Skip to content

Commit

Permalink
New version, Java 11, System.Logger, AutoCloseable, XmlSignatureInput…
Browse files Browse the repository at this point in the history 
… types (#192)

* Start of the development od version 4.0.0

Signed-off-by: David Matějček <[email protected]>

* POM Updates

- JDK11 instead of JDK8
- Added failsafe (skipped by default)
- Removed JDK profiles
- Removed dependency on SLF4J and LOGJ, XML-APIs
- Updated dependency: Jetty, Maven
- To be continued ...

Signed-off-by: David Matějček <[email protected]>

* Using System.Logger instead SLF4J - except tests

- Allows to use also SLF4J2, previous version wasn't compatible

Signed-off-by: David Matějček <[email protected]>

* Added module-info.java

Signed-off-by: David Matějček <[email protected]>

* Fixed version in XMLDSigRI

Signed-off-by: David Matějček <[email protected]>

* Added AutoCloseable to readers and writers

Signed-off-by: David Matějček <[email protected]>

* Method getBytesFromFile made deprecated

- Used just in tests, but might be used by users

Signed-off-by: David Matějček <[email protected]>

* BufferedStreams replaced by Files.new*Stream calls

Signed-off-by: David Matějček <[email protected]>

* JMH tests targetting performance (and leaks)

- PerformanceIT is able to detect leaks
  - has limited memory
  - slows down with executions in a single batch
  - fails if executions significantly slow down
  - fails if iterations don't pass limits
  - now fails DOM tests, seems there is some leak.
  - replaces two ignored tests PerformanceMemoryTest and PerformanceTimingTest
  - is executed by the failsafe plugin just on demand: use -DskipIT=false

Signed-off-by: David Matějček <[email protected]>

* Cleanups in tests - using Java11+ features

- Created JmhUtils to help JMH
- System.Logger usages instead of slf4j
- Fixed some IO leaks in tests - unclosed streams
- XMLUtilsPerformanceTest now uses JMH
- Removed log4j2.properties

Signed-off-by: David Matějček <[email protected]>

* Updated xml.bind versions

Signed-off-by: David Matějček <[email protected]>

* Fixed dependencies based on tests with GlassFish and Metro Webservices

Signed-off-by: David Matějček <[email protected]>

* Tolerate returning a null byte array

Signed-off-by: David Matějček <[email protected]>

* Properly closing streams in tests - added readResource method

- also added several utility methods just for tests
- reduced copy and paste

Signed-off-by: David Matějček <[email protected]>

* First clean field references, then close

- close may throw an exception

Signed-off-by: David Matějček <[email protected]>

* Yet some resource leaks in tests fixed/prevented + fixed calls

Signed-off-by: David Matějček <[email protected]>

* Sources and target Java version set to 11 without overriding

Signed-off-by: David Matějček <[email protected]>

* Fixed license

Signed-off-by: David Matějček <[email protected]>

* Cleanups based on PMD, javadoc

Signed-off-by: David Matějček <[email protected]>

* XMLUtils benchmark moved under the failsafe plugin too

Signed-off-by: David Matějček <[email protected]>

* Added buffers to XmlUtils

- nearly 10 times faster DOM benchmarks
- lower variability in benchmark results

Signed-off-by: David Matějček <[email protected]>

# Conflicts:
#	src/main/java/org/apache/xml/security/utils/XMLUtils.java

* Updated PMD

Signed-off-by: David Matějček <[email protected]>

* Larger buffers, 8K is quite standard these days


Signed-off-by: David Matějček <[email protected]>

* XMLSignatureInput vs. resource leaks

- I have noticed that in tests a new FileInputStream is given as an argument
  to this class, and then there's no control over it's lifecycle.
- Therefore I have added the finalize method to print warnings at least
  until I would be able to change it to more reliable implementation.

