ + * @param context the id of the context where the link will be printed. + * @param doc the member being linked to. + * @param label the label for the link. +- * @param bold true if the link should be bold. ++ * @param strong true if the link should be strong. + */ + public void printDocLink(int context, MemberDoc doc, String label, +- boolean bold) { +- print(getDocLink(context, doc, label, bold)); ++ boolean strong) { ++ print(getDocLink(context, doc, label, strong)); + } + + /** +@@ -1221,11 +1221,11 @@ + * inheriting comments. + * @param doc the member being linked to. + * @param label the label for the link. +- * @param bold true if the link should be bold. ++ * @param strong true if the link should be strong. + */ + public void printDocLink(int context, ClassDoc classDoc, MemberDoc doc, +- String label, boolean bold) { +- print(getDocLink(context, classDoc, doc, label, bold)); ++ String label, boolean strong) { ++ print(getDocLink(context, classDoc, doc, label, strong)); + } + + /** +@@ -1234,12 +1234,12 @@ + * @param context the id of the context where the link will be printed. + * @param doc the member being linked to. + * @param label the label for the link. +- * @param bold true if the link should be bold. ++ * @param strong true if the link should be strong. + * @return the link for the given member. + */ + public String getDocLink(int context, MemberDoc doc, String label, +- boolean bold) { +- return getDocLink(context, doc.containingClass(), doc, label, bold); ++ boolean strong) { ++ return getDocLink(context, doc.containingClass(), doc, label, strong); + } + + /** +@@ -1251,21 +1251,21 @@ + * inheriting comments. + * @param doc the member being linked to. + * @param label the label for the link. +- * @param bold true if the link should be bold. ++ * @param strong true if the link should be strong. + * @return the link for the given member. + */ + public String getDocLink(int context, ClassDoc classDoc, MemberDoc doc, +- String label, boolean bold) { ++ String label, boolean strong) { + if (! (doc.isIncluded() || + Util.isLinkable(classDoc, configuration()))) { + return label; + } else if (doc instanceof ExecutableMemberDoc) { + ExecutableMemberDoc emd = (ExecutableMemberDoc)doc; + return getLink(new LinkInfoImpl(context, classDoc, +- getAnchor(emd), label, bold)); ++ getAnchor(emd), label, strong)); + } else if (doc instanceof MemberDoc) { + return getLink(new LinkInfoImpl(context, classDoc, +- doc.name(), label, bold)); ++ doc.name(), label, strong)); + } else { + return label; + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/HtmlSerialFieldWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/HtmlSerialFieldWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/HtmlSerialFieldWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/HtmlSerialFieldWriter.java +@@ -100,7 +100,7 @@ + fieldType)); + } + print(fieldDimensions + ' '); +- bold(fieldName); ++ strong(fieldName); + writer.preEnd(); + writer.dl(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/LinkFactoryImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/LinkFactoryImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/LinkFactoryImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/LinkFactoryImpl.java +@@ -81,7 +81,7 @@ + !