You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by bl...@apache.org on 2003/05/08 14:10:59 UTC
cvs commit: xml-security/c/src/utils XSECDOMUtils.cpp XSECDOMUtils.hpp XSECSafeBuffer.cpp XSECSafeBuffer.hpp
blautenb 2003/05/08 05:10:59
Modified: c/Projects/VC6.0/xsec/xsec_lib xsec_lib.dsp
c/src/dsig DSIGConstants.cpp DSIGConstants.hpp
DSIGReference.cpp DSIGReference.hpp
DSIGSignature.cpp DSIGSignature.hpp
c/src/framework XSECException.hpp
c/src/tools/checksig checksig.cpp
c/src/tools/siginf siginf.cpp
c/src/tools/xtest xtest.cpp
c/src/transformers TXFMEnvelope.cpp
c/src/utils XSECDOMUtils.cpp XSECDOMUtils.hpp
XSECSafeBuffer.cpp XSECSafeBuffer.hpp
Added: c/src/dsig DSIGTransformXPathFilter.cpp
DSIGTransformXPathFilter.hpp
DSIGXPathFilterExpr.cpp DSIGXPathFilterExpr.hpp
c/src/transformers TXFMXPathFilter.cpp TXFMXPathFilter.hpp
Log:
Support for XPath-Filter2 transform
Revision Changes Path
1.11 +24 -0 xml-security/c/Projects/VC6.0/xsec/xsec_lib/xsec_lib.dsp
Index: xsec_lib.dsp
===================================================================
RCS file: /home/cvs/xml-security/c/Projects/VC6.0/xsec/xsec_lib/xsec_lib.dsp,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- xsec_lib.dsp 7 May 2003 11:31:23 -0000 1.10
+++ xsec_lib.dsp 8 May 2003 12:10:58 -0000 1.11
@@ -294,6 +294,14 @@
# End Source File
# Begin Source File
+SOURCE=..\..\..\..\src\dsig\DSIGTransformXPathFilter.cpp
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\..\src\dsig\DSIGTransformXPathFilter.hpp
+# End Source File
+# Begin Source File
+
SOURCE=..\..\..\..\src\dsig\DSIGTransformXSL.cpp
# End Source File
# Begin Source File
@@ -302,6 +310,14 @@
# End Source File
# Begin Source File
+SOURCE=..\..\..\..\src\dsig\DSIGXPathFilterExpr.cpp
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\..\src\dsig\DSIGXPathFilterExpr.hpp
+# End Source File
+# Begin Source File
+
SOURCE=..\..\..\..\src\dsig\DSIGXPathHere.cpp
# End Source File
# Begin Source File
@@ -820,5 +836,13 @@
SOURCE=..\..\..\..\src\framework\version.rc
# End Source File
# End Group
+# Begin Source File
+
+SOURCE=..\..\..\..\src\transformers\TXFMXPathFilter.cpp
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\..\src\transformers\TXFMXPathFilter.hpp
+# End Source File
# End Target
# End Project
1.6 +5 -1 xml-security/c/src/dsig/DSIGConstants.cpp
Index: DSIGConstants.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- DSIGConstants.cpp 30 Apr 2003 11:41:14 -0000 1.5
+++ DSIGConstants.cpp 8 May 2003 12:10:58 -0000 1.6
@@ -81,6 +81,7 @@
static XMLCh * s_unicodeStrURIDSIG;
static XMLCh * s_unicodeStrURIEC;
+static XMLCh * s_unicodeStrURIXPF;
static XMLCh * s_unicodeStrURISHA1;
static XMLCh * s_unicodeStrURIMD5;
static XMLCh * s_unicodeStrURIBASE64;
@@ -112,6 +113,7 @@
const XMLCh * const & DSIGConstants::s_unicodeStrURIDSIG = ::s_unicodeStrURIDSIG;
const XMLCh * const & DSIGConstants::s_unicodeStrURIEC = ::s_unicodeStrURIEC;
+const XMLCh * const & DSIGConstants::s_unicodeStrURIXPF = ::s_unicodeStrURIXPF;
const XMLCh * const & DSIGConstants::s_unicodeStrURISHA1 = ::s_unicodeStrURISHA1;
const XMLCh * const & DSIGConstants::s_unicodeStrURIMD5 = ::s_unicodeStrURIMD5;
const XMLCh * const & DSIGConstants::s_unicodeStrURIBASE64 = ::s_unicodeStrURIBASE64;
@@ -148,6 +150,7 @@
::s_unicodeStrURIDSIG = XMLString::transcode(URI_ID_DSIG);
::s_unicodeStrURIEC = XMLString::transcode(URI_ID_EC);
+ ::s_unicodeStrURIXPF = XMLString::transcode(URI_ID_XPF);
::s_unicodeStrURISHA1 = XMLString::transcode(URI_ID_SHA1);
::s_unicodeStrURIMD5 = XMLString::transcode(URI_ID_MD5);
::s_unicodeStrURIBASE64 = XMLString::transcode(URI_ID_BASE64);
@@ -180,6 +183,7 @@
delete[] ::s_unicodeStrURIDSIG;
delete[] ::s_unicodeStrURIEC;
+ delete[] ::s_unicodeStrURIXPF;
delete[] ::s_unicodeStrURISHA1;
delete[] ::s_unicodeStrURIMD5;
delete[] ::s_unicodeStrURIBASE64;
1.9 +16 -2 xml-security/c/src/dsig/DSIGConstants.hpp
Index: DSIGConstants.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.hpp,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- DSIGConstants.hpp 30 Apr 2003 11:41:14 -0000 1.8
+++ DSIGConstants.hpp 8 May 2003 12:10:58 -0000 1.9
@@ -82,6 +82,8 @@
#define URI_ID_DSIG "http://www.w3.org/2000/09/xmldsig#"
#define URI_ID_EC "http://www.w3.org/2001/10/xml-exc-c14n#"
+// Also used as algorithm ID for XPATH_FILTER
+#define URI_ID_XPF "http://www.w3.org/2002/06/xmldsig-filter2"
// Hashing Algorithms
@@ -159,10 +161,20 @@
TRANSFORM_EXC_C14N,
TRANSFORM_ENVELOPED_SIGNATURE,
TRANSFORM_XPATH,
- TRANSFORM_XSLT
+ TRANSFORM_XSLT,
+ TRANSFORM_XPATH_FILTER
};
+enum xpathFilterType {
+
+ FILTER_UNION = 0, /** Results should be added to previous nodeset */
+ FILTER_INTERSECT = 1, /** Results should be included if in prev nodeset */
+ FILTER_SUBTRACT = 2 /** Results should be subtracted from prev nodeset */
+
+};
+
+
// --------------------------------------------------------------------------------
// Some utility functions
// --------------------------------------------------------------------------------
@@ -292,6 +304,8 @@
// URI_IDs
static const XMLCh * const & s_unicodeStrURIDSIG;
static const XMLCh * const & s_unicodeStrURIEC;
+ static const XMLCh * const & s_unicodeStrURIXPF;
+
static const XMLCh * const & s_unicodeStrURISHA1;
static const XMLCh * const & s_unicodeStrURIMD5; // Not recommended
static const XMLCh * const & s_unicodeStrURIBASE64;
1.9 +28 -1 xml-security/c/src/dsig/DSIGReference.cpp
Index: DSIGReference.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGReference.cpp,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- DSIGReference.cpp 30 Mar 2003 06:57:12 -0000 1.8
+++ DSIGReference.cpp 8 May 2003 12:10:58 -0000 1.9
@@ -89,6 +89,7 @@
#include <xsec/dsig/DSIGTransformBase64.hpp>
#include <xsec/dsig/DSIGTransformEnvelope.hpp>
#include <xsec/dsig/DSIGTransformXPath.hpp>
+#include <xsec/dsig/DSIGTransformXPathFilter.hpp>
#include <xsec/dsig/DSIGTransformXSL.hpp>
#include <xsec/dsig/DSIGTransformC14n.hpp>
@@ -317,6 +318,22 @@
return txfm;
}
+DSIGTransformXPathFilter * DSIGReference::appendXPathFilterTransform(void) {
+
+ DOMElement *txfmElt;
+ DSIGTransformXPathFilter * txfm;
+
+ XSECnew(txfm, DSIGTransformXPathFilter(mp_parentSignature));
+ txfmElt = txfm->createBlankTransform(mp_parentSignature->getParentDocument());
+
+ addTransform(txfm, txfmElt);
+ txfmElt->appendChild(mp_parentSignature->getParentDocument()->createTextNode(DSIGConstants::s_unicodeStrNL));
+
+ return txfm;
+}
+
+
+
// --------------------------------------------------------------------------------
// Creation of blanks
// --------------------------------------------------------------------------------
@@ -1061,6 +1078,16 @@
XSECnew(x, DSIGTransformXPath(sig, transforms));
lst->addTransform(x);
x->load();
+ }
+
+ else if (algorithm.sbStrcmp(URI_ID_XPF) == 0) {
+
+ DSIGTransformXPathFilter * xpf;
+
+ XSECnew(xpf, DSIGTransformXPathFilter(sig, transforms));
+ lst->addTransform(xpf);
+ xpf->load();
+
}
else if (algorithm.sbStrcmp(URI_ID_ENVELOPE) == 0) {
1.6 +13 -0 xml-security/c/src/dsig/DSIGReference.hpp
Index: DSIGReference.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGReference.hpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- DSIGReference.hpp 22 Apr 2003 22:35:17 -0000 1.5
+++ DSIGReference.hpp 8 May 2003 12:10:58 -0000 1.6
@@ -89,6 +89,7 @@
class DSIGTransformC14n;
class DSIGTransformEnvelope;
class DSIGTransformXPath;
+class DSIGTransformXPathFilter;
class DSIGTransformXSL;
class DSIGSignature;
@@ -230,6 +231,18 @@
DSIGTransformXPath * appendXPathTransform(char * expr);
+ /**
+ * \brief Append an XPath-Filter2 Transform to the Reference.
