You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by gi...@apache.org on 2012/10/28 17:55:55 UTC
svn commit: r1403039 - in /santuario/xml-security-java/trunk: ./
src/main/java/org/apache/xml/security/resource/
src/main/java/org/apache/xml/security/stax/ext/
src/main/java/org/apache/xml/security/stax/impl/processor/input/
src/main/java/org/apache/x...
Author: giger
Date: Sun Oct 28 16:55:54 2012
New Revision: 1403039
URL: http://svn.apache.org/viewvc?rev=1403039&view=rev
Log:
move the whole compress transform code to wss4j because of missing features in the stax code.
Added:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java (with props)
Modified:
santuario/xml-security-java/trunk/pom.xml
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_de.properties
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_en.properties
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformIdentity.java
santuario/xml-security-java/trunk/src/main/resources/security-config.xml
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformBase64DecodeTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformCanonicalizerTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformEnvelopedSignatureTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformIdentityTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/HttpRequestRedirectorProxy.java
Modified: santuario/xml-security-java/trunk/pom.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/pom.xml?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/pom.xml (original)
+++ santuario/xml-security-java/trunk/pom.xml Sun Oct 28 16:55:54 2012
@@ -400,7 +400,6 @@
<bcprov.version>1.47</bcprov.version>
<xmlunit.version>1.3</xmlunit.version>
<commons.codec.version>1.6</commons.codec.version>
- <commons.compress.version>1.4.1</commons.compress.version>
<woodstox.core.asl.version>4.1.4</woodstox.core.asl.version>
<jetty.version>8.1.4.v20120524</jetty.version>
</properties>
@@ -425,12 +424,6 @@
<scope>compile</scope>
</dependency>
<dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-compress</artifactId>
- <version>${commons.compress.version}</version>
- <scope>compile</scope>
- </dependency>
- <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_de.properties
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_de.properties?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_de.properties [iso-8859-1] (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_de.properties [iso-8859-1] Sun Oct 28 16:55:54 2012
@@ -135,6 +135,7 @@ secureProcessing.DoNotThrowExceptionForM
secureProcessing.AllowMD5Algorithm = Vom Einsatz des MD5 Algorithmus wird strengstens abgeraten. Trotzdem kann er \u00fcber das Konfigurations-Property "AllowMD5Algorithm" erlaubt werden.
secureProcessing.AllowNotSameDocumentReferences = Externe Referenzen gefunden. Die Verarbeitung von externen Referenzen ist standardm\u00e4ssig ausgeschaltet. Es kann \u00fcber das Konfigurations-Property "AllowNotSameDocumentReferences" aktiviert werden.
secureProcessing.MaximumAllowedXMLStructureDepth = Die Maximum erlaubte Dokumenten-Tiefe von ({0}) wurde erreicht. Die Limite kann \u00fcber das Konfigurations-Property "MaximumAllowedXMLStructureDepth" erh\u00f6ht werden.
+secureProcessing.inputStreamLimitReached = Maximal erlaubte Anzahl bytes ({0}) erreicht.
stax.missingSecurityProperties = SecurityProperties darf nicht null sein\!
stax.noOutputAction = Keine ausgehenden "Actions" definiert.
stax.noKey = Kein Schl\u00fcssel geladen und es konnte kein Schl\u00fcssel gefunden werden f\u00fcr {0}
@@ -144,7 +145,6 @@ stax.emptyReferenceURI = Referenz enth\u
stax.encryption.unprocessedReferences = Es wurden nicht alle Verschl\u00fcsselungs-Referenzen verarbeitet...
stax.signature.unprocessedReferences = Es wurden nicht alle Signatur-Referenzen verarbeitet...
stax.unsupportedToken = {0} nicht unterst\u00fctzt.
-stax.encryption.Transforms.NotYetImplemented = Transformationen werden momentan nicht unterst\u00fctzt.
stax.xmlStructureSizeExceeded = Maximal erlaubte ({0}) XML-Struktur Tiefe erreicht.
stax.unexpectedXMLEvent = Unerwarteter StAX-Event\: {0}
stax.encryption.noEncAlgo = xenc\:EncryptedKey enth\u00e4lt kein xenc\:EncryptionMethod/@Algorithm.
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_en.properties
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_en.properties?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_en.properties [iso-8859-1] (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/xmlsecurity_en.properties [iso-8859-1] Sun Oct 28 16:55:54 2012
@@ -135,6 +135,7 @@ secureProcessing.DoNotThrowExceptionForM
secureProcessing.AllowMD5Algorithm = The use of MD5 algorithm is strongly discouraged. Nonetheless can it be enabled via the \"AllowMD5Algorithm\" property in the configuration.
secureProcessing.AllowNotSameDocumentReferences = External references found. Processing of external references is disabled by default. You can enable it via the \"AllowNotSameDocumentReferences\" property in the configuration.
secureProcessing.MaximumAllowedXMLStructureDepth = Maximum depth ({0}) of the XML structure reached. You can raise the maximum via the \"MaximumAllowedXMLStructureDepth\" property in the configuration.
+secureProcessing.inputStreamLimitReached = Maximum byte count ({0}) reached.
stax.missingSecurityProperties = SecurityProperties must not be null!
stax.noOutputAction = No outgoing actions specified.
stax.noKey = Key could not be resolved and no key was loaded for {0}
@@ -144,7 +145,6 @@ stax.emptyReferenceURI = Reference is mi
stax.encryption.unprocessedReferences = Some encryption references were not processed...
stax.signature.unprocessedReferences = Some signature references were not processed...
stax.unsupportedToken = {0} not supported.
-stax.encryption.Transforms.NotYetImplemented = Transforms not yet implemented.
stax.xmlStructureSizeExceeded = Maximum ({0}) allowed XML Structure size exceeded.
stax.unexpectedXMLEvent = Unexpected StAX-Event\: {0}
stax.encryption.noEncAlgo = xenc:EncryptedKey does not contain xenc:EncryptionMethod/@Algorithm.
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractOutputProcessor.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractOutputProcessor.java Sun Oct 28 16:55:54 2012
@@ -22,7 +22,6 @@ import java.security.cert.X509Certificat
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -39,7 +38,6 @@ import org.apache.xml.security.stax.ext.
import org.apache.xml.security.stax.ext.stax.XMLSecEventFactory;
import org.apache.xml.security.stax.ext.stax.XMLSecNamespace;
import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
-import org.apache.xml.security.stax.impl.EncryptionPartDef;
/**
* An abstract OutputProcessor class for reusabilty
@@ -253,37 +251,6 @@ public abstract class AbstractOutputProc
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_X509Data);
}
- protected void createReferenceListStructure(OutputProcessorChain outputProcessorChain)
- throws XMLStreamException, XMLSecurityException {
- List<EncryptionPartDef> encryptionPartDefs =
- outputProcessorChain.getSecurityContext().getAsList(EncryptionPartDef.class);
- if (encryptionPartDefs == null) {
- return;
- }
- List<XMLSecAttribute> attributes;
- createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_ReferenceList, true, null);
- //output the references to the encrypted data:
- Iterator<EncryptionPartDef> encryptionPartDefIterator = encryptionPartDefs.iterator();
- while (encryptionPartDefIterator.hasNext()) {
- EncryptionPartDef encryptionPartDef = encryptionPartDefIterator.next();
-
- attributes = new ArrayList<XMLSecAttribute>(1);
- attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_URI, "#" + encryptionPartDef.getEncRefId()));
- createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_DataReference, false, attributes);
- final String compressionAlgorithm = getSecurityProperties().getEncryptionCompressionAlgorithm();
- if (compressionAlgorithm != null) {
- createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_Transforms, true, null);
- attributes = new ArrayList<XMLSecAttribute>(1);
- attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Algorithm, compressionAlgorithm));
- createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_Transform, false, attributes);
- createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_Transform);
- createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_Transforms);
- }
- createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_DataReference);
- }
- createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_ReferenceList);
- }
-
protected SecurePart securePartMatches(XMLSecStartElement xmlSecStartElement,
OutputProcessorChain outputProcessorChain, String dynamicParts) {
Map<Object, SecurePart> dynamicSecureParts = outputProcessorChain.getSecurityContext().getAsMap(dynamicParts);
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java Sun Oct 28 16:55:54 2012
@@ -42,7 +42,6 @@ public class XMLSecurityProperties {
private X509Certificate encryptionUseThisCertificate;
private String encryptionSymAlgorithm;
- private String encryptionCompressionAlgorithm;
private String encryptionKeyTransportAlgorithm;
private String encryptionKeyTransportDigestAlgorithm;
private String encryptionKeyTransportMGFAlgorithm;
@@ -75,7 +74,6 @@ public class XMLSecurityProperties {
this.outAction = xmlSecurityProperties.outAction;
this.encryptionUseThisCertificate = xmlSecurityProperties.encryptionUseThisCertificate;
this.encryptionSymAlgorithm = xmlSecurityProperties.encryptionSymAlgorithm;
- this.encryptionCompressionAlgorithm = xmlSecurityProperties.encryptionCompressionAlgorithm;
this.encryptionKeyTransportAlgorithm = xmlSecurityProperties.encryptionKeyTransportAlgorithm;
this.encryptionKeyTransportDigestAlgorithm = xmlSecurityProperties.encryptionKeyTransportDigestAlgorithm;
this.encryptionKeyTransportMGFAlgorithm = xmlSecurityProperties.encryptionKeyTransportMGFAlgorithm;
@@ -233,14 +231,6 @@ public class XMLSecurityProperties {
this.encryptionUseThisCertificate = encryptionUseThisCertificate;
}
- public String getEncryptionCompressionAlgorithm() {
- return encryptionCompressionAlgorithm;
- }
-
- public void setEncryptionCompressionAlgorithm(String encryptionCompressionAlgorithm) {
- this.encryptionCompressionAlgorithm = encryptionCompressionAlgorithm;
- }
-
public X509Certificate[] getSignatureCerts() {
return signatureCerts;
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityUtils.java Sun Oct 28 16:55:54 2012
@@ -32,6 +32,8 @@ import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
+import java.io.IOException;
+import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.PublicKey;
@@ -314,4 +316,12 @@ public class XMLSecurityUtils {
}
return prefixes;
}
+
+ public static void copy(InputStream inputStream, OutputStream outputStream) throws IOException {
+ int read = 0;
+ byte[] buf = new byte[4096];
+ while ((read = inputStream.read(buf)) != -1) {
+ outputStream.write(buf, 0, read);
+ }
+ }
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractDecryptInputProcessor.java Sun Oct 28 16:55:54 2012
@@ -22,8 +22,6 @@ import org.apache.commons.codec.binary.B
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.binding.xmldsig.KeyInfoType;
-import org.apache.xml.security.binding.xmldsig.TransformType;
-import org.apache.xml.security.binding.xmldsig.TransformsType;
import org.apache.xml.security.binding.xmlenc.EncryptedDataType;
import org.apache.xml.security.binding.xmlenc.EncryptedKeyType;
import org.apache.xml.security.binding.xmlenc.ReferenceList;
@@ -31,7 +29,6 @@ import org.apache.xml.security.binding.x
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.ConfigurationProperties;
import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
-import org.apache.xml.security.stax.config.TransformerAlgorithmMapper;
import org.apache.xml.security.stax.ext.*;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.ext.stax.XMLSecEventFactory;
@@ -55,8 +52,6 @@ import javax.xml.stream.XMLStreamExcepti
import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import java.io.*;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
@@ -253,35 +248,7 @@ public abstract class AbstractDecryptInp
}
InputStream decryptInputStream = decryptionThread.getPipedInputStream();
-
- if (referenceType != null) {
- TransformsType transformsType =
- XMLSecurityUtils.getQNameType(referenceType.getAny(), XMLSecurityConstants.TAG_dsig_Transforms);
- if (transformsType != null) {
- List<TransformType> transformTypes = transformsType.getTransform();
- //to do don't forget to limit the count of transformations if more transformations will be supported!
- if (transformTypes.size() > 1) {
- throw new XMLSecurityException("stax.encryption.Transforms.NotYetImplemented");
- }
- TransformType transformType = transformTypes.get(0);
- @SuppressWarnings("unchecked")
- Class<InputStream> transformerClass =
- (Class<InputStream>) TransformerAlgorithmMapper.getTransformerClass(
- transformType.getAlgorithm(), XMLSecurityConstants.DIRECTION.IN);
- try {
- Constructor<InputStream> constructor = transformerClass.getConstructor(InputStream.class);
- decryptInputStream = constructor.newInstance(decryptInputStream);
- } catch (InvocationTargetException e) {
- throw new XMLSecurityException(e);
- } catch (NoSuchMethodException e) {
- throw new XMLSecurityException(e);
- } catch (InstantiationException e) {
- throw new XMLSecurityException(e);
- } catch (IllegalAccessException e) {
- throw new XMLSecurityException(e);
- }
- }
- }
+ decryptInputStream = applyTransforms(referenceType, decryptInputStream);
//spec says (4.2): "The cleartext octet sequence obtained in step 3 is
//interpreted as UTF-8 encoded character data."
@@ -305,6 +272,10 @@ public abstract class AbstractDecryptInp
return xmlSecEvent;
}
+ protected InputStream applyTransforms(ReferenceType referenceType, InputStream inputStream) throws XMLSecurityException {
+ return inputStream;
+ }
+
private InputStream writeWrapperStartElement(XMLSecStartElement xmlSecStartElement) throws IOException {
//temporary writer to write the dummy wrapper element with all namespaces in the current scope
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java Sun Oct 28 16:55:54 2012
@@ -19,7 +19,6 @@
package org.apache.xml.security.stax.impl.processor.input;
import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.compress.utils.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.binding.excc14n.InclusiveNamespaces;
@@ -249,7 +248,7 @@ public abstract class AbstractSignatureR
transformer.transform(inputStream);
bufferedDigestOutputStream.close();
} else {
- IOUtils.copy(inputStream, bufferedDigestOutputStream);
+ XMLSecurityUtils.copy(inputStream, bufferedDigestOutputStream);
bufferedDigestOutputStream.close();
}
} catch (IOException e) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java Sun Oct 28 16:55:54 2012
@@ -21,7 +21,6 @@ package org.apache.xml.security.stax.imp
import org.apache.commons.codec.binary.Base64OutputStream;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
-import org.apache.xml.security.stax.config.TransformerAlgorithmMapper;
import org.apache.xml.security.stax.ext.AbstractOutputProcessor;
import org.apache.xml.security.stax.ext.OutputProcessorChain;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
@@ -40,8 +39,6 @@ import javax.xml.stream.XMLStreamConstan
import javax.xml.stream.XMLStreamException;
import java.io.IOException;
import java.io.OutputStream;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
@@ -139,15 +136,7 @@ public abstract class AbstractEncryptOut
base64EncoderStream.write(iv);
OutputStream outputStream = new CipherOutputStream(base64EncoderStream, symmetricCipher);
-
- String compressionAlgorithm = getSecurityProperties().getEncryptionCompressionAlgorithm();
- if (compressionAlgorithm != null) {
- @SuppressWarnings("unchecked")
- Class<OutputStream> transformerClass =
- (Class<OutputStream>) TransformerAlgorithmMapper.getTransformerClass(compressionAlgorithm, XMLSecurityConstants.DIRECTION.OUT);
- Constructor<OutputStream> constructor = transformerClass.getConstructor(OutputStream.class);
- outputStream = constructor.newInstance(outputStream);
- }
+ outputStream = applyTransforms(outputStream);
//the trimmer output stream is needed to strip away the dummy wrapping element which must be added
cipherOutputStream = new TrimmerOutputStream(outputStream, 8192 * 10, 3, 4);
@@ -168,19 +157,14 @@ public abstract class AbstractEncryptOut
throw new XMLSecurityException(e);
} catch (InvalidAlgorithmParameterException e) {
throw new XMLSecurityException(e);
- } catch (InvocationTargetException e) {
- throw new XMLSecurityException(e);
- } catch (NoSuchMethodException e) {
- throw new XMLSecurityException(e);
- } catch (InstantiationException e) {
- throw new XMLSecurityException(e);
- } catch (IllegalAccessException e) {
- throw new XMLSecurityException(e);
}
-
super.init(outputProcessorChain);
}
+ protected OutputStream applyTransforms(OutputStream outputStream) throws XMLSecurityException {
+ return outputStream;
+ }
+
@Override
public void processEvent(final XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
throws XMLStreamException, XMLSecurityException {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureOutputProcessor.java Sun Oct 28 16:55:54 2012
@@ -19,7 +19,6 @@
package org.apache.xml.security.stax.impl.processor.output;
