You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2011/04/18 14:12:18 UTC
svn commit: r1094513 - in /santuario/xml-security-java/branches/1.4.x-fixes:
./ data/org/apache/xml/security/c14n/inExcl/
src/org/apache/xml/security/c14n/implementations/
src_unitTests/org/apache/xml/security/test/c14n/implementations/
Author: coheigea
Date: Mon Apr 18 12:12:18 2011
New Revision: 1094513
URL: http://svn.apache.org/viewvc?rev=1094513&view=rev
Log:
[SANTUARIO-263] - Canonicalizer can't handle dynamical created DOM correctly
- Patch applied, thanks.
Added:
santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4.xml
santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4_c14nized.xml
Modified:
santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt
santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java
santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java
santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java
santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Canonicalizer20010315ExclusiveTest.java
Modified: santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt?rev=1094513&r1=1094512&r2=1094513&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt Mon Apr 18 12:12:18 2011
@@ -1,5 +1,6 @@
Changelog for "Apache xml-security" <http://santuario.apache.org/>
New in v1.4.5-SNAPSHOT
+ Fixed SANTUARIO-263: Canonicalizer can't handle dynamical created DOM correctly. Thanks to Martin Koegler.
Fixed SANTUARIO-262: Invalid use of String.getBytes(). Thanks to Martin Koegler.
New in v1.4.4
Added: santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4.xml?rev=1094513&view=auto
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4.xml (added)
+++ santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4.xml Mon Apr 18 12:12:18 2011
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8"?><dsig:local xmlns:dsig="foo:bar"><etsi:test xmlns:etsi="http://example.net"><etsi:elem2><dsig:stuff/></etsi:elem2></etsi:test></dsig:local>
\ No newline at end of file
Added: santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4_c14nized.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4_c14nized.xml?rev=1094513&view=auto
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4_c14nized.xml (added)
+++ santuario/xml-security-java/branches/1.4.x-fixes/data/org/apache/xml/security/c14n/inExcl/example2_4_c14nized.xml Mon Apr 18 12:12:18 2011
@@ -0,0 +1 @@
+<etsi:elem2 xmlns:etsi="http://example.net"><dsig:stuff xmlns:dsig="foo:bar"></dsig:stuff></etsi:elem2>
\ No newline at end of file
Modified: santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java?rev=1094513&r1=1094512&r2=1094513&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java Mon Apr 18 12:12:18 2011
@@ -412,9 +412,9 @@ public abstract class Canonicalizer11 ex
}
void handleParent(Element e, NameSpaceSymbTable ns) {
- if (!e.hasAttributes()) {
- return;
- }
+ if (!e.hasAttributes() && e.getNamespaceURI() == null) {
+ return;
+ }
xmlattrStack.push(-1);
NamedNodeMap attrs = e.getAttributes();
int attrsLength = attrs.getLength();
@@ -436,6 +436,20 @@ public abstract class Canonicalizer11 ex
}
ns.addMapping(NName,NValue,N);
}
+ if (e.getNamespaceURI() != null) {
+ String NName = e.getPrefix();
+ String NValue = e.getNamespaceURI();
+ String Name;
+ if (NName == null || NName.equals("")) {
+ NName = "xmlns";
+ Name = "xmlns";
+ } else {
+ Name = "xmlns:" + NName;
+ }
+ Attr n = e.getOwnerDocument().createAttributeNS("http://www.w3.org/2000/xmlns/", Name);
+ n.setValue(NValue);
+ ns.addMapping(NName, NValue, n);
+ }
}
private static String joinURI(String baseURI, String relativeURI)
Modified: santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java?rev=1094513&r1=1094512&r2=1094513&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java Mon Apr 18 12:12:18 2011
@@ -359,7 +359,7 @@ public abstract class Canonicalizer20010
}
void handleParent(Element e, NameSpaceSymbTable ns) {
- if (!e.hasAttributes()) {
+ if (!e.hasAttributes() && e.getNamespaceURI() == null) {
return;
}
xmlattrStack.push(-1);
@@ -383,5 +383,19 @@ public abstract class Canonicalizer20010
}
ns.addMapping(NName,NValue,N);
}
+ if (e.getNamespaceURI() != null) {
+ String NName = e.getPrefix();
+ String NValue = e.getNamespaceURI();
+ String Name;
+ if (NName == null || NName.equals("")) {
+ NName = "xmlns";
+ Name = "xmlns";
+ } else {
+ Name = "xmlns:" + NName;
+ }
+ Attr n = e.getOwnerDocument().createAttributeNS("http://www.w3.org/2000/xmlns/", Name);
+ n.setValue(NValue);
+ ns.addMapping(NName, NValue, n);
+ }
}
}