(linkInfo.classDoc.name() + ".html").equals(m_writer.filename)) { + linkOutput.append(m_writer.getHyperLink(filename, + classLinkInfo.where, label.toString(), +- classLinkInfo.isBold, classLinkInfo.styleName, ++ classLinkInfo.isStrong, classLinkInfo.styleName, + title, classLinkInfo.target)); + if (noLabel && !classLinkInfo.excludeTypeParameterLinks) { + linkOutput.append(getTypeParameterLinks(linkInfo).toString()); +@@ -92,7 +92,7 @@ + } else { + String crossLink = m_writer.getCrossClassLink( + classDoc.qualifiedName(), classLinkInfo.where, +- label.toString(), classLinkInfo.isBold, classLinkInfo.styleName, ++ label.toString(), classLinkInfo.isStrong, classLinkInfo.styleName, + true); + if (crossLink != null) { + linkOutput.append(crossLink); +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/LinkInfoImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/LinkInfoImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/LinkInfoImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/LinkInfoImpl.java +@@ -235,15 +235,15 @@ + * @param classDoc the class to link to. + * @param where the value of the marker #. + * @param label the label for the link. +- * @param isBold true if the link should be bold. ++ * @param isStrong true if the link should be strong. + * @param styleName String style of text defined in style sheet. + */ + public LinkInfoImpl (int context, ClassDoc classDoc, String where, String label, +- boolean isBold, String styleName){ ++ boolean isStrong, String styleName){ + this.classDoc = classDoc; + this.where = where; + this.label = label; +- this.isBold = isBold; ++ this.isStrong = isStrong; + this.styleName = styleName; + setContext(context); + } +@@ -255,14 +255,14 @@ + * @param classDoc the class to link to. + * @param where the value of the marker #. + * @param label the label for the link. +- * @param isBold true if the link should be bold. ++ * @param isStrong true if the link should be strong. + */ + public LinkInfoImpl (int context, ClassDoc classDoc, String where, String label, +- boolean isBold){ ++ boolean isStrong){ + this.classDoc = classDoc; + this.where = where; + this.label = label; +- this.isBold = isBold; ++ this.isStrong = isStrong; + setContext(context); + } + +@@ -283,12 +283,12 @@ + * + * @param context the context of the link. + * @param executableMemberDoc the member to link to. +- * @param isBold true if the link should be bold. ++ * @param isStrong true if the link should be strong. + */ + public LinkInfoImpl (int context, ExecutableMemberDoc executableMemberDoc, +- boolean isBold){ ++ boolean isStrong){ + this.executableMemberDoc = executableMemberDoc; +- this.isBold = isBold; ++ this.isStrong = isStrong; + setContext(context); + } + +@@ -297,11 +297,11 @@ + * + * @param context the context of the link. + * @param classDoc the class to link to. +- * @param isBold true if the link should be bold. ++ * @param isStrong true if the link should be strong. + */ +- public LinkInfoImpl (int context, ClassDoc classDoc, boolean isBold){ ++ public LinkInfoImpl (int context, ClassDoc classDoc, boolean isStrong){ + this.classDoc = classDoc; +- this.isBold = isBold; ++ this.isStrong = isStrong; + setContext(context); + } + +@@ -335,13 +335,13 @@ + * @param context the context of the link. + * @param type the class to link to. + * @param label the label for the link. +- * @param isBold true if the link should be bold. ++ * @param isStrong true if the link should be strong. + */ + public LinkInfoImpl (int context, Type type, String label, +- boolean isBold){ ++ boolean isStrong){ + this.type = type; + this.label = label; +- this.isBold = isBold; ++ this.isStrong = isStrong; + setContext(context); + } + +@@ -351,13 +351,13 @@ + * @param context the context of the link. + * @param classDoc the class to link to. + * @param label the label for the link. +- * @param isBold true if the link should be bold. ++ * @param isStrong true if the link should be strong. + */ + public LinkInfoImpl (int context, ClassDoc classDoc, String label, +- boolean isBold){ ++ boolean isStrong){ + this.classDoc = classDoc; + this.label = label; +- this.isBold = isBold; ++ this.isStrong = isStrong; + setContext(context); + } + +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/MethodWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/MethodWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/MethodWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/MethodWriterImpl.java +@@ -167,7 +167,7 @@ + if (configuration().linksource) { + writer.printSrcLink(method, method.name()); + } else { +- bold(method.name()); ++ strong(method.name()); + } + writeParameters(method); + writeExceptions(method); +@@ -210,7 +210,7 @@ + holder.typeName() : holder.qualifiedTypeName(), + false)); + writer.dd(); +- writer.boldText(holder.asClassDoc().isClass()? ++ writer.strongText(holder.asClassDoc().isClass()? + "doclet.Description_From_Class": + "doclet.Description_From_Interface", + classlink); +@@ -259,7 +259,7 @@ + } + + public void printSummaryLabel(ClassDoc cd) { +- writer.boldText("doclet.Method_Summary"); ++ writer.strongText("doclet.Method_Summary"); + } + + public void printSummaryAnchor(ClassDoc cd) { +@@ -274,12 +274,12 @@ + public void printInheritedSummaryLabel(ClassDoc cd) { + String classlink = writer.getPreQualifiedClassLink( + LinkInfoImpl.CONTEXT_MEMBER, cd, false); +- writer.bold(); ++ writer.strong(); + String key = cd.isClass()? + "doclet.Methods_Inherited_From_Class" : + "doclet.Methods_Inherited_From_Interface"; + writer.printText(key, classlink); +- writer.boldEnd(); ++ writer.strongEnd(); + } + + protected void printSummaryType(ProgramElementDoc member) { +@@ -317,7 +317,7 @@ + writer.getLink(new LinkInfoImpl(context, overriddenType))); + String name = method.name(); + writer.dt(); +- writer.boldText(label); ++ writer.strongText(label); + writer.dd(); + String methLink = writer.codeText( + writer.getLink( +@@ -363,7 +363,7 @@ + writer.getLink(new LinkInfoImpl( + LinkInfoImpl.CONTEXT_METHOD_SPECIFIED_BY, intfac))); + writer.dt(); +- writer.boldText("doclet.Specified_By"); ++ writer.strongText("doclet.Specified_By"); + writer.dd(); + methlink = writer.codeText(writer.getDocLink( + LinkInfoImpl.CONTEXT_MEMBER, implementedMeth, +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/NestedClassWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/NestedClassWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/NestedClassWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/NestedClassWriterImpl.java +@@ -149,7 +149,7 @@ + } + + public void printSummaryLabel(ClassDoc cd) { +- writer.boldText("doclet.Nested_Class_Summary"); ++ writer.strongText("doclet.Nested_Class_Summary"); + } + + public void printSummaryAnchor(ClassDoc cd) { +@@ -164,18 +164,18 @@ + public void printInheritedSummaryLabel(ClassDoc cd) { + String clslink = writer.getPreQualifiedClassLink( + LinkInfoImpl.CONTEXT_MEMBER, cd, false); +- writer.bold(); ++ writer.strong(); + writer.printText(cd.isInterface() ? + "doclet.Nested_Classes_Interface_Inherited_From_Interface" : + "doclet.Nested_Classes_Interfaces_Inherited_From_Class", + clslink); +- writer.boldEnd(); ++ writer.strongEnd(); + } + + protected void writeSummaryLink(int context, ClassDoc cd, ProgramElementDoc member) { +- writer.bold(); ++ writer.strong(); + writer.printLink(new LinkInfoImpl(context, (ClassDoc)member, false)); +- writer.boldEnd(); ++ writer.strongEnd(); + } + + protected void writeInheritedSummaryLink(ClassDoc cd, +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexFrameWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexFrameWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexFrameWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexFrameWriter.java +@@ -87,7 +87,7 @@ + } + + /** +- * Print the "-packagesheader" string in bold format, at top of the page, ++ * Print the "-packagesheader" string in strong format, at top of the page, + * if it is not the empty string. Otherwise print the "-header" string. + * Despite