+ *
+ * The returned DSIGTransformXPathFilter will have no actual filter
+ * expressions loaded, but calls can be made to
+ * DSIGTransformXPathFilter::appendTransform to add them.
+ *
+ * @returns The newly created XPath Filter transform
+ */
+
+ DSIGTransformXPathFilter * appendXPathFilterTransform(void);
+
/**
* \brief Append an XSLT Transform to the Reference.
*
1.12 +22 -1 xml-security/c/src/dsig/DSIGSignature.cpp
Index: DSIGSignature.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGSignature.cpp,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- DSIGSignature.cpp 30 Apr 2003 11:41:14 -0000 1.11
+++ DSIGSignature.cpp 8 May 2003 12:10:58 -0000 1.12
@@ -376,6 +376,7 @@
mp_signingKey = NULL;
mp_prefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
mp_ecPrefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
+ mp_xpfPrefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
mp_URIResolver = NULL;
mp_KeyInfoResolver = NULL;
mp_KeyInfoNode = NULL;
@@ -398,6 +399,7 @@
mp_signingKey = NULL;
mp_prefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
mp_ecPrefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
+ mp_xpfPrefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
mp_URIResolver = NULL;
mp_KeyInfoResolver = NULL;
mp_KeyInfoNode = NULL;
@@ -439,6 +441,16 @@
mp_prefixNS = NULL;
}
+ if (mp_ecPrefixNS != NULL) {
+ delete mp_ecPrefixNS;
+ mp_ecPrefixNS = NULL;
+ }
+
+ if (mp_xpfPrefixNS != NULL) {
+ delete mp_xpfPrefixNS;
+ mp_xpfPrefixNS = NULL;
+ }
+
if (mp_KeyInfoResolver != NULL) {
delete mp_KeyInfoResolver;
mp_KeyInfoResolver = NULL;
@@ -477,6 +489,15 @@
delete[] mp_ecPrefixNS;
mp_ecPrefixNS = XMLString::replicate(prefix);
+
+}
+
+void DSIGSignature::setXPFNSPrefix(const XMLCh * prefix) {
+
+ if (mp_xpfPrefixNS != NULL)
+ delete[] mp_xpfPrefixNS;
+
+ mp_xpfPrefixNS = XMLString::replicate(prefix);
}
1.8 +29 -1 xml-security/c/src/dsig/DSIGSignature.hpp
Index: DSIGSignature.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGSignature.hpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- DSIGSignature.hpp 30 Apr 2003 11:41:14 -0000 1.7
+++ DSIGSignature.hpp 8 May 2003 12:10:58 -0000 1.8
@@ -276,6 +276,24 @@
void setECNSPrefix(const XMLCh * prefix);
/**
+ * \brief Set the prefix be used for the XPath-Filter2 namespace.
+ *
+ * The XPathFilter definition uses its own namespace. This
+ * method can be used to set the prefix that the library will use
+ * when creating elements in this namespace
+ *
+ * <p>xmlns:ds="http://www.w3.org/2002/06/xmldsig-filter2"</p>
+ *
+ * If no prefix is set, the default namespace will be used
+ *
+ * @see #createBlankSignature
+ * @param prefix The UTF-16 encoided NS prefix to use for the XPath
+ * filter nodes
+ */
+
+ void setXPFNSPrefix(const XMLCh * prefix);
+
+ /**
* \brief Create a <Signature> DOM structure.
*
* <p>The DOM structure created is still divorced from the document. The callee
@@ -409,6 +427,15 @@
const XMLCh * getECNSPrefix() {return mp_ecPrefixNS;}
/**
+ * \brief Get the NS being used for XPath Filter2 nodes
+ *
+ * @returns A pointer to the buffer holding the prefix
+ * @see #setXPFNSPrefix
+ */
+
+ const XMLCh * getXPFNSPrefix() {return mp_xpfPrefixNS;}
+
+ /**
* \brief
*
* Get the DOM_Document that this Signature is operating within.
@@ -621,6 +648,7 @@
// For creating functions
XMLCh * mp_prefixNS;
XMLCh * mp_ecPrefixNS;
+ XMLCh * mp_xpfPrefixNS;
// The signing/verifying key
XSECCryptoKey * mp_signingKey;
1.1 xml-security/c/src/dsig/DSIGTransformXPathFilter.cpp
Index: DSIGTransformXPathFilter.cpp
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "<WebSig>" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 2001, Institute for
* Data Communications Systems, <http://www.nue.et-inf.uni-siegen.de/>.
* The development of this software was partly funded by the European
* Commission in the <WebSig> project in the ISIS Programme.
* For more information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
/*
* XSEC
*
* DSIGTransformXPathFilter := Class that performs XPath Filter
* transforms
*
* Author(s): Berin Lautenbach
*
* $Id: DSIGTransformXPathFilter.cpp,v 1.1 2003/05/08 12:10:58 blautenb Exp $
*
*/
#include <xsec/dsig/DSIGTransformXPathFilter.hpp>
#include <xsec/dsig/DSIGXPathFilterExpr.hpp>
#include <xsec/dsig/DSIGSignature.hpp>
#include <xsec/framework/XSECError.hpp>
#include <xsec/transformers/TXFMXPathFilter.hpp>
#include <xsec/transformers/TXFMChain.hpp>
#include <xercesc/DOM/DOMNode.hpp>
XSEC_USING_XERCES(DOMNode);
// --------------------------------------------------------------------------------
// Construct/Destruct
// --------------------------------------------------------------------------------
DSIGTransformXPathFilter::DSIGTransformXPathFilter(DSIGSignature *sig, DOMNode * node) :
DSIGTransform(sig, node),
m_loaded(false) {
}
DSIGTransformXPathFilter::DSIGTransformXPathFilter(DSIGSignature *sig) :
DSIGTransform(sig),
m_loaded(false) {
}
DSIGTransformXPathFilter::~DSIGTransformXPathFilter() {
exprVectorType::iterator i;
for (i = m_exprs.begin(); i < m_exprs.end(); ++i) {
delete (*i);
}
}
transformType DSIGTransformXPathFilter::getTransformType() {
return TRANSFORM_XPATH_FILTER;
}
void DSIGTransformXPathFilter::appendTransformer(TXFMChain * input) {
if (m_loaded == false) {
throw XSECException(XSECException::XPathFilterError,
"DSIGTransformXPathFilter::appendTransform - load not yet called");
}
#ifdef XSEC_NO_XPATH
throw XSECException(XSECException::UnsupportedFunction,
"XPath transforms are not supported in this compilation of the XSEC library");
#else
TXFMXPathFilter *xpf;
// XPath transform
XSECnew(xpf, TXFMXPathFilter(mp_txfmNode->getOwnerDocument()));
input->appendTxfm(xpf);
// These can throw, but the TXFMXPathFilter is now owned by the chain, so will
// be cleaned up down the calling stack.
