You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2016/10/14 09:07:52 UTC
svn commit: r1764840 - in
/santuario/xml-security-java/trunk/src/main/java/org/apache:
jcp/xml/dsig/internal/dom/ xml/security/c14n/ xml/security/encryption/
xml/security/keys/content/x509/ xml/security/keys/keyresolver/
xml/security/keys/keyresolver/i...
Author: coheigea
Date: Fri Oct 14 09:07:51 2016
New Revision: 1764840
URL: http://svn.apache.org/viewvc?rev=1764840&view=rev
Log:
More try-with-resources work
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java
santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/AbstractSerializer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/Serializer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/TransformSerializer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/x509/XMLX509Certificate.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/KeyResolverSpi.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/RetrievalMethodResolver.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/X509CertificateResolver.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/SignedInfo.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/XMLSignatureInput.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/transforms/implementations/TransformXSLT.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java Fri Oct 14 09:07:51 2016
@@ -32,6 +32,7 @@
package org.apache.jcp.xml.dsig.internal.dom;
import java.io.ByteArrayInputStream;
+import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.Provider;
@@ -268,11 +269,10 @@ public final class DOMRetrievalMethod ex
{
DocumentBuilder db = null;
boolean secVal = Utils.secureValidation(context);
- try {
- ApacheData data = (ApacheData)dereference(context);
+ ApacheData data = (ApacheData)dereference(context);
+ try (InputStream is = new ByteArrayInputStream(data.getXMLSignatureInput().getBytes())) {
db = XMLUtils.createDocumentBuilder(false, secVal);
- Document doc = db.parse(new ByteArrayInputStream
- (data.getXMLSignatureInput().getBytes()));
+ Document doc = db.parse(is);
Element kiElem = doc.getDocumentElement();
if (kiElem.getLocalName().equals("X509Data")
&& XMLSignature.XMLNS.equals(kiElem.getNamespaceURI())) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java Fri Oct 14 09:07:51 2016
@@ -25,6 +25,7 @@
package org.apache.jcp.xml.dsig.internal.dom;
import java.io.ByteArrayInputStream;
+import java.io.IOException;
import java.security.cert.*;
import java.util.*;
@@ -189,20 +190,22 @@ public final class DOMX509Data extends B
private X509Certificate unmarshalX509Certificate(Element elem)
throws MarshalException
{
- try {
- ByteArrayInputStream bs = unmarshalBase64Binary(elem);
+ try (ByteArrayInputStream bs = unmarshalBase64Binary(elem)) {
return (X509Certificate)cf.generateCertificate(bs);
} catch (CertificateException e) {
throw new MarshalException("Cannot create X509Certificate", e);
+ } catch (IOException e) {
+ throw new MarshalException("Error closing stream", e);
}
}
private X509CRL unmarshalX509CRL(Element elem) throws MarshalException {
- try {
- ByteArrayInputStream bs = unmarshalBase64Binary(elem);
+ try (ByteArrayInputStream bs = unmarshalBase64Binary(elem)) {
return (X509CRL)cf.generateCRL(bs);
} catch (CRLException e) {
throw new MarshalException("Cannot create X509CRL", e);
+ } catch (IOException e) {
+ throw new MarshalException("Error closing stream", e);
}
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java Fri Oct 14 09:07:51 2016
@@ -252,40 +252,41 @@ public class Canonicalizer {
public byte[] canonicalize(byte[] inputBytes)
throws javax.xml.parsers.ParserConfigurationException,
java.io.IOException, org.xml.sax.SAXException, CanonicalizationException {
- InputStream bais = new ByteArrayInputStream(inputBytes);
- InputSource in = new InputSource(bais);
-
- // needs to validate for ID attribute normalization
- DocumentBuilder db = XMLUtils.createDocumentBuilder(true, secureValidation);
-
- /*
- * for some of the test vectors from the specification,
- * there has to be a validating parser for ID attributes, default
- * attribute values, NMTOKENS, etc.
- * Unfortunately, the test vectors do use different DTDs or
- * even no DTD. So Xerces 1.3.1 fires many warnings about using
- * ErrorHandlers.
- *
- * Text from the spec:
- *
- * The input octet stream MUST contain a well-formed XML document,
- * but the input need not be validated. However, the attribute
- * value normalization and entity reference resolution MUST be
- * performed in accordance with the behaviors of a validating
- * XML processor. As well, nodes for default attributes (declared
- * in the ATTLIST with an AttValue but not specified) are created
- * in each element. Thus, the declarations in the document type
- * declaration are used to help create the canonical form, even
- * though the document type declaration is not retained in the
- * canonical form.