Signed-off-by: David Matějček <[email protected]>

* JaCoCo configuration

Signed-off-by: David Matějček <[email protected]>

* Refactoring around XMLSignatureInput

- It was split to several classes based on the type of the input data.
- Shouldn't those backed by an InputStream be AutoCloseable?
  - I have seen unclosed file input streams in logs after some failures
  - The class is also extended in other projects (WSIT, for example)

Signed-off-by: David Matějček <[email protected]>

* Refactored PerformanceIT - each class has own file

Signed-off-by: David Matějček <[email protected]>

* JUnit5 tests should not be public, says PMD

Signed-off-by: David Matějček <[email protected]>

* Following PMD advices for tests

Signed-off-by: David Matějček <[email protected]>

* XMLSignatureStreamInput: finalize replaced by close

- Safer implementation which allows better control over the stream closure.
- Allows also different implementations.

Signed-off-by: David Matějček <[email protected]>

* Fixed XMLSignatureEdDSATest

Signed-off-by: David Matějček <[email protected]>

# Conflicts:
#	src/test/java/org/apache/xml/security/test/javax/xml/crypto/dsig/SignatureValidator.java
#	src/test/java/org/apache/xml/security/test/javax/xml/crypto/dsig/XMLSignatureEdDSATest.java

* Making PMD happy

- BeanMembersShouldSerialize was replaced by NonSerializableClass
- TestClassWithoutTestCases has false positives
- JUnit5 tests should be package protected

Signed-off-by: David Matějček <[email protected]>

# Conflicts:
#	src/test/java/org/apache/xml/security/test/dom/signature/EDDSASignatureTest.java

* Updated JAXB Runtime and Jakarta Activation

Signed-off-by: David Matějček <[email protected]>

* Removed nonexisting sourceEncoding property from the PMD config

Signed-off-by: David Matějček <[email protected]>

* The test_sixteen_bad_signature made compliant with rules

Signed-off-by: David Matějček <[email protected]>

* Fixed logging of Jetty + level in tests made configurable again

- mvn clean install -Dtest.logging.level=FINEST
- using nanoseconds in logs

Signed-off-by: David Matějček <[email protected]>

# Conflicts:
#	pom.xml

* Upgraded PMD to 3.21.0

Signed-off-by: David Matějček <[email protected]>

* Fixed lost @test (reported by PMD)

Signed-off-by: David Matějček <[email protected]>

* Don't swallow exceptions

Signed-off-by: David Matějček <[email protected]>

* Updated jaxb runtime to 4.0.3

Signed-off-by: David Matějček <[email protected]>

* Updated GitHub Actions configuration

Signed-off-by: David Matějček <[email protected]>

* Reverted changes which are not necessary and just improved the code quality

Signed-off-by: David Matějček <[email protected]>

* Pom cleanup

- using activation-api.version
- synced compiler, javadoc and modernizer release options
  - javadoc uses compiler settings by default
  - modernizer needs an explicit value
  - compiler uses the maven.compiler.release property
- removed redundant junit version property

Signed-off-by: David Matějček <[email protected]>

* Javadoc lost in rebase is back

Signed-off-by: David Matějček <[email protected]>

* Fixed method name (canonicalize)

Signed-off-by: David Matějček <[email protected]>

---------

Signed-off-by: David Matějček <[email protected]>
  • Loading branch information
@dmatej
dmatej authored Aug 8, 2023
1 parent c868d91 commit ccac0cb
Show file tree
Hide file tree
Showing 321 changed files with 6,628 additions and 8,192 deletions.
7 changes: 4 additions & 3 deletions .github/workflows/pull-request-build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,14 @@ jobs:
timeout-minutes: 130
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.0
- name: Set up JDK 8
uses: actions/setup-java@cd89f46ac9d01407894225f350157564c9c7cee2 # v3.12.0
- name: Set up JDK 11
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
with:
java-version: '8'
java-version: '11'
distribution: 'temurin'
cache: maven
- name: Build with Apache Maven
run: mvn -U clean install -Djava.awt.headless=true -fae -B
env:
MAVEN_OPTS: "-Xmx1024M"