xpf->evaluateExprs(&m_exprs);
#endif /* NO_XPATH */
}
// --------------------------------------------------------------------------------
// Create a blank transform
// --------------------------------------------------------------------------------
DOMElement * DSIGTransformXPathFilter::createBlankTransform(DOMDocument * parentDoc) {
safeBuffer str;
const XMLCh * prefix;
DOMElement *ret;
DOMDocument *doc = mp_parentSignature->getParentDocument();
prefix = mp_parentSignature->getDSIGNSPrefix();
// Create the transform node
makeQName(str, prefix, "Transform");
ret = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
ret->setAttribute(DSIGConstants::s_unicodeStrAlgorithm, DSIGConstants::s_unicodeStrURIXPF);
mp_txfmNode = ret;
m_loaded = true;
return ret;
}
DSIGXPathFilterExpr * DSIGTransformXPathFilter::appendFilter(xpathFilterType filterType,
const XMLCh * filterExpr) {
DSIGXPathFilterExpr * e;
XSECnew(e, DSIGXPathFilterExpr(mp_parentSignature));
DOMNode * elt = e->setFilter(filterType, filterExpr);
m_exprs.push_back(e);
mp_txfmNode->appendChild(elt);
mp_txfmNode->appendChild(mp_parentSignature->getParentDocument()->createTextNode(DSIGConstants::s_unicodeStrNL));
return e;
}
// --------------------------------------------------------------------------------
// Load from XML
// --------------------------------------------------------------------------------
void DSIGTransformXPathFilter::load(void) {
if (mp_txfmNode == NULL) {
throw XSECException(XSECException::XPathFilterError,
"DSIGTransformXPathFilter::load called on NULL node");
}
// Very simple - go through each child. If it's an XPath child
// Create the DSIGXPathFilterExpr object
DOMNode * n = mp_txfmNode->getFirstChild();
while (n != NULL) {
if (n->getNodeType() == DOMNode::ELEMENT_NODE &&
strEquals(getXPFLocalName(n), "XPath")) {
DSIGXPathFilterExpr * xpf;
XSECnew(xpf, DSIGXPathFilterExpr(mp_parentSignature, n));
// Add it to the vector prior to load to ensure deleted if
// anything throws an exception
m_exprs.push_back(xpf);
xpf->load();
}
n = n->getNextSibling();
}
m_loaded = true;
}
// --------------------------------------------------------------------------------
// Retrieve expression information
// --------------------------------------------------------------------------------
unsigned int DSIGTransformXPathFilter::getExprNum(void) {
return m_exprs.size();
}
DSIGXPathFilterExpr * DSIGTransformXPathFilter::expr(unsigned int n) {
if (n > m_exprs.size())
return NULL;
return m_exprs[n];
}
1.1 xml-security/c/src/dsig/DSIGTransformXPathFilter.hpp
Index: DSIGTransformXPathFilter.hpp
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "<WebSig>" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 2001, Institute for
* Data Communications Systems, <http://www.nue.et-inf.uni-siegen.de/>.
* The development of this software was partly funded by the European
* Commission in the <WebSig> project in the ISIS Programme.
* For more information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
/*
* XSEC
*
* DSIGTransformXPathFilter := Class that performs XPath Filter
* transforms
*
* Author(s): Berin Lautenbach
*
* $Id: DSIGTransformXPathFilter.hpp,v 1.1 2003/05/08 12:10:58 blautenb Exp $
*
*/
#ifndef DSIGTRANSFORMXPATHFILTER_INCLUDE
#define DSIGTRANSFORMXPATHFILTER_INCLUDE
#include <xsec/dsig/DSIGTransform.hpp>
#include <xsec/utils/XSECSafeBuffer.hpp>
XSEC_DECLARE_XERCES_CLASS(DOMNamedNodeMap);
XSEC_DECLARE_XERCES_CLASS(DOMNode);
#include <vector>
class DSIGXPathFilterExpr;
/**
* @ingroup pubsig
* @{
*/
/**
* @brief Transform holder for XPath Filter transforms.
*
* The DSIGTransformXPath class is used to hold XPath <Transform> elements
* within a document.
*
* @see TXFMXPath
* @see DSIGTransform
*
*/
class DSIG_EXPORT DSIGTransformXPathFilter : public DSIGTransform {
public:
/**
* \brief Vector used to pass the actual expressions into the transformer
*/
typedef std::vector<DSIGXPathFilterExpr *> exprVectorType;
/** @name Constructors and Destructors */
//@{
/**
* \brief Contructor used for existing XML signatures.
*
* The Node structure already exists, so read the nodes in.
*
* @param sig The Signature structure in which this transform exists.
* @param node The DOM node (within doc) that is to be used as the base of the Transform.
* @see #load
*/
DSIGTransformXPathFilter(DSIGSignature *sig, DOMNode * node);
/**
* \brief Contructor used for new signatures.
*
* The Node structure will have to be created.
*
* @note DSIGTransform structures should only ever be created via calls to a
* DSIGTransformList object.
*
* @param sig The Signature structure in which this transform exists.
* @see createBlankTransform
*/
DSIGTransformXPathFilter(DSIGSignature *sig);
/**
* \brief Destructor.
*
* Destroy the DSIGSignature elements.
*
* Does not destroy any associated DOM Nodes
*/
virtual ~DSIGTransformXPathFilter();
//@}
/** @name Interface Methods */
//@{
/**
* \brief Determine the transform type.
*
* Used to determine what the type of the transform is.
*
*/
virtual transformType getTransformType();
/**
* \brief Create the XPath Filter Transformer class.
*
* Create the transformer associated with this XPath transform.
* Will set the expression and Namespaces as appropriate
*
* @returns The TXFMXPath transformer associated with this Transform
*/
virtual void appendTransformer(TXFMChain * input);
/**
* \brief Construct blank XPath Transform element.
*
* Instruct the implementation to create the required
* transform and return the newly constructed DOMNode structure
*/
virtual DOMElement * createBlankTransform(DOMDocument * parentDoc);
/**
* \brief Load a DOM structure
*
* Load the expression and Namespaces.
*
*/
virtual void load(void);
//@}
/** @name XPathFilter specific methods */
//@{
/**
* \brief Append a new filter to the transform
*
* Appends the indicated filter (of given type) to the list of
* filters in the transform.
*
* @param filterType The type of this filter
* @param filterExpr The XPath expression to use
* @returns The filter expression
*/
DSIGXPathFilterExpr * appendFilter(xpathFilterType filterType,
const XMLCh * filterExpr);
/**
* \brief Retrieve number of expressions
*
* Allows callers to determine how many expressions there are in
* this filter
*
* @returns The number of expressions
*/
unsigned int getExprNum(void);
/**
* \brief Get expression.
*
* Allows the caller to retrieve the specified expression from the
* XPath Filter object
*
* @param n The index of the expression to retrieve
* @returns The indicated expression
*/
DSIGXPathFilterExpr * expr(unsigned int n);
//@}
private:
DSIGTransformXPathFilter();
DSIGTransformXPathFilter(const DSIGTransformXPathFilter & theOther);
bool m_loaded;
// The expressions
exprVectorType m_exprs;
};
#endif /* DSIGTRANSFORMXPATHFILTER_INCLUDE */
1.1 xml-security/c/src/dsig/DSIGXPathFilterExpr.cpp
Index: DSIGXPathFilterExpr.cpp
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "<WebSig>" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 2001, Institute for
* Data Communications Systems, <http://www.nue.et-inf.uni-siegen.de/>.
* The development of this software was partly funded by the European
* Commission in the <WebSig> project in the ISIS Programme.