the name, there is actually no navigation bar for this page. + */ +@@ -95,9 +95,9 @@ + printTableHeader(true); + fontSizeStyle("+1", "FrameTitleFont"); + if (configuration.packagesheader.length() > 0) { +- bold(replaceDocRootDir(configuration.packagesheader)); ++ strong(replaceDocRootDir(configuration.packagesheader)); + } else { +- bold(replaceDocRootDir(configuration.header)); ++ strong(replaceDocRootDir(configuration.header)); + } + fontEnd(); + printTableFooter(true); +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageIndexWriter.java +@@ -102,9 +102,9 @@ + if(pkg != null && pkg.name().length() > 0) { + trBgcolorStyle("white", "TableRowColor"); + summaryRow(20); +- bold(); ++ strong(); + printPackageLink(pkg, Util.getPackageName(pkg), false); +- boldEnd(); ++ strongEnd(); + summaryRowEnd(); + summaryRow(0); + printSummaryComment(pkg); +@@ -138,7 +138,7 @@ + if (root.inlineTags().length > 0) { + printSummaryComment(root); + p(); +- bold(configuration.getText("doclet.See")); ++ strong(configuration.getText("doclet.See")); + br(); + printNbsps(); + printHyperLink("", "overview_description", +@@ -153,7 +153,7 @@ + protected void printIndexHeader(String text) { + tableIndexSummary(); + tableHeaderStart("#CCCCFF"); +- bold(text); ++ strong(text); + tableHeaderEnd(); + } + +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/PackageTreeWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/PackageTreeWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageTreeWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageTreeWriter.java +@@ -144,7 +144,7 @@ + protected void printLinkToMainTree() { + dl(); + dt(); +- boldText("doclet.Package_Hierarchies"); ++ strongText("doclet.Package_Hierarchies"); + dd(); + navLinkMainTree(configuration.getText("doclet.All_Packages")); + dlEnd(); +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/PackageUseWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/PackageUseWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageUseWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageUseWriter.java +@@ -178,9 +178,9 @@ + + trBgcolorStyle("white", "TableRowColor"); + summaryRow(0); +- bold(); ++ strong(); + printHyperLink(path, packageName, usedClass.name(), true); +- boldEnd(); ++ strongEnd(); + println(); br(); + printNbsps(); + printIndexComment(usedClass); +@@ -219,7 +219,7 @@ + hr(); + center(); + h2(); +- boldText("doclet.ClassUse_Title", packageLabel, name); ++ strongText("doclet.ClassUse_Title", packageLabel, name); + h2End(); + centerEnd(); + } +@@ -251,7 +251,7 @@ + protected void navLinkClassUse() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.navClassUse"); ++ strongText("doclet.navClassUse"); + fontEnd(); + navCellEnd(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/PackageWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/PackageWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/PackageWriterImpl.java +@@ -123,14 +123,14 @@ + } + trBgcolorStyle("white", "TableRowColor"); + summaryRow(15); +- bold(); ++ strong(); + printLink(new LinkInfoImpl(LinkInfoImpl.CONTEXT_PACKAGE, + classes[i], false)); +- boldEnd(); ++ strongEnd(); + summaryRowEnd(); + summaryRow(0); + if (Util.isDeprecated(classes[i])) { +- boldText("doclet.Deprecated"); ++ strongText("doclet.Deprecated"); + if (classes[i].tags("deprecated").length > 0) { + space(); + printSummaryDeprecatedComment(classes[i], +@@ -155,7 +155,7 @@ + */ + protected void printFirstRow(String label) { + tableHeaderStart("#CCCCFF"); +- bold(label); ++ strong(label); + tableHeaderEnd(); + } + +@@ -194,7 +194,7 @@ + if (packageDoc.inlineTags().length > 0 && ! configuration.nocomment) { + printSummaryComment(packageDoc); + p(); +- bold(configuration.getText("doclet.See")); ++ strong(configuration.getText("doclet.See")); + br(); + printNbsps(); + printHyperLink("", "package_description", +@@ -268,7 +268,7 @@ + protected void navLinkPackage() { + navCellRevStart(); + fontStyle("NavBarFont1Rev"); +- boldText("doclet.Package"); ++ strongText("doclet.Package"); + fontEnd(); + navCellEnd(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/SerializedFormWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/SerializedFormWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/SerializedFormWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/SerializedFormWriterImpl.java +@@ -73,9 +73,9 @@ + tableHeader(); + thAlign("center"); + font("+2"); +- boldText("doclet.Package"); ++ strongText("doclet.Package"); + print(' '); +- bold(packageName); ++ strong(packageName); + tableFooter(); + } + +@@ -86,7 +86,7 @@ + * @param serialUID the serial UID to print. + */ + public void writeSerialUIDInfo(String header, String serialUID) { +- bold(header + " "); ++ strong(header + " "); + println(serialUID); + p(); + } +@@ -131,7 +131,7 @@ + tableHeader(); + thAlignColspan("left", 2); + font("+2"); +- bold(className); ++ strong(className); + tableFooter(); + p(); + } +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/SubWriterHolderWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/SubWriterHolderWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/SubWriterHolderWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/SubWriterHolderWriter.java +@@ -81,7 +81,7 @@ + public void printTableHeadingBackground(String str) { + tableIndexDetail(); + tableHeaderStart("#CCCCFF", 1); +- bold(str); ++ strong(str); + tableHeaderEnd(); + tableEnd(); + } +@@ -117,7 +117,7 @@ + protected void printIndexComment(Doc member, Tag[] firstSentenceTags) { + Tag[] deprs = member.tags("deprecated"); + if (Util.isDeprecated((ProgramElementDoc) member)) { +- boldText("doclet.Deprecated"); ++ strongText("doclet.Deprecated"); + space(); + if (deprs.length > 0) { + printInlineDeprecatedComment(member, deprs[0]); +@@ -126,7 +126,7 @@ + } else { + ClassDoc cd = ((ProgramElementDoc)member).containingClass(); + if (cd != null && Util.isDeprecated(cd)) { +- boldText("doclet.Deprecated"); space(); ++ strongText("doclet.Deprecated"); space(); + } + } + printSummaryComment(member, firstSentenceTags); +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/TagletWriterImpl.java b/src/share/classes/com/sun/tools/doclets/formats/html/TagletWriterImpl.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/TagletWriterImpl.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/TagletWriterImpl.java +@@ -69,9 +69,9 @@ + Tag[] deprs = doc.tags("deprecated"); + if (doc instanceof ClassDoc) { + if (Util.isDeprecated((ProgramElementDoc) doc)) { +- output.append("" + ++ output.append("" + + ConfigurationImpl.getInstance(). +- getText("doclet.Deprecated") + " "); ++ getText("doclet.Deprecated") + " "); + if (deprs.length > 0) { + Tag[] commentTags = deprs[0].inlineTags(); + if (commentTags.length > 0) { +@@ -86,9 +86,9 @@ + } else { + MemberDoc member = (MemberDoc) doc; + if (Util.isDeprecated((ProgramElementDoc) doc)) { +- output.append("
    " + ++ output.append("
    " + + ConfigurationImpl.getInstance(). +- getText("doclet.Deprecated") + " "); ++ getText("doclet.Deprecated") + " "); + if (deprs.length > 0) { + output.append(""); + output.append(commentTagsToOutput(null, doc, +@@ -101,9 +101,9 @@ + } + } else { + if (Util.isDeprecated(member.containingClass())) { +- output.append("
    " + ++ output.append("
    " + + ConfigurationImpl.getInstance(). +- getText("doclet.Deprecated") + " "); ++ getText("doclet.Deprecated") + " "); + } + } + } +@@ -123,7 +123,7 @@ + public TagletOutput getParamHeader(String header) { + StringBuffer result = new StringBuffer(); + result.append("