import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.compress.utils.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -99,7 +98,7 @@ public abstract class AbstractSignatureO
transformer.transform(inputStream);
transformer.doFinal();
} else {
- IOUtils.copy(inputStream, digestOutputStream);
+ XMLSecurityUtils.copy(inputStream, digestOutputStream);
}
digestOutputStream.close();
} catch (IOException e) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformIdentity.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformIdentity.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformIdentity.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/transformer/TransformIdentity.java Sun Oct 28 16:55:54 2012
@@ -18,10 +18,10 @@
*/
package org.apache.xml.security.stax.impl.transformer;
-import org.apache.commons.compress.utils.IOUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.Transformer;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.processor.input.XMLEventReaderInputProcessor;
import org.apache.xml.security.stax.impl.util.UnsynchronizedByteArrayInputStream;
@@ -182,7 +182,7 @@ public class TransformIdentity implement
if (getOutputStream() != null) {
//we have an output stream
try {
- IOUtils.copy(inputStream, getOutputStream());
+ XMLSecurityUtils.copy(inputStream, getOutputStream());
} catch (IOException e) {
throw new XMLStreamException(e);
}
Added: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java?rev=1403039&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java (added)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java Sun Oct 28 16:55:54 2012
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.stax.impl.util;
+
+import org.apache.xml.security.utils.I18n;
+
+import java.io.FilterInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class LimitingInputStream extends FilterInputStream {
+
+ private long limit;
+ private long count;
+
+ public LimitingInputStream(InputStream in, long limit) {
+ super(in);
+ this.limit = limit;
+ }
+
+ @Override
+ public int read() throws IOException {
+ int r = super.read();
+ if (r >= 0) {
+ incrementCountAndTestLimit(r);
+ }
+ return r;
+ }
+
+ @Override
+ public int read(byte[] b) throws IOException {
+ return read(b, 0, b.length);
+ }
+
+ @Override
+ public int read(byte[] b, int off, int len) throws IOException {
+ int r = super.read(b, off, len);
+ if (r >= 0) {
+ incrementCountAndTestLimit(r);
+ }
+ return r;
+ }
+
+ private void incrementCountAndTestLimit(long read) throws IOException {
+ this.count += read;
+ if (this.count > this.limit) {
+ throw new IOException(I18n.getExceptionMessage("secureProcessing.inputStreamLimitReached", new Object[]{this.limit}));
+ }
+ }
+}
Propchange: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified: santuario/xml-security-java/trunk/src/main/resources/security-config.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/resources/security-config.xml?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/resources/security-config.xml (original)
+++ santuario/xml-security-java/trunk/src/main/resources/security-config.xml Sun Oct 28 16:55:54 2012
@@ -46,23 +46,6 @@
<!-- XSLT -->
<!-- XPath version 2 -->
<!-- XPath version 2b -->
-
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/gzip" INOUT="IN"
- JAVACLASS="org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream" />
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/bzip2" INOUT="IN"
- JAVACLASS="org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream" />
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/xz" INOUT="IN"
- JAVACLASS="org.apache.commons.compress.compressors.xz.XZCompressorInputStream" />
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/pack200" INOUT="IN"
- JAVACLASS="org.apache.commons.compress.compressors.pack200.Pack200CompressorInputStream" />
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/gzip" INOUT="OUT"
- JAVACLASS="org.apache.commons.compress.compressors.gzip.GzipCompressorOutputStream" />
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/bzip2" INOUT="OUT"
- JAVACLASS="org.apache.commons.compress.compressors.bzip2.BZip2CompressorOutputStream" />
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/xz" INOUT="OUT"
- JAVACLASS="org.apache.commons.compress.compressors.xz.XZCompressorOutputStream" />
- <TransformAlgorithm URI="http://www.apache.org/2012/04/xmlsec/pack200" INOUT="OUT"
- JAVACLASS="org.apache.commons.compress.compressors.pack200.Pack200CompressorOutputStream" />
</TransformAlgorithms>
<JCEAlgorithmMappings>
<!-- MessageDigest Algorithms -->
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformBase64DecodeTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformBase64DecodeTest.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformBase64DecodeTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformBase64DecodeTest.java Sun Oct 28 16:55:54 2012