* For more information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
/*
* XSEC
*
* DSIGXPathFilterExpr := Class that holds an XPath Filter expression
*
* Author(s): Berin Lautenbach
*
* $Id: DSIGXPathFilterExpr.cpp,v 1.1 2003/05/08 12:10:58 blautenb Exp $
*
*/
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/dsig/DSIGXPathFilterExpr.hpp>
#include <xsec/dsig/DSIGSignature.hpp>
#include <xsec/framework/XSECException.hpp>
#include <xercesc/DOM/DOMNode.hpp>
#include <xercesc/DOM/DOMNamedNodeMap.hpp>
#include <xercesc/util/XMLUniDefs.hpp>
XSEC_USING_XERCES(DOMNamedNodeMap);
XSEC_USING_XERCES(DOMNode);
XSEC_USING_XERCES(DOMAttr);
XMLCh filterStr[] = {
XERCES_CPP_NAMESPACE :: chLatin_F,
XERCES_CPP_NAMESPACE :: chLatin_i,
XERCES_CPP_NAMESPACE :: chLatin_l,
XERCES_CPP_NAMESPACE :: chLatin_t,
XERCES_CPP_NAMESPACE :: chLatin_e,
XERCES_CPP_NAMESPACE :: chLatin_r,
XERCES_CPP_NAMESPACE :: chNull
};
// --------------------------------------------------------------------------------
// Constructors and Destructors
// --------------------------------------------------------------------------------
DSIGXPathFilterExpr::DSIGXPathFilterExpr(DSIGSignature * sig, DOMNode * node) :
mp_sig(sig),
mp_xpathFilterNode(node),
mp_NSMap(NULL) {
}
DSIGXPathFilterExpr::DSIGXPathFilterExpr(DSIGSignature * sig) :
mp_sig(sig),
mp_xpathFilterNode(NULL),
mp_NSMap(NULL) {
}
DSIGXPathFilterExpr::~DSIGXPathFilterExpr() {
// Nothing to do at the moment
}
// --------------------------------------------------------------------------------
// Load existing DOM structure
// --------------------------------------------------------------------------------
void DSIGXPathFilterExpr::load(void) {
// Find the XPath expression
if (mp_xpathFilterNode == NULL ||
!strEquals(getXPFLocalName(mp_xpathFilterNode), "XPath")) {
throw XSECException(XSECException::ExpectedDSIGChildNotFound,
"Expected <XPath> as first node in DSIGXPathFilterExpr::load");
}
// Check for attributes - in particular any namespaces
mp_NSMap = mp_xpathFilterNode->getAttributes();
// Find the filter type
DOMNode * a;
if (mp_NSMap == NULL ||
((a = mp_NSMap->getNamedItem(filterStr)) == NULL)) {
throw XSECException(XSECException::ExpectedDSIGChildNotFound,
"Expected Filter attribute of <XPath> node in in DSIGXPathFilterExpr::load");
}
const XMLCh * f = a->getNodeValue();
if (strEquals(f, "intersect")) {
m_filterType = FILTER_INTERSECT;
}
else if (strEquals(f, "union")) {
m_filterType = FILTER_UNION;
}
else if (strEquals(f, "subtract")) {
m_filterType = FILTER_SUBTRACT;
}
else {
throw XSECException(XSECException::ExpectedDSIGChildNotFound,
"DSIGXPathFilterExpr::load Expected on of intersect, union or subtract as filter type");
}
// Find the text node
mp_exprTextNode = findFirstChildOfType(mp_xpathFilterNode, DOMNode::TEXT_NODE);
if (mp_exprTextNode == NULL) {
throw XSECException(XSECException::ExpectedDSIGChildNotFound,
"Expected Text Node in beneath <XPath> in DSIGXPathFilterExpr::load");
}
// Gather the text - hold it in UTF16 format
gatherChildrenText(mp_xpathFilterNode, m_expr);
m_loaded = true;
}
// --------------------------------------------------------------------------------
// Create a new filter
// --------------------------------------------------------------------------------
DOMElement * DSIGXPathFilterExpr::setFilter(xpathFilterType filterType,
const XMLCh * filterExpr) {
if (m_loaded == true) {
throw XSECException(XSECException::XPathFilterError,
"DSIGXPathFilterExpr::setFilter - called when already loaded");
}
safeBuffer str;
const XMLCh * prefix;
DOMDocument *doc = mp_sig->getParentDocument();
DOMElement * xe;
// Create the XPath element
prefix = mp_sig->getXPFNSPrefix();
makeQName(str, prefix, "XPath");
xe = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
mp_xpathFilterNode = xe;
// Put in correct namespace
prefix = mp_sig->getXPFNSPrefix();
// Set the namespace attribute
if (prefix[0] == '\0') {
str.sbTranscodeIn("xmlns");
}
else {
str.sbTranscodeIn("xmlns:");
str.sbXMLChCat(prefix);
}
xe->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS,
str.rawXMLChBuffer(),
DSIGConstants::s_unicodeStrURIXPF);
// Set the filter type
m_filterType = filterType;
switch (filterType) {
case FILTER_INTERSECT :
xe->setAttribute(MAKE_UNICODE_STRING("Filter"), MAKE_UNICODE_STRING("intersect"));
break;
case FILTER_SUBTRACT :
xe->setAttribute(MAKE_UNICODE_STRING("Filter"), MAKE_UNICODE_STRING("subtract"));
break;
case FILTER_UNION :
xe->setAttribute(MAKE_UNICODE_STRING("Filter"), MAKE_UNICODE_STRING("union"));
break;
default :
mp_xpathFilterNode->release();
throw XSECException(XSECException::XPathFilterError,
"DSIGXPathFilterExpr::appendFilter - Unexpected Filter Type");
}
// Now add the actual filter
mp_exprTextNode = doc->createTextNode(filterExpr);
mp_xpathFilterNode->appendChild(mp_exprTextNode);
mp_NSMap = mp_xpathFilterNode->getAttributes();
m_expr.sbXMLChIn(filterExpr);
m_loaded = true;
return xe;
}
// --------------------------------------------------------------------------------
// Find the type
// --------------------------------------------------------------------------------
xpathFilterType DSIGXPathFilterExpr::getFilterType(void) {
if (m_loaded == false) {
throw XSECException(XSECException::LoadEmptyXPathFilter,
"DSIGXPathFilterExpr::Element node loaded");
}
return m_filterType;
}
// --------------------------------------------------------------------------------
// Set and clear namespaces
// --------------------------------------------------------------------------------
void DSIGXPathFilterExpr::setNamespace(const XMLCh * prefix, const XMLCh * value) {
if (mp_xpathFilterNode == NULL) {
throw XSECException(XSECException::XPathFilterError,
"DSIGXPathFilterExpr::setNamespace - load not called");
}
safeBuffer str;
str.sbTranscodeIn("xmlns:");
str.sbXMLChCat(prefix);
DOMElement *x;
x = static_cast <DOMElement *> (mp_xpathFilterNode);
x->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS,
str.rawXMLChBuffer(),
value);
mp_NSMap = mp_xpathFilterNode->getAttributes();
}
void DSIGXPathFilterExpr::deleteNamespace(const XMLCh * prefix) {
if (mp_xpathFilterNode == NULL) {
throw XSECException(XSECException::XPathFilterError,
"DSIGXPathFilterExpr::deleteNamespace - load not called");
}
DOMElement *x;
x = static_cast <DOMElement *> (mp_xpathFilterNode);
x->removeAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS,
prefix);
}
/**
* \brief Add a new namespace to the list to be used
*
* Add a new namespace to the XPath Element.
*
* @param prefix NCName of the Namespace to set
* @param value The string with the URI to set
*/
// void setNamespace(const char * prefix, const char * value);
/**
* \brief Get the list of namespaces.
*
* Returns the DOMNamedNodeMap of the attributes of the XPath transform
* node. This <em>should</em> only contain namespaces.
*
* @returns A pointer to the NamedNodeMap
*/
// DOMNamedNodeMap * getNamespaces(void) {
// return mp_NSMap;
// }
/**
* \brief Delete a namespace to the list to be used
*
* Delete a namespace from the XPath Element.
*
* @param prefix NCName of the Namespace to delete
* @throws XSECException if the NCName does not exist
*
*/
// void deleteNamespace(const char * prefix);
//@}
1.1 xml-security/c/src/dsig/DSIGXPathFilterExpr.hpp
Index: DSIGXPathFilterExpr.hpp
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "<WebSig>" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 2001, Institute for
* Data Communications Systems, <http://www.nue.et-inf.uni-siegen.de/>.
* The development of this software was partly funded by the European
* Commission in the <WebSig> project in the ISIS Programme.
* For more information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
/*
* XSEC
*
* DSIGXPathFilterExpr := Class that holds an XPath Filter expression
*
* Author(s): Berin Lautenbach
*
* $Id: DSIGXPathFilterExpr.hpp,v 1.1 2003/05/08 12:10:58 blautenb Exp $
*
*/
#ifndef DSIGXPATHFILTEREXPR_INCLUDE
#define DSIGXPATHFILTEREXPR_INCLUDE
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/dsig/DSIGConstants.hpp>
#include <xsec/utils/XSECSafeBuffer.hpp>
XSEC_DECLARE_XERCES_CLASS(DOMNamedNodeMap);
XSEC_DECLARE_XERCES_CLASS(DOMNode);
XSEC_DECLARE_XERCES_CLASS(DOMElement);
class DSIGSignature;
/**
* @ingroup pubsig
* @{
*/
/**
* @brief Class used to hold (and manipulate) individual expressions
* in an XPathFilter transform
*
* @see TXFMXPathFilter
* @see DSIGTransformXpathFilter
*
*/
class DSIG_EXPORT DSIGXPathFilterExpr {
public:
/**
* \brief Constructor used for existing XML signatures
*
* Node already exists and is part of an existing XPathFilter tree
*
* @param sig The owning signature
* @param node The node that will be used to read the expression in
*/
DSIGXPathFilterExpr(DSIGSignature * sig, DOMNode * node);
/**
* \brief Builder constructor
*
* Used to create the DOM structure and DSIGSignature elements
*
* @param sig The owning signature
*/
DSIGXPathFilterExpr(DSIGSignature * sig);
/**
* \brief Destructor.
*
* Destroy the DSIGSignature elements.