    "); +- result.append("" + header + ""); ++ result.append("" + header + ""); + return new TagletOutputImpl(result.toString()); + } + +@@ -141,8 +141,8 @@ + */ + public TagletOutput returnTagOutput(Tag returnTag) { + TagletOutput result = new TagletOutputImpl(DocletConstants.NL + "
    " + +- "" + htmlWriter.configuration.getText("doclet.Returns") + +- "" + "
    " + ++ "" + htmlWriter.configuration.getText("doclet.Returns") + ++ "" + "
    " + + htmlWriter.commentTagsToString(returnTag, null, returnTag.inlineTags(), + false)); + return result; +@@ -189,7 +189,7 @@ + if (result != null && result.length() > 0) { + return result + ", " + DocletConstants.NL; + } else { +- return "
    " + htmlWriter.configuration().getText("doclet.See_Also") + "
    "; ++ return "
    " + htmlWriter.configuration().getText("doclet.See_Also") + "
    "; + } + } + +@@ -197,7 +197,7 @@ + * {@inheritDoc} + */ + public TagletOutput simpleTagOutput(Tag[] simpleTags, String header) { +- String result = "
    " + header + "
    " + DocletConstants.NL + ++ String result = "
    " + header + "
    " + DocletConstants.NL + + "
    "; + for (int i = 0; i < simpleTags.length; i++) { + if (i > 0) { +@@ -212,7 +212,7 @@ + * {@inheritDoc} + */ + public TagletOutput simpleTagOutput(Tag simpleTag, String header) { +- return new TagletOutputImpl("
    " + header + "
    " + "
    " ++ return new TagletOutputImpl("
    " + header + "
    " + "
    " + + htmlWriter.commentTagsToString(simpleTag, null, simpleTag.inlineTags(), false) + + "
    " + DocletConstants.NL); + } +@@ -221,8 +221,8 @@ + * {@inheritDoc} + */ + public TagletOutput getThrowsHeader() { +- return new TagletOutputImpl(DocletConstants.NL + "
    " + "" + +- htmlWriter.configuration().getText("doclet.Throws") + ""); ++ return new TagletOutputImpl(DocletConstants.NL + "
    " + "" + ++ htmlWriter.configuration().getText("doclet.Throws") + ""); + } + + /** +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/TreeWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/TreeWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/TreeWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/TreeWriter.java +@@ -119,7 +119,7 @@ + if (!classesonly) { + dl(); + dt(); +- boldText("doclet.Package_Hierarchies"); ++ strongText("doclet.Package_Hierarchies"); + dd(); + for (int i = 0; i < packages.length; i++) { + if (packages[i].name().length() == 0) { +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlDocWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlDocWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlDocWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlDocWriter.java +@@ -83,11 +83,11 @@ + * @param where Position of the link in the file. Character '#' is not + * needed. + * @param label Tag for the link. +- * @param bold Boolean that sets label to bold. ++ * @param strong Boolean that sets label to strong. + */ + public void printHyperLink(String link, String where, +- String label, boolean bold) { +- print(getHyperLink(link, where, label, bold, "", "", "")); ++ String label, boolean strong) { ++ print(getHyperLink(link, where, label, strong, "", "", "")); + } + + /** +@@ -109,13 +109,13 @@ + * @param where Position of the link in the file. Character '#' is not + * needed. + * @param label Tag for the link. +- * @param bold Boolean that sets label to bold. ++ * @param strong Boolean that sets label to strong. + * @param stylename String style of text defined in style sheet. + */ + public void printHyperLink(String link, String where, +- String label, boolean bold, ++ String label, boolean strong, + String stylename) { +- print(getHyperLink(link, where, label, bold, stylename, "", "")); ++ print(getHyperLink(link, where, label, strong, stylename, "", "")); + } + + /** +@@ -125,12 +125,12 @@ + * @param where Position of the link in the file. Character '#' is not + * needed. + * @param label Tag for the link. +- * @param bold Boolean that sets label to bold. ++ * @param strong Boolean that sets label to strong. + * @return String Hyper Link. + */ + public String getHyperLink(String link, String where, +- String label, boolean bold) { +- return getHyperLink(link, where, label, bold, "", "", ""); ++ String label, boolean strong) { ++ return getHyperLink(link, where, label, strong, "", "", ""); + } + + /** +@@ -140,14 +140,14 @@ + * @param where Position of the link in the file. Character '#' is not + * needed. + * @param label Tag for the link. +- * @param bold Boolean that sets label to bold. ++ * @param strong Boolean that sets label to strong. + * @param stylename String style of text defined in style sheet. + * @return String Hyper Link. + */ + public String getHyperLink(String link, String where, +- String label, boolean bold, ++ String label, boolean strong, + String stylename) { +- return getHyperLink(link, where, label, bold, stylename, "", ""); ++ return getHyperLink(link, where, label, strong, stylename, "", ""); + } + + /** +@@ -157,14 +157,14 @@ + * @param where Position of the link in the file. Character '#' is not + * needed. + * @param label Tag for the link. +- * @param bold Boolean that sets label to bold. ++ * @param strong Boolean that sets label to strong. + * @param stylename String style of text defined in style sheet. + * @param title String that describes the link's content for accessibility. + * @param target Target frame. + * @return String Hyper Link. + */ + public String getHyperLink(String link, String where, +- String label, boolean bold, ++ String label, boolean strong, + String stylename, String title, String target) { + StringBuffer retlink = new StringBuffer(); + retlink.append(""); + } +- if (bold) { +- retlink.append(""); ++ if (strong) { ++ retlink.append(""); + } + retlink.append(label); +- if (bold) { +- retlink.append(""); ++ if (strong) { ++ retlink.append(""); + } + if (stylename != null && stylename.length() != 0) { + retlink.append(""); +diff --git a/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlWriter.java b/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlWriter.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlWriter.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/formats/html/markup/HtmlWriter.java +@@ -433,46 +433,46 @@ + } + + /** +- * Get the "<B>" string. ++ * Get the "<STRONG>" string. + * +- * @return String Return String "<B>"; ++ * @return String Return String "<STRONG>"; + */ +- public String getBold() { +- return ""; ++ public String getStrong() { ++ return ""; + } + + /** +- * Get the "</B>" string. ++ * Get the "</STRONG>" string. + * +- * @return String Return String "</B>"; ++ * @return String Return String "</STRONG>"; + */ +- public String getBoldEnd() { +- return ""; ++ public String getStrongEnd() { ++ return ""; + } + + /** +- * Print <B> tag. ++ * Print <STRONG> tag. + */ +- public void bold() { +- print(""); ++ public void strong() { ++ print(""); + } + + /** +- * Print </B> tag. ++ * Print </STRONG> tag. + */ +- public void boldEnd() { +- print(""); ++ public void strongEnd() { ++ print(""); + } + + /** +- * Print text passed, in bold format using <B> and </B> tags. ++ * Print text passed, in strong format using <STRONG> and </STRONG> tags. + * +- * @param text String to be printed in between <B> and </B> tags. ++ * @param text String to be printed in between <STRONG> and </STRONG> tags. + */ +- public void bold(String text) { +- bold(); ++ public void strong(String text) { ++ strong(); + print(text); +- boldEnd(); ++ strongEnd(); + } + + /** +diff --git a/src/share/classes/com/sun/tools/doclets/internal/toolkit/util/links/LinkInfo.java b/src/share/classes/com/sun/tools/doclets/internal/toolkit/util/links/LinkInfo.java +--- openjdk/langtools/src/share/classes/com/sun/tools/doclets/internal/toolkit/util/links/LinkInfo.