You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Paul Dennis (JIRA)" <ji...@apache.org> on 2016/03/24 23:24:25 UTC

[jira] [Created] (SANTUARIO-438) AbstractEncryptOutputProcessor.applyTransforms() is not needed

Paul Dennis created SANTUARIO-438:
-------------------------------------

             Summary: AbstractEncryptOutputProcessor.applyTransforms() is not needed
                 Key: SANTUARIO-438
                 URL: https://issues.apache.org/jira/browse/SANTUARIO-438
             Project: Santuario
          Issue Type: Bug
      Security Level: Public (Public issues, viewable by everyone)
          Components: Java
    Affects Versions: Java 2.0.6
         Environment: Ubuntu 14
            Reporter: Paul Dennis
            Assignee: Colm O hEigeartaigh


Loading Java xmlsec, Eclipse (perhaps falsely) detects a stream resource handing issue and complains about the call to applyTransforms() in AbstractEncryptOutputProcessor.init()

{code:title=AbstractEncryptOutputProcessor.java|borderStyle=solid}
      @Override
        public void init(OutputProcessorChain outputProcessorChain) throws XMLSecurityException {

            String encryptionSymAlgorithm = securityProperties.getEncryptionSymAlgorithm();
            try {
                //initialize the cipher
                String jceAlgorithm = JCEAlgorithmMapper.translateURItoJCEID(encryptionSymAlgorithm);
                if (jceAlgorithm == null) {
                    throw new XMLSecurityException("algorithms.NoSuchMap",
                                                   new Object[] {encryptionSymAlgorithm});
                }
                Cipher symmetricCipher = Cipher.getInstance(jceAlgorithm);

                int ivLen = JCEMapper.getIVLengthFromURI(encryptionSymAlgorithm) / 8;
                byte[] iv = XMLSecurityConstants.generateBytes(ivLen);
                AlgorithmParameterSpec parameterSpec =
                    XMLCipherUtil.constructBlockCipherParameters(encryptionSymAlgorithm, iv, this.getClass());
                symmetricCipher.init(Cipher.ENCRYPT_MODE, encryptionPartDef.getSymmetricKey(), parameterSpec);

                characterEventGeneratorOutputStream = new CharacterEventGeneratorOutputStream();
                Base64OutputStream base64EncoderStream =
                        new Base64OutputStream(characterEventGeneratorOutputStream, true, 0, null);
                base64EncoderStream.write(iv);

                OutputStream outputStream = new CipherOutputStream(base64EncoderStream, symmetricCipher);
                outputStream = applyTransforms(outputStream);

... 
}
        protected OutputStream applyTransforms(OutputStream outputStream) throws XMLSecurityException {
            return outputStream;
        }
code}

The applyTransforms() method call could be removed as it does not appear to be used in the project. 




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)