*
* Does not destroy any associated DOM Nodes
*/
~DSIGXPathFilterExpr();
//@}
/** @name Set and get Information */
//@{
/**
* \brief Read in existing structure
*
* Reads DOM structure of the XPath expression
*/
void load(void);
/**
* \brief Get the filter type
*
* Returns the type of this particular XPath filter
*
* @returns The filter type of this expression
*/
xpathFilterType getFilterType(void);
/**
* \brief create from blank
*
* Given the filter type and XPath expression, setup the
* DOMNodes and variables to allow signing and validation
*
* @param filterType Type of this filter to add
* @param filterExpr The XPath expression
*/
DOMElement * setFilter(xpathFilterType filterType,
const XMLCh * filterExpr);
/**
* \brief Get the filter expression
*
* Returns an XMLCh string containing the filter expression
*
* @returns The filter expression
*/
const XMLCh * getFilter(void) {return m_expr.rawXMLChBuffer();}
/**
* \brief Add a new namespace to the list to be used
*
* Add a new namespace to the XPath Element.
*
* @param prefix NCName of the Namespace to set
* @param value The string with the URI to set
*/
void setNamespace(const XMLCh * prefix, const XMLCh * value);
/**
* \brief Get the list of namespaces.
*
* Returns the DOMNamedNodeMap of the attributes of the XPath transform
* node.
*
* @note This will also contain the Filter attribute
*
* @returns A pointer to the NamedNodeMap
*/
DOMNamedNodeMap * getNamespaces(void) {
return mp_NSMap;
}
/**
* \brief Delete a namespace to the list to be used
*
* Delete a namespace from the XPath Element.
*
* @param prefix NCName of the Namespace to delete
* @throws XSECException if the NCName does not exist
*
*/
void deleteNamespace(const XMLCh * prefix);
//@}
private:
// Just let the TXFM read directly
friend class TXFMXPathFilter;
DSIGXPathFilterExpr();
DSIGXPathFilterExpr(const DSIGXPathFilterExpr& theOther);
DSIGSignature * mp_sig;
DOMNode * mp_xpathFilterNode;
DOMNode * mp_exprTextNode;
DOMNamedNodeMap * mp_NSMap;
safeBuffer m_expr;
xpathFilterType m_filterType;
bool m_loaded;
};
#endif /* DSIGXPATHFILTEREXPR_INCLUDE */
1.6 +4 -2 xml-security/c/src/framework/XSECException.hpp
Index: XSECException.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/framework/XSECException.hpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- XSECException.hpp 2 Mar 2003 08:21:02 -0000 1.5
+++ XSECException.hpp 8 May 2003 12:10:58 -0000 1.6
@@ -140,7 +140,9 @@
TransformError = 36,
SafeBufferError = 37,
HTTPURIInputStreamError = 38,
- UnknownError = 39 // Must be last!
+ LoadEmptyXPathFilter = 39,
+ XPathFilterError = 40,
+ UnknownError = 41 // Must be last!
};
1.16 +11 -3 xml-security/c/src/tools/checksig/checksig.cpp
Index: checksig.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/tools/checksig/checksig.cpp,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- checksig.cpp 23 Apr 2003 07:31:40 -0000 1.15
+++ checksig.cpp 8 May 2003 12:10:58 -0000 1.16
@@ -577,7 +577,7 @@
CryptReleaseContext(win32RSACSP, 0);
}
#endif
- prov.releaseSignature(sig);
+ //prov.releaseSignature(sig);
// Janitor will clean up the parser
return retResult;
@@ -634,7 +634,15 @@
_CrtMemCheckpoint( &s2 );
- if ( _CrtMemDifference( &s3, &s1, &s2 ) ) {
+ if ( _CrtMemDifference( &s3, &s1, &s2 ) && (
+ s3.lCounts[0] > 0 ||
+ s3.lCounts[1] > 1 ||
+ s3.lCounts[2] > 1 ||
+ s3.lCounts[3] > 0 ||
+ s3.lCounts[4] > 0)) {
+
+ // Note that there is generally 1 Normal and 1 CRT block
+ // still taken. 1 is from Xalan and 1 from stdio
// Send all reports to STDOUT
_CrtSetReportMode( _CRT_WARN, _CRTDBG_MODE_FILE );
1.4 +45 -2 xml-security/c/src/tools/siginf/siginf.cpp
Index: siginf.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/tools/siginf/siginf.cpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- siginf.cpp 24 Apr 2003 00:06:20 -0000 1.3
+++ siginf.cpp 8 May 2003 12:10:58 -0000 1.4
@@ -84,6 +84,8 @@
#include <xsec/dsig/DSIGTransformBase64.hpp>
#include <xsec/dsig/DSIGTransformXSL.hpp>
#include <xsec/dsig/DSIGTransformXPath.hpp>
+#include <xsec/dsig/DSIGTransformXPathFilter.hpp>
+#include <xsec/dsig/DSIGXPathFilterExpr.hpp>
#include <xsec/dsig/DSIGTransformEnvelope.hpp>
#include <xsec/dsig/DSIGTransformList.hpp>
@@ -263,6 +265,45 @@
return;
}
+ case (TRANSFORM_XPATH_FILTER) :
+ {
+ DSIGTransformXPathFilter * xpf = (DSIGTransformXPathFilter *) t;
+
+ cout << "XPath-Filter2" << endl;
+
+ unsigned int s = xpf->getExprNum();
+
+ for (unsigned int i = 0; i < s; ++i) {
+
+ levelSet(level);
+ cout << "Filter : ";
+
+ DSIGXPathFilterExpr * e = xpf->expr(i);
+
+ switch (e->getFilterType()) {
+
+ case FILTER_UNION :
+ cout << "union : \"";
+ break;
+ case FILTER_INTERSECT :
+ cout << "intersect : \"";
+ break;
+ default :
+ cout << "subtract : \"";
+
+ }
+
+ // Now the expression
+ char * str = XMLString::transcode(e->getFilter());
+ cout << str << "\"" << endl;
+ delete[] str;
+
+ }
+
+ break;
+
+ }
+
case (TRANSFORM_XSLT) :
{
@@ -609,7 +650,9 @@
_CrtMemCheckpoint( &s2 );
- if ( _CrtMemDifference( &s3, &s1, &s2 ) ) {
+ if ( _CrtMemDifference( &s3, &s1, &s2 ) && s3.lCounts[1] > 1) {
+
+ std::cerr << "Total count = " << s3.lTotalCount << endl;
// Send all reports to STDOUT
_CrtSetReportMode( _CRT_WARN, _CRTDBG_MODE_FILE );
1.7 +16 -7 xml-security/c/src/tools/xtest/xtest.cpp
Index: xtest.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/tools/xtest/xtest.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- xtest.cpp 30 Apr 2003 11:41:14 -0000 1.6
+++ xtest.cpp 8 May 2003 12:10:58 -0000 1.7
@@ -87,6 +87,7 @@
#include <xsec/transformers/TXFMOutputFile.hpp>
#include <xsec/dsig/DSIGTransformXPath.hpp>
+#include <xsec/dsig/DSIGTransformXPathFilter.hpp>
#include <xsec/dsig/DSIGTransformC14n.hpp>
// XALAN
@@ -139,7 +140,7 @@
// Known "Good" Values
// --------------------------------------------------------------------------------
-unsigned char createdDocRefs [8][20] = {
+unsigned char createdDocRefs [9][20] = {
{ 0x51, 0x3c, 0xb5, 0xdf, 0xb9, 0x1e, 0x9d, 0xaf, 0xd4, 0x4a,
0x95, 0x79, 0xf1, 0xd6, 0x54, 0xe, 0xb0, 0xb0, 0x29, 0xe3, },
{ 0x51, 0x3c, 0xb5, 0xdf, 0xb9, 0x1e, 0x9d, 0xaf, 0xd4, 0x4a,
@@ -154,6 +155,8 @@
0xdb, 0xb3, 0xee, 0x46, 0x66, 0x8f, 0xe1, 0xb6, 0x30, 0x9d, },
{ 0x52, 0x74, 0xc3, 0xe4, 0xc5, 0xf7, 0x20, 0xb0, 0xd9, 0x52,
0xdb, 0xb3, 0xee, 0x46, 0x66, 0x8f, 0xe1, 0xb6, 0x30, 0x9d, },
+ { 0x3c, 0x80, 0x4, 0x94, 0xa5, 0xbe, 0xf6, 0x16, 0x40, 0xe0,
+ 0x24, 0xd5, 0x65, 0x39, 0xc, 0x18, 0x21, 0x3d, 0xa5, 0x51, },
{ 0x51, 0x3c, 0xb5, 0xdf, 0xb9, 0x1e, 0x9d, 0xaf, 0xd4, 0x4a,
0x95, 0x79, 0xf1, 0xd6, 0x54, 0xe, 0xb0, 0xb0, 0x29, 0xe3, }
@@ -641,7 +644,7 @@
void outputHex(unsigned char * buf, int len) {
- cout << std::ios::hex;
+ cout << std::hex;
for (int i = 0; i < len; ++i) {
cout << "0x" << (unsigned int) buf[i] << ", ";
}
@@ -752,23 +755,29 @@
ce = ref[6]->appendCanonicalizationTransform(CANON_C14NE_COM);
ce->addInclusiveNamespace("foo");
+ ref[7] = sig->createReference(MAKE_UNICODE_STRING(""));
+ sig->setXPFNSPrefix(MAKE_UNICODE_STRING("xpf"));
+ DSIGTransformXPathFilter * xpf = ref[7]->appendXPathFilterTransform();
+ xpf->appendFilter(FILTER_INTERSECT, MAKE_UNICODE_STRING("//ADoc/category"));
+
+
#ifdef XSEC_NO_XALAN
cerr << "WARNING : No testing of XPath being performed as Xalan not present" << endl;
- refCount = 7;
+ refCount = 8;
#else
- ref[7] = sig->createReference(MAKE_UNICODE_STRING(""));
+ ref[8] = sig->createReference(MAKE_UNICODE_STRING(""));
/* ref[5]->appendXPathTransform("ancestor-or-self::dsig:Signature",
"xmlns:dsig=http://www.w3.org/2000/09/xmldsig#"); */
- DSIGTransformXPath * x = ref[7]->appendXPathTransform("count(ancestor-or-self::dsig:Signature | \
+ DSIGTransformXPath * x = ref[8]->appendXPathTransform("count(ancestor-or-self::dsig:Signature | \
here()/ancestor::dsig:Signature[1]) > \
count(ancestor-or-self::dsig:Signature)");
x->setNamespace("dsig", "http://www.w3.org/2000/09/xmldsig#");
- refCount = 8;
+ refCount = 9;
#endif
1.4 +12 -1 xml-security/c/src/transformers/TXFMEnvelope.cpp
Index: TXFMEnvelope.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/transformers/TXFMEnvelope.cpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- TXFMEnvelope.cpp 21 Feb 2003 11:53:08 -0000 1.3
+++ TXFMEnvelope.cpp 8 May 2003 12:10:58 -0000 1.4
@@ -213,6 +213,17 @@
}
+ // Check if sigNode is an ancestor of mp_startNode - if so, just return
+ DOMNode * c = mp_startNode;
+ while (c != NULL) {
+
+ if (c == sigNode)
+ return;
+
+ c = c->getParentNode();
+
+ }
+
addEnvelopeNode(mp_startNode, m_XPathMap, sigNode);
}
1.1 xml-security/c/src/transformers/TXFMXPathFilter.cpp
Index: TXFMXPathFilter.cpp
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "<WebSig>" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 2001, Institute for
* Data Communications Systems, <http://www.nue.et-inf.uni-siegen.de/>.
