You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by gi...@apache.org on 2012/07/21 17:48:46 UTC
svn commit: r1364115 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/impl/processor/output/
test/java/org/apache/xml/security/test/stax/signature/
Author: giger
Date: Sat Jul 21 15:48:45 2012
New Revision: 1364115
URL: http://svn.apache.org/viewvc?rev=1364115&view=rev
Log:
append signature directly after the root element. Fix for SANTUARIO-324
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureEndingOutputProcessor.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java?rev=1364115&r1=1364114&r2=1364115&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java Sat Jul 21 15:48:45 2012
@@ -79,19 +79,15 @@ public abstract class AbstractSignatureE
TwY0Uxja4ZuI6U8m8Tg=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-1043455692">
- <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-1008354042">
- <wsse:Reference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" URI="#CertId-3458500" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-1008354042">
+ <wsse:Reference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+ URI="#CertId-3458500" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
*/
- @Override
- public void doFinal(OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
- setAppendAfterThisTokenId(outputProcessorChain.getSecurityContext().<String>get(XMLSecurityConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID));
- super.doFinal(outputProcessorChain);
- }
-
public void processHeaderEvent(OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureEndingOutputProcessor.java?rev=1364115&r1=1364114&r2=1364115&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureEndingOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureEndingOutputProcessor.java Sat Jul 21 15:48:45 2012
@@ -20,6 +20,7 @@ package org.apache.xml.security.stax.imp
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Iterator;
import java.util.List;
import javax.xml.stream.XMLStreamException;
@@ -30,6 +31,7 @@ import org.apache.xml.security.stax.ext.
import org.apache.xml.security.stax.ext.XMLSecurityException;
import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
+import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.SignaturePartDef;
import org.apache.xml.security.stax.impl.algorithms.SignatureAlgorithm;
import org.apache.xml.security.stax.securityEvent.SignatureValueSecurityEvent;
@@ -65,6 +67,19 @@ public class XMLSignatureEndingOutputPro
}
@Override
+ protected void flushBufferAndCallbackAfterTokenID(
+ OutputProcessorChain outputProcessorChain, Iterator<XMLSecEvent> xmlSecEventIterator)
+ throws XMLStreamException, XMLSecurityException {
+
+ //@see SANTUARIO-324
+ //output root element...
+ outputProcessorChain.reset();
+ outputProcessorChain.processEvent(xmlSecEventIterator.next());
+ //...then call super to append the signature and flush the rest
+ super.flushBufferAndCallbackAfterTokenID(outputProcessorChain, xmlSecEventIterator);
+ }
+
+ @Override
protected void createKeyInfoStructureForSignature(
OutputProcessorChain outputProcessorChain,
SecurityToken securityToken,
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java?rev=1364115&r1=1364114&r2=1364115&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java Sat Jul 21 15:48:45 2012
@@ -24,6 +24,7 @@ import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import javax.crypto.SecretKey;
@@ -82,6 +83,17 @@ public class SignatureCreationTest exten
// System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8"));
Document document =
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+
+ //first child element must be the dsig:Signature @see SANTUARIO-324:
+ NodeList nodeList = document.getDocumentElement().getChildNodes();
+ for (int i = 0; i < nodeList.getLength(); i++) {
+ Node child = nodeList.item(i);
+ if (child.getNodeType() == Node.ELEMENT_NODE) {
+ Element element = (Element)child;
+ Assert.assertEquals(element.getLocalName(), "Signature");
+ break;
+ }
+ }
// Verify using DOM
verifyUsingDOM(document, cert, properties.getSignatureSecureParts());