You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by gi...@apache.org on 2012/07/17 18:06:14 UTC
svn commit: r1362550 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/config/
main/java/org/apache/xml/security/stax/ext/
main/java/org/apache/xml/security/stax/impl/processor/input/
main/java/org/apache/xml/security/...
Author: giger
Date: Tue Jul 17 16:06:13 2012
New Revision: 1362550
URL: http://svn.apache.org/viewvc?rev=1362550&view=rev
Log:
SANTUARIO-318 TransformBase64Decode implementation
Added:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformBase64Decode.java (with props)
santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml
- copied, changed from r1361553, santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/config/TransformerAlgorithmMapper.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/Transformer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityConstants.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/CanonicalizerBase.java
santuario/xml-security-java/trunk/src/main/resources/messages/errors.properties
santuario/xml-security-java/trunk/src/main/resources/security-config.xml
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/AbstractSignatureVerificationTest.java (contents, props changed)
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationReferenceURIResolverTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java (contents, props changed)
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/config/TransformerAlgorithmMapper.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/config/TransformerAlgorithmMapper.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/config/TransformerAlgorithmMapper.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/config/TransformerAlgorithmMapper.java Tue Jul 17 16:06:13 2012
@@ -18,6 +18,7 @@
*/
package org.apache.xml.security.stax.config;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.ext.XMLSecurityException;
import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.xmlsecurity.ns.configuration.TransformAlgorithmType;
@@ -63,17 +64,23 @@ public class TransformerAlgorithmMapper
}
}
- public static Class<?> getTransformerClass(String algoURI, String inOut) throws XMLSecurityException {
+ public static Class<?> getTransformerClass(String algoURI, XMLSecurityConstants.DIRECTION direction) throws XMLSecurityException {
Class<?> clazz = null;
- if (inOut == null) {
+
+ switch (direction) {
+ case IN:
+ clazz = algorithmsClassMapIn.get(algoURI);
+ break;
+ case OUT:
+ clazz = algorithmsClassMapOut.get(algoURI);
+ break;
+ }
+
+ if (clazz == null) {
clazz = algorithmsClassMapInOut.get(algoURI);
- } else if ("IN".equals(inOut)) {
- clazz = algorithmsClassMapIn.get(algoURI);
- } else if ("OUT".equals(inOut)) {
- clazz = algorithmsClassMapOut.get(algoURI);
}
if (clazz == null) {
- throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, "unknownTransformAlgorithm", algoURI);
}
return clazz;
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/Transformer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/Transformer.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/Transformer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/Transformer.java Tue Jul 17 16:06:13 2012
@@ -37,4 +37,6 @@ public interface Transformer {
void setTransformer(Transformer transformer) throws XMLSecurityException;
void transform(XMLSecEvent xmlSecEvent) throws XMLStreamException;
+
+ void doFinal() throws XMLStreamException;
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityConstants.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityConstants.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityConstants.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityConstants.java Tue Jul 17 16:06:13 2012
@@ -136,6 +136,11 @@ public class XMLSecurityConstants {
POSTPROCESSING,
}
+ public enum DIRECTION {
+ IN,
+ OUT,
+ }
+
public static final String XMLINPUTFACTORY = "XMLInputFactory";
public static final String NS_XML = "http://www.w3.org/2000/xmlns/";
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java Tue Jul 17 16:06:13 2012
@@ -148,14 +148,11 @@ public class XMLSecurityUtils {
}
//todo transformer factory?