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/doclets/internal/toolkit/util/links/LinkInfo.java +@@ -69,9 +69,9 @@ + public String label; + + /** +- * True if the link should be bolded. ++ * True if the link should be strong. + */ +- public boolean isBold = false; ++ public boolean isStrong = false; + + /** + * True if we should include the type in the link label. False otherwise. +diff --git a/test/com/sun/javadoc/AccessAsciiArt/AccessAsciiArt.java b/test/com/sun/javadoc/AccessAsciiArt/AccessAsciiArt.java +--- openjdk/langtools/test/com/sun/javadoc/AccessAsciiArt/AccessAsciiArt.java ++++ openjdk/langtools/test/com/sun/javadoc/AccessAsciiArt/AccessAsciiArt.java +@@ -94,7 +94,7 @@ + + // Test the third line of the class tree + { +-" \"extendedp1.subpkg.SSC", ++" \"extendedp1.subpkg.SSC", + TMPDEST_DIR1 + "p1" + FS + "subpkg" + FS +"SSC.html" }, + + }; +diff --git a/test/com/sun/javadoc/AuthorDD/AuthorDD.java b/test/com/sun/javadoc/AuthorDD/AuthorDD.java +--- openjdk/langtools/test/com/sun/javadoc/AuthorDD/AuthorDD.java ++++ openjdk/langtools/test/com/sun/javadoc/AuthorDD/AuthorDD.java +@@ -86,12 +86,12 @@ + + // Test single @since tag: + +- { "
    Since:
    "+NL+"
    JDK 1.0
    ", ++ { "
    Since:
    "+NL+"
    JDK 1.0
    ", + BUGID + FS + "p1" + FS + "C1.html" }, + + // Test multiple @author tags: + +- { "
    Author:
    "+NL+"
    Doug Kramer, Jamie, Neal
    "+NL, ++ { "
    Author:
    "+NL+"
    Doug Kramer, Jamie, Neal
    "+NL, + BUGID + FS + "p1" + FS + "C1.html" }, + + }; +diff --git a/test/com/sun/javadoc/testClassCrossReferences/TestClassCrossReferences.java b/test/com/sun/javadoc/testClassCrossReferences/TestClassCrossReferences.java +--- openjdk/langtools/test/com/sun/javadoc/testClassCrossReferences/TestClassCrossReferences.java ++++ openjdk/langtools/test/com/sun/javadoc/testClassCrossReferences/TestClassCrossReferences.java +@@ -48,7 +48,7 @@ + "    Link to external member gcd"}, + {BUG_ID + FS + "C.html", +- "Overrides:
    toString in class java.lang.Object"} ++ "Overrides:
    toString in class java.lang.Object"} + }; + private static final String[][] NEGATED_TEST = NO_TEST; + private static final String[] ARGS = +diff --git a/test/com/sun/javadoc/testClassTree/TestClassTree.java b/test/com/sun/javadoc/testClassTree/TestClassTree.java +--- openjdk/langtools/test/com/sun/javadoc/testClassTree/TestClassTree.java ++++ openjdk/langtools/test/com/sun/javadoc/testClassTree/TestClassTree.java +@@ -49,12 +49,12 @@ + private static final String[][] TEST = { + {BUG_ID + FS + "pkg" + FS + "package-tree.html", + "
  • pkg.ParentClass
      "}, ++ "title=\"class in pkg\">ParentClass
        "}, + + {BUG_ID + FS + "pkg" + FS + "package-tree.html", + "Annotation Type Hierarchy" + NL + "" + NL + "
          " + NL + + "
        • pkg.AnnotationType " + ++ "title=\"annotation in pkg\">AnnotationType " + + "(implements java.lang.annotation.Annotation)" + NL + "
        "}, + + {BUG_ID + FS + "pkg" + FS + "package-tree.html", +@@ -65,7 +65,7 @@ + "
      • java.lang.Object
          " + NL + + "
        • java.lang.Enum<E> (implements java.lang.Comparable<T>, java.io.Serializable)" + NL + + "
            " + NL + +- "
          • pkg.Coin
          " + NL + ++ "
        • pkg.Coin
        " + NL + + "
      " + NL + + "
    " + }, +@@ -73,7 +73,7 @@ + private static final String[][] NEGATED_TEST = { + {BUG_ID + FS + "pkg" + FS + "package-tree.html", + "
  • class pkg.ParentClass