JDK 17 java.xml.crypto.jmod - XML Crypto Module

JDK 17 java.xml.crypto.jmod is the JMOD file for JDK 17 XML (eXtensible Markup Language) Crypto module.

JDK 17 XML Crypto module compiled class files are stored in \fyicenter\jdk-17.0.5\jmods\java.xml.crypto.jmod.

JDK 17 XML Crypto module compiled class files are also linked and stored in the \fyicenter\jdk-17.0.5\lib\modules JImage file.

JDK 17 XML Crypto module source code files are stored in \fyicenter\jdk-17.0.5\lib\src.zip\java.xml.crypto.

You can click and view the content of each source code file in the list below.

✍: FYIcenter

org/jcp/xml/dsig/internal/dom/Policy.java

/*
 * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved.
 * ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 */
package org.jcp.xml.dsig.internal.dom;

import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.Security;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;

/**
 * The secure validation policy as specified by the
 * jdk.xml.dsig.secureValidationPolicy security property.
 */
public final class Policy {

    private static Set<URI> disallowedAlgs;
    private static int maxTrans;
    private static int maxRefs;
    private static Set<String> disallowedRefUriSchemes;
    private static Map<String, Integer> minKeyMap;
    private static boolean noDuplicateIds;
    private static boolean noRMLoops;

    static {
        try {
            initialize();
        } catch (Exception e) {
            throw new SecurityException(
                "Cannot initialize the secure validation policy", e);
        }
    }

    private Policy() {}

    private static void initialize() {
        // First initialized to be unconstrained and then parse the
        // security property "jdk.xml.dsig.secureValidationPolicy"
        disallowedAlgs = new HashSet<>();
        maxTrans = Integer.MAX_VALUE;
        maxRefs = Integer.MAX_VALUE;
        disallowedRefUriSchemes = new HashSet<>();
        minKeyMap = new HashMap<>();
        noDuplicateIds = false;
        noRMLoops = false;

        @SuppressWarnings("removal")
        String prop =
            AccessController.doPrivileged((PrivilegedAction<String>) () ->
                Security.getProperty("jdk.xml.dsig.secureValidationPolicy"));
        if (prop == null || prop.isEmpty()) {
            // no policy specified, so don't enforce any restrictions
            return;
        }
        String[] entries = prop.split(",");
        for (String entry : entries) {
            String[] tokens = entry.split("\\s");
            String type = tokens[0];
            switch(type) {
                case "disallowAlg":
                    if (tokens.length != 2) {
                        error(entry);
                    }
                    disallowedAlgs.add(URI.create(tokens[1]));
                    break;
                case "maxTransforms":
                    if (tokens.length != 2) {
                        error(entry);
                    }
                    maxTrans = Integer.parseUnsignedInt(tokens[1]);
                    break;
                case "maxReferences":
                    if (tokens.length != 2) {
                        error(entry);
                    }
                    maxRefs = Integer.parseUnsignedInt(tokens[1]);
                    break;
                case "disallowReferenceUriSchemes":
                    if (tokens.length == 1) {
                        error(entry);
                    }
                    for (int i = 1; i < tokens.length; i++) {
                        String scheme = tokens[i];
                        disallowedRefUriSchemes.add(
                            scheme.toLowerCase(Locale.ROOT));
                    }
                    break;
                case "minKeySize":
                    if (tokens.length != 3) {
                        error(entry);
                    }
                    minKeyMap.put(tokens[1],
                                  Integer.parseUnsignedInt(tokens[2]));
                    break;
                case "noDuplicateIds":
                    if (tokens.length != 1) {
                        error(entry);
                    }
                    noDuplicateIds = true;
                    break;
                case "noRetrievalMethodLoops":
                    if (tokens.length != 1) {
                        error(entry);
                    }
                    noRMLoops = true;
                    break;
                default:
                    error(entry);
            }
        }
    }

    public static boolean restrictAlg(String alg) {
        try {
            URI uri = new URI(alg);
            return disallowedAlgs.contains(uri);
        } catch (URISyntaxException use) {
            return false;
        }
    }

    public static boolean restrictNumTransforms(int numTrans) {
        return (numTrans > maxTrans);
    }

    public static boolean restrictNumReferences(int numRefs) {
        return (numRefs > maxRefs);
    }

    public static boolean restrictReferenceUriScheme(String uri) {
        if (uri != null) {
            String scheme = java.net.URI.create(uri).getScheme();
            if (scheme != null) {
                return disallowedRefUriSchemes.contains(
                    scheme.toLowerCase(Locale.ROOT));
            }
        }
        return false;
    }

    public static boolean restrictKey(String type, int size) {
        return (size < minKeyMap.getOrDefault(type, 0));
    }

    public static boolean restrictDuplicateIds() {
        return noDuplicateIds;
    }

    public static boolean restrictRetrievalMethodLoops() {
        return noRMLoops;
    }

    public static Set<URI> disabledAlgs() {
        return Collections.<URI>unmodifiableSet(disallowedAlgs);
    }

    public static int maxTransforms() {
        return maxTrans;
    }

    public static int maxReferences() {
        return maxRefs;
    }

    public static Set<String> disabledReferenceUriSchemes() {
        return Collections.<String>unmodifiableSet(disallowedRefUriSchemes);
    }

    public static int minKeySize(String type) {
        return minKeyMap.getOrDefault(type, 0);
    }

    private static void error(String entry) {
        throw new IllegalArgumentException(
            "Invalid jdk.xml.dsig.secureValidationPolicy entry: " + entry);
    }
}

org/jcp/xml/dsig/internal/dom/Policy.java

 

Or download all of them as a single archive file:

File name: java.xml.crypto-17.0.5-src.zip
File size: 555559 bytes
Release date: 2022-09-13
Download 

 

JDK 17 jdk.accessibility.jmod - Accessibility Module

JDK 17 java.xml.jmod - XML Module

JDK 17 JMod/Module Files

⇑⇑ FAQ for JDK (Java Development Kit) 17

2023-07-01, 14449👍, 0💬