- */
- db.setErrorHandler(new org.apache.xml.security.utils.IgnoreAllErrorHandler());
-
- Document document;
- try {
- document = db.parse(in);
- } finally {
- XMLUtils.repoolDocumentBuilder(db);
+ Document document = null;
+ try (InputStream bais = new ByteArrayInputStream(inputBytes)) {
+ InputSource in = new InputSource(bais);
+
+ // needs to validate for ID attribute normalization
+ DocumentBuilder db = XMLUtils.createDocumentBuilder(true, secureValidation);
+
+ /*
+ * for some of the test vectors from the specification,
+ * there has to be a validating parser for ID attributes, default
+ * attribute values, NMTOKENS, etc.
+ * Unfortunately, the test vectors do use different DTDs or
+ * even no DTD. So Xerces 1.3.1 fires many warnings about using
+ * ErrorHandlers.
+ *
+ * Text from the spec:
+ *
+ * The input octet stream MUST contain a well-formed XML document,
+ * but the input need not be validated. However, the attribute
+ * value normalization and entity reference resolution MUST be
+ * performed in accordance with the behaviors of a validating
+ * XML processor. As well, nodes for default attributes (declared
+ * in the ATTLIST with an AttValue but not specified) are created
+ * in each element. Thus, the declarations in the document type
+ * declaration are used to help create the canonical form, even
+ * though the document type declaration is not retained in the
+ * canonical form.
+ */
+ db.setErrorHandler(new org.apache.xml.security.utils.IgnoreAllErrorHandler());
+
+ try {
+ document = db.parse(in);
+ } finally {
+ XMLUtils.repoolDocumentBuilder(db);
+ }
}
return this.canonicalizeSubtree(document);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java Fri Oct 14 09:07:51 2016
@@ -56,16 +56,17 @@ public abstract class CanonicalizerSpi {
throws javax.xml.parsers.ParserConfigurationException, java.io.IOException,
org.xml.sax.SAXException, CanonicalizationException {
- java.io.InputStream bais = new ByteArrayInputStream(inputBytes);
- InputSource in = new InputSource(bais);
+ Document document = null;
+ try (java.io.InputStream bais = new ByteArrayInputStream(inputBytes)) {
+ InputSource in = new InputSource(bais);
- DocumentBuilder db = XMLUtils.createDocumentBuilder(false, secureValidation);
+ DocumentBuilder db = XMLUtils.createDocumentBuilder(false, secureValidation);
- Document document;
- try {
- document = db.parse(in);
- } finally {
- XMLUtils.repoolDocumentBuilder(db);
+ try {
+ document = db.parse(in);
+ } finally {
+ XMLUtils.repoolDocumentBuilder(db);
+ }
}
return this.engineCanonicalizeSubTree(document);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/AbstractSerializer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/AbstractSerializer.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/AbstractSerializer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/AbstractSerializer.java Fri Oct 14 09:07:51 2016
@@ -174,7 +174,7 @@ public abstract class AbstractSerializer
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
- public abstract Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
+ public abstract Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException;
protected static byte[] createContext(byte[] source, Node ctx) throws XMLEncryptionException {
// Create the context to parse the document against
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java Fri Oct 14 09:07:51 2016
@@ -20,6 +20,7 @@ package org.apache.xml.security.encrypti
import java.io.ByteArrayInputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.io.StringReader;
import javax.xml.parsers.DocumentBuilder;
@@ -44,9 +45,11 @@ public class DocumentSerializer extends
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
- public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException {
+ public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException {
byte[] fragment = createContext(source, ctx);
- return deserialize(ctx, new InputSource(new ByteArrayInputStream(fragment)));
+ try (InputStream is = new ByteArrayInputStream(fragment)) {
+ return deserialize(ctx, new InputSource(is));
+ }
}
/**
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/Serializer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/Serializer.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/Serializer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/Serializer.java Fri Oct 14 09:07:51 2016
@@ -18,6 +18,8 @@
*/
package org.apache.xml.security.encryption;
+import java.io.IOException;
+
import org.apache.xml.security.c14n.Canonicalizer;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -69,5 +71,5 @@ public interface Serializer {
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
- Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException;
+ Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException;
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/TransformSerializer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/TransformSerializer.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/TransformSerializer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/TransformSerializer.java Fri Oct 14 09:07:51 2016
@@ -19,6 +19,8 @@
package org.apache.xml.security.encryption;
import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
import java.io.StringReader;
import javax.xml.XMLConstants;
@@ -46,9 +48,11 @@ public class TransformSerializer extends
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
- public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException {
+ public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException {
byte[] fragment = createContext(source, ctx);
- return deserialize(ctx, new StreamSource(new ByteArrayInputStream(fragment)));
+ try (InputStream is = new ByteArrayInputStream(fragment)) {
+ return deserialize(ctx, new StreamSource(is));
+ }
}
/**
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java Fri Oct 14 09:07:51 2016
@@ -19,6 +19,7 @@
package org.apache.xml.security.encryption;
import java.io.ByteArrayOutputStream;
+import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
@@ -1715,15 +1716,19 @@ public class XMLCipher {
}
Node sourceParent = element.getParentNode();
- Node decryptedNode = serializer.deserialize(octets, sourceParent);
-
- // The de-serialiser returns a node whose children we need to take on.
