You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2020/01/09 13:39:25 UTC
svn commit: r1872537 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/c14n/
main/java/org/apache/xml/security/encryption/
main/java/org/apache/xml/security/utils/
test/java/javax/xml/crypto/test/dsig/ test/java/org/apache/...
Author: coheigea
Date: Thu Jan 9 13:39:25 2020
New Revision: 1872537
URL: http://svn.apache.org/viewvc?rev=1872537&view=rev
Log:
Prune some serialization methods from XMLUtils
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/XMLUtils.java
santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/CreateBaltimore23Test.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer11Test.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315ExclusiveTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315Test.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/utils/XMLUtilsPerformanceTest.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/Canonicalizer.java Thu Jan 9 13:39:25 2020
@@ -40,7 +40,6 @@ import org.apache.xml.security.utils.XML
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import org.xml.sax.InputSource;
/**
*
@@ -252,7 +251,6 @@ public final class Canonicalizer {
java.io.IOException, org.xml.sax.SAXException, CanonicalizationException {
Document document = null;
try (InputStream bais = new ByteArrayInputStream(inputBytes)) {
- InputSource in = new InputSource(bais);
/*
* Text from the spec:
@@ -268,7 +266,7 @@ public final class Canonicalizer {
* though the document type declaration is not retained in the
* canonical form.
*/
- document = XMLUtils.read(in, secureValidation);
+ document = XMLUtils.read(bais, secureValidation);
}
return this.canonicalizeSubtree(document);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/c14n/CanonicalizerSpi.java Thu Jan 9 13:39:25 2020
@@ -26,7 +26,6 @@ import org.apache.xml.security.utils.XML
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import org.xml.sax.InputSource;
/**
* Base class which all Canonicalization algorithms extend.
@@ -55,9 +54,7 @@ public abstract class CanonicalizerSpi {
Document document = null;
try (java.io.InputStream bais = new ByteArrayInputStream(inputBytes)) {
- InputSource in = new InputSource(bais);
-
- document = XMLUtils.read(in, secureValidation);
+ document = XMLUtils.read(bais, secureValidation);
}
return this.engineCanonicalizeSubTree(document);
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java Thu Jan 9 13:39:25 2020
@@ -21,7 +21,7 @@ package org.apache.xml.security.encrypti
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.io.StringReader;
+import java.nio.charset.StandardCharsets;
import javax.xml.parsers.ParserConfigurationException;
@@ -30,7 +30,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.DocumentFragment;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
/**
@@ -47,7 +46,7 @@ public class DocumentSerializer extends
public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException {
byte[] fragment = createContext(source, ctx);
try (InputStