You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by bl...@apache.org on 2004/02/29 07:39:45 UTC
cvs commit: xml-security/c/src/xenc/impl XENCEncryptedTypeImpl.cpp
blautenb 2004/02/28 22:39:45
Modified: c/src/dsig DSIGKeyInfoList.cpp DSIGObject.cpp
DSIGReference.cpp DSIGReference.hpp
DSIGSignature.cpp DSIGSignature.hpp
c/src/framework XSECEnv.cpp XSECEnv.hpp
c/src/tools/xtest xtest.cpp
c/src/transformers TXFMDocObject.cpp TXFMDocObject.hpp
c/src/xenc/impl XENCEncryptedTypeImpl.cpp
Log:
Implement Id by Attribute Name disabling and extending
Revision Changes Path
1.18 +2 -2 xml-security/c/src/dsig/DSIGKeyInfoList.cpp
Index: DSIGKeyInfoList.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGKeyInfoList.cpp,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- DSIGKeyInfoList.cpp 8 Feb 2004 10:20:51 -0000 1.17
+++ DSIGKeyInfoList.cpp 29 Feb 2004 06:39:44 -0000 1.18
@@ -274,7 +274,7 @@
else {
// Find base transform using the base URI
- currentTxfm = DSIGReference::getURIBaseTXFM(mp_env->getParentDocument(), URI, mp_env->getURIResolver());
+ currentTxfm = DSIGReference::getURIBaseTXFM(mp_env->getParentDocument(), URI, mp_env);
TXFMChain * chain;
XSECnew(chain, TXFMChain(currentTxfm));
Janitor<TXFMChain> j_chain(chain);
1.3 +3 -1 xml-security/c/src/dsig/DSIGObject.cpp
Index: DSIGObject.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGObject.cpp,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- DSIGObject.cpp 8 Feb 2004 10:20:51 -0000 1.2
+++ DSIGObject.cpp 29 Feb 2004 06:39:44 -0000 1.3
@@ -213,6 +213,8 @@
else {
((DOMElement *) mp_objectNode)->setAttributeNS(NULL, s_Id, id);
+ // Mark as an ID
+ ((DOMElement *) mp_objectNode)->setIdAttributeNS(NULL, s_Id);
mp_idAttr = ((DOMElement *) mp_objectNode)->getAttributeNodeNS(NULL, s_Id);
}
1.21 +7 -6 xml-security/c/src/dsig/DSIGReference.cpp
Index: DSIGReference.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGReference.cpp,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- DSIGReference.cpp 28 Feb 2004 22:17:19 -0000 1.20
+++ DSIGReference.cpp 29 Feb 2004 06:39:44 -0000 1.21
@@ -409,7 +409,7 @@
TXFMBase * DSIGReference::getURIBaseTXFM(DOMDocument * doc,
const XMLCh * URI,
- XSECURIResolver * resolver) {
+ const XSECEnv * env) {
// Determine if this is a full URL or a pointer to a URL
@@ -420,7 +420,7 @@
// Have a URL!
- XSECnew(retTransform, TXFMURL(doc, resolver));
+ XSECnew(retTransform, TXFMURL(doc, env->getURIResolver()));
try {
((TXFMURL *) retTransform)->setInput(URI);
@@ -440,6 +440,7 @@
TXFMDocObject * to;
XSECnew(to, TXFMDocObject(doc));
Janitor<TXFMDocObject> j_to(to);
+ to->setEnv(env);
// Find out what sort of object pointer this is.