- public static Transformer getTransformer(Object methodParameter1, Object methodParameter2, String algorithm)
+ public static Transformer getTransformer(Object methodParameter1, Object methodParameter2, String algorithm, XMLSecurityConstants.DIRECTION direction)
throws XMLSecurityException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException {
@SuppressWarnings("unchecked")
- Class<Transformer> transformerClass = (Class<Transformer>) TransformerAlgorithmMapper.getTransformerClass(algorithm, null);
- if (transformerClass == null) {
- throw new XMLSecurityException(XMLSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM);
- }
+ Class<Transformer> transformerClass = (Class<Transformer>) TransformerAlgorithmMapper.getTransformerClass(algorithm, direction);
Transformer childTransformer = transformerClass.newInstance();
if (methodParameter2 != null) {
childTransformer.setList((List) methodParameter1);
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java Tue Jul 17 16:06:13 2012
@@ -246,7 +246,7 @@ public abstract class AbstractDecryptInp
@SuppressWarnings("unchecked")
Class<InputStream> transformerClass =
(Class<InputStream>) TransformerAlgorithmMapper.getTransformerClass(
- transformType.getAlgorithm(), "IN");
+ transformType.getAlgorithm(), XMLSecurityConstants.DIRECTION.IN);
try {
Constructor<InputStream> constructor = transformerClass.getConstructor(InputStream.class);
decryptInputStream = constructor.newInstance(decryptInputStream);
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java Tue Jul 17 16:06:13 2012
@@ -222,7 +222,8 @@ public abstract class AbstractSignatureI
transformer = XMLSecurityUtils.getTransformer(
inclusiveNamespaces,
this.bufferedSignerOutputStream,
- canonicalizationMethodType.getAlgorithm());
+ canonicalizationMethodType.getAlgorithm(),
+ XMLSecurityConstants.DIRECTION.IN);
} catch (NoSuchMethodException e) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, e);
} catch (InstantiationException e) {
@@ -240,12 +241,15 @@ public abstract class AbstractSignatureI
protected void doFinal() throws XMLSecurityException {
try {
+ transformer.doFinal();
bufferedSignerOutputStream.close();
if (!signerOutputStream.verify(signatureType.getSignatureValue().getValue())) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK);
}
} catch (IOException e) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, e);
+ } catch (XMLStreamException e) {
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, e);
}
}
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java Tue Jul 17 16:06:13 2012
@@ -305,10 +305,10 @@ public abstract class AbstractSignatureR
inputProcessorChain.getSecurityContext().registerSecurityEvent(algorithmSuiteSecurityEvent);
if (parentTransformer != null) {
- parentTransformer = XMLSecurityUtils.getTransformer(parentTransformer, inclusiveNamespaces, algorithm);
+ parentTransformer = XMLSecurityUtils.getTransformer(parentTransformer, inclusiveNamespaces, algorithm, XMLSecurityConstants.DIRECTION.IN);
} else {
parentTransformer =
- XMLSecurityUtils.getTransformer(inclusiveNamespaces, outputStream, algorithm);
+ XMLSecurityUtils.getTransformer(inclusiveNamespaces, outputStream, algorithm, XMLSecurityConstants.DIRECTION.IN);
}
}
return parentTransformer;
@@ -386,6 +386,7 @@ public abstract class AbstractSignatureR
this.elementCounter--;
if (this.elementCounter == 0 && xmlSecEndElement.getName().equals(getStartElement())) {
+ getTransformer().doFinal();
try {
getBufferedDigestOutputStream().close();
} catch (IOException e) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java Tue Jul 17 16:06:13 2012
@@ -135,7 +135,7 @@ public abstract class AbstractEncryptOut
if (compressionAlgorithm != null) {
@SuppressWarnings("unchecked")
Class<OutputStream> transformerClass =
- (Class<OutputStream>) TransformerAlgorithmMapper.getTransformerClass(compressionAlgorithm, "OUT");
+ (Class<OutputStream>) TransformerAlgorithmMapper.getTransformerClass(compressionAlgorithm, XMLSecurityConstants.DIRECTION.OUT);
Constructor<OutputStream> constructor = transformerClass.getConstructor(OutputStream.class);
