You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by mu...@apache.org on 2008/02/25 21:55:51 UTC
svn commit: r630988 [1/2] - in /xml/security/trunk/src/org:
apache/xml/security/c14n/ apache/xml/security/c14n/implementations/
apache/xml/security/resource/ apache/xml/security/signature/
apache/xml/security/transforms/ apache/xml/security/transforms/...
Author: mullan
Date: Mon Feb 25 12:55:47 2008
New Revision: 630988
URL: http://svn.apache.org/viewvc?rev=630988&view=rev
Log:
RFE 42653: Add support for C14N 1.1 to Java implementation
Added:
xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java
xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_OmitComments.java
xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_WithComments.java
xml/security/trunk/src/org/apache/xml/security/transforms/implementations/TransformC14N11.java
xml/security/trunk/src/org/apache/xml/security/transforms/implementations/TransformC14N11_WithComments.java
xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14N11Method.java
Modified:
xml/security/trunk/src/org/apache/xml/security/c14n/Canonicalizer.java
xml/security/trunk/src/org/apache/xml/security/resource/config.xml
xml/security/trunk/src/org/apache/xml/security/signature/XMLSignatureInput.java
xml/security/trunk/src/org/apache/xml/security/transforms/Transforms.java
xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java
xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/ApacheTransform.java
xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/DOMReference.java
xml/security/trunk/src/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java
Modified: xml/security/trunk/src/org/apache/xml/security/c14n/Canonicalizer.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/c14n/Canonicalizer.java?rev=630988&r1=630987&r2=630988&view=diff
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/c14n/Canonicalizer.java (original)
+++ xml/security/trunk/src/org/apache/xml/security/c14n/Canonicalizer.java Mon Feb 25 12:55:47 2008
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2004 The Apache Software Foundation.
+ * Copyright 1999-2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -16,8 +16,6 @@
*/
package org.apache.xml.security.c14n;
-
-
import java.io.ByteArrayInputStream;
import java.io.OutputStream;
import java.util.HashMap;
@@ -33,318 +31,326 @@
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
-
/**
*
- *
* @author Christian Geuer-Pollmann
*/
public class Canonicalizer {
- //J-
- /** The output encoding of canonicalized data */
- public static final String ENCODING = "UTF8";
-
+ /** The output encoding of canonicalized data */
+ public static final String ENCODING = "UTF8";
- /**
- * XPath Expresion for selecting every node and continuos comments joined in only one node
+ /**
+ * XPath Expresion for selecting every node and continuous comments joined
+ * in only one node
*/
- public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE = "(.//. | .//@* | .//namespace::*)";
+ public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE =
+ "(.//. | .//@* | .//namespace::*)";
-
- /**
+ /**
* The URL defined in XML-SEC Rec for inclusive c14n <b>without</b> comments.
*/
- public static final String ALGO_ID_C14N_OMIT_COMMENTS = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
- /**
- * The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments.
- */
- public static final String ALGO_ID_C14N_WITH_COMMENTS = ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments";
- /**
- * The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments.
- */
- public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = "http://www.w3.org/2001/10/xml-exc-c14n#";
- /**
- * The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments.
- */
- public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments";
-
- static boolean _alreadyInitialized = false;
- static Map _canonicalizerHash = null;
-
- protected CanonicalizerSpi canonicalizerSpi = null;
- //J+
-
- /**
- * Method init
- *
- */
- public static void init() {
-
- if (!Canonicalizer._alreadyInitialized) {
- Canonicalizer._canonicalizerHash = new HashMap(10);
- Canonicalizer._alreadyInitialized = true;
- }
- }
-
- /**
- * Constructor Canonicalizer
- *
- * @param algorithmURI
- * @throws InvalidCanonicalizerException
- */
- private Canonicalizer(String algorithmURI)
+ public static final String ALGO_ID_C14N_OMIT_COMMENTS =
+ "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
+ /**
+ * The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments.
+ */
+ public static final String ALGO_ID_C14N_WITH_COMMENTS =
+ ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments";
+ /**
+ * The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments.
+ */
+ public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS =
+ "http://www.w3.org/2001/10/xml-exc-c14n#";
+ /**
+ * The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments.
+ */
+ public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS =
+ ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments";
+ /**
+ * The URI for inclusive c14n 1.1 <b>without</b> comments.
+ */
+ public static final String ALGO_ID_C14N11_OMIT_COMMENTS =
+ "http://www.w3.org/2006/12/xml-c14n11";
+ /**
+ * The URI for inclusive c14n 1.1 <b>with</b> comments.
+ */
+ public static final String ALGO_ID_C14N11_WITH_COMMENTS =
+ ALGO_ID_C14N11_OMIT_COMMENTS + "#WithComments";
+
+ static boolean _alreadyInitialized = false;
+ static Map _canonicalizerHash = null;
+
+ protected CanonicalizerSpi canonicalizerSpi = null;
+
+ /**
+ * Method init
+ *
+ */
+ public static void init() {
+
+ if (!Canonicalizer._alreadyInitialized) {
+ Canonicalizer._canonicalizerHash = new HashMap(10);
+ Canonicalizer._alreadyInitialized = true;
+ }
+ }
+
+ /**
+ * Constructor Canonicalizer
+ *
+ * @param algorithmURI
+ * @throws InvalidCanonicalizerException
+ */
+ private Canonicalizer(String algorithmURI)
throws InvalidCanonicalizerException {
- try {
- Class implementingClass = getImplementingClass(algorithmURI);
+ try {
+ Class implementingClass = getImplementingClass(algorithmURI);
- this.canonicalizerSpi =
- (CanonicalizerSpi) implementingClass.newInstance();
- this.canonicalizerSpi.reset=true;
- } catch (Exception e) {
- Object exArgs[] = { algorithmURI };
-
- throw new InvalidCanonicalizerException(
- "signature.Canonicalizer.UnknownCanonicalizer", exArgs);
- }
- }
-
- /**
- * Method getInstance
- *
- * @param algorithmURI
- * @return a Conicicalizer instance ready for the job
- * @throws InvalidCanonicalizerException
- */
- public static final Canonicalizer getInstance(String algorithmURI)
+ this.canonicalizerSpi =
+ (CanonicalizerSpi) implementingClass.newInstance();
+ this.canonicalizerSpi.reset=true;
+ } catch (Exception e) {
+ Object exArgs[] = { algorithmURI };
+
+ throw new InvalidCanonicalizerException(
+ "signature.Canonicalizer.UnknownCanonicalizer", exArgs);
+ }
+ }
+
+ /**
+ * Method getInstance
+ *
+ * @param algorithmURI
+ * @return a Conicicalizer instance ready for the job
+ * @throws InvalidCanonicalizerException
+ */
+ public static final Canonicalizer getInstance(String algorithmURI)
throws InvalidCanonicalizerException {
- Canonicalizer c14nizer = new Canonicalizer(algorithmURI);
+ Canonicalizer c14nizer = new Canonicalizer(algorithmURI);
- return c14nizer;
- }
+ return c14nizer;
+ }
- /**
- * Method register
- *
- * @param algorithmURI
- * @param implementingClass
- * @throws AlgorithmAlreadyRegisteredException
- */
- public static void register(String algorithmURI, String implementingClass)
+ /**
+ * Method register
+ *
+ * @param algorithmURI
+ * @param implementingClass
+ * @throws AlgorithmAlreadyRegisteredException
+ */
+ public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException {
- // check whether URI is already registered
- Class registeredClass = getImplementingClass(algorithmURI);
+ // check whether URI is already registered
+ Class registeredClass = getImplementingClass(algorithmURI);
- if (registeredClass != null) {
- Object exArgs[] = { algorithmURI, registeredClass };
+ if (registeredClass != null) {
+ Object exArgs[] = { algorithmURI, registeredClass };
- throw new AlgorithmAlreadyRegisteredException(
- "algorithm.alreadyRegistered", exArgs);
- }
+ throw new AlgorithmAlreadyRegisteredException(
+ "algorithm.alreadyRegistered", exArgs);
+ }
- try {
- _canonicalizerHash.put(algorithmURI, Class.forName(implementingClass));
+ try {
+ _canonicalizerHash.put(algorithmURI, Class.forName(implementingClass));
} catch (ClassNotFoundException e) {
- throw new RuntimeException("c14n class not found");
+ throw new RuntimeException("c14n class not found");
}
- }
+ }
- /**
- * Method getURI
- *
- * @return the URI defined for this c14n instance.
- */
- public final String getURI() {
- return this.canonicalizerSpi.engineGetURI();
- }
-
- /**
- * Method getIncludeComments
- *
- * @return true if the c14n respect the comments.
- */
- public boolean getIncludeComments() {
- return this.canonicalizerSpi.engineGetIncludeComments();
- }
-
- /**
- * This method tries to canonicalize the given bytes. It's possible to even
- * canonicalize non-wellformed sequences if they are well-formed after being
- * wrapped with a <CODE>>a<...>/a<</CODE>.
- *
- * @param inputBytes
- * @return the result of the conicalization.
- * @throws CanonicalizationException
- * @throws java.io.IOException
- * @throws javax.xml.parsers.ParserConfigurationException
- * @throws org.xml.sax.SAXException
- */
- public byte[] canonicalize(byte[] inputBytes)
+ /**
+ * Method getURI
+ *
+ * @return the URI defined for this c14n instance.
+ */
+ public final String getURI() {
+ return this.canonicalizerSpi.engineGetURI();
+ }
+
+ /**
+ * Method getIncludeComments
+ *
+ * @return true if the c14n respect the comments.
+ */
+ public boolean getIncludeComments() {
+ return this.canonicalizerSpi.engineGetIncludeComments();
+ }
+
+ /**
+ * This method tries to canonicalize the given bytes. It's possible to even
+ * canonicalize non-wellformed sequences if they are well-formed after being
+ * wrapped with a <CODE>>a<...>/a<</CODE>.
+ *
+ * @param inputBytes
+ * @return the result of the conicalization.
+ * @throws CanonicalizationException
+ * @throws java.io.IOException
+ * @throws javax.xml.parsers.ParserConfigurationException
+ * @throws org.xml.sax.SAXException
+ */
+ public byte[] canonicalize(byte[] inputBytes)
throws javax.xml.parsers.ParserConfigurationException,
java.io.IOException, org.xml.sax.SAXException,
CanonicalizationException {
- ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes);
- InputSource in = new InputSource(bais);
- DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
-
- dfactory.setNamespaceAware(true);
-
- // needs to validate for ID attribute nomalization
- dfactory.setValidating(true);
-
- DocumentBuilder db = dfactory.newDocumentBuilder();
-
- /*
- * for some of the test vectors from the specification,
- * there has to be a validatin parser for ID attributes, default
- * attribute values, NMTOKENS, etc.
- * Unfortunaltely, the test vectors do use different DTDs or
- * even no DTD. So Xerces 1.3.1 fires many warnings about using
- * ErrorHandlers.
- *
- * Text from the spec:
- *
- * The input octet stream MUST contain a well-formed XML document,
- * but the input need not be validated. However, the attribute
- * value normalization and entity reference resolution MUST be
- * performed in accordance with the behaviors of a validating
- * XML processor. As well, nodes for default attributes (declared
- * in the ATTLIST with an AttValue but not specified) are created
- * in each element. Thus, the declarations in the document type
- * declaration are used to help create the canonical form, even
- * though the document type declaration is not retained in the
- * canonical form.
- *
- */
- db.setErrorHandler(new org.apache.xml.security.utils
- .IgnoreAllErrorHandler());
-
- Document document = db.parse(in);
- byte result[] = this.canonicalizeSubtree(document);
-
- return result;
- }
-
- /**
- * Canonicalizes the subtree rooted by <CODE>node</CODE>.
- *
- * @param node The node to canicalize
- * @return the result of the c14n.
- *
- * @throws CanonicalizationException
- */
- public byte[] canonicalizeSubtree(Node node)
+ ByteArrayInputStream bais = new ByteArrayInputStream(inputBytes);
+ InputSource in = new InputSource(bais);
+ DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
+
+ dfactory.setNamespaceAware(true);
+
+ // needs to validate for ID attribute nomalization
+ dfactory.setValidating(true);
+
+ DocumentBuilder db = dfactory.newDocumentBuilder();
+
+ /*
+ * for some of the test vectors from the specification,
+ * there has to be a validatin parser for ID attributes, default
+ * attribute values, NMTOKENS, etc.
+ * Unfortunaltely, the test vectors do use different DTDs or
+ * even no DTD. So Xerces 1.3.1 fires many warnings about using
+ * ErrorHandlers.
+ *
+ * Text from the spec:
+ *
+ * The input octet stream MUST contain a well-formed XML document,
+ * but the input need not be validated. However, the attribute
+ * value normalization and entity reference resolution MUST be
+ * performed in accordance with the behaviors of a validating
+ * XML processor. As well, nodes for default attributes (declared
+ * in the ATTLIST with an AttValue but not specified) are created
+ * in each element. Thus, the declarations in the document type
+ * declaration are used to help create the canonical form, even
+ * though the document type declaration is not retained in the
+ * canonical form.
+ *
+ */
+ db.setErrorHandler(new org.apache.xml.security.utils
+ .IgnoreAllErrorHandler());
+
+ Document document = db.parse(in);
+ byte result[] = this.canonicalizeSubtree(document);
+
+ return result;
+ }
+
+ /**
+ * Canonicalizes the subtree rooted by <CODE>node</CODE>.
+ *
+ * @param node The node to canicalize
+ * @return the result of the c14n.
+ *
+ * @throws CanonicalizationException
+ */
+ public byte[] canonicalizeSubtree(Node node)
throws CanonicalizationException {
- return this.canonicalizerSpi.engineCanonicalizeSubTree(node);
- }
+ return this.canonicalizerSpi.engineCanonicalizeSubTree(node);
+ }
- /**
- * Canonicalizes the subtree rooted by <CODE>node</CODE>.
- *
- * @param node
- * @param inclusiveNamespaces
- * @return the result of the c14n.
- * @throws CanonicalizationException
- */
- public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces)
+ /**
+ * Canonicalizes the subtree rooted by <CODE>node</CODE>.
+ *
+ * @param node
+ * @param inclusiveNamespaces
+ * @return the result of the c14n.
+ * @throws CanonicalizationException
+ */
+ public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces)
throws CanonicalizationException {
- return this.canonicalizerSpi.engineCanonicalizeSubTree(node,
+ return this.canonicalizerSpi.engineCanonicalizeSubTree(node,
inclusiveNamespaces);
- }
+ }
- /**
- * Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
- * as a list of XPath nodes, not as a list of subtrees.
- *
- * @param xpathNodeSet
- * @return the result of the c14n.
- * @throws CanonicalizationException
- */
- public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet)
+ /**
+ * Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
+ * as a list of XPath nodes, not as a list of subtrees.
+ *
+ * @param xpathNodeSet
+ * @return the result of the c14n.
+ * @throws CanonicalizationException
+ */
+ public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet)
throws CanonicalizationException {
- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
- }
+ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
+ }
- /**
- * Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
- * as a list of XPath nodes, not as a list of subtrees.
- *
- * @param xpathNodeSet
- * @param inclusiveNamespaces
- * @return the result of the c14n.
- * @throws CanonicalizationException
- */
- public byte[] canonicalizeXPathNodeSet(
+ /**
+ * Canonicalizes an XPath node set. The <CODE>xpathNodeSet</CODE> is treated
+ * as a list of XPath nodes, not as a list of subtrees.
+ *
+ * @param xpathNodeSet
+ * @param inclusiveNamespaces
+ * @return the result of the c14n.
+ * @throws CanonicalizationException
+ */
+ public byte[] canonicalizeXPathNodeSet(
NodeList xpathNodeSet, String inclusiveNamespaces)
throws CanonicalizationException {
- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
+ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
inclusiveNamespaces);
- }
+ }
- /**
- * Canonicalizes an XPath node set.
- *
- * @param xpathNodeSet
- * @return the result of the c14n.
- * @throws CanonicalizationException
- */
- public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet)
+ /**
+ * Canonicalizes an XPath node set.
+ *
+ * @param xpathNodeSet
+ * @return the result of the c14n.
+ * @throws CanonicalizationException
+ */
+ public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet)
throws CanonicalizationException {
- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
- }
+ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet);
+ }
- /**
- * Canonicalizes an XPath node set.
- *
- * @param xpathNodeSet
- * @param inclusiveNamespaces
- * @return the result of the c14n.
- * @throws CanonicalizationException
- */
- public byte[] canonicalizeXPathNodeSet(
- Set xpathNodeSet, String inclusiveNamespaces)
- throws CanonicalizationException {
- return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
- inclusiveNamespaces);
- }
-
- /**
- * Sets the writter where the cannocalization ends. ByteArrayOutputStream if
- * none is setted.
- * @param os
- */
- public void setWriter(OutputStream os) {
- this.canonicalizerSpi.setWriter(os);
- }
-
- /**
- * Returns the name of the implementing {@link CanonicalizerSpi} class
- *
- * @return the name of the implementing {@link CanonicalizerSpi} class
- */
- public String getImplementingCanonicalizerClass() {
- return this.canonicalizerSpi.getClass().getName();
- }
-
- /**
- * Method getImplementingClass
- *
- * @param URI
- * @return the name of the class that implements the give URI
- */
- private static Class getImplementingClass(String URI) {
- return (Class) _canonicalizerHash.get(URI);
- }
+ /**
+ * Canonicalizes an XPath node set.
+ *
+ * @param xpathNodeSet
+ * @param inclusiveNamespaces
+ * @return the result of the c14n.
+ * @throws CanonicalizationException
+ */
+ public byte[] canonicalizeXPathNodeSet(Set xpathNodeSet,
+ String inclusiveNamespaces) throws CanonicalizationException {
+ return this.canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet,
+ inclusiveNamespaces);
+ }
+
+ /**
+ * Sets the writer where the canonicalization ends. ByteArrayOutputStream
+ * if none is set.
+ * @param os
+ */
+ public void setWriter(OutputStream os) {
+ this.canonicalizerSpi.setWriter(os);
+ }
+
+ /**
+ * Returns the name of the implementing {@link CanonicalizerSpi} class
+ *
+ * @return the name of the implementing {@link CanonicalizerSpi} class
+ */
+ public String getImplementingCanonicalizerClass() {
+ return this.canonicalizerSpi.getClass().getName();
+ }
+
+ /**
+ * Method getImplementingClass
+ *
+ * @param URI
+ * @return the name of the class that implements the given URI
+ */
+ private static Class getImplementingClass(String URI) {
+ return (Class) _canonicalizerHash.get(URI);
+ }
- /**
- * Set the canonicalizator behaviour to not reset.
- *
- */
- public void notReset() {
- this.canonicalizerSpi.reset=false;
- }
+ /**
+ * Set the canonicalizer behaviour to not reset.
+ */
+ public void notReset() {
+ this.canonicalizerSpi.reset = false;
+ }
}
Added: xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java?rev=630988&view=auto
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java (added)
+++ xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java Mon Feb 25 12:55:47 2008
@@ -0,0 +1,680 @@
+/*
+ * Copyright 2008 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.xml.security.c14n.implementations;
+
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.SortedSet;
+import java.util.TreeSet;
+import javax.xml.parsers.ParserConfigurationException;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.xml.sax.SAXException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.xml.security.c14n.CanonicalizationException;
+import org.apache.xml.security.c14n.helper.C14nHelper;
+import org.apache.xml.security.signature.XMLSignatureInput;
+import org.apache.xml.security.utils.Constants;
+import org.apache.xml.security.utils.XMLUtils;
+
+/**
+ * Implements <A HREF="http://www.w3.org/TR/2008/PR-xml-c14n11-20080129/">
+ * Canonical XML Version 1.1</A>, a W3C Proposed Recommendation from 29
+ * January 2008.
+ *
+ * @author Sean Mullan
+ * @author Raul Benito
+ * @version $Revision: 429012 $
+ */
+public abstract class Canonicalizer11 extends CanonicalizerBase {
+ boolean firstCall = true;
+ final SortedSet result = new TreeSet(COMPARE);
+ static final String XMLNS_URI = Constants.NamespaceSpecNS;
+ static final String XML_LANG_URI = Constants.XML_LANG_SPACE_SpecNS;
+
+ static Log log = LogFactory.getLog(Canonicalizer11.class.getName());
+
+ static class XmlAttrStack {
+ int currentLevel = 0;
+ int lastlevel = 0;
+ XmlsStackElement cur;
+ static class XmlsStackElement {
+ int level;
+ boolean rendered = false;
+ List nodes = new ArrayList();
+ };
+ List levels = new ArrayList();
+ void push(int level) {
+ currentLevel = level;
+ if (currentLevel == -1)
+ return;
+ cur = null;
+ while (lastlevel >= currentLevel) {
+ levels.remove(levels.size() - 1);
+ if (levels.size() == 0) {
+ lastlevel = 0;
+ return;
+ }
+ lastlevel=((XmlsStackElement)levels.get(levels.size()-1)).level;
+ }
+ }
+ void addXmlnsAttr(Attr n) {
+ if (cur == null) {
+ cur = new XmlsStackElement();
+ cur.level = currentLevel;
+ levels.add(cur);
+ lastlevel = currentLevel;
+ }
+ cur.nodes.add(n);
+ }
+ void getXmlnsAttr(Collection col) {
+ if (cur == null) {
+ cur = new XmlsStackElement();
+ cur.level = currentLevel;
+ lastlevel = currentLevel;
+ levels.add(cur);
+ }
+ int size = levels.size() - 2;
+ boolean parentRendered = false;
+ XmlsStackElement e = null;
+ if (size == -1) {
+ parentRendered = true;
+ } else {
+ e = (XmlsStackElement) levels.get(size);
+ if (e.rendered && e.level+1 == currentLevel)
+ parentRendered = true;
+ }
+ if (parentRendered) {
+ col.addAll(cur.nodes);
+ cur.rendered = true;
+ return;
+ }
+
+ Map loa = new HashMap();
+ List baseAttrs = new ArrayList();
+ boolean successiveOmitted = true;
+ for (;size>=0;size--) {
+ e = (XmlsStackElement) levels.get(size);
+ if (e.rendered) {
+ successiveOmitted = false;
+ }
+ Iterator it = e.nodes.iterator();
+ while (it.hasNext() && successiveOmitted) {
+ Attr n = (Attr) it.next();
+ if (n.getLocalName().equals("base")) {
+ if (!e.rendered) {
+ baseAttrs.add(n);
+ }
+ } else if (!loa.containsKey(n.getName()))
+ loa.put(n.getName(), n);
+ }
+ }
+ if (!baseAttrs.isEmpty()) {
+ Iterator it = cur.nodes.iterator();
+ String base = null;
+ Attr baseAttr = null;
+ while (it.hasNext()) {
+ Attr n = (Attr) it.next();
+ if (n.getLocalName().equals("base")) {
+ base = n.getValue();
+ baseAttr = n;
+ break;
+ }
+ }
+ it = baseAttrs.iterator();
+ while (it.hasNext()) {
+ Attr n = (Attr) it.next();
+ if (base == null) {
+ base = n.getValue();
+ baseAttr = n;
+ } else {
+ try {
+ base = joinURI(n.getValue(), base);
+ } catch (URISyntaxException ue) {
+ ue.printStackTrace();
+ }
+ }
+ }
+ if (base != null && base.length() != 0) {
+ baseAttr.setValue(base);
+ col.add(baseAttr);
+ }
+ }
+
+ cur.rendered = true;
+ col.addAll(loa.values());
+ }
+ };
+ XmlAttrStack xmlattrStack = new XmlAttrStack();
+
+ /**
+ * Constructor Canonicalizer11
+ *
+ * @param includeComments
+ */
+ public Canonicalizer11(boolean includeComments) {
+ super(includeComments);
+ }
+
+ /**
+ * Returns the Attr[]s to be outputted for the given element.
+ * <br>
+ * The code of this method is a copy of {@link #handleAttributes(Element,
+ * NameSpaceSymbTable)},
+ * whereas it takes into account that subtree-c14n is -- well --
+ * subtree-based.
+ * So if the element in question isRoot of c14n, it's parent is not in the
+ * node set, as well as all other ancestors.
+ *
+ * @param E
+ * @param ns
+ * @return the Attr[]s to be outputted
+ * @throws CanonicalizationException
+ */
+ Iterator handleAttributesSubtree(Element E, NameSpaceSymbTable ns)
+ throws CanonicalizationException {
+ if (!E.hasAttributes() && !firstCall) {
+ return null;
+ }
+ // result will contain the attrs which have to be outputted
+ final SortedSet result = this.result;
+ result.clear();
+ NamedNodeMap attrs = E.getAttributes();
+ int attrsLength = attrs.getLength();
+
+ for (int i = 0; i < attrsLength; i++) {
+ Attr N = (Attr) attrs.item(i);
+ String NUri = N.getNamespaceURI();
+
+ if (XMLNS_URI != NUri) {
+ // It's not a namespace attr node. Add to the result and
+ // continue.
+ result.add(N);
+ continue;
+ }
+
+ String NName = N.getLocalName();
+ String NValue = N.getValue();
+ if (XML.equals(NName)
+ && XML_LANG_URI.equals(NValue)) {
+ // The default mapping for xml must not be output.
+ continue;
+ }
+
+ Node n = ns.addMappingAndRender(NName, NValue, N);
+
+ if (n != null) {
+ // Render the ns definition
+ result.add(n);
+ if (C14nHelper.namespaceIsRelative(N)) {
+ Object exArgs[] = {E.getTagName(), NName, N.getNodeValue()};
+ throw new CanonicalizationException(
+ "c14n.Canonicalizer.RelativeNamespace", exArgs);
+ }
+ }
+ }
+
+ if (firstCall) {
+ // It is the first node of the subtree
+ // Obtain all the namespaces defined in the parents, and added
+ // to the output.
+ ns.getUnrenderedNodes(result);
+ // output the attributes in the xml namespace.
+ xmlattrStack.getXmlnsAttr(result);
+ firstCall = false;
+ }
+
+ return result.iterator();
+ }
+
+ /**
+ * Returns the Attr[]s to be outputted for the given element.
+ * <br>
+ * IMPORTANT: This method expects to work on a modified DOM tree, i.e. a
+ * DOM which has been prepared using
+ * {@link org.apache.xml.security.utils.XMLUtils#circumventBug2650(
+ * org.w3c.dom.Document)}.
+ *
+ * @param E
+ * @param ns
+ * @return the Attr[]s to be outputted
+ * @throws CanonicalizationException
+ */
+ Iterator handleAttributes(Element E, NameSpaceSymbTable ns)
+ throws CanonicalizationException {
+ // result will contain the attrs which have to be output
+ xmlattrStack.push(ns.getLevel());
+ boolean isRealVisible = isVisibleDO(E, ns.getLevel()) == 1;
+ NamedNodeMap attrs = null;
+ int attrsLength = 0;
+ if (E.hasAttributes()) {
+ attrs = E.getAttributes();
+ attrsLength = attrs.getLength();
+ }
+
+ SortedSet result = this.result;
+ result.clear();
+
+ for (int i = 0; i < attrsLength; i++) {
+ Attr N = (Attr) attrs.item(i);
+ String NUri = N.getNamespaceURI();
+
+ if (XMLNS_URI != NUri) {
+ // A non namespace definition node.
+ if (XML_LANG_URI == NUri) {
+ if (N.getLocalName().equals("id")) {
+ if (isRealVisible) {
+ // treat xml:id like any other attribute
+ // (emit it, but don't inherit it)
+ result.add(N);
+ }
+ } else {
+ xmlattrStack.addXmlnsAttr(N);
+ }
+ } else if (isRealVisible) {
+ // The node is visible add the attribute to the list of
+ // output attributes.
+ result.add(N);
+ }
+ // keep working
+ continue;
+ }
+
+ String NName = N.getLocalName();
+ String NValue = N.getValue();
+ if ("xml".equals(NName)
+ && XML_LANG_URI.equals(NValue)) {
+ /* except omit namespace node with local name xml, which defines
+ * the xml prefix, if its string value is
+ * http://www.w3.org/XML/1998/namespace.
+ */
+ continue;
+ }
+ // add the prefix binding to the ns symb table.
+ // ns.addInclusiveMapping(NName,NValue,N,isRealVisible);
+ if (isVisible(N)) {
+ if (!isRealVisible && ns.removeMappingIfRender(NName)) {
+ continue;
+ }
+ // The xpath select this node output it if needed.
+ // Node n = ns.addMappingAndRenderXNodeSet
+ // (NName, NValue, N, isRealVisible);
+ Node n = ns.addMappingAndRender(NName, NValue, N);
+ if (n != null) {
+ result.add(n);
+ if (C14nHelper.namespaceIsRelative(N)) {
+ Object exArgs[] =
+ { E.getTagName(), NName, N.getNodeValue() };
+ throw new CanonicalizationException(
+ "c14n.Canonicalizer.RelativeNamespace", exArgs);
+ }
+ }
+ } else {
+ if (isRealVisible && NName != XMLNS) {
+ ns.removeMapping(NName);
+ } else {
+ ns.addMapping(NName, NValue, N);
+ }
+ }
+ }
+ if (isRealVisible) {
+ // The element is visible, handle the xmlns definition
+ Attr xmlns = E.getAttributeNodeNS(XMLNS_URI, XMLNS);
+ Node n = null;
+ if (xmlns == null) {
+ // No xmlns def just get the already defined.
+ n = ns.getMapping(XMLNS);
+ } else if (!isVisible(xmlns)) {
+ // There is a defn but the xmlns is not selected by the xpath.
+ // then xmlns=""
+ n = ns.addMappingAndRender(XMLNS, "", nullNode);
+ }
+ // output the xmlns def if needed.
+ if (n != null) {
+ result.add(n);
+ }
+ // Float all xml:* attributes of the unselected parent elements to
+ // this one. addXmlAttributes(E,result);
+ xmlattrStack.getXmlnsAttr(result);
+ ns.getUnrenderedNodes(result);
+ }
+
+ return result.iterator();
+ }
+
+ /**
+ * Always throws a CanonicalizationException because this is inclusive c14n.
+ *
+ * @param xpathNodeSet
+ * @param inclusiveNamespaces
+ * @return none it always fails
+ * @throws CanonicalizationException always
+ */
+ public byte[] engineCanonicalizeXPathNodeSet(Set xpathNodeSet,
+ String inclusiveNamespaces) throws CanonicalizationException {
+ throw new CanonicalizationException(
+ "c14n.Canonicalizer.UnsupportedOperation");
+ }
+
+ /**
+ * Always throws a CanonicalizationException because this is inclusive c14n.
+ *
+ * @param rootNode
+ * @param inclusiveNamespaces
+ * @return none it always fails
+ * @throws CanonicalizationException
+ */
+ public byte[] engineCanonicalizeSubTree(Node rootNode,
+ String inclusiveNamespaces) throws CanonicalizationException {
+ throw new CanonicalizationException(
+ "c14n.Canonicalizer.UnsupportedOperation");
+ }
+
+ void circumventBugIfNeeded(XMLSignatureInput input)
+ throws CanonicalizationException, ParserConfigurationException,
+ IOException, SAXException {
+ if (!input.isNeedsToBeExpanded())
+ return;
+ Document doc = null;
+ if (input.getSubNode() != null) {
+ doc = XMLUtils.getOwnerDocument(input.getSubNode());
+ } else {
+ doc = XMLUtils.getOwnerDocument(input.getNodeSet());
+ }
+ XMLUtils.circumventBug2650(doc);
+ }
+
+ void handleParent(Element e, NameSpaceSymbTable ns) {
+ if (!e.hasAttributes()) {
+ return;
+ }
+ xmlattrStack.push(-1);
+ NamedNodeMap attrs = e.getAttributes();
+ int attrsLength = attrs.getLength();
+ for (int i = 0; i < attrsLength; i++) {
+ Attr N = (Attr) attrs.item(i);
+ if (Constants.NamespaceSpecNS != N.getNamespaceURI()) {
+ // Not a namespace definition, ignore.
+ if (XML_LANG_URI == N.getNamespaceURI()) {
+ xmlattrStack.addXmlnsAttr(N);
+ }
+ continue;
+ }
+
+ String NName = N.getLocalName();
+ String NValue = N.getNodeValue();
+ if (XML.equals(NName)
+ && Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) {
+ continue;
+ }
+ ns.addMapping(NName,NValue,N);
+ }
+ }
+
+ private static String joinURI(String baseURI, String relativeURI)
+ throws URISyntaxException {
+ String bscheme = null;
+ String bauthority = null;
+ String bpath = "";
+ String bquery = null;
+ String bfragment = null; // Is this correct?
+
+ // pre-parse the baseURI
+ if (baseURI != null) {
+ if (baseURI.endsWith("..")) {
+ baseURI = baseURI + "/";
+ }
+ URI base = new URI(baseURI);
+ bscheme = base.getScheme();
+ bauthority = base.getAuthority();
+ bpath = base.getPath();
+ bquery = base.getQuery();
+ bfragment = base.getFragment();
+ }
+
+ URI r = new URI(relativeURI);
+ String rscheme = r.getScheme();
+ String rauthority = r.getAuthority();
+ String rpath = r.getPath();
+ String rquery = r.getQuery();
+ String rfragment = null;
+
+ String tscheme, tauthority, tpath, tquery, tfragment;
+ if (rscheme != null && rscheme.equals(bscheme)) {
+ rscheme = null;
+ }
+ if (rscheme != null) {
+ tscheme = rscheme;
+ tauthority = rauthority;
+ tpath = removeDotSegments(rpath);
+ tquery = rquery;
+ } else {
+ if (rauthority != null) {
+ tauthority = rauthority;
+ tpath = removeDotSegments(rpath);
+ tquery = rquery;
+ } else {
+ if (rpath.length() == 0) {
+ tpath = bpath;
+ if (rquery != null) {
+ tquery = rquery;
+ } else {
+ tquery = bquery;
+ }
+ } else {
+ if (rpath.startsWith("/")) {
+ tpath = removeDotSegments(rpath);
+ } else {
+ if (bauthority != null && bpath.length() == 0) {
+ tpath = "/" + rpath;
+ } else {
+ int last = bpath.lastIndexOf('/');
+ if (last == -1) {
+ tpath = rpath;
+ } else {
+ tpath = bpath.substring(0, last+1) + rpath;
+ }
+ }
+ tpath = removeDotSegments(tpath);
+ }
+ tquery = rquery;
+ }
+ tauthority = bauthority;
+ }
+ tscheme = bscheme;
+ }
+ tfragment = rfragment;
+ return new URI(tscheme, tauthority, tpath, tquery, tfragment).toString();
+ }
+
+ private static String removeDotSegments(String path) {
+
+ log.debug("STEP OUTPUT BUFFER\t\tINPUT BUFFER");
+
+ // 1. The input buffer is initialized with the now-appended path
+ // components then replace occurrences of "//" in the input buffer
+ // with "/" until no more occurrences of "//" are in the input buffer.
+ String input = path;
+ while (input.contains("//")) {
+ input = input.replaceAll("//", "/");
+ }
+
+ // Initialize the output buffer with the empty string.
+ StringBuilder output = new StringBuilder();
+
+ // If the input buffer starts with a root slash "/" then move this
+ // character to the output buffer.
+ if (input.charAt(0) == '/') {
+ output.append("/");
+ input = input.substring(1);
+ }
+
+ printStep("1 ", output.toString(), input);
+
+ // While the input buffer is not empty, loop as follows
+ while (input.length() != 0) {
+ // 2A. If the input buffer begins with a prefix of "./",
+ // then remove that prefix from the input buffer
+ // else if the input buffer begins with a prefix of "../", then
+ // if also the output does not contain the root slash "/" only,
+ // then move this prefix to the end of the output buffer else
+ // remove that prefix
+ if (input.startsWith("./")) {
+ input = input.substring(2);
+ printStep("2A", output.toString(), input);
+ } else if (input.startsWith("../")) {
+ input = input.substring(3);
+ if (!output.toString().equals("/")) {
+ output.append("../");
+ }
+ printStep("2A", output.toString(), input);
+ // 2B. if the input buffer begins with a prefix of "/./" or "/.",
+ // where "." is a complete path segment, then replace that prefix
+ // with "/" in the input buffer; otherwise,
+ } else if (input.startsWith("/./")) {
+ input = input.substring(2);
+ printStep("2B", output.toString(), input);
+ } else if (input.equals("/.")) {
+ // FIXME: what is complete path segment?
+ input = input.replaceFirst("/.", "/");
+ printStep("2B", output.toString(), input);
+ // 2C. if the input buffer begins with a prefix of "/../" or "/..",
+ // where ".." is a complete path segment, then replace that prefix
+ // with "/" in the input buffer and if also the output buffer is
+ // empty, last segment in the output buffer equals "../" or "..",
+ // where ".." is a complete path segment, then append ".." or "/.."
+ // for the latter case respectively to the output buffer else
+ // remove the last segment and its preceding "/" (if any) from the
+ // output buffer and if hereby the first character in the output
+ // buffer was removed and it was not the root slash then delete a
+ // leading slash from the input buffer; otherwise,
+ } else if (input.startsWith("/../")) {
+ input = input.substring(3);
+ if (output.length() == 0) {
+ output.append("/");
+ } else if (output.toString().endsWith("../")) {
+ output.append("..");
+ } else if (output.toString().endsWith("..")) {
+ output.append("/..");
+ } else {
+ int index = output.lastIndexOf("/");
+ if (index == -1) {
+ output = new StringBuilder();
+ if (input.charAt(0) == '/') {
+ input = input.substring(1);
+ }
+ } else {
+ output = output.delete(index, output.length());
+ }
+ }
+ printStep("2C", output.toString(), input);
+ } else if (input.equals("/..")) {
+ // FIXME: what is complete path segment?
+ input = input.replaceFirst("/..", "/");
+ if (output.length() == 0) {
+ output.append("/");
+ } else if (output.toString().endsWith("../")) {
+ output.append("..");
+ } else if (output.toString().endsWith("..")) {
+ output.append("/..");
+ } else {
+ int index = output.lastIndexOf("/");
+ if (index == -1) {
+ output = new StringBuilder();
+ if (input.charAt(0) == '/') {
+ input = input.substring(1);
+ }
+ } else {
+ output = output.delete(index, output.length());
+ }
+ }
+ printStep("2C", output.toString(), input);
+ // 2D. if the input buffer consists only of ".", then remove
+ // that from the input buffer else if the input buffer consists
+ // only of ".." and if the output buffer does not contain only
+ // the root slash "/", then move the ".." to the output buffer
+ // else delte it.; otherwise,
+ } else if (input.equals(".")) {
+ input = "";
+ printStep("2D", output.toString(), input);
+ } else if (input.equals("..")) {
+ if (!output.toString().equals("/"))
+ output.append("..");
+ input = "";
+ printStep("2D", output.toString(), input);
+ // 2E. move the first path segment (if any) in the input buffer
+ // to the end of the output buffer, including the initial "/"
+ // character (if any) and any subsequent characters up to, but not
+ // including, the next "/" character or the end of the input buffer.
+ } else {
+ int end = -1;
+ int begin = input.indexOf('/');
+ if (begin == 0) {
+ end = input.indexOf('/', 1);
+ } else {
+ end = begin;
+ begin = 0;
+ }
+ String segment;
+ if (end == -1) {
+ segment = input.substring(begin);
+ input = "";
+ } else {
+ segment = input.substring(begin, end);
+ input = input.substring(end);
+ }
+ output.append(segment);
+ printStep("2E", output.toString(), input);
+ }
+ }
+
+ // 3. Finally, if the only or last segment of the output buffer is
+ // "..", where ".." is a complete path segment not followed by a slash
+ // then append a slash "/". The output buffer is returned as the result
+ // of remove_dot_segments
+ if (output.toString().endsWith("..")) {
+ output.append("/");
+ printStep("3 ", output.toString(), input);
+ }
+
+ return output.toString();
+ }
+
+ private static void printStep(String step, String output, String input) {
+ if (log.isDebugEnabled()) {
+ log.debug(" " + step + ": " + output);
+ if (output.length() == 0) {
+ log.debug("\t\t\t\t" + input);
+ } else {
+ log.debug("\t\t\t" + input);
+ }
+ }
+ }
+}
Added: xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_OmitComments.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_OmitComments.java?rev=630988&view=auto
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_OmitComments.java (added)
+++ xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_OmitComments.java Mon Feb 25 12:55:47 2008
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2008 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.xml.security.c14n.implementations;
+
+import org.apache.xml.security.c14n.Canonicalizer;
+
+/**
+ * @author Sean Mullan
+ */
+public class Canonicalizer11_OmitComments extends Canonicalizer11 {
+
+ public Canonicalizer11_OmitComments() {
+ super(false);
+ }
+
+ public final String engineGetURI() {
+ return Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS;
+ }
+
+ public final boolean engineGetIncludeComments() {
+ return false;
+ }
+}
Added: xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_WithComments.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_WithComments.java?rev=630988&view=auto
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_WithComments.java (added)
+++ xml/security/trunk/src/org/apache/xml/security/c14n/implementations/Canonicalizer11_WithComments.java Mon Feb 25 12:55:47 2008
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2008 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.xml.security.c14n.implementations;
+
+import org.apache.xml.security.c14n.Canonicalizer;
+
+/**
+ * @author Sean Mullan
+ */
+public class Canonicalizer11_WithComments extends Canonicalizer11 {
+
+ public Canonicalizer11_WithComments() {
+ super(true);
+ }
+
+ public final String engineGetURI() {
+ return Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS;
+ }
+
+ public final boolean engineGetIncludeComments() {
+ return true;
+ }
+}
Modified: xml/security/trunk/src/org/apache/xml/security/resource/config.xml
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/resource/config.xml?rev=630988&r1=630987&r2=630988&view=diff
==============================================================================
Binary files - no diff available.
Modified: xml/security/trunk/src/org/apache/xml/security/signature/XMLSignatureInput.java
URL: http://svn.apache.org/viewvc/xml/security/trunk/src/org/apache/xml/security/signature/XMLSignatureInput.java?rev=630988&r1=630987&r2=630988&view=diff
==============================================================================
--- xml/security/trunk/src/org/apache/xml/security/signature/XMLSignatureInput.java (original)
+++ xml/security/trunk/src/org/apache/xml/security/signature/XMLSignatureInput.java Mon Feb 25 12:55:47 2008
@@ -1,6 +1,5 @@
-
/*
- * Copyright 1999-2004 The Apache Software Foundation.
+ * Copyright 1999-2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -17,8 +16,6 @@
*/
package org.apache.xml.security.signature;
-
-
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@@ -35,7 +32,9 @@
import javax.xml.parsers.ParserConfigurationException;
import org.apache.xml.security.c14n.CanonicalizationException;
+import org.apache.xml.security.c14n.implementations.CanonicalizerBase;
import org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments;
+import org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments;
import org.apache.xml.security.exceptions.XMLSecurityRuntimeException;
import org.apache.xml.security.utils.JavaUtils;
import org.apache.xml.security.utils.XMLUtils;
@@ -43,357 +42,355 @@
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
-
/**
* Class XMLSignatureInput
*
* @author Christian Geuer-Pollmann
* $todo$ check whether an XMLSignatureInput can be _both_, octet stream _and_ node set?
*/
-public class XMLSignatureInput implements Cloneable {
- static org.apache.commons.logging.Log log =
- org.apache.commons.logging.LogFactory.getLog(XMLSignatureInput.class.getName());
+public class XMLSignatureInput implements Cloneable {
+ static org.apache.commons.logging.Log log =
+ org.apache.commons.logging.LogFactory.getLog
+ (XMLSignatureInput.class.getName());
- /*
+ /*
* The XMLSignature Input can be either:
* A byteArray like with/or without InputStream.
- * Or a nodeSet like defined either:
- * * as a collection of nodes
- * * or as subnode excluding or not commets and excluding or
- * not other nodes.
- */
- /**
- * Some InputStreams do not support the {@link java.io.InputStream#reset}
- * method, so we read it in completely and work on our Proxy.
- */
- InputStream _inputOctetStreamProxy = null;
- /**
- * The original NodeSet for this XMLSignatureInput
- */
- Set _inputNodeSet = null;
- /**
- * The original Element
- */
- Node _subNode=null;
- /**
- * Exclude Node *for enveloped transformations*
- */
- Node excludeNode=null;
- /**
- *
- */
- boolean excludeComments=false;
+ * Or a nodeSet like defined either:
+ * * as a collection of nodes
+ * * or as subnode excluding or not commets and excluding or
+ * not other nodes.
+ */
+
+ /**
+ * Some InputStreams do not support the {@link java.io.InputStream#reset}
+ * method, so we read it in completely and work on our Proxy.
+ */
+ InputStream _inputOctetStreamProxy = null;
+ /**
+ * The original NodeSet for this XMLSignatureInput
+ */
+ Set _inputNodeSet = null;
+ /**
+ * The original Element
+ */
+ Node _subNode=null;
+ /**
+ * Exclude Node *for enveloped transformations*
+ */
+ Node excludeNode=null;
+ /**
+ *
+ */
+ boolean excludeComments=false;
- boolean isNodeSet=false;
- /**
- * A cached bytes
- */
- byte []bytes=null;
-
- /**
- * Some Transforms may require explicit MIME type, charset (IANA registered "character set"), or other such information concerning the data they are receiving from an earlier Transform or the source data, although no Transform algorithm specified in this document needs such explicit information. Such data characteristics are provided as parameters to the Transform algorithm and should be described in the specification for the algorithm.
- */
- private String _MIMEType = null;
-
- /**
- * Field _SourceURI
- */
- private String _SourceURI = null;
-
- /**
- * Node Filter list.
- */
- List nodeFilters=new ArrayList();
+ boolean isNodeSet=false;
+ /**
+ * A cached bytes
+ */
+ byte []bytes=null;
+
+ /**
+ * Some Transforms may require explicit MIME type, charset (IANA registered "character set"), or other such information concerning the data they are receiving from an earlier Transform or the source data, although no Transform algorithm specified in this document needs such explicit information. Such data characteristics are provided as parameters to the Transform algorithm and should be described in the specification for the algorithm.
+ */
+ private String _MIMEType = null;
+
+ /**
+ * Field _SourceURI
+ */
+ private String _SourceURI = null;
+
+ /**
+ * Node Filter list.
+ */
+ List nodeFilters=new ArrayList();
- boolean needsToBeExpanded=false;
- /**
- * Check if the structured is needed to be circumbented.
- * @return true if so.
- */
- public boolean isNeedsToBeExpanded() {
- return needsToBeExpanded;
- }
+ boolean needsToBeExpanded=false;
+ OutputStream outputStream=null;
+
+ /**
+ * Check if the structured is needed to be circumbented.
+ * @return true if so.
+ */
+ public boolean isNeedsToBeExpanded() {
+ return needsToBeExpanded;
+ }
- /**
- * Set if the structured is needed to be circumbented.
- * @param needsToBeExpanded true if so.
- */
- public void setNeedsToBeExpanded(boolean needsToBeExpanded) {
+ /**
+ * Set if the structured is needed to be circumbented.
+ * @param needsToBeExpanded true if so.
+ */
+ public void setNeedsToBeExpanded(boolean needsToBeExpanded) {
this.needsToBeExpanded = needsToBeExpanded;
- }
- OutputStream outputStream=null;
+ }
- /**
- * Construct a XMLSignatureInput from an octet array.
- * <p>
- * This is a comfort method, which internally converts the byte[] array into an InputStream
- * <p>NOTE: no defensive copy</p>
- * @param inputOctets an octet array which including XML document or node
- */
- public XMLSignatureInput(byte[] inputOctets) {
+ /**
+ * Construct a XMLSignatureInput from an octet array.
+ * <p>
+ * This is a comfort method, which internally converts the byte[] array into
+ * an InputStream
+ * <p>NOTE: no defensive copy</p>
+ * @param inputOctets an octet array which including XML document or node
+ */
+ public XMLSignatureInput(byte[] inputOctets) {
- // NO defensive copy
+ // NO defensive copy
- //this._inputOctetStreamProxy = new ByteArrayInputStream(inputOctets);
- this.bytes=inputOctets;
- }
-
+ //this._inputOctetStreamProxy = new ByteArrayInputStream(inputOctets);
+ this.bytes=inputOctets;
+ }
- /**
- * Constructs a <code>XMLSignatureInput</code> from an octet stream. The
- * stream is directly read.
- *
- * @param inputOctetStream
- */
- public XMLSignatureInput(InputStream inputOctetStream) {
- this._inputOctetStreamProxy=inputOctetStream;
+ /**
+ * Constructs a <code>XMLSignatureInput</code> from an octet stream. The
+ * stream is directly read.
+ *
+ * @param inputOctetStream
+ */
+ public XMLSignatureInput(InputStream inputOctetStream) {
+ this._inputOctetStreamProxy=inputOctetStream;
- //this(JavaUtils.getBytesFromStream(inputOctetStream));
+ //this(JavaUtils.getBytesFromStream(inputOctetStream));
+ }
- }
+ /**
+ * Construct a XMLSignatureInput from a String.
+ * <p>
+ * This is a comfort method, which internally converts the String into a byte
+ * [] array using the {@link java.lang.String#getBytes()} method.
+ * @deprecated
+ * @param inputStr the input String which including XML document or node
+ */
+ public XMLSignatureInput(String inputStr) {
+ this(inputStr.getBytes());
+ }
- /**
- * Construct a XMLSignatureInput from a String.
- * <p>
- * This is a comfort method, which internally converts the String into a byte[] array using the {@link java.lang.String#getBytes()} method.
- * @deprecated
- * @param inputStr the input String which including XML document or node
- */
- public XMLSignatureInput(String inputStr) {
- this(inputStr.getBytes());
- }
-
- /**
- * Construct a XMLSignatureInput from a String with a given encoding.
- * <p>
- * This is a comfort method, which internally converts the String into a byte[] array using the {@link java.lang.String#getBytes()} method.
- *
- * @deprecated
- * @param inputStr the input String with encoding <code>encoding</code>
- * @param encoding the encoding of <code>inputStr</code>
- * @throws UnsupportedEncodingException
- */
- public XMLSignatureInput(String inputStr, String encoding)
+ /**
+ * Construct a XMLSignatureInput from a String with a given encoding.
+ * <p>
+ * This is a comfort method, which internally converts the String into a byte
+ * [] array using the {@link java.lang.String#getBytes()} method.
+ *
+ * @deprecated
+ * @param inputStr the input String with encoding <code>encoding</code>
+ * @param encoding the encoding of <code>inputStr</code>
+ * @throws UnsupportedEncodingException
+ */
+ public XMLSignatureInput(String inputStr, String encoding)
throws UnsupportedEncodingException {
- this(inputStr.getBytes(encoding));
- }
+ this(inputStr.getBytes(encoding));
+ }
- /**
- * Construct a XMLSignatureInput from a subtree rooted by rootNode. This
- * method included the node and <I>all</I> his descendants in the output.
- *
- * @param rootNode
- */
- public XMLSignatureInput(Node rootNode)
- {
- this._subNode = rootNode;
- }
-
- /**
- * Constructor XMLSignatureInput
- *
- * @param inputNodeSet
- * @param usedXPathAPI
- */
- public XMLSignatureInput(Set inputNodeSet) {
- this._inputNodeSet = inputNodeSet;
- }
+ /**
+ * Construct a XMLSignatureInput from a subtree rooted by rootNode. This
+ * method included the node and <I>all</I> his descendants in the output.