@@ -682,7 +683,7 @@
DOMNode * manifestNode, * referenceNode;
docObject = getURIBaseTXFM(mp_referenceNode->getOwnerDocument(), mp_URI,
- mp_env->getURIResolver());
+ mp_env);
manifestNode = docObject->getFragmentNode();
delete docObject;
@@ -795,7 +796,7 @@
// Find base transform
currentTxfm = getURIBaseTXFM(mp_referenceNode->getOwnerDocument(), mp_URI,
- mp_env->getURIResolver());
+ mp_env);
// Set up the transform chain
@@ -1204,7 +1205,7 @@
// Find base transform
currentTxfm = getURIBaseTXFM(mp_referenceNode->getOwnerDocument(), mp_URI,
- mp_env->getURIResolver());
+ mp_env);
// Now build the transforms list
// Note this passes ownership of currentTxfm to the function, so it is the
1.14 +3 -4 xml-security/c/src/dsig/DSIGReference.hpp
Index: DSIGReference.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGReference.hpp,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- DSIGReference.hpp 8 Feb 2004 10:20:51 -0000 1.13
+++ DSIGReference.hpp 29 Feb 2004 06:39:44 -0000 1.14
@@ -414,14 +414,13 @@
*
* @param doc The document that the signature is based on (used for local URIs)
* @param URI The URI to build the base from
- * @param resolver The (user provided) resolver that is used to translate the URI
- * into a byte stream (for non relative URIs).
+ * @param env The environment the signature is operating in
* @returns A base TXFM element.
*/
static TXFMBase * getURIBaseTXFM(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument * doc,
const XMLCh * URI,
- XSECURIResolver * resolver);
+ const XSECEnv * env);
/**
* \brief Load a series of references.
1.31 +34 -1 xml-security/c/src/dsig/DSIGSignature.cpp
Index: DSIGSignature.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGSignature.cpp,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- DSIGSignature.cpp 9 Feb 2004 10:55:51 -0000 1.30
+++ DSIGSignature.cpp 29 Feb 2004 06:39:44 -0000 1.31
@@ -1231,3 +1231,36 @@
}
+// --------------------------------------------------------------------------------
+// ID Handling
+// --------------------------------------------------------------------------------
+
+/*
+ * ID handling is really all done within the environment object - just pass the
+ * calls straight through
+ */
+
+void DSIGSignature::setIdByAttributeName(bool flag) {
+
+ mp_env->setIdByAttributeName(flag);
+
+}
+
+bool DSIGSignature::getIdByAttributeName(void) {
+
+ return mp_env->getIdByAttributeName();
+
+}
+
+
+void DSIGSignature::registerIdAttributeName(const XMLCh * name) {
+
+ mp_env->registerIdAttributeName(name);
+
+}
+
+bool DSIGSignature::deregisterIdAttributeName(const XMLCh * name) {
+
+ return mp_env->deregisterIdAttributeName(name);
+
+}
1.20 +70 -1 xml-security/c/src/dsig/DSIGSignature.hpp
Index: DSIGSignature.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGSignature.hpp,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- DSIGSignature.hpp 8 Feb 2004 10:20:51 -0000 1.19
+++ DSIGSignature.hpp 29 Feb 2004 06:39:44 -0000 1.20
@@ -687,6 +687,75 @@
//@}
+ /** @name ID handling */
+
+ //@{
+
+ /**
+ * \brief Set Id finding behaviour
+ *
+ * The library de-references "#obj" URI references to ID attributes within
+ * a DOM document. Currently, the library first uses DOM calls to find if
+ * the Id has been properly set within the document via the parser or one
+ * of the DOM Level 3 calls to set an Id.
+ *
+ * If no Id is found of the correct name, the library then starts searching
+ * for attributes of a given name with the required value. This list defaults
+ * to "id" and "Id", but can be modified via a call to addIdAttributeName()
+ *
+ * The setIdByAttributeName call enables or disables the second part of the Id
+ * search. I.e. when the Id doesn't exist as an attribute of Type=ID, whether or
+ * not to search for an attribute of a name in the list of names. By default
+ * this behaviour is enabled.
+ *
+ * @warning This is currently enabled by default for backwards compatibility
+ * reasons only. Future version may reverse this and ship disabled by default, as
+ * this behaviour is a potential security risk.
+ *
+ * @param flag Enable (true) or Disable (false) searching for Id attributes by name
+ */
+
+ void setIdByAttributeName(bool flag);
+
+ /**
+ * \brief Determine Id finding behaviour
+ *
+ * Allows a caller to determine whether the library is currently searching for
+ * Id attributes by name
+ *
+ * @returns The value of the IdByAttributeName flag
+ */
+
+ bool getIdByAttributeName(void);
+
+ /**
+ * \brief Add an attribute name to be searched for when looking for Id attributes
+ *
+ * This allows a user to add an attribute name to be used to identify Id attributes
+ * when they are not set to be of Type=ID in the DOM
+ *
+ * @note Two names are registered by default - "Id" and "id". These can be
+ * removed by calling deregisterIdAttributeName
+ *
+ * @param idName Name to append to the list of those used to find Id attributes
+ */
+
+ void registerIdAttributeName(const XMLCh * name);
+
+ /**
+ * \brief Remove an attribute name to be searched for when looking for Id attributes
+ *
+ * This allows a user to de-register a particular name to be used to identify Id
+ * attributes.
+ *
+ * @param idName Name to remove from the list of those used to find Id attributes
+ * @returns true if found and removed, false if was not in the list
+ */
+
+ bool deregisterIdAttributeName(const XMLCh * name);
+
+ //@}
+
friend class XSECProvider;
private:
1.7 +108 -1 xml-security/c/src/framework/XSECEnv.cpp
Index: XSECEnv.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/framework/XSECEnv.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- XSECEnv.cpp 21 Feb 2004 08:26:53 -0000 1.6
+++ XSECEnv.cpp 29 Feb 2004 06:39:45 -0000 1.7
@@ -29,6 +29,7 @@
#include <xsec/framework/XSECError.hpp>
#include <xsec/framework/XSECURIResolver.hpp>
#include <xsec/dsig/DSIGConstants.hpp>
+#include <xsec/utils/XSECDOMUtils.hpp>
#include <xercesc/util/XMLUniDefs.hpp>
@@ -66,6 +67,27 @@
};
// --------------------------------------------------------------------------------
+// Default Id names
+// --------------------------------------------------------------------------------
+
+const XMLCh s_Id[] = {
+
+ chLatin_I,
+ chLatin_d,
+ chNull
+
+};
+
+const XMLCh s_id[] = {
+
+ chLatin_i,
+ chLatin_d,
+ chNull
+
+};
+
+
+// --------------------------------------------------------------------------------
// Env
// --------------------------------------------------------------------------------
@@ -88,6 +110,11 @@
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
+ // Set up IDs
+ m_idByAttributeNameFlag = true; // At the moment this is on by default
+ // Register "Id" and "id" as valid Attribute names
+ registerIdAttributeName(s_Id);
+ registerIdAttributeName(s_id);
}
@@ -117,6 +144,16 @@
delete mp_URIResolver;
}
+ // Clean up Id attribute names
+ IdNameVectorType::iterator it;
+
+ for (it = m_idAttributeNameList.begin(); it != m_idAttributeNameList.end(); it++) {
+ XMLString::release(&(*it));
+ }
+
+ m_idAttributeNameList.empty();
+
+
}
// --------------------------------------------------------------------------------
@@ -176,6 +213,76 @@
XMLString::release(&mp_xencPrefixNS);
mp_xencPrefixNS = XMLString::replicate(prefix);
+
+}
+
+// --------------------------------------------------------------------------------
+// Id Attribute Names Handling
+// --------------------------------------------------------------------------------
+
+void XSECEnv::setIdByAttributeName(bool flag) {
+
+ m_idByAttributeNameFlag = flag;
+
+}
+
+bool XSECEnv::getIdByAttributeName(void) const {
+
+ return m_idByAttributeNameFlag;
+
+}
+
+bool XSECEnv::isRegisteredIdAttributeName(const XMLCh * name) const {
+
+ int sz = m_idAttributeNameList.size();