outputStream = constructor.newInstance(outputStream);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java Tue Jul 17 16:06:13 2012
@@ -222,7 +222,7 @@ public abstract class AbstractSignatureE
try {
this.transformer = XMLSecurityUtils.getTransformer(null, this.bufferedSignerOutputStream,
- getSecurityProperties().getSignatureCanonicalizationAlgorithm());
+ getSecurityProperties().getSignatureCanonicalizationAlgorithm(), XMLSecurityConstants.DIRECTION.OUT);
} catch (NoSuchMethodException e) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
} catch (InstantiationException e) {
@@ -241,11 +241,14 @@ public abstract class AbstractSignatureE
return signatureValue;
}
try {
+ transformer.doFinal();
bufferedSignerOutputStream.close();
signatureValue = signerOutputStream.sign();
return signatureValue;
} catch (IOException e) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ } catch (XMLStreamException e) {
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java Tue Jul 17 16:06:13 2012
@@ -171,10 +171,10 @@ public abstract class AbstractSignatureO
List<String> inclusiveNamespaces = new ArrayList<String>(1);
inclusiveNamespaces.add("#default");
Transformer transformer = XMLSecurityUtils.getTransformer(inclusiveNamespaces,
- this.bufferedDigestOutputStream, signaturePartDef.getC14nAlgo());
- this.transformer = XMLSecurityUtils.getTransformer(transformer, null, signaturePartDef.getTransformAlgo());
+ this.bufferedDigestOutputStream, signaturePartDef.getC14nAlgo(), XMLSecurityConstants.DIRECTION.OUT);
+ this.transformer = XMLSecurityUtils.getTransformer(transformer, null, signaturePartDef.getTransformAlgo(), XMLSecurityConstants.DIRECTION.OUT);
} else {
- transformer = XMLSecurityUtils.getTransformer(null, this.bufferedDigestOutputStream, signaturePartDef.getC14nAlgo());
+ transformer = XMLSecurityUtils.getTransformer(null, this.bufferedDigestOutputStream, signaturePartDef.getC14nAlgo(), XMLSecurityConstants.DIRECTION.OUT);
}
} catch (NoSuchMethodException e) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
@@ -207,6 +207,7 @@ public abstract class AbstractSignatureO
elementCounter--;
if (elementCounter == 0 && xmlSecEvent.asEndElement().getName().equals(this.startElement)) {
+ transformer.doFinal();
try {
bufferedDigestOutputStream.close();
} catch (IOException e) {
Added: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformBase64Decode.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformBase64Decode.java?rev=1362550&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformBase64Decode.java (added)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformBase64Decode.java Tue Jul 17 16:06:13 2012
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.stax.impl.transformer;
+
+import org.apache.commons.codec.binary.Base64OutputStream;
+import org.apache.xml.security.stax.ext.Transformer;
+import org.apache.xml.security.stax.ext.XMLSecurityException;
+import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
+
+import javax.xml.stream.XMLStreamConstants;
+import javax.xml.stream.XMLStreamException;
+import java.io.FilterOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.List;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class TransformBase64Decode implements Transformer {
+
+ private OutputStream outputStream;
+
+ @Override
+ public void setOutputStream(OutputStream outputStream) throws XMLSecurityException {
+ this.outputStream = new Base64OutputStream(
+ new FilterOutputStream(outputStream) {
+ @Override
+ public void close() throws IOException {
+ //do not close the parent output stream!
+ super.flush();
+ }
+ },
+ false);
+ }
+
+ @Override
+ public void setList(List list) throws XMLSecurityException {
+ }
+
+ @Override
+ public void setTransformer(Transformer transformer) throws XMLSecurityException {
+ throw new UnsupportedOperationException("Transformer not supported");
+ }
+
+ @Override
+ public void transform(XMLSecEvent xmlSecEvent) throws XMLStreamException {
+ int eventType = xmlSecEvent.getEventType();
+ switch (eventType) {
+ case XMLStreamConstants.CHARACTERS:
+ try {
+ //encoding shouldn't matter here, because the data is Base64 encoded and is therefore in the ASCII range.