+ *
+ * @param rootNode
+ */
+ public XMLSignatureInput(Node rootNode)
+ {
+ this._subNode = rootNode;
+ }
+
+ /**
+ * Constructor XMLSignatureInput
+ *
+ * @param inputNodeSet
+ * @param usedXPathAPI
+ */
+ public XMLSignatureInput(Set inputNodeSet) {
+ this._inputNodeSet = inputNodeSet;
+ }
- /**
- * Returns the node set from input which was specified as the parameter of {@link XMLSignatureInput} constructor
- *
- * @return the node set
- * @throws SAXException
- * @throws IOException
- * @throws ParserConfigurationException
- * @throws CanonicalizationException
- * @throws CanonicalizationException
- * @throws IOException
- * @throws ParserConfigurationException
- * @throws SAXException
- */
- public Set getNodeSet() throws CanonicalizationException, ParserConfigurationException, IOException, SAXException {
- return getNodeSet(false);
- }
- /**
- * Returns the node set from input which was specified as the parameter of {@link XMLSignatureInput} constructor
- * @param circunvent
- *
- * @return the node set
- * @throws SAXException
- * @throws IOException
- * @throws ParserConfigurationException
- * @throws CanonicalizationException
- * @throws CanonicalizationException
- * @throws IOException
- * @throws ParserConfigurationException
- * @throws SAXException
- */
- public Set getNodeSet(boolean circunvent)
+ /**
+ * Returns the node set from input which was specified as the parameter of
+ * {@link XMLSignatureInput} constructor
+ *
+ * @return the node set
+ * @throws SAXException
+ * @throws IOException
+ * @throws ParserConfigurationException
+ * @throws CanonicalizationException
+ */
+ public Set getNodeSet() throws CanonicalizationException,
+ ParserConfigurationException, IOException, SAXException {
+ return getNodeSet(false);
+ }
+
+ /**
+ * Returns the node set from input which was specified as the parameter of
+ * {@link XMLSignatureInput} constructor
+ * @param circumvent
+ *
+ * @return the node set
+ * @throws SAXException
+ * @throws IOException
+ * @throws ParserConfigurationException
+ * @throws CanonicalizationException
+ */
+ public Set getNodeSet(boolean circumvent)
throws ParserConfigurationException, IOException, SAXException,
CanonicalizationException {
- if (this._inputNodeSet!=null) {
- return this._inputNodeSet;
- }
- if ((this._inputOctetStreamProxy==null)&& (this._subNode!=null) ) {
+ if (this._inputNodeSet!=null) {
+ return this._inputNodeSet;
+ }
+ if ((this._inputOctetStreamProxy==null)&& (this._subNode!=null) ) {
- if (circunvent) {
- XMLUtils.circumventBug2650(XMLUtils.getOwnerDocument(_subNode));
+ if (circumvent) {
+ XMLUtils.circumventBug2650(XMLUtils.getOwnerDocument(_subNode));
}
this._inputNodeSet = new HashSet();
XMLUtils.getSet(_subNode,this._inputNodeSet, excludeNode, this.excludeComments);
- return this._inputNodeSet;
- }
- else if (this.isOctetStream()) {
- convertToNodes();
- HashSet result=new HashSet();
- XMLUtils.getSet(_subNode, result,null,false);
+ return this._inputNodeSet;
+ } else if (this.isOctetStream()) {
+ convertToNodes();
+ HashSet result=new HashSet();
+ XMLUtils.getSet(_subNode, result,null,false);
//this._inputNodeSet=result;
return result;
- }
+ }
+
+ throw new RuntimeException(
+ "getNodeSet() called but no input data present");
+ }
- throw new RuntimeException(
- "getNodeSet() called but no input data present");
- }
-
- /**
- * Returns the Octect stream(byte Stream) from input which was specified as the parameter of {@link XMLSignatureInput} constructor
- *
- * @return the Octect stream(byte Stream) from input which was specified as the parameter of {@link XMLSignatureInput} constructor
- * @throws IOException
- */
- public InputStream getOctetStream()
- throws IOException {
+ /**
+ * Returns the Octect stream(byte Stream) from input which was specified as
+ * the parameter of {@link XMLSignatureInput} constructor
+ *
+ * @return the Octect stream(byte Stream) from input which was specified as
+ * the parameter of {@link XMLSignatureInput} constructor
+ * @throws IOException
+ */
+ public InputStream getOctetStream() throws IOException {
- return getResetableInputStream();
+ return getResetableInputStream();
+ }
- }
- /**
+ /**
* @return real octect stream
*/
public InputStream getOctetStreamReal () {
- return this._inputOctetStreamProxy;
- }
- /**
- * Returns the byte array from input which was specified as the parameter of {@link XMLSignatureInput} constructor
- *
- * @return the byte[] from input which was specified as the parameter of {@link XMLSignatureInput} constructor
- *
- * @throws CanonicalizationException
- * @throws IOException
- */
- public byte[] getBytes()
- throws IOException, CanonicalizationException {
- if (bytes!=null) {
- return bytes;
- }
- InputStream is = getResetableInputStream();
- if (is!=null) {
- //reseatable can read again bytes.
- if (bytes==null) {
- is.reset();
- bytes=JavaUtils.getBytesFromStream(is);
- }
- return bytes;
- }
- Canonicalizer20010315OmitComments c14nizer =
- new Canonicalizer20010315OmitComments();
+ return this._inputOctetStreamProxy;
+ }
+
+ /**
+ * Returns the byte array from input which was specified as the parameter of
+ * {@link XMLSignatureInput} constructor
+ *
+ * @return the byte[] from input which was specified as the parameter of
+ * {@link XMLSignatureInput} constructor
+ *
+ * @throws CanonicalizationException
+ * @throws IOException
+ */
+ public byte[] getBytes() throws IOException, CanonicalizationException {
+ if (bytes!=null) {
+ return bytes;
+ }
+ InputStream is = getResetableInputStream();
+ if (is!=null) {
+ //resetable can read again bytes.
+ if (bytes==null) {
+ is.reset();
+ bytes=JavaUtils.getBytesFromStream(is);
+ }
+ return bytes;
+ }
+ Canonicalizer20010315OmitComments c14nizer =
+ new Canonicalizer20010315OmitComments();
bytes=c14nizer.engineCanonicalize(this);
return bytes;
- }
-
+ }
- /**
- * Determines if the object has been set up with a Node set
- *
- * @return true is the object has been set up with a Node set
- */
- public boolean isNodeSet() {
- return (( (this._inputOctetStreamProxy == null)
+ /**
+ * Determines if the object has been set up with a Node set
+ *
+ * @return true is the object has been set up with a Node set
+ */
+ public boolean isNodeSet() {
+ return (( (this._inputOctetStreamProxy == null)
&& (this._inputNodeSet != null) ) || isNodeSet);
- }
- /**
- * Determines if the object has been set up with an Element
- *
- * @return true is the object has been set up with a Node set
- */
- public boolean isElement() {
- return ((this._inputOctetStreamProxy==null)&& (this._subNode!=null)
- && (this._inputNodeSet==null) && !isNodeSet
- );
- }
+ }
+
+ /**
+ * Determines if the object has been set up with an Element
+ *
+ * @return true is the object has been set up with a Node set
+ */
+ public boolean isElement() {
+ return ((this._inputOctetStreamProxy==null)&& (this._subNode!=null)
+ && (this._inputNodeSet==null) && !isNodeSet);
+ }
- /**
- * Determines if the object has been set up with an octet stream
- *
- * @return true is the object has been set up with an octet stream
- */
- public boolean isOctetStream() {
- return ( ((this._inputOctetStreamProxy != null) || bytes!=null)
+ /**
+ * Determines if the object has been set up with an octet stream
+ *
+ * @return true is the object has been set up with an octet stream
+ */
+ public boolean isOctetStream() {
+ return ( ((this._inputOctetStreamProxy != null) || bytes!=null)
&& ((this._inputNodeSet == null) && _subNode ==null));
- }
+ }
- /**
- * Determines if the object has been set up with a ByteArray
- *
- * @return true is the object has been set up with an octet stream
- */
- public boolean isByteArray() {
- return ( (bytes!=null)
+ /**
+ * Determines if the object has been set up with a ByteArray
+ *
+ * @return true is the object has been set up with an octet stream
+ */
+ public boolean isByteArray() {
+ return ( (bytes!=null)
&& ((this._inputNodeSet == null) && _subNode ==null));
- }
+ }
+
+ /**
+ * Is the object correctly set up?
+ *
+ * @return true if the object has been set up correctly
+ */
+ public boolean isInitialized() {
+ return (this.isOctetStream() || this.isNodeSet());
+ }
+
+ /**
+ * Returns MIMEType
+ *
+ * @return MIMEType
+ */
+ public String getMIMEType() {
+ return this._MIMEType;
+ }
- /**
- * Is the object correctly set up?
