You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2018/08/30 15:09:59 UTC
svn commit: r1839683 - in
/santuario/xml-security-java/branches/2.1.x-fixes/src:
main/java/org/apache/jcp/xml/dsig/internal/dom/
main/java/org/apache/xml/security/algorithms/implementations/
main/java/org/apache/xml/security/encryption/ main/java/org/a...
Author: coheigea
Date: Thu Aug 30 15:09:59 2018
New Revision: 1839683
URL: http://svn.apache.org/viewvc?rev=1839683&view=rev
Log:
SANTUARIO-493 - ElementProxy.getBigIntegerFromChildElement can fail depending on the DOM implementation
Modified:
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMPGPData.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/algorithms/implementations/IntegrityHmac.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/Reference.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/XMLSignature.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/transforms/params/XPathFilterCHGPContainer.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/ElementProxy.java
santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/XMLUtils.java
santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java Thu Aug 30 15:09:59 2018
@@ -520,7 +520,7 @@ public abstract class DOMKeyValue<K exte
ECPoint ecPoint = null;
try {
- String content = XMLUtils.getFullTextChildrenFromElement(curElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(curElem);
ecPoint = decodePoint(XMLUtils.decode(content),
ecParams.getCurve());
} catch (IOException ioe) {
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMPGPData.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMPGPData.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMPGPData.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMPGPData.java Thu Aug 30 15:09:59 2018
@@ -151,10 +151,10 @@ public final class DOMPGPData extends Ba
String localName = childElem.getLocalName();
String namespace = childElem.getNamespaceURI();
if ("PGPKeyID".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
- String content = XMLUtils.getFullTextChildrenFromElement(childElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(childElem);
pgpKeyId = XMLUtils.decode(content);
} else if ("PGPKeyPacket".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
- String content = XMLUtils.getFullTextChildrenFromElement(childElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(childElem);
pgpKeyPacket = XMLUtils.decode(content);
} else {
other.add
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java Thu Aug 30 15:09:59 2018
@@ -237,7 +237,7 @@ public final class DOMReference extends
// unmarshal DigestValue
Element dvElem = DOMUtils.getNextSiblingElement(dmElem, "DigestValue", XMLSignature.XMLNS);
- String content = XMLUtils.getFullTextChildrenFromElement(dvElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(dvElem);
this.digestValue = XMLUtils.decode(content);
// check for extra elements
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java Thu Aug 30 15:09:59 2018
@@ -108,7 +108,7 @@ public final class DOMX509Data extends B
} else if ("X509SubjectName".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
newContent.add(childElem.getFirstChild().getNodeValue());
} else if ("X509SKI".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
- String content = XMLUtils.getFullTextChildrenFromElement(childElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(childElem);
newContent.add(XMLUtils.decode(content));
} else if ("X509CRL".equals(localName) && XMLSignature.XMLNS.equals(namespace)) {
newContent.add(unmarshalX509CRL(childElem));
@@ -213,7 +213,7 @@ public final class DOMX509Data extends B
if (cf == null) {
cf = CertificateFactory.getInstance("X.509");
}
- String content = XMLUtils.getFullTextChildrenFromElement(elem);
+ String content = XMLUtils.getFullTextChildrenFromNode(elem);
return new ByteArrayInputStream(XMLUtils.decode(content));
} catch (CertificateException e) {
throw new MarshalException("Cannot create CertificateFactory", e);
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Thu Aug 30 15:09:59 2018
@@ -490,7 +490,7 @@ public final class DOMXMLSignature exten
throws MarshalException
{
// base64 decode signatureValue
- String content = XMLUtils.getFullTextChildrenFromElement(sigValueElem);
+ String content = XMLUtils.getFullTextChildrenFromNode(sigValueElem);
value = XMLUtils.decode(content);
id = DOMUtils.getIdAttributeValue(sigValueElem, "Id");
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/algorithms/implementations/IntegrityHmac.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/algorithms/implementations/IntegrityHmac.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/algorithms/implementations/IntegrityHmac.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/algorithms/implementations/IntegrityHmac.java Thu Aug 30 15:09:59 2018
@@ -36,6 +36,7 @@ import org.apache.xml.security.utils.Con
import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import org.w3c.dom.Text;
public abstract class IntegrityHmac extends SignatureAlgorithmSpi {
@@ -321,12 +322,13 @@ public abstract class IntegrityHmac exte
throw new IllegalArgumentException("element null");
}
- Text hmaclength =
- XMLUtils.selectDsNodeText(element.getFirstChild(), Constants._TAG_HMACOUTPUTLENGTH, 0);
-
- if (hmaclength != null) {
- this.HMACOutputLength = Integer.parseInt(hmaclength.getData());
- this.HMACOutputLengthSet = true;
+ Node n = XMLUtils.selectDsNode(element.getFirstChild(), Constants._TAG_HMACOUTPUTLENGTH, 0);
+ if (n != null) {
+ String hmacLength = XMLUtils.getFullTextChildrenFromNode(n);
+ if (hmacLength != null && !"".equals(hmacLength)) {
+ this.HMACOutputLength = Integer.parseInt(hmacLength);
+ this.HMACOutputLengthSet = true;
+ }
}
}
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java Thu Aug 30 15:09:59 2018
@@ -2220,7 +2220,7 @@ public class XMLCipher {
* @return a new CipherValue
*/
CipherValue newCipherValue(Element element) {