+ outputStream.write(xmlSecEvent.asCharacters().getData().getBytes());
+ } catch (IOException e) {
+ throw new XMLStreamException(e);
+ }
+ break;
+ default:
+ return;
+ }
+ }
+
+ @Override
+ public void doFinal() throws XMLStreamException {
+ try {
+ outputStream.close();
+ } catch (IOException e) {
+ throw new XMLStreamException(e);
+ }
+ }
+}
Propchange: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformBase64Decode.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformBase64Decode.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/CanonicalizerBase.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/CanonicalizerBase.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/CanonicalizerBase.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/CanonicalizerBase.java Tue Jul 17 16:06:13 2012
@@ -392,6 +392,11 @@ public abstract class CanonicalizerBase
}
}
+ @Override
+ public void doFinal() throws XMLStreamException {
+ //nothing to do here
+ }
+
protected static void outputAttrToWriter(final String name, final String value, final OutputStream writer,
final Map<String, byte[]> cache) throws IOException {
writer.write(' ');
Modified: santuario/xml-security-java/trunk/src/main/resources/messages/errors.properties
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/resources/messages/errors.properties?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/resources/messages/errors.properties (original)
+++ santuario/xml-security-java/trunk/src/main/resources/messages/errors.properties Tue Jul 17 16:06:13 2012
@@ -22,6 +22,7 @@ invalidValueType = Bad ValueType \"{0}\"
unsupportedKeyInfo = Unsupported KeyInfo type
invalidX509Data = Unexpected number of X509Data: {0}
unknownSignatureAlgorithm = An unknown signature algorithm was specified: {0}
+unknownTransformAlgorithm = An unknown transform algorithm was specified: {0}
noUserCertsFound = No certificates for user {0} were found for {1}
noCertsFound = No certificates were found for {0}
invalidCertData = Unexpected number of certificates: {0}
Modified: santuario/xml-security-java/trunk/src/main/resources/security-config.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/resources/security-config.xml?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/resources/security-config.xml (original)
+++ santuario/xml-security-java/trunk/src/main/resources/security-config.xml Tue Jul 17 16:06:13 2012
@@ -30,6 +30,9 @@
JAVACLASS="org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_ExclWithCommentsTransformer" />
<!-- Base64 -->
+ <TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#base64"
+ JAVACLASS="org.apache.xml.security.stax.impl.transformer.TransformBase64Decode" />
+
<!-- XPath transform -->
<!-- enveloped signature -->
<!-- XSLT -->
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/AbstractSignatureVerificationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/AbstractSignatureVerificationTest.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/AbstractSignatureVerificationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/AbstractSignatureVerificationTest.java Tue Jul 17 16:06:13 2012
@@ -48,8 +48,8 @@ import java.util.List;
import java.util.UUID;
/**
- * @author $Author: $
- * @version $Revision: $ $Date: $
+ * @author $Author$
+ * @version $Revision$ $Date$
*/
public class AbstractSignatureVerificationTest extends org.junit.Assert {
@@ -90,23 +90,36 @@ public class AbstractSignatureVerificati
Key signingKey
) throws Exception {
String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
- return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod);
+ return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod, (List<ReferenceInfo>)null);
}
-
/**
* Sign the document using DOM
*/
protected XMLSignature signUsingDOM(
String algorithm,
Document document,
- String externalReference,
- boolean binaryResource,
List<String> localNames,
+ String referenceC14Nmethod,
Key signingKey
) throws Exception {
String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
- return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod);