- if (sourceParent != null && Node.DOCUMENT_NODE == sourceParent.getNodeType()) {
- // If this is a content decryption, this may have problems
- contextDocument.removeChild(contextDocument.getDocumentElement());
- contextDocument.appendChild(decryptedNode);
- } else if (sourceParent != null) {
- sourceParent.replaceChild(decryptedNode, element);
+ try {
+ Node decryptedNode = serializer.deserialize(octets, sourceParent);
+
+ // The de-serialiser returns a node whose children we need to take on.
+ if (sourceParent != null && Node.DOCUMENT_NODE == sourceParent.getNodeType()) {
+ // If this is a content decryption, this may have problems
+ contextDocument.removeChild(contextDocument.getDocumentElement());
+ contextDocument.appendChild(decryptedNode);
+ } else if (sourceParent != null) {
+ sourceParent.replaceChild(decryptedNode, element);
+ }
+ } catch (IOException ex) {
+ throw new XMLEncryptionException(ex);
}
return contextDocument;
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/x509/XMLX509Certificate.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/x509/XMLX509Certificate.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/x509/XMLX509Certificate.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/content/x509/XMLX509Certificate.java Fri Oct 14 09:07:51 2016
@@ -19,6 +19,8 @@
package org.apache.xml.security.keys.content.x509;
import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
@@ -93,15 +95,13 @@ public class XMLX509Certificate extends
* @return the x509 certificate
* @throws XMLSecurityException
*/
- public X509Certificate getX509Certificate() throws XMLSecurityException {
- try {
- byte certbytes[] = this.getCertificateBytes();
+ public X509Certificate getX509Certificate() throws XMLSecurityException, IOException {
+ byte certbytes[] = this.getCertificateBytes();
+ try (InputStream is = new ByteArrayInputStream(certbytes)) {
CertificateFactory certFact =
CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
X509Certificate cert =
- (X509Certificate) certFact.generateCertificate(
- new ByteArrayInputStream(certbytes)
- );
+ (X509Certificate) certFact.generateCertificate(is);
if (cert != null) {
return cert;
@@ -119,7 +119,7 @@ public class XMLX509Certificate extends
* @return the publickey
* @throws XMLSecurityException
*/
- public PublicKey getPublicKey() throws XMLSecurityException {
+ public PublicKey getPublicKey() throws XMLSecurityException, IOException {
X509Certificate cert = this.getX509Certificate();
if (cert != null) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/KeyResolverSpi.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/KeyResolverSpi.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/KeyResolverSpi.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/KeyResolverSpi.java Fri Oct 14 09:07:51 2016
@@ -20,6 +20,7 @@ package org.apache.xml.security.keys.key
import java.io.ByteArrayInputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
@@ -271,9 +272,9 @@ public abstract class KeyResolverSpi {
*/
protected static Element getDocFromBytes(byte[] bytes, boolean secureValidation) throws KeyResolverException {
DocumentBuilder db = null;
- try {
+ try (InputStream is = new ByteArrayInputStream(bytes)) {
db = XMLUtils.createDocumentBuilder(false, secureValidation);
- Document doc = db.parse(new ByteArrayInputStream(bytes));
+ Document doc = db.parse(is);
return doc.getDocumentElement();
} catch (SAXException ex) {
throw new KeyResolverException(ex);
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/RetrievalMethodResolver.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/RetrievalMethodResolver.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/RetrievalMethodResolver.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/RetrievalMethodResolver.java Fri Oct 14 09:07:51 2016
@@ -20,6 +20,7 @@ package org.apache.xml.security.keys.key
import java.io.ByteArrayInputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
@@ -283,9 +284,9 @@ public class RetrievalMethodResolver ext
// if the resource stores a raw certificate, we have to handle it
CertificateFactory certFact =
CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
- X509Certificate cert = (X509Certificate)
- certFact.generateCertificate(new ByteArrayInputStream(inputBytes));
- return cert;
+ try (InputStream is = new ByteArrayInputStream(inputBytes)) {
+ return (X509Certificate) certFact.generateCertificate(is);
+ }
}
/**
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/X509CertificateResolver.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/X509CertificateResolver.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/X509CertificateResolver.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/keys/keyresolver/implementations/X509CertificateResolver.java Fri Oct 14 09:07:51 2016