6 changes: 4 additions & 2 deletions etc/santuario-pmd-ruleset.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,6 @@
<exclude name="AvoidDuplicateLiterals" />
<exclude name="AvoidFieldNameMatchingMethodName" />
<exclude name="AvoidLiteralsInIfCondition" />
<exclude name="BeanMembersShouldSerialize" />
<exclude name="CompareObjectsWithEquals" />
<exclude name="ConstructorCallsOverridableMethod" />
<exclude name="DataflowAnomalyAnalysis" />
Expand All @@ -100,10 +99,13 @@
<exclude name="InvalidLogMessageFormat" />
<exclude name="JUnitSpelling" />
<exclude name="MissingSerialVersionUID" />
<exclude name="NonSerializableClass" />
<exclude name="NullAssignment" />
<exclude name="ReturnEmptyCollectionRatherThanNull" />
<exclude name="SingletonClassReturningNewInstance" />
<exclude name="SingleMethodSingleton" />
<exclude name="SuspiciousEqualsMethodName" />
<exclude name="TestClassWithoutTestCases" />
<exclude name="UseLocaleWithCaseConversions" />
<exclude name="UseProperClassLoader" />
</rule>
Expand All @@ -129,5 +131,5 @@
<rule ref="category/java/security.xml" >
<exclude name="HardCodedCryptoKey" />
</rule>

</ruleset>
224 changes: 131 additions & 93 deletions pom.xml
View file

Large diffs are not rendered by default.

73 changes: 73 additions & 0 deletions src/main/java/module-info.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/

/**
* @author David Matejcek
*/
module org.apache.santuario.xmlsec {

requires transitive jakarta.activation;
requires transitive jakarta.xml.bind;
requires java.base;
requires java.management;
requires java.xml;
requires java.xml.crypto;
requires org.apache.commons.codec;

exports org.apache.jcp.xml.dsig.internal.dom;
exports org.apache.xml.security;
exports org.apache.xml.security.algorithms;
exports org.apache.xml.security.algorithms.implementations;
exports org.apache.xml.security.c14n;
exports org.apache.xml.security.c14n.helper;
exports org.apache.xml.security.c14n.implementations;
exports org.apache.xml.security.configuration;
exports org.apache.xml.security.encryption;
exports org.apache.xml.security.exceptions;
exports org.apache.xml.security.keys;
exports org.apache.xml.security.keys.content;
exports org.apache.xml.security.keys.content.keyvalues;
exports org.apache.xml.security.keys.content.x509;
exports org.apache.xml.security.keys.keyresolver.implementations;
exports org.apache.xml.security.keys.storage.implementations;
exports org.apache.xml.security.signature;
exports org.apache.xml.security.stax.ext;
exports org.apache.xml.security.transforms;
exports org.apache.xml.security.transforms.implementations;
exports org.apache.xml.security.transforms.params;
exports org.apache.xml.security.utils;
exports org.apache.xml.security.utils.resolver;
exports org.apache.xml.security.utils.resolver.implementations;

opens org.apache.jcp.xml.dsig.internal.dom;
opens org.apache.xml.security;
opens org.apache.xml.security.binding.excc14n;
opens org.apache.xml.security.binding.xmldsig;
opens org.apache.xml.security.binding.xmldsig11;
opens org.apache.xml.security.binding.xmlenc;
opens org.apache.xml.security.binding.xmlenc11;
opens org.apache.xml.security.binding.xop;
opens org.apache.xml.security.configuration;
opens org.apache.xml.security.algorithms.implementations;
opens org.apache.xml.security.c14n.implementations;
opens org.apache.xml.security.keys.keyresolver.implementations;
opens org.apache.xml.security.keys.storage.implementations;
opens org.apache.xml.security.transforms.implementations;
opens org.apache.xml.security.utils.resolver.implementations;
}
12 changes: 7 additions & 5 deletions src/main/java/org/apache/jcp/xml/dsig/internal/DigesterOutputStream.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.System.Logger;
import java.lang.System.Logger.Level;
import java.security.MessageDigest;

import org.apache.xml.security.utils.UnsyncByteArrayOutputStream;
Expand All @@ -37,8 +39,8 @@
*
*/
public class DigesterOutputStream extends OutputStream {
private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(DigesterOutputStream.class);
private static final Logger LOG = System.getLogger(DigesterOutputStream.class.getName());