- String value = XMLUtils.getFullTextChildrenFromElement(element);
+ String value = XMLUtils.getFullTextChildrenFromNode(element);
return newCipherValue(value);
}
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/Reference.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/Reference.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/Reference.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/Reference.java Thu Aug 30 15:09:59 2018
@@ -789,7 +789,7 @@ public class Reference extends Signature
"signature.Verification.NoSignatureElement", exArgs
);
}
- String content = XMLUtils.getFullTextChildrenFromElement(digestValueElement);
+ String content = XMLUtils.getFullTextChildrenFromNode(digestValueElement);
return XMLUtils.decode(content);
}
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/XMLSignature.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/XMLSignature.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/XMLSignature.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/signature/XMLSignature.java Thu Aug 30 15:09:59 2018
@@ -499,7 +499,7 @@ public final class XMLSignature extends
* @throws XMLSignatureException If there is no content
*/
public byte[] getSignatureValue() throws XMLSignatureException {
- String content = XMLUtils.getFullTextChildrenFromElement(signatureValueElement);
+ String content = XMLUtils.getFullTextChildrenFromNode(signatureValueElement);
return XMLUtils.decode(content);
}
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/transforms/params/XPathFilterCHGPContainer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/transforms/params/XPathFilterCHGPContainer.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/transforms/params/XPathFilterCHGPContainer.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/transforms/params/XPathFilterCHGPContainer.java Thu Aug 30 15:09:59 2018
@@ -26,6 +26,7 @@ import org.apache.xml.security.utils.XML
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import org.w3c.dom.Text;
/**
* Implements the parameters for a custom Transform which has a better performance
@@ -200,7 +201,7 @@ public class XPathFilterCHGPContainer ex
getElement().getFirstChild(), this.getBaseNamespace(), type, 0
);
- return XMLUtils.getFullTextChildrenFromElement(xElem);
+ return XMLUtils.getFullTextChildrenFromNode(xElem);
}
/**
@@ -254,11 +255,23 @@ public class XPathFilterCHGPContainer ex
return null;
}
- return XMLUtils.selectNodeText(
+ return selectNodeText(
getFirstChild(), this.getBaseNamespace(), type, 0
);
}
+ private static Text selectNodeText(Node sibling, String uri, String nodeName, int number) {
+ Node n = XMLUtils.selectNode(sibling, uri, nodeName, number);
+ if (n == null) {
+ return null;
+ }
+ n = n.getFirstChild();
+ while (n != null && n.getNodeType() != Node.TEXT_NODE) {
+ n = n.getNextSibling();
+ }
+ return (Text)n;
+ }
+
/**
* Method getHereContextNodeIncludeButSearch
*
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/ElementProxy.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/ElementProxy.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/ElementProxy.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/ElementProxy.java Thu Aug 30 15:09:59 2018
@@ -362,11 +362,12 @@ public abstract class ElementProxy {
public BigInteger getBigIntegerFromChildElement(
String localname, String namespace
) {
- return new BigInteger(1, XMLUtils.decode(
- XMLUtils.selectNodeText(
- getFirstChild(), namespace, localname, 0
- ).getNodeValue()
- ));
+ Node n = XMLUtils.selectNode(getFirstChild(), namespace, localname, 0);
+ if (n != null) {
+ return new BigInteger(1, XMLUtils.decode(XMLUtils.getFullTextChildrenFromNode(n)));
+ }
+
+ return null;
}
/**
@@ -401,7 +402,7 @@ public abstract class ElementProxy {
* element
*/
public String getTextFromTextChild() {
- return XMLUtils.getFullTextChildrenFromElement(getElement());
+ return XMLUtils.getFullTextChildrenFromNode(getElement());
}
/**
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/XMLUtils.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/XMLUtils.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/XMLUtils.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/main/java/org/apache/xml/security/utils/XMLUtils.java Thu Aug 30 15:09:59 2018
@@ -268,16 +268,21 @@ public final class XMLUtils {
}
}
+ @Deprecated
+ public static String getFullTextChildrenFromElement(Element element) {
+ return getFullTextChildrenFromNode(element);
+ }
+
/**
- * Method getFullTextChildrenFromElement
+ * Method getFullTextChildrenFromNode
*
- * @param element
+ * @param node
* @return the string of children
*/
- public static String getFullTextChildrenFromElement(Element element) {
+ public static String getFullTextChildrenFromNode(Node node) {
StringBuilder sb = new StringBuilder();
- Node child = element.getFirstChild();
+ Node child = node.getFirstChild();
while (child != null) {
if (child.getNodeType() == Node.TEXT_NODE) {
sb.append(((Text)child).getData());
@@ -793,7 +798,7 @@ public final class XMLUtils {
while (sibling != null) {
if (sibling.getNamespaceURI() != null && sibling.getNamespaceURI().equals(uri)
&& sibling.getLocalName().equals(nodeName)) {
- if (number == 0){
+ if (number == 0) {
return (Element)sibling;
}
number--;
Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java?rev=1839683&r1=1839682&r2=1839683&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java Thu Aug 30 15:09:59 2018
@@ -553,7 +553,7 @@ public class XMLEncryption11Test extends
if (oaepParams != null) {
NodeList oaepParamsElements = document.getElementsByTagNameNS(XMLSecurityConstants.NS_XMLENC, "OAEPparams");
Assert.assertEquals(1, oaepParamsElements.getLength());
- String content = XMLUtils.getFullTextChildrenFromElement((Element) oaepParamsElements.item(0));
+ String content = XMLUtils.getFullTextChildrenFromNode(oaepParamsElements.item(0));
Assert.assertArrayEquals(oaepParams, XMLUtils.decode(content));
}
return document;