+
+ for (int i = 0; i < sz; ++i) {
+ if (strEquals(m_idAttributeNameList[i], name))
+ return true;
+ }
+
+ return false;
+
+}
+
+void XSECEnv::registerIdAttributeName(const XMLCh * name) {
+
+ if (isRegisteredIdAttributeName(name))
+ return;
+
+ m_idAttributeNameList.push_back(XMLString::replicate(name));
+
+}
+
+bool XSECEnv::deregisterIdAttributeName(const XMLCh * name) {
+
+ IdNameVectorType::iterator it;
+
+ for (it = m_idAttributeNameList.begin(); it != m_idAttributeNameList.end(); it++) {
+ if (strEquals(*it, name)) {
+
+ // Remove this item
+ XMLString::release(&(*it));
+ m_idAttributeNameList.erase(it);
+ return true;
+ }
+ }
+
+ return false;
+}
+
+int XSECEnv::getIdAttributeNameListSize() const {
+
+ return m_idAttributeNameList.size();
+
+}
+
+const XMLCh * XSECEnv::getIdAttributeNameListItem(int index) const {
+
+ if (index >= 0 && index < m_idAttributeNameList.size())
+ return m_idAttributeNameList[index];
+
+ return NULL;
}
1.5 +113 -1 xml-security/c/src/framework/XSECEnv.hpp
Index: XSECEnv.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/framework/XSECEnv.hpp,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- XSECEnv.hpp 8 Feb 2004 10:24:23 -0000 1.4
+++ XSECEnv.hpp 29 Feb 2004 06:39:45 -0000 1.5
@@ -31,6 +31,8 @@
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/utils/XSECSafeBufferFormatter.hpp>
+#include <vector>
+
// Xerces Includes
#include <xercesc/dom/DOM.hpp>
@@ -275,6 +277,105 @@
//@}
+ /** @name ID handling */
+
+ //@{
+
+ /**
+ * \brief Set Id finding behaviour
+ *
+ * The library de-references "#obj" URI references to ID attributes within
+ * a DOM document. Currently, the library first uses DOM calls to find if
+ * the Id has been properly set within the document via the parser or one
+ * of the DOM Level 3 calls to set an Id.
+ *
+ * If no Id is found of the correct name, the library then starts searching
+ * for attributes of a given name with the required value. This list defaults
+ * to "id" and "Id", but can be modified via a call to addIdAttributeName()
+ *
+ * The setIdByAttributeName call enables or disables the second part of the Id
+ * search. I.e. when the Id doesn't exist as an attribute of Type=ID, whether or
+ * not to search for an attribute of a name in the list of names. By default
+ * this behaviour is enabled.
+ *
+ * @warning This is currently enabled by default for backwards compatibility
+ * reasons only. Future version may reverse this and ship disabled by default, as
+ * this behaviour is a potential security risk.
+ *
+ * @param flag Enable (true) or Disable (false) searching for Id attributes by name
+ */
+
+ void setIdByAttributeName(bool flag);
+
+ /**
+ * \brief Determine Id finding behaviour
+ *
+ * Allows a caller to determine whether the library is currently searching for
+ * Id attributes by name
+ *
+ * @returns The value of the IdByAttributeName flag
+ */
+
+ bool getIdByAttributeName(void) const;
+
+ /**
+ * \brief Add an attribute name to be searched for when looking for Id attributes
+ *
+ * This allows a user to add an attribute name to be used to identify Id attributes
+ * when they are not set to be of Type=ID in the DOM
+ *
+ * @note Two names are registered by default - "Id" and "id". These can be
+ * removed by calling deregisterIdAttributeName
+ *
+ * @param idName Name to append to the list of those used to find Id attributes
+ */
+
+ void registerIdAttributeName(const XMLCh * name);
+
+ /**
+ * \brief Remove an attribute name to be searched for when looking for Id attributes
+ *
+ * This allows a user to de-register a particular name to be used to identify Id
+ * attributes.