private final boolean buffer;
private UnsyncByteArrayOutputStream bos;
Expand Down Expand Up @@ -80,13 +82,13 @@ public void write(byte[] input, int offset, int len) {
if (buffer) {
bos.write(input, offset, len);
}
if (LOG.isDebugEnabled()) {
LOG.debug("Pre-digested input:");
if (LOG.isLoggable(Level.DEBUG)) {
LOG.log(Level.DEBUG, "Pre-digested input:");
StringBuilder sb = new StringBuilder(len);
for (int i = offset; i < (offset + len); i++) {
sb.append((char)input[i]);
}
LOG.debug(sb.toString());
LOG.log(Level.DEBUG, sb.toString());
}
md.update(input, offset, len);
}
Expand Down
36 changes: 19 additions & 17 deletions src/main/java/org/apache/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.OutputStream;
import java.lang.System.Logger;
import java.lang.System.Logger.Level;
import java.security.InvalidAlgorithmParameterException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Set;
Expand All @@ -42,6 +44,9 @@
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.signature.XMLSignatureNodeInput;
import org.apache.xml.security.signature.XMLSignatureNodeSetInput;
import org.apache.xml.security.signature.XMLSignatureStreamInput;
import org.apache.xml.security.transforms.Transform;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
Expand All @@ -53,8 +58,7 @@ public abstract class ApacheCanonicalizer extends TransformService {
org.apache.xml.security.Init.init();
}

private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(ApacheCanonicalizer.class);
private static final Logger LOG = System.getLogger(ApacheCanonicalizer.class.getName());
protected Canonicalizer canonicalizer;
private Transform apacheTransform;
protected String inclusiveNamespaces;
Expand Down Expand Up @@ -118,7 +122,7 @@ public Data canonicalize(Data data, XMLCryptoContext xc, OutputStream os)
if (canonicalizer == null) {
try {
canonicalizer = Canonicalizer.getInstance(getAlgorithm());
LOG.debug("Created canonicalizer for algorithm: {}", getAlgorithm());
LOG.log(Level.DEBUG, "Created canonicalizer for algorithm: {0}", getAlgorithm());
} catch (InvalidCanonicalizerException ice) {
throw new TransformException
("Couldn't find Canonicalizer for: " + getAlgorithm() +
Expand All @@ -145,7 +149,7 @@ public Data canonicalize(Data data, XMLCryptoContext xc, OutputStream os)
} else if (in.isNodeSet()) {
nodeSet = in.getNodeSet();
} else {
canonicalizer.canonicalize(Utils.readBytesFromStream(in.getOctetStream()), writer, secVal);
canonicalizer.canonicalize(Utils.readBytesFromStream(in.getUnprocessedInput()), writer, secVal);
return new OctetStreamData(new ByteArrayInputStream(getC14nBytes(writer, isByteArrayOutputStream)));
}
} else if (data instanceof DOMSubTreeData) {
Expand All @@ -163,7 +167,7 @@ public Data canonicalize(Data data, XMLCryptoContext xc, OutputStream os)
@SuppressWarnings("unchecked")
Set<Node> ns = Utils.toNodeSet(nsd.iterator());
nodeSet = ns;
LOG.debug("Canonicalizing {} nodes", nodeSet.size());
LOG.log(Level.DEBUG, "Canonicalizing {0} nodes", nodeSet.size());
} else {
canonicalizer.canonicalize(Utils.readBytesFromStream(((OctetStreamData)data).getOctetStream()), writer, secVal);
return new OctetStreamData(new ByteArrayInputStream(getC14nBytes(writer, isByteArrayOutputStream)));
Expand Down Expand Up @@ -208,7 +212,7 @@ public Data transform(Data data, XMLCryptoContext xc, OutputStream os)
apacheTransform =
new Transform(ownerDoc, getAlgorithm(), transformElem.getChildNodes());
apacheTransform.setElement(transformElem, xc.getBaseURI());
LOG.debug("Created transform for algorithm: {}", getAlgorithm());
LOG.log(Level.DEBUG, "Created transform for algorithm: {0}", getAlgorithm());
} catch (Exception ex) {
throw new TransformException
("Couldn't find Transform for: " + getAlgorithm(), ex);
Expand All @@ -217,25 +221,23 @@ public Data transform(Data data, XMLCryptoContext xc, OutputStream os)