* The development of this software was partly funded by the European
* Commission in the <WebSig> project in the ISIS Programme.
* For more information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
/*
* XSEC
*
* TXFMXPathFilter := Class that performs XPath transforms
*
* Author(s): Berin Lautenbach
*
* $Id: TXFMXPathFilter.cpp,v 1.1 2003/05/08 12:10:58 blautenb Exp $
*
*/
#include <xsec/transformers/TXFMXPathFilter.hpp>
#include <xsec/transformers/TXFMParser.hpp>
#include <xsec/dsig/DSIGConstants.hpp>
#include <xsec/utils/XSECDOMUtils.hpp>
#include <xsec/framework/XSECError.hpp>
#include <xsec/dsig/DSIGXPathFilterExpr.hpp>
#include <xsec/dsig/DSIGXPathHere.hpp>
#include <xercesc/util/Janitor.hpp>
XSEC_USING_XERCES(Janitor);
#ifndef XSEC_NO_XALAN
#include <XalanDOM/XalanDocument.hpp>
#include <XalanDOM/XalanDOMString.hpp>
#include <XercesParserLiaison/XercesDocumentWrapper.hpp>
#include <XercesParserLiaison/XercesDOMSupport.hpp>
#include <XercesParserLiaison/XercesParserLiaison.hpp>
#include <XPath/XPathEvaluator.hpp>
#include <XPath/XPathProcessorImpl.hpp>
#include <XPath/XPathFactoryDefault.hpp>
#include <XPath/NodeRefList.hpp>
#include <XPath/XPathEnvSupportDefault.hpp>
#include <XPath/XPathConstructionContextDefault.hpp>
#include <XPath/ElementPrefixResolverProxy.hpp>
#include <XPath/XObjectFactoryDefault.hpp>
#include <XPath/XPathExecutionContextDefault.hpp>
#include <XSLT/XSLTResultTarget.hpp>
// Xalan namespace usage
XALAN_USING_XALAN(XPathProcessorImpl)
XALAN_USING_XALAN(XalanDOMString)
XALAN_USING_XALAN(XercesDOMSupport)
XALAN_USING_XALAN(XercesParserLiaison)
XALAN_USING_XALAN(XercesDocumentWrapper)
XALAN_USING_XALAN(XercesWrapperNavigator)
XALAN_USING_XALAN(XPathEvaluator)
XALAN_USING_XALAN(XPathFactoryDefault)
XALAN_USING_XALAN(XPathConstructionContextDefault)
XALAN_USING_XALAN(XalanDocument)
XALAN_USING_XALAN(XalanNode)
XALAN_USING_XALAN(XalanDOMChar)
XALAN_USING_XALAN(XPathEnvSupportDefault)
XALAN_USING_XALAN(XObjectFactoryDefault)
XALAN_USING_XALAN(XObjectPtr)
XALAN_USING_XALAN(XPathExecutionContextDefault)
XALAN_USING_XALAN(ElementPrefixResolverProxy)
XALAN_USING_XALAN(XPath)
XALAN_USING_XALAN(NodeRefListBase)
XALAN_USING_XALAN(XSLTResultTarget)
XALAN_USING_XALAN(XSLException)
#endif
#if !defined(XSEC_NO_XPATH)
#include <iostream>
#define KLUDGE_PREFIX "berindsig"
// Helper functions - come from DSIGXPath
void setXPathNS(DOMDocument *d,
DOMNamedNodeMap *xAtts,
XSECXPathNodeList &addedNodes,
XSECSafeBufferFormatter *formatter,
XSECNameSpaceExpander * nse);
void clearXPathNS(DOMDocument *d,
XSECXPathNodeList &toRemove,
XSECSafeBufferFormatter *formatter,
XSECNameSpaceExpander * nse);
bool separator(unsigned char c);
XalanNode * findHereNodeFromXalan(XercesWrapperNavigator * xwn, XalanNode * n, DOMNode *h);
TXFMXPathFilter::TXFMXPathFilter(DOMDocument *doc) :
TXFMBase(doc) {
document = NULL;
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
}
TXFMXPathFilter::~TXFMXPathFilter() {
lstsVectorType::iterator i;
for (i = m_lsts.begin(); i < m_lsts.end(); ++i) {
if ((*i)->lst != NULL)
delete ((*i)->lst);
delete (*i);
}
if (mp_formatter != NULL)
delete mp_formatter;
}
// Methods to set the inputs
void TXFMXPathFilter::setInput(TXFMBase *newInput) {
if (newInput->getOutputType() == TXFMBase::BYTE_STREAM) {
// Need to parse into DOM_NODES
TXFMParser * parser;
XSECnew(parser, TXFMParser(mp_expansionDoc));
try{
parser->setInput(newInput);
}
catch (...) {
delete parser;
input = newInput;
throw;
}
input = parser;
parser->expandNameSpaces();
}
else
input = newInput;
// Set up for the new document
document = input->getDocument();
// Expand if necessary
this->expandNameSpaces();
keepComments = input->getCommentsStatus();
}
XSECXPathNodeList * TXFMXPathFilter::evaluateSingleExpr(DSIGXPathFilterExpr *expr) {
// Have a single expression that we wish to find the resultant nodeset
// for
XSECXPathNodeList addedNodes;
setXPathNS(document, expr->mp_NSMap, addedNodes, mp_formatter, mp_nse);
XPathProcessorImpl xppi; // The processor
XercesDOMSupport xds;
XercesParserLiaison xpl;
XPathEvaluator xpe;
XPathFactoryDefault xpf;
XPathConstructionContextDefault xpcc;
XalanDocument * xd;
XalanNode * contextNode;
// Xalan can throw exceptions in all functions, so do one broad catch point.
try {
// Map to Xalan
xd = xpl.createDocument(document);
// For performing mapping
XercesDocumentWrapper *xdw = xpl.mapDocumentToWrapper(xd);
XercesWrapperNavigator xwn(xdw);
// Map the "here" node
XalanNode * hereNode = NULL;
hereNode = xwn.mapNode(expr->mp_xpathFilterNode);
if (hereNode == NULL) {
hereNode = findHereNodeFromXalan(&xwn, xd, expr->mp_exprTextNode);
if (hereNode == NULL) {
throw XSECException(XSECException::XPathFilterError,
"Unable to find here node in Xalan Wrapper map");
}
}
// Now work out what we have to set up in the new processing
TXFMBase::nodeType inputType = input->getNodeType();
XalanDOMString cd; // For XPath Filter, the root is always the context node
cd = XalanDOMString("/"); // Root node
// The context node is the "root" node
contextNode =
xpe.selectSingleNode(
xds,
xd,
cd.c_str(),
xd->getDocumentElement());
XPathEnvSupportDefault xpesd;
XObjectFactoryDefault xof;
XPathExecutionContextDefault xpec(xpesd, xds, xof);
ElementPrefixResolverProxy pr(xd->getDocumentElement(), xpesd, xds);
// Work around the fact that the XPath implementation is designed for XSLT, so does
// not allow here() as a NCName.