@@ -19,11 +19,11 @@
package org.apache.xml.security.test.stax.transformer;
import junit.framework.Assert;
-import org.apache.commons.compress.utils.IOUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.Init;
import org.apache.xml.security.stax.ext.Transformer;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.transformer.TransformBase64Decode;
import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
@@ -153,7 +153,7 @@ public class TransformBase64DecodeTest e
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
@@ -312,7 +312,7 @@ public class TransformBase64DecodeTest e
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformCanonicalizerTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformCanonicalizerTest.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformCanonicalizerTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformCanonicalizerTest.java Sun Oct 28 16:55:54 2012
@@ -19,11 +19,11 @@
package org.apache.xml.security.test.stax.transformer;
import junit.framework.Assert;
-import org.apache.commons.compress.utils.IOUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.Init;
import org.apache.xml.security.stax.ext.Transformer;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_OmitCommentsTransformer;
import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
@@ -86,7 +86,7 @@ public class TransformCanonicalizerTest
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
@@ -145,7 +145,7 @@ public class TransformCanonicalizerTest
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
@@ -235,7 +235,7 @@ public class TransformCanonicalizerTest
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
@@ -287,7 +287,7 @@ public class TransformCanonicalizerTest
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformEnvelopedSignatureTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformEnvelopedSignatureTest.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformEnvelopedSignatureTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformEnvelopedSignatureTest.java Sun Oct 28 16:55:54 2012
@@ -19,11 +19,11 @@
package org.apache.xml.security.test.stax.transformer;
import junit.framework.Assert;
-import org.apache.commons.compress.utils.IOUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.Init;
import org.apache.xml.security.stax.ext.Transformer;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.transformer.TransformEnvelopedSignature;
import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
@@ -142,7 +142,7 @@ public class TransformEnvelopedSignature
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformIdentityTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformIdentityTest.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformIdentityTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/transformer/TransformIdentityTest.java Sun Oct 28 16:55:54 2012
@@ -19,11 +19,11 @@
package org.apache.xml.security.test.stax.transformer;
import junit.framework.Assert;
-import org.apache.commons.compress.utils.IOUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.Init;
import org.apache.xml.security.stax.ext.Transformer;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.transformer.TransformIdentity;
import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
@@ -154,7 +154,7 @@ public class TransformIdentityTest exten
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
@@ -313,7 +313,7 @@ public class TransformIdentityTest exten
@Override
public void transform(InputStream inputStream) throws XMLStreamException {
try {
- IOUtils.copy(inputStream, byteArrayOutputStream);
+ XMLSecurityUtils.copy(inputStream, byteArrayOutputStream);
} catch (IOException e) {
throw new RuntimeException(e);
}
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/HttpRequestRedirectorProxy.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/HttpRequestRedirectorProxy.java?rev=1403039&r1=1403038&r2=1403039&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/HttpRequestRedirectorProxy.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/HttpRequestRedirectorProxy.java Sun Oct 28 16:55:54 2012
@@ -18,7 +18,7 @@
*/
package org.apache.xml.security.test.stax.utils;
-import org.apache.commons.compress.utils.IOUtils;
+import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.io.Buffer;
import org.eclipse.jetty.server.Server;
@@ -110,7 +110,7 @@ public class HttpRequestRedirectorProxy
if (mime != null) {
resp.setContentType(mime.toString());
}
- IOUtils.copy(inputStream, resp.getOutputStream());
+ XMLSecurityUtils.copy(inputStream, resp.getOutputStream());
inputStream.close();
return;
}