Modified: santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java?rev=1094513&r1=1094512&r2=1094513&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java Mon Apr 18 12:12:18 2011
@@ -557,7 +557,7 @@ public abstract class CanonicalizerBase
}
void handleParent(Element e,NameSpaceSymbTable ns) {
- if (!e.hasAttributes()) {
+ if (!e.hasAttributes() && e.getNamespaceURI() == null) {
return;
}
NamedNodeMap attrs = e.getAttributes();
@@ -576,7 +576,21 @@ public abstract class CanonicalizerBase
continue;
}
ns.addMapping(NName,NValue,N);
- }
+ }
+ if (e.getNamespaceURI() != null) {
+ String NName = e.getPrefix();
+ String NValue = e.getNamespaceURI();
+ String Name;
+ if (NName == null || NName.equals("")) {
+ NName = "xmlns";
+ Name = "xmlns";
+ } else {
+ Name = "xmlns:" + NName;
+ }
+ Attr n = e.getOwnerDocument().createAttributeNS("http://www.w3.org/2000/xmlns/", Name);
+ n.setValue(NValue);
+ ns.addMapping(NName, NValue, n);
+ }
}
/**
Modified: santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Canonicalizer20010315ExclusiveTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Canonicalizer20010315ExclusiveTest.java?rev=1094513&r1=1094512&r2=1094513&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Canonicalizer20010315ExclusiveTest.java (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Canonicalizer20010315ExclusiveTest.java Mon Apr 18 12:12:18 2011
@@ -390,7 +390,84 @@ public class Canonicalizer20010315Exclus
byte[] bytes = c14n.engineCanonicalize(input, "env ns0 xsi wsu");
assertEquals(c14nXML,new String(bytes));
}
+
+ /**
+ * Method test24excl - a testcase for SANTUARIO-263
+ * "Canonicalizer can't handle dynamical created DOM correctly"
+ * https://issues.apache.org/jira/browse/SANTUARIO-263
+ *
+ * @throws CanonicalizationException
+ * @throws FileNotFoundException
+ * @throws IOException
+ * @throws InvalidCanonicalizerException
+ * @throws ParserConfigurationException
+ * @throws SAXException
+ * @throws TransformerException
+ * @throws XMLSecurityException
+ * @throws XMLSignatureException
+ */
+ public void test24excl()
+ throws IOException, FileNotFoundException, SAXException,
+ ParserConfigurationException, CanonicalizationException,
+ InvalidCanonicalizerException, TransformerException,
+ XMLSignatureException, XMLSecurityException {
+ Document doc =
+ this.db.parse(getAbsolutePath("data/org/apache/xml/security/c14n/inExcl/example2_4.xml"));
+ Node root =
+ doc.getElementsByTagNameNS("http://example.net", "elem2").item(0);
+ Canonicalizer20010315Excl c = new Canonicalizer20010315ExclWithComments();
+ byte[] reference =
+ JavaUtils.getBytesFromFile(getAbsolutePath(
+ "data/org/apache/xml/security/c14n/inExcl/example2_4_c14nized.xml"));
+ byte[] result = c.engineCanonicalizeSubTree(root);
+ boolean equals = java.security.MessageDigest.isEqual(reference, result);
+
+ assertTrue(equals);
+ }
+
+ /**
+ * Method test24Aexcl - a testcase for SANTUARIO-263
+ * "Canonicalizer can't handle dynamical created DOM correctly"
+ * https://issues.apache.org/jira/browse/SANTUARIO-263
+ *
+ * @throws CanonicalizationException
+ * @throws FileNotFoundException
+ * @throws IOException
+ * @throws InvalidCanonicalizerException
+ * @throws ParserConfigurationException
+ * @throws SAXException
+ * @throws TransformerException
+ * @throws XMLSecurityException
+ * @throws XMLSignatureException
+ */
+ public void test24Aexcl()
+ throws IOException, FileNotFoundException, SAXException,
+ ParserConfigurationException, CanonicalizationException,
+ InvalidCanonicalizerException, TransformerException,
+ XMLSignatureException, XMLSecurityException {
+
+ Document doc = dbf.newDocumentBuilder ().newDocument ();
+ Element local = doc.createElementNS("foo:bar", "dsig:local");
+ Element test = doc.createElementNS("http://example.net", "etsi:test");
+ Element elem2 = doc.createElementNS("http://example.net", "etsi:elem2");
+ Element stuff = doc.createElementNS("foo:bar", "dsig:stuff");
+ elem2.appendChild(stuff);
+ test.appendChild(elem2);
+ local.appendChild(test);
+ doc.appendChild(local);
+
+ Node root = doc.getElementsByTagNameNS("http://example.net", "elem2").item(0);
+ Canonicalizer20010315Excl c = new Canonicalizer20010315ExclWithComments();
+ byte[] reference =
+ JavaUtils.getBytesFromFile(getAbsolutePath(
+ "data/org/apache/xml/security/c14n/inExcl/example2_4_c14nized.xml"));
+ byte[] result = c.engineCanonicalizeSubTree(root);
+ boolean equals = java.security.MessageDigest.isEqual(reference, result);
+
+ assertTrue(equals);
+ }
+
private String getAbsolutePath(String path)
{
String basedir = System.getProperty("basedir");