+ return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod, (List<ReferenceInfo>)null);
+ }
+
+
+ /**
+ * Sign the document using DOM
+ */
+ protected XMLSignature signUsingDOM(
+ String algorithm,
+ Document document,
+ List<String> localNames,
+ Key signingKey,
+ List<ReferenceInfo> additionalReferences
+ ) throws Exception {
+ String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
+ return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod, additionalReferences);
}
/**
@@ -120,7 +133,7 @@ public class AbstractSignatureVerificati
String c14nMethod
) throws Exception {
String digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
- return signUsingDOM(algorithm, document, null, false, localNames, signingKey, c14nMethod, digestMethod);
+ return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod, digestMethod, null, c14nMethod);
}
/**
@@ -132,9 +145,10 @@ public class AbstractSignatureVerificati
List<String> localNames,
Key signingKey,
String c14nMethod,
- String digestMethod
+ List<ReferenceInfo> additionalReferences
) throws Exception {
- return signUsingDOM(algorithm, document, null, false, localNames, signingKey, c14nMethod, digestMethod);
+ String digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
+ return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod, digestMethod, additionalReferences, c14nMethod);
}
/**
@@ -143,13 +157,27 @@ public class AbstractSignatureVerificati
protected XMLSignature signUsingDOM(
String algorithm,
Document document,
- String externalReference,
- boolean binaryResource,
List<String> localNames,
Key signingKey,
String c14nMethod,
String digestMethod
) throws Exception {
+ return signUsingDOM(algorithm, document, localNames, signingKey, c14nMethod, digestMethod, null, c14nMethod);
+ }
+
+ /**
+ * Sign the document using DOM
+ */
+ protected XMLSignature signUsingDOM(
+ String algorithm,
+ Document document,
+ List<String> localNames,
+ Key signingKey,
+ String c14nMethod,
+ String digestMethod,
+ List<ReferenceInfo> additionalReferences,
+ String referenceC14NMethod
+ ) throws Exception {
XMLSignature sig = new XMLSignature(document, "", algorithm, c14nMethod);
Element root = document.getDocumentElement();
root.appendChild(sig.getElement());
@@ -167,18 +195,21 @@ public class AbstractSignatureVerificati
elementToSign.setAttributeNS(null, "Id", id);
elementToSign.setIdAttributeNS(null, "Id", true);
- if (externalReference != null) {
- if (binaryResource) {
- sig.addDocument(externalReference, null, digestMethod);
- } else {
- Transforms transforms = new Transforms(document);
- transforms.addTransform(c14nMethod);
- sig.addDocument(externalReference, transforms, digestMethod);
+ if (additionalReferences != null) {
+ for (int i = 0; i < additionalReferences.size(); i++) {
+ ReferenceInfo referenceInfo = additionalReferences.get(i);
+ if (referenceInfo.isBinary()) {
+ sig.addDocument(referenceInfo.getResource(), null, referenceInfo.getDigestMethod());
+ } else {
+ Transforms transforms = new Transforms(document);
+ transforms.addTransform(referenceInfo.getC14NMethod());
+ sig.addDocument(referenceInfo.getResource(), transforms, referenceInfo.getDigestMethod());
+ }
}
}
Transforms transforms = new Transforms(document);
- transforms.addTransform(c14nMethod);
+ transforms.addTransform(referenceC14NMethod);
sig.addDocument("#" + id, transforms, digestMethod);
}
@@ -320,6 +351,51 @@ public class AbstractSignatureVerificati
assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getSerialNumber());
}
}
+ }
+
+ class ReferenceInfo {
+ private String resource;
+ private String c14NMethod;
+ private String digestMethod;
+ private boolean binary;
+
+ ReferenceInfo(String resource, String c14NMethod, String digestMethod, boolean binary) {
+ this.resource = resource;
+ this.c14NMethod = c14NMethod;
+ this.digestMethod = digestMethod;
+ this.binary = binary;
+ }
+
+ public String getResource() {
+ return resource;
+ }
+
+ public void setResource(String resource) {
+ this.resource = resource;
+ }