- *
- * @return true if the object has been set up correctly
- */
- public boolean isInitialized() {
- return (this.isOctetStream() || this.isNodeSet());
- }
-
- /**
- * Returns MIMEType
- *
- * @return MIMEType
- */
- public String getMIMEType() {
- return this._MIMEType;
- }
-
- /**
- * Sets MIMEType
- *
- * @param MIMEType
- */
- public void setMIMEType(String MIMEType) {
- this._MIMEType = MIMEType;
- }
-
- /**
- * Return SourceURI
- *
- * @return SourceURI
- */
- public String getSourceURI() {
- return this._SourceURI;
- }
-
- /**
- * Sets SourceURI
- *
- * @param SourceURI
- */
- public void setSourceURI(String SourceURI) {
- this._SourceURI = SourceURI;
- }
+ /**
+ * Sets MIMEType
+ *
+ * @param MIMEType
+ */
+ public void setMIMEType(String MIMEType) {
+ this._MIMEType = MIMEType;
+ }
+
+ /**
+ * Return SourceURI
+ *
+ * @return SourceURI
+ */
+ public String getSourceURI() {
+ return this._SourceURI;
+ }
+ /**
+ * Sets SourceURI
+ *
+ * @param SourceURI
+ */
+ public void setSourceURI(String SourceURI) {
+ this._SourceURI = SourceURI;
+ }
/**
* Method toString
* @inheritDoc
- *
*/
public String toString() {
if (this.isNodeSet()) {
@@ -415,90 +412,102 @@
}
}
- /**
- * Method getHTMLRepresentation
- *
- * @throws XMLSignatureException
- * @return The HTML representation for this XMLSignature
- */
- public String getHTMLRepresentation() throws XMLSignatureException {
-
- XMLSignatureInputDebugger db = new XMLSignatureInputDebugger(this);
-
- return db.getHTMLRepresentation();
- }
-
- /**
- * Method getHTMLRepresentation
- *
- * @param inclusiveNamespaces
- * @throws XMLSignatureException
- * @return The HTML representation for this XMLSignature
- */
- public String getHTMLRepresentation(Set inclusiveNamespaces)
+ /**
+ * Method getHTMLRepresentation
+ *
+ * @throws XMLSignatureException
+ * @return The HTML representation for this XMLSignature
+ */
+ public String getHTMLRepresentation() throws XMLSignatureException {
+
+ XMLSignatureInputDebugger db = new XMLSignatureInputDebugger(this);
+
+ return db.getHTMLRepresentation();
+ }
+
+ /**
+ * Method getHTMLRepresentation
+ *
+ * @param inclusiveNamespaces
+ * @throws XMLSignatureException
+ * @return The HTML representation for this XMLSignature
+ */
+ public String getHTMLRepresentation(Set inclusiveNamespaces)
throws XMLSignatureException {
- XMLSignatureInputDebugger db = new XMLSignatureInputDebugger( this,
+ XMLSignatureInputDebugger db = new XMLSignatureInputDebugger( this,
inclusiveNamespaces);
- return db.getHTMLRepresentation();
- }
+ return db.getHTMLRepresentation();
+ }
- /**
- * Gets the exclude node of this XMLSignatureInput
- * @return Returns the excludeNode.
- */
+ /**
+ * Gets the exclude node of this XMLSignatureInput
+ * @return Returns the excludeNode.
+ */
public Node getExcludeNode() {
- return excludeNode;
+ return excludeNode;
}
/**
* Sets the exclude node of this XMLSignatureInput
* @param excludeNode The excludeNode to set.
*/
- public void setExcludeNode(Node excludeNode) {
- this.excludeNode = excludeNode;
- }
-
- /**
- * Gets the node of this XMLSignatureInput
- * @return The excludeNode set.
- */
- public Node getSubNode() {
- return _subNode;
- }
- /**
- * @return Returns the excludeComments.
- */
- public boolean isExcludeComments() {
- return excludeComments;
- }
- /**
- * @param excludeComments The excludeComments to set.
- */
- public void setExcludeComments(boolean excludeComments) {
- this.excludeComments = excludeComments;
- }
-
- /**
- * @param diOs
- * @throws IOException
- * @throws CanonicalizationException
- */
- public void updateOutputStream(OutputStream diOs) throws CanonicalizationException, IOException {
- if (diOs==outputStream) {
- return;
+ public void setExcludeNode(Node excludeNode) {
+ this.excludeNode = excludeNode;
+ }
+
+ /**
+ * Gets the node of this XMLSignatureInput
+ * @return The excludeNode set.
+ */
+ public Node getSubNode() {
+ return _subNode;
+ }
+
+ /**
+ * @return Returns the excludeComments.
+ */
+ public boolean isExcludeComments() {
+ return excludeComments;
+ }
+
+ /**
+ * @param excludeComments The excludeComments to set.
+ */
+ public void setExcludeComments(boolean excludeComments) {
+ this.excludeComments = excludeComments;
+ }
+
+ /**
+ * @param diOs
+ * @throws IOException
+ * @throws CanonicalizationException
+ */
+ public void updateOutputStream(OutputStream diOs)
+ throws CanonicalizationException, IOException {
+ updateOutputStream(diOs, false);
+ }
+
+ public void updateOutputStream(OutputStream diOs, boolean c14n11)
+ throws CanonicalizationException, IOException {
+ if (diOs==outputStream) {
+ return;
}
if (bytes!=null) {
diOs.write(bytes);
return;
- }else if (_inputOctetStreamProxy==null) {
- Canonicalizer20010315OmitComments c14nizer =
- new Canonicalizer20010315OmitComments();
- c14nizer.setWriter(diOs);
+ } else if (_inputOctetStreamProxy==null) {
+ CanonicalizerBase c14nizer = null;
+ if (c14n11) {
+ c14nizer = new Canonicalizer11_OmitComments();
+ } else {
+ c14nizer = new Canonicalizer20010315OmitComments();
+ }
+ c14nizer.setWriter(diOs);
c14nizer.engineCanonicalize(this);
return;
- } else {
+ } else {
InputStream is = getResetableInputStream();
if (bytes!=null) {
//already read write it, can be rea.
@@ -511,25 +520,22 @@
while ((num=is.read(bytesT))>0) {
diOs.write(bytesT,0,num);
}
-
- }
-
- }
+ }
+ }
+ /**
+ * @param os
+ */
+ public void setOutputStream(OutputStream os) {
+ outputStream=os;
+ }
- /**
- * @param os
- */
- public void setOutputStream(OutputStream os) {
- outputStream=os;
-
- }
protected InputStream getResetableInputStream() throws IOException{
if ((_inputOctetStreamProxy instanceof ByteArrayInputStream) ) {
if (!_inputOctetStreamProxy.markSupported()) {
throw new RuntimeException("Accepted as Markable but not truly been"+_inputOctetStreamProxy);
}
- return _inputOctetStreamProxy;
+ return _inputOctetStreamProxy;
}
if (bytes!=null) {
_inputOctetStreamProxy=new ByteArrayInputStream(bytes);
@@ -546,65 +552,63 @@
return _inputOctetStreamProxy;
}
+ /**
+ * @param filter
+ */
+ public void addNodeFilter(NodeFilter filter) {
+ if (isOctetStream()) {
+ try {
+ convertToNodes();
+ } catch (Exception e) {
+ throw new XMLSecurityRuntimeException("signature.XMLSignatureInput.nodesetReference",e);
+ }
+ }
+ nodeFilters.add(filter);
+ }
+
+ /**
+ * @return the node filters
+ */
+ public List getNodeFilters() {
+ // TODO Auto-generated method stub
+ return nodeFilters;
+ }
- /**
- * @param filter
- */
- public void addNodeFilter(NodeFilter filter) {
- if (isOctetStream()) {
- try {
- convertToNodes();
- } catch (Exception e) {
- throw new XMLSecurityRuntimeException("signature.XMLSignatureInput.nodesetReference",e);
- }
- }
- nodeFilters.add(filter);
-
- }
-
- /**
- * @return the node filters
- */
- public List getNodeFilters() {
- // TODO Auto-generated method stub
- return nodeFilters;
- }
-
- /**
- * @param b
- */
- public void setNodeSet(boolean b) {
- isNodeSet=b;
-
- }
+ /**
+ * @param b
+ */
+ public void setNodeSet(boolean b) {
+ isNodeSet=b;
+ }
- void convertToNodes() throws CanonicalizationException, ParserConfigurationException, IOException, SAXException{
- DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
+ void convertToNodes() throws CanonicalizationException,
+ ParserConfigurationException, IOException, SAXException {
+ DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setValidating(false);
dfactory.setNamespaceAware(true);
DocumentBuilder db = dfactory.newDocumentBuilder();
// select all nodes, also the comments.
try {
- db.setErrorHandler(new org.apache.xml.security.utils
- .IgnoreAllErrorHandler());
+ db.setErrorHandler(new org.apache.xml.security.utils
+ .IgnoreAllErrorHandler());
- Document doc = db.parse(this.getOctetStream());
+ Document doc = db.parse(this.getOctetStream());
- this._subNode=doc.getDocumentElement();
+ this._subNode=doc.getDocumentElement();
} catch (SAXException ex) {
- // if a not-wellformed nodeset exists, put a container around it...
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ // if a not-wellformed nodeset exists, put a container around it...
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
- baos.write("<container>".getBytes());
- baos.write(this.getBytes());
- baos.write("</container>".getBytes());
-
- byte result[] = baos.toByteArray();
- Document document = db.parse(new ByteArrayInputStream(result));
- this._subNode=document.getDocumentElement().getFirstChild().getFirstChild();
+ baos.write("<container>".getBytes());
+ baos.write(this.getBytes());
+ baos.write("</container>".getBytes());
+
+ byte result[] = baos.toByteArray();
+ Document document = db.parse(new ByteArrayInputStream(result));
+ this._subNode=document.getDocumentElement().getFirstChild().getFirstChild();
}
this._inputOctetStreamProxy=null;
this.bytes=null;
- }
+ }
}