+ *
+ * @param idName Name to remove from the list of those used to find Id attributes
+ * @returns true if found and removed, false if was not in the list
+ */
+
+ bool deregisterIdAttributeName(const XMLCh * name);
+
+ /**
+ * \brief Determine if an attribute name is registered as an Id name
+ *
+ * @param name String to check in the idAttributeName list
+ * @returns true if the passed in name is registered as an Attribute name
+ */
+
+ bool isRegisteredIdAttributeName(const XMLCh * name) const;
+
+ /**
+ * \brief Get number of Attribute Names registered as Id attributes
+ *
+ * @returns the number of elements in the list
+ */
+
+ int getIdAttributeNameListSize() const;
+
+ /*
+ * \brief Get an indexed attribute name to use as an Id
+ *
+ * Returns the item at index point in the list
+ *
+ * @note This is an internal function and should not be called directly
+ *
+ * @param index Pointer into the list
+ * @returns The indicated element or NULL if it does not exist.
+ */
+
+ const XMLCh * getIdAttributeNameListItem(int index) const;
+
+ //@}
+
/** @name Formatters */
//@{
@@ -288,9 +389,16 @@
XSECSafeBufferFormatter * getSBFormatter(void) const {return mp_formatter;}
+ //@}
private:
+#if defined(XSEC_NO_NAMESPACES)
+ typedef vector<XMLCh *> IdNameVectorType;
+#else
+ typedef std::vector<XMLCh *> IdNameVectorType;
+#endif
+
// Internal functions
XSECSafeBufferFormatter * mp_formatter;
@@ -307,6 +415,10 @@
// Flags
bool m_prettyPrintFlag;
+ bool m_idByAttributeNameFlag;
+
+ // Id handling
+ IdNameVectorType m_idAttributeNameList;
XSECEnv();
1.42 +2 -1 xml-security/c/src/tools/xtest/xtest.cpp
Index: xtest.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/tools/xtest/xtest.cpp,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- xtest.cpp 21 Feb 2004 08:26:54 -0000 1.41
+++ xtest.cpp 29 Feb 2004 06:39:45 -0000 1.42
@@ -629,6 +629,7 @@
sig = prov.newSignature();
sig->setDSIGNSPrefix(MAKE_UNICODE_STRING("ds"));
sig->setPrettyPrint(true);
+ sig->setIdByAttributeName(false); // Do not search by name
sigNode = sig->createBlankSignature(doc, CANON_C14N_COM, SIGNATURE_HMAC, HASH_SHA1);
1.7 +29 -15 xml-security/c/src/transformers/TXFMDocObject.cpp
Index: TXFMDocObject.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/transformers/TXFMDocObject.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- TXFMDocObject.cpp 21 Feb 2004 08:26:54 -0000 1.6
+++ TXFMDocObject.cpp 29 Feb 2004 06:39:45 -0000 1.7
@@ -36,6 +36,7 @@
input = NULL;
fragmentId = NULL;
type = TXFMBase::DOM_NODE_NONE; // No nodes currently held
+ mp_env = NULL;
}
@@ -56,9 +57,7 @@
}
-DOMNode * findDSIGId(DOMNode *current, const XMLCh * newFragmentId) {
-
- XSEC_USING_XERCES(DOMNamedNodeMap);
+DOMNode * findDSIGId(DOMNode *current, const XMLCh * newFragmentId, const XSECEnv * env) {
DOMNode *tmp, *ret;
DOMNamedNodeMap *atts;
@@ -67,12 +66,16 @@
atts = current->getAttributes();
if (atts != NULL) {
- tmp = atts->getNamedItem(MAKE_UNICODE_STRING("Id"));
- if (tmp != 0 && strEquals(tmp->getNodeValue(), newFragmentId)) {
+ int sz = env->getIdAttributeNameListSize();
+ for (int i = 0; i < sz ; ++i) {
+ tmp = atts->getNamedItem(env->getIdAttributeNameListItem(i));
+ if (tmp != 0 && strEquals(tmp->getNodeValue(), newFragmentId)) {
+
+ // Found it!