+ public String getC14NMethod() {
+ return c14NMethod;
+ }
+
+ public void setC14NMethod(String c14NMethod) {
+ this.c14NMethod = c14NMethod;
+ }
+
+ public String getDigestMethod() {
+ return digestMethod;
+ }
+
+ public void setDigestMethod(String digestMethod) {
+ this.digestMethod = digestMethod;
+ }
+
+ public boolean isBinary() {
+ return binary;
+ }
+
+ public void setBinary(boolean binary) {
+ this.binary = binary;
+ }
}
}
Propchange: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/AbstractSignatureVerificationTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java Tue Jul 17 16:06:13 2012
@@ -720,4 +720,47 @@ public class SignatureCreationTest exten
verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}
+ @Test
+ public void testSignatureCreationTransformBase64() throws Exception {
+ // Set up the Configuration
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ XMLSecurityConstants.Action[] actions =
+ new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
+ properties.setOutAction(actions);
+
+ // Set the key up
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+ "default".toCharArray()
+ );
+ Key key = keyStore.getKey("transmitter", "default".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PaymentInfo"),
+ SecurePart.Modifier.Content, "http://www.w3.org/2000/09/xmldsig#base64", "http://www.w3.org/2000/09/xmldsig#sha1");
+ properties.addSignaturePart(securePart);
+
+ OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
+
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml");
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ // System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8"));
+ Document document =
+ documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify using DOM
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
+ }
}
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationReferenceURIResolverTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationReferenceURIResolverTest.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationReferenceURIResolverTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationReferenceURIResolverTest.java Tue Jul 17 16:06:13 2012
@@ -78,13 +78,23 @@ public class SignatureVerificationRefere
// Sign using DOM
List<String> localNames = new ArrayList<String>();
localNames.add("PaymentInfo");
+
+ ReferenceInfo referenceInfo = new ReferenceInfo(
+ "file://" + BASEDIR + "/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml",
+ "http://www.w3.org/2001/10/xml-exc-c14n#",
+ "http://www.w3.org/2000/09/xmldsig#sha1",
+ false
+ );
+
+ List<ReferenceInfo> referenceInfos = new ArrayList<ReferenceInfo>();
+ referenceInfos.add(referenceInfo);
+
XMLSignature sig = signUsingDOM(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",
document,
- "file://" + BASEDIR + "/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml",
- false,
localNames,
- key
+ key,
+ referenceInfos
);
// Add KeyInfo
@@ -127,13 +137,23 @@ public class SignatureVerificationRefere
// Sign using DOM
List<String> localNames = new ArrayList<String>();
localNames.add("PaymentInfo");
+
+ ReferenceInfo referenceInfo = new ReferenceInfo(
+ "file://" + BASEDIR + "/target/test-classes/org/apache/xml/security/test/stax/signature/SignatureVerificationReferenceURIResolverTest.class",
+ null,
+ "http://www.w3.org/2000/09/xmldsig#sha1",
+ true
+ );
+
+ List<ReferenceInfo> referenceInfos = new ArrayList<ReferenceInfo>();
+ referenceInfos.add(referenceInfo);
+
XMLSignature sig = signUsingDOM(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",
document,
- "file://" + BASEDIR + "/target/test-classes/org/apache/xml/security/test/stax/signature/SignatureVerificationReferenceURIResolverTest.class",
- true,
localNames,
- key
+ key,
+ referenceInfos
);
// Add KeyInfo
@@ -177,13 +197,23 @@ public class SignatureVerificationRefere
// Sign using DOM
List<String> localNames = new ArrayList<String>();
localNames.add("PaymentInfo");
+
+ ReferenceInfo referenceInfo = new ReferenceInfo(
+ "http://www.apache.org/images/feather-small.gif",
+ null,