@@ -18,6 +18,7 @@
*/
package org.apache.xml.security.keys.keyresolver.implementations;
+import java.io.IOException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
@@ -98,9 +99,9 @@ public class X509CertificateResolver ext
}
}
return null;
- } catch (XMLSecurityException ex) {
+ } catch (XMLSecurityException | IOException ex) {
if (log.isDebugEnabled()) {
- log.debug("XMLSecurityException", ex);
+ log.debug("Security Exception", ex);
}
throw new KeyResolverException(ex);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/SignedInfo.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/SignedInfo.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/SignedInfo.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/SignedInfo.java Fri Oct 14 09:07:51 2016
@@ -20,6 +20,7 @@ package org.apache.xml.security.signatur
import java.io.ByteArrayInputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.io.OutputStream;
import javax.crypto.SecretKey;
@@ -213,9 +214,8 @@ public class SignedInfo extends Manifest
byte[] c14nizedBytes = c14nizer.canonicalizeSubtree(element);
javax.xml.parsers.DocumentBuilder db =
XMLUtils.createDocumentBuilder(false, secureValidation);
- try {
- Document newdoc = db.parse(new ByteArrayInputStream(
- c14nizedBytes));
+ try (InputStream is = new ByteArrayInputStream(c14nizedBytes)) {
+ Document newdoc = db.parse(is);
Node imported = element.getOwnerDocument().importNode(
newdoc.getDocumentElement(), true);
element.getParentNode().replaceChild(imported, element);
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/XMLSignatureInput.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/XMLSignatureInput.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/XMLSignatureInput.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/XMLSignatureInput.java Fri Oct 14 09:07:51 2016
@@ -586,8 +586,10 @@ public class XMLSignatureInput {
baos.write("</container>".getBytes("UTF-8"));
byte result[] = baos.toByteArray();
- Document document = db.parse(new ByteArrayInputStream(result));
- this.subNode = document.getDocumentElement().getFirstChild().getFirstChild();
+ try (InputStream is = new ByteArrayInputStream(result)) {
+ Document document = db.parse(is);
+ this.subNode = document.getDocumentElement().getFirstChild().getFirstChild();
+ }
} finally {
XMLUtils.repoolDocumentBuilder(db);
if (this.inputOctetStreamProxy != null) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/transforms/implementations/TransformXSLT.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/transforms/implementations/TransformXSLT.java?rev=1764840&r1=1764839&r2=1764840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/transforms/implementations/TransformXSLT.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/transforms/implementations/TransformXSLT.java Fri Oct 14 09:07:51 2016
@@ -21,6 +21,7 @@ package org.apache.xml.security.transfor
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.io.OutputStream;
import javax.xml.XMLConstants;
@@ -97,8 +98,6 @@ public class TransformXSLT extends Trans
* attempt to convert it to octets (apply Canonical XML]) as described
* in the Reference Processing Model (section 4.3.3.2).
*/
- Source xmlSource =
- new StreamSource(new ByteArrayInputStream(input.getBytes()));
Source stylesheet;
/*
@@ -134,17 +133,20 @@ public class TransformXSLT extends Trans
log.warn("Unable to set Xalan line-separator property: " + e.getMessage());
}
- if (baos == null) {
- ByteArrayOutputStream baos1 = new ByteArrayOutputStream();
- StreamResult outputTarget = new StreamResult(baos1);
+ try (InputStream is = new ByteArrayInputStream(input.getBytes())) {
+ Source xmlSource = new StreamSource(is);
+ if (baos == null) {
+ ByteArrayOutputStream baos1 = new ByteArrayOutputStream();
+ StreamResult outputTarget = new StreamResult(baos1);
+ transformer.transform(xmlSource, outputTarget);
+ XMLSignatureInput output = new XMLSignatureInput(baos1.toByteArray());
+ output.setSecureValidation(secureValidation);
+ return output;
+ }
+ StreamResult outputTarget = new StreamResult(baos);
+
transformer.transform(xmlSource, outputTarget);
- XMLSignatureInput output = new XMLSignatureInput(baos1.toByteArray());
- output.setSecureValidation(secureValidation);
- return output;
}
- StreamResult outputTarget = new StreamResult(baos);
-
- transformer.transform(xmlSource, outputTarget);
XMLSignatureInput output = new XMLSignatureInput((byte[])null);
output.setSecureValidation(secureValidation);
output.setOutputStream(baos);