- // Found it!
+ return current;
- return current;
+ }
}
@@ -85,7 +88,7 @@
tmp = current->getFirstChild();
while (tmp != NULL) {
- if ((ret = findDSIGId(tmp, newFragmentId)) != 0)
+ if ((ret = findDSIGId(tmp, newFragmentId, env)) != 0)
return ret;
tmp = tmp->getNextSibling();
@@ -104,22 +107,33 @@
fragmentObject = doc->getElementById(newFragmentId);
- if (fragmentObject == 0) {
+ if ((fragmentObject == NULL) && (mp_env != NULL) && (mp_env->getIdByAttributeName())) {
// It might be that no DSIG DTD was attached and that the ID is in a
- // DSIG element
+ // DSIG element and the application is permitting attribute name based
+ // Id searches
- fragmentObject = findDSIGId(doc, newFragmentId);
+ fragmentObject = findDSIGId(doc, newFragmentId, mp_env);
- if (fragmentObject == 0)
+ }
- throw XSECException(XSECException::IDNotFoundInDOMDoc);
+ if (fragmentObject == 0)
- }
+ throw XSECException(XSECException::IDNotFoundInDOMDoc);
document = doc;
fragmentId = XMLString::replicate(newFragmentId);
type = TXFMBase::DOM_NODE_DOCUMENT_FRAGMENT;
+
+}
+
+// --------------------------------------------------------------------------------
+// Env Handling
+// --------------------------------------------------------------------------------
+
+void TXFMDocObject::setEnv(const XSECEnv * env) {
+
+ mp_env = env;
}
1.8 +9 -1 xml-security/c/src/transformers/TXFMDocObject.hpp
Index: TXFMDocObject.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/transformers/TXFMDocObject.hpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- TXFMDocObject.hpp 8 Feb 2004 10:25:16 -0000 1.7
+++ TXFMDocObject.hpp 29 Feb 2004 06:39:45 -0000 1.8
@@ -27,6 +27,7 @@
#include <xsec/transformers/TXFMBase.hpp>
#include <xsec/utils/XSECSafeBuffer.hpp>
+#include <xsec/framework/XSECEnv.hpp>
// Xerces
@@ -58,6 +59,11 @@
);
void setInput(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc);
+ // Environment - when searching for IDs we need to know about the user
+ // environment (namely - how to handle ID attribute names)
+
+ void setEnv(const XSECEnv * env);
+
// Methods to get tranform output type and input requirement
TXFMBase::ioType getInputType(void);
@@ -79,6 +85,8 @@
XERCES_CPP_NAMESPACE_QUALIFIER DOMNode
* fragmentObject; // The object that contains the doc fragment to use
TXFMBase::nodeType type; // The type of nodes this holds
+
+ const XSECEnv * mp_env;
TXFMDocObject();
1.15 +2 -2 xml-security/c/src/xenc/impl/XENCEncryptedTypeImpl.cpp
Index: XENCEncryptedTypeImpl.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/xenc/impl/XENCEncryptedTypeImpl.cpp,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- XENCEncryptedTypeImpl.cpp 8 Feb 2004 10:26:01 -0000 1.14
+++ XENCEncryptedTypeImpl.cpp 29 Feb 2004 06:39:45 -0000 1.15
@@ -347,7 +347,7 @@
else if (mp_cipherData->getCipherDataType() == XENCCipherData::REFERENCE_TYPE) {
TXFMChain * chain;
- TXFMBase * b = DSIGReference::getURIBaseTXFM(mp_env->getParentDocument(), mp_cipherData->getCipherReference()->getURI(), mp_env->getURIResolver());
+ TXFMBase * b = DSIGReference::getURIBaseTXFM(mp_env->getParentDocument(), mp_cipherData->getCipherReference()->getURI(), mp_env);
chain = DSIGReference::createTXFMChainFromList(b, mp_cipherData->getCipherReference()->getTransforms());
Janitor<TXFMChain> j_chain(chain);