+ "http://www.w3.org/2000/09/xmldsig#sha1",
+ true
+ );
+
+ List<ReferenceInfo> referenceInfos = new ArrayList<ReferenceInfo>();
+ referenceInfos.add(referenceInfo);
+
XMLSignature sig = signUsingDOM(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",
document,
- "http://gigerstyle.homelinux.com/wp-content/themes/twentyeleven/images/headers/willow.jpg",
- true,
localNames,
- key
+ key,
+ referenceInfos
);
// Add KeyInfo
@@ -248,13 +278,23 @@ public class SignatureVerificationRefere
// Sign using DOM
List<String> localNames = new ArrayList<String>();
localNames.add("PaymentInfo");
+
+ ReferenceInfo referenceInfo = new ReferenceInfo(
+ "#xpointer(id('" + id + "'))",
+ "http://www.w3.org/2001/10/xml-exc-c14n#",
+ "http://www.w3.org/2000/09/xmldsig#sha1",
+ false
+ );
+
+ List<ReferenceInfo> referenceInfos = new ArrayList<ReferenceInfo>();
+ referenceInfos.add(referenceInfo);
+
XMLSignature sig = signUsingDOM(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",
document,
- "#xpointer(id('" + id + "'))",
- false,
localNames,
- key
+ key,
+ referenceInfos
);
// Add KeyInfo
@@ -309,13 +349,23 @@ public class SignatureVerificationRefere
// Sign using DOM
List<String> localNames = new ArrayList<String>();
localNames.add("PaymentInfo");
+
+ ReferenceInfo referenceInfo = new ReferenceInfo(
+ "#xpointer(id(\"" + id + "\"))",
+ "http://www.w3.org/2001/10/xml-exc-c14n#",
+ "http://www.w3.org/2000/09/xmldsig#sha1",
+ false
+ );
+
+ List<ReferenceInfo> referenceInfos = new ArrayList<ReferenceInfo>();
+ referenceInfos.add(referenceInfo);
+
XMLSignature sig = signUsingDOM(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",
document,
- "#xpointer(id(\"" + id + "\"))",
- false,
localNames,
- key
+ key,
+ referenceInfos
);
// Add KeyInfo
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java?rev=1362550&r1=1362549&r2=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java Tue Jul 17 16:06:13 2012
@@ -752,4 +752,51 @@ public class SignatureVerificationTest e
XMLSecurityConstants.XMLKeyIdentifierType.KEY_VALUE);
}
+ @Test
+ public void testSignatureVerificationTransformBase64() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+ "default".toCharArray()
+ );
+ Key key = keyStore.getKey("transmitter", "default".toCharArray());
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+
+ // Sign using DOM
+ List<String> localNames = new ArrayList<String>();
+ localNames.add("PaymentInfo");
+ XMLSignature sig = signUsingDOM(
+ "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+ document, localNames, "http://www.w3.org/2000/09/xmldsig#base64", key
+ );
+
+ // Add KeyInfo
+ sig.addKeyInfo(cert);
+
+ //XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ document = StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
}
Propchange: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Copied: santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml (from r1361553, santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml)
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml?p2=santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml&p1=santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml&r1=1361553&r2=1362550&rev=1362550&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml (original)
+++ santuario/xml-security-java/trunk/src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml Tue Jul 17 16:06:13 2012
@@ -12,13 +12,10 @@
Dig PLC, 1 First Ave, Dublin 1, Ireland
</ShippingAddress>
<PaymentInfo>
- <BillingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </BillingAddress>
- <CreditCard Type="Amex">
- <Name>Foo B Baz</Name>
- <Number>1234 567890 12345</Number>
- <Expires Month="1" Year="2005" />
- </CreditCard>
+ PEJpbGxpbmdBZGRyZXNzPgogICAgICBEaWcgUExDLCAxIEZpcnN0IEF2ZSwgRHVibGluIDEsIEly
+ ZWxhbmQKICAgIDwvQmlsbGluZ0FkZHJlc3M+CiAgICA8Q3JlZGl0Q2FyZCBUeXBlPUFtZXg+CiAg
+ ICAgIDxOYW1lPkZvbyBCIEJhejwvTmFtZT4KICAgICAgPE51bWJlcj4xMjM0IDU2Nzg5MCAxMjM0
+ NTwvTnVtYmVyPgogICAgICA8RXhwaXJlcyBNb250aD0xIFllYXI9MjAwNSAvPgogICAgPC9DcmVk
+ aXRDYXJkPgo=
</PaymentInfo>
</PurchaseOrder>