// THIS IS A KLUDGE AND SHOULD BE DONE BETTER
int offset = 0;
safeBuffer k(KLUDGE_PREFIX);
k.sbStrcatIn(":");
// Map the expression into a local code page string (silly - should be XMLCh)
safeBuffer exprSB;
exprSB << (*mp_formatter << expr->m_expr.rawXMLChBuffer());
offset = exprSB.sbStrstr("here()");
while (offset >= 0) {
if (offset == 0 || offset == 1 ||
(!(exprSB[offset - 1] == ':' && exprSB[offset - 2] != ':') &&
separator(exprSB[offset - 1]))) {
exprSB.sbStrinsIn(k.rawCharBuffer(), offset);
}
offset = exprSB.sbOffsetStrstr("here()", offset + 11);
}
// Install the External function in the Environment handler
if (hereNode != NULL) {
xpesd.installExternalFunctionLocal(XalanDOMString(URI_ID_DSIG), XalanDOMString("here"), DSIGXPathHere(hereNode));
}
XPath * xp = xpf.create();
XalanDOMString Xexpr((char *) exprSB.rawBuffer());
xppi.initXPath(*xp, xpcc, Xexpr, pr);
// Now resolve
XObjectPtr xObj = xp->execute(contextNode, pr, xpec);
// Now map to a list that others can use (naieve list at this time)
const NodeRefListBase& lst = xObj->nodeset();
int size = lst.getLength();
const DOMNode *item;
XSECXPathNodeList * ret;
XSECnew(ret, XSECXPathNodeList);
Janitor<XSECXPathNodeList> j_ret(ret);
for (int i = 0; i < size; ++ i) {
if (lst.item(i) == xd)
ret->addNode(document);
else {
item = xwn.mapNode(lst.item(i));
ret->addNode(item);
}
}
xpesd.uninstallExternalFunctionGlobal(XalanDOMString(URI_ID_DSIG), XalanDOMString("here"));
clearXPathNS(document, addedNodes, mp_formatter, mp_nse);
j_ret.release();
return ret;
}
catch (XSLException &e) {
safeBuffer msg;
// Whatever happens - fix any changes to the original document
clearXPathNS(document, addedNodes, mp_formatter, mp_nse);
// Collate the exception message into an XSEC message.
msg.sbTranscodeIn("Xalan Exception : ");
msg.sbXMLChCat(e.getType().c_str());
msg.sbXMLChCat(" caught. Message : ");
msg.sbXMLChCat(e.getMessage().c_str());
throw XSECException(XSECException::XPathFilterError,
msg.rawXMLChBuffer());
}
catch (...) {
clearXPathNS(document, addedNodes, mp_formatter, mp_nse);
throw;
}
return NULL;
}
bool TXFMXPathFilter::checkNodeInInput(DOMNode * n) {
if (mp_fragment != NULL) {
DOMNode * p = n;
while (p != NULL) {
if (p == mp_fragment)
return true;
p = p->getParentNode();
}
return false;
}
return mp_inputList->hasNode(n);
}
bool TXFMXPathFilter::checkNodeInScope(DOMNode * n) {
// Walk backwards through the lists
lstsVectorType::iterator lstsIter;
lstsIter = m_lsts.end();
filterSetHolder *sh;
while (lstsIter != m_lsts.begin()) {
lstsIter--;
sh = *lstsIter;
if (sh->ancestorInScope != NULL) {
// Have an ancestor in scope, so this node is in this list
if (sh->type == FILTER_UNION)
// Got this far, must be OK!
return true;
if (sh->type == FILTER_SUBTRACT)
return false;
}
else {
if (sh->type == FILTER_INTERSECT)
return false;
}
}
return true;
}
#if 0
void TXFMXPathFilter::walkDocument(DOMNode * n) {
DOMNode * current = n;
DOMNode * next;
bool done = false;
bool treeUp = false;
DOMNamedNodeMap * atts = n->getAttributes();
int attsSize = -1;
int currentAtt = -1;
while (done == false) {
if (treeUp == true) {
if (current == n) {
// We are complete.
done = true;
}
else {
// Check for another sibling
next = current->getNextSibling();
if (next == NULL) {
current = current->getParentNode();
treeUp = true;
}
else {
current = next;
treeUp = false;
}
}
} /* treeUp == true */
else {
// Check if the current node is in the result set. The walk the children
lstsVectorType::iterator lstsIter;
// First check if this node is in any lists, and if so,
// set the appropriate ancestor nodes (if necessary)
for (lstsIter = m_lsts.begin(); lstsIter < m_lsts.end(); ++lstsIter) {
if ((*lstsIter)->ancestorInScope == NULL &&
(*lstsIter)->lst->hasNode(current)) {
(*lstsIter)->ancestorInScope = current;
}
//
}
// Now that the ancestor setup is done, check to see if this node is
// in scope.
if (checkNodeInScope(n) && checkNodeInInput(n)) {
m_xpathFilterMap.addNode(n);
}
// Now find the next node!
if (atts != NULL) {
// Working on an attribute list
currentAtt++;
if (currentAtt == attsSize) {
// Attribute list complete
atts = NULL;
current = current->getParentNode();
treeUp = true;
}
else {
current = atts->item(currentAtt);
}
}
else {
// Working on an element or other non-attribute node
atts = n->getAttributes();
if (atts != NULL && ((attsSize = atts->getLength()) > 0)) {
currentAtt = 0;
current = atts->item(0);
}
else {
next = current->getNextSibling();
if (next == NULL) {
current = current->getParentNode();
treeUp = true;
}
else
current = next;
}
} /* ! atts == NULL */
}
} /* while */
}
#endif
#if 1
void TXFMXPathFilter::walkDocument(DOMNode * n) {
// Check if the current node is in the result set. The walk the children
lstsVectorType::iterator lstsIter;
// First check if this node is in any lists, and if so,
// set the appropriate ancestor nodes (if necessary)
for (lstsIter = m_lsts.begin(); lstsIter < m_lsts.end(); ++lstsIter) {
if ((*lstsIter)->ancestorInScope == NULL &&
(*lstsIter)->lst->hasNode(n)) {
(*lstsIter)->ancestorInScope = n;
}
}
// Now that the ancestor setup is done, check to see if this node is
// in scope.
if (checkNodeInScope(n) && checkNodeInInput(n)) {
m_xpathFilterMap.addNode(n);
}
// Do any attributes
DOMNamedNodeMap * atts = n->getAttributes();
if (atts != NULL) {
unsigned int s = atts->getLength();
for (unsigned int i = 0; i < s; ++i) {
walkDocument(atts->item(i));
}
}
// Do any childeren
DOMNode * c = n->getFirstChild();
while (c != NULL) {
walkDocument(c);
c = c->getNextSibling();
}
// Now remove from ancestor lists if we are that ancestor
for (lstsIter = m_lsts.begin(); lstsIter < m_lsts.end(); ++lstsIter) {
if ((*lstsIter)->ancestorInScope == n) {
(*lstsIter)->ancestorInScope = NULL;
}
}
}
#endif
void TXFMXPathFilter::evaluateExprs(DSIGTransformXPathFilter::exprVectorType * exprs) {
if (exprs == NULL || exprs->size() < 1) {
throw XSECException(XSECException::XPathFilterError,
"TXFMXPathFilter::evaluateExpr - no expression list set");
}
DSIGTransformXPathFilter::exprVectorType::iterator i;
for (i = exprs->begin(); i < exprs->end(); ++i) {
XSECXPathNodeList * lst = evaluateSingleExpr(*i);
filterSetHolder * sh;
XSECnew(sh, filterSetHolder);
sh->lst = lst;
sh->type = (*i)->m_filterType;
sh->ancestorInScope = NULL;
if (lst != NULL) {
m_lsts.push_back(sh);
}
}
// Well we appear to have successfully run through all the nodelists!