XMLSignatureInput in;
if (data instanceof ApacheData) {
LOG.debug("ApacheData = true");
LOG.log(Level.DEBUG, "ApacheData = true");
in = ((ApacheData)data).getXMLSignatureInput();
} else if (data instanceof NodeSetData) {
LOG.debug("isNodeSet() = true");
LOG.log(Level.DEBUG, "isNodeSet() = true");
if (data instanceof DOMSubTreeData) {
DOMSubTreeData subTree = (DOMSubTreeData)data;
in = new XMLSignatureInput(subTree.getRoot());
in = new XMLSignatureNodeInput(subTree.getRoot());
in.setExcludeComments(subTree.excludeComments());
} else {
@SuppressWarnings("unchecked")
Set<Node> nodeSet =
Utils.toNodeSet(((NodeSetData)data).iterator());
in = new XMLSignatureInput(nodeSet);
@SuppressWarnings({"unchecked", "rawtypes"})
Set<Node> nodeSet = Utils.toNodeSet(((NodeSetData) data).iterator());
in = new XMLSignatureNodeSetInput(nodeSet);
}
} else {
LOG.debug("isNodeSet() = false");
LOG.log(Level.DEBUG, "isNodeSet() = false");
try {
in = new XMLSignatureInput
(((OctetStreamData)data).getOctetStream());
in = new XMLSignatureStreamInput(((OctetStreamData) data).getOctetStream());
} catch (Exception ex) {
throw new TransformException(ex);
}
Expand All @@ -246,7 +248,7 @@ public Data transform(Data data, XMLCryptoContext xc, OutputStream os)

try {
in = apacheTransform.performTransform(in, os, secVal);
if (in.isOctetStream()) {
if (in.hasUnprocessedInput()) {
return new ApacheOctetStreamData(in);
} else {
return new ApacheNodeSetData(in);
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/org/apache/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ public class ApacheOctetStreamData extends OctetStreamData
public ApacheOctetStreamData(XMLSignatureInput xi)
throws IOException
{
super(xi.getOctetStream(), xi.getSourceURI(), xi.getMIMEType());
super(xi.getUnprocessedInput(), xi.getSourceURI(), xi.getMIMEType());
this.xi = xi;
}

Expand Down
30 changes: 17 additions & 13 deletions src/main/java/org/apache/jcp/xml/dsig/internal/dom/ApacheTransform.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
package org.apache.jcp.xml.dsig.internal.dom;

import java.io.OutputStream;
import java.lang.System.Logger;
import java.lang.System.Logger.Level;
import java.security.InvalidAlgorithmParameterException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Set;
Expand All @@ -38,6 +40,9 @@
import javax.xml.crypto.dsig.spec.TransformParameterSpec;

import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.signature.XMLSignatureNodeInput;
import org.apache.xml.security.signature.XMLSignatureNodeSetInput;
import org.apache.xml.security.signature.XMLSignatureStreamInput;
import org.apache.xml.security.transforms.Transform;
import org.apache.xml.security.transforms.Transforms;
import org.w3c.dom.Document;
Expand All @@ -55,8 +60,8 @@ public abstract class ApacheTransform extends TransformService {
org.apache.xml.security.Init.init();
}

private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(ApacheTransform.class);
private static final Logger LOG = System.getLogger(ApacheTransform.class.getName());

private Transform transform;
protected Document ownerDoc;
protected Element transformElem;
Expand Down Expand Up @@ -140,7 +145,7 @@ private Data transformIt(Data data, XMLCryptoContext xc, OutputStream os)
transform =
new Transform(ownerDoc, getAlgorithm(), transformElem.getChildNodes());
transform.setElement(transformElem, xc.getBaseURI());
LOG.debug("Created transform for algorithm: {}", getAlgorithm());
LOG.log(Level.DEBUG, "Created transform for algorithm: {0}", getAlgorithm());
} catch (Exception ex) {
throw new TransformException("Couldn't find Transform for: " +
getAlgorithm(), ex);
Expand All @@ -158,26 +163,25 @@ private Data transformIt(Data data, XMLCryptoContext xc, OutputStream os)

XMLSignatureInput in;
if (data instanceof ApacheData) {
LOG.debug("ApacheData = true");
LOG.log(Level.DEBUG, "ApacheData = true");
in = ((ApacheData)data).getXMLSignatureInput();
} else if (data instanceof NodeSetData) {
LOG.debug("isNodeSet() = true");
LOG.log(Level.DEBUG, "isNodeSet() = true");
if (data instanceof DOMSubTreeData) {
LOG.debug("DOMSubTreeData = true");
LOG.log(Level.DEBUG, "DOMSubTreeData = true");
DOMSubTreeData subTree = (DOMSubTreeData)data;
in = new XMLSignatureInput(subTree.getRoot());
in = new XMLSignatureNodeInput(subTree.getRoot());
in.setExcludeComments(subTree.excludeComments());
} else {
@SuppressWarnings("unchecked")
@SuppressWarnings({"unchecked", "rawtypes"})
Set<Node> nodeSet =
Utils.toNodeSet(((NodeSetData)data).iterator());
in = new XMLSignatureInput(nodeSet);
in = new XMLSignatureNodeSetInput(nodeSet);
}
} else {
LOG.debug("isNodeSet() = false");
LOG.log(Level.DEBUG, "isNodeSet() = false");
try {
in = new XMLSignatureInput
(((OctetStreamData)data).getOctetStream());
in = new XMLSignatureStreamInput(((OctetStreamData) data).getOctetStream());
} catch (Exception ex) {
throw new TransformException(ex);
}
Expand All @@ -194,7 +198,7 @@ private Data transformIt(Data data, XMLCryptoContext xc, OutputStream os)
} else {
in = transform.performTransform(in, secVal);
}
if (in.isOctetStream()) {
if (in.hasUnprocessedInput()) {
return new ApacheOctetStreamData(in);
} else {
return new ApacheNodeSetData(in);
Expand Down
10 changes: 6 additions & 4 deletions src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@
*/
package org.apache.jcp.xml.dsig.internal.dom;

import java.lang.System.Logger;
import java.lang.System.Logger.Level;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
Expand Down Expand Up @@ -54,8 +56,8 @@ public abstract class DOMHMACSignatureMethod extends AbstractDOMSignatureMethod

private static final String DOM_SIGNATURE_PROVIDER = "org.jcp.xml.dsig.internal.dom.MacProvider";

private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(DOMHMACSignatureMethod.class);
private static final Logger LOG = System.getLogger(DOMHMACSignatureMethod.class.getName());


// see RFC 4051 for these algorithm definitions
static final String HMAC_SHA224 =
Expand Down Expand Up @@ -115,7 +117,7 @@ void checkParams(SignatureMethodParameterSpec params)
}
outputLength = ((HMACParameterSpec)params).getOutputLength();
outputLengthSet = true;
LOG.debug("Setting outputLength from HMACParameterSpec to: {}", outputLength);
LOG.log(Level.DEBUG, "Setting outputLength from HMACParameterSpec to: {0}", outputLength);
}
}

Expand All @@ -134,7 +136,7 @@ SignatureMethodParameterSpec unmarshalParams(Element paramsElem)
throw new MarshalException("Invalid output length supplied: " + paramsElem.getFirstChild().getNodeValue());
}
outputLengthSet = true;
LOG.debug("unmarshalled outputLength: {}", outputLength);
LOG.log(Level.DEBUG, "unmarshalled outputLength: {0}", outputLength);
return new HMACParameterSpec(outputLength);
}

Expand Down
Loading

0 comments on commit ccac0cb

Please sign in to comment.