mp_fragment = NULL;
mp_inputList = NULL;
// Find the input nodeset
TXFMBase::nodeType inputType = input->getNodeType();
switch (inputType) {
case DOM_NODE_DOCUMENT :
mp_fragment = document;
break;
case DOM_NODE_DOCUMENT_FRAGMENT :
mp_fragment = input->getFragmentNode();
break;
case DOM_NODE_XPATH_NODESET :
mp_inputList = &(input->getXPathNodeList());
break;
default :
throw XSECException(XSECException::XPathFilterError,
"TXFMXPathFilter::evaluateExprs - unknown input type");
}
// Now just recurse through each node in the document
walkDocument(document);
}
// Methods to get tranform output type and input requirement
TXFMBase::ioType TXFMXPathFilter::getInputType(void) {
return TXFMBase::DOM_NODES;
}
TXFMBase::ioType TXFMXPathFilter::getOutputType(void) {
return TXFMBase::DOM_NODES;
}
TXFMBase::nodeType TXFMXPathFilter::getNodeType(void) {
return TXFMBase::DOM_NODE_XPATH_NODESET;
}
// Methods to get output data
unsigned int TXFMXPathFilter::readBytes(XMLByte * const toFill, unsigned int maxToFill) {
return 0;
}
DOMDocument *TXFMXPathFilter::getDocument() {
return document;
}
DOMNode *TXFMXPathFilter::getFragmentNode() {
return NULL;
}
const XMLCh * TXFMXPathFilter::getFragmentId() {
return NULL; // Empty string
}
XSECXPathNodeList & TXFMXPathFilter::getXPathNodeList() {
return m_xpathFilterMap;
}
#endif /* NO_XPATH */
1.1 xml-security/c/src/transformers/TXFMXPathFilter.hpp
Index: TXFMXPathFilter.hpp
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "<WebSig>" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 2001, Institute for
* Data Communications Systems, <http://www.nue.et-inf.uni-siegen.de/>.
* The development of this software was partly funded by the European
* Commission in the <WebSig> project in the ISIS Programme.
* For more information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
/*
* XSEC
*
* TXFMXPath := Class that performs XPath transforms
*
* Author(s): Berin Lautenbach
*
* $Id: TXFMXPathFilter.hpp,v 1.1 2003/05/08 12:10:58 blautenb Exp $
*
*/
#if !defined (TXFMXPATHFILTER_HEADER)
#define XFMXPATHFILTER_HEADER
#include <xsec/transformers/TXFMBase.hpp>
#include <xsec/utils/XSECXPathNodeList.hpp>
#include <xsec/dsig/DSIGTransformXPathFilter.hpp>
#include <xsec/dsig/DSIGConstants.hpp>
// Xerces
XSEC_DECLARE_XERCES_CLASS(DOMNode);
XSEC_DECLARE_XERCES_CLASS(DOMNamedNodeMap);
class TXFMXPathFilterExpr;
class XSECSafeBufferFormatter;
struct filterSetHolder {
XSECXPathNodeList * lst;
xpathFilterType type;
DOMNode * ancestorInScope;
};
#ifndef XSEC_NO_XPATH
/**
* \brief Transformer to handle XPath transforms
* @ingroup internal
*/
class DSIG_EXPORT TXFMXPathFilter : public TXFMBase {
public:
TXFMXPathFilter(DOMDocument *doc);
~TXFMXPathFilter();
// Methods to set the inputs
void setInput(TXFMBase *newInput);
// Methods to get tranform output type and input requirement
virtual TXFMBase::ioType getInputType(void);
virtual TXFMBase::ioType getOutputType(void);
virtual TXFMBase::nodeType getNodeType(void);
// XPathFilter unique
void evaluateExprs(DSIGTransformXPathFilter::exprVectorType * exprs);
XSECXPathNodeList * TXFMXPathFilter::evaluateSingleExpr(DSIGXPathFilterExpr *expr);
// Methods to get output data
virtual unsigned int readBytes(XMLByte * const toFill, const unsigned int maxToFill);
virtual DOMDocument *getDocument();
virtual DOMNode *getFragmentNode();
virtual const XMLCh * getFragmentId();
virtual XSECXPathNodeList & getXPathNodeList();
private:
typedef std::vector<filterSetHolder *> lstsVectorType;
TXFMXPath();
void walkDocument(DOMNode * n);
bool checkNodeInScope(DOMNode * n);
bool checkNodeInInput(DOMNode * n);
DOMDocument * document;
XSECXPathNodeList m_xpathFilterMap;
lstsVectorType m_lsts;
XSECSafeBufferFormatter * mp_formatter;
/* Used to hold details during tree-walk */
DOMNode * mp_fragment;
XSECXPathNodeList * mp_inputList;
};
#endif
#endif /* XPATHFILTER_HEADER */
1.6 +11 -0 xml-security/c/src/utils/XSECDOMUtils.cpp
Index: XSECDOMUtils.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECDOMUtils.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- XSECDOMUtils.cpp 30 Apr 2003 11:41:14 -0000 1.5
+++ XSECDOMUtils.cpp 8 May 2003 12:10:59 -0000 1.6
@@ -102,6 +102,17 @@
}
+const XMLCh * getXPFLocalName(const DOMNode * node) {
+
+ // XPath Filter namespace
+
+ if (!strEquals(node->getNamespaceURI(), DSIGConstants::s_unicodeStrURIXPF))
+ return NULL;
+ else
+ return node->getLocalName();
+
+}
+
// --------------------------------------------------------------------------------
// Find a nominated DSIG node in a document
// --------------------------------------------------------------------------------
1.6 +2 -1 xml-security/c/src/utils/XSECDOMUtils.hpp
Index: XSECDOMUtils.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECDOMUtils.hpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- XSECDOMUtils.hpp 30 Apr 2003 11:41:14 -0000 1.5
+++ XSECDOMUtils.hpp 8 May 2003 12:10:59 -0000 1.6
@@ -116,6 +116,7 @@
const XMLCh DSIG_EXPORT * getDSIGLocalName(const DOMNode *node);
const XMLCh DSIG_EXPORT * getECLocalName(const DOMNode *node);
+const XMLCh DSIG_EXPORT * getXPFLocalName(const DOMNode *node);
// --------------------------------------------------------------------------------
// Find a nominated DSIG node in a document
1.6 +41 -2 xml-security/c/src/utils/XSECSafeBuffer.cpp
Index: XSECSafeBuffer.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECSafeBuffer.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- XSECSafeBuffer.cpp 24 Apr 2003 00:06:20 -0000 1.5
+++ XSECSafeBuffer.cpp 8 May 2003 12:10:59 -0000 1.6
@@ -299,6 +299,25 @@
}
+void safeBuffer::sbStrinsIn(const XMLCh * inStr, unsigned int offset) {
+
+ checkBufferType(BUFFER_UNICODE);
+
+ unsigned int bl = XMLString::stringLen((XMLCh *) buffer) * size_XMLCh;
+ unsigned int il = XMLString::stringLen((XMLCh *) inStr) * size_XMLCh;
+
+ unsigned int xoffset = offset * size_XMLCh;
+ if (xoffset > bl) {
+ throw XSECException(XSECException::SafeBufferError,
+ "Attempt to insert string after termination point");
+ }
+
+ checkAndExpand(bl + il);
+
+ memmove(&buffer[xoffset + il], &buffer[xoffset], bl - xoffset + size_XMLCh);
+ memcpy(&buffer[xoffset], inStr, il);
+
+}
void safeBuffer::sbMemcpyOut(void *outBuf, int n) const {
@@ -384,7 +403,27 @@
return d;
-}
+}
+
+int safeBuffer::sbStrstr(const XMLCh * inStr) const {
+
+ XMLCh * p;
+ int d;
+
+ checkBufferType(BUFFER_UNICODE);
+ p = XMLString::findAny((XMLCh *) buffer, inStr);
+
+ if (p == NULL)
+ return -1;
+
+ d = ((unsigned int) ((p - (unsigned int) buffer)) / size_XMLCh);
+
+ if (d < 0 || (unsigned int) d > bufferSize)
+ return -1;
+
+ return d;
+
+}
int safeBuffer::sbOffsetStrstr(const char * inStr, unsigned int offset) const {
1.8 +5 -1 xml-security/c/src/utils/XSECSafeBuffer.hpp
Index: XSECSafeBuffer.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECSafeBuffer.hpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- XSECSafeBuffer.hpp 24 Apr 2003 00:06:20 -0000 1.7
+++ XSECSafeBuffer.hpp 8 May 2003 12:10:59 -0000 1.8
@@ -148,6 +148,10 @@
int sbStrstr(const char * inStr) const;
int sbOffsetStrstr(const char * inStr, unsigned int offset) const;
+ // XMLCh versions
+ int sbStrstr(const XMLCh * inStr) const;
+ void sbStrinsIn(const XMLCh * inStr, unsigned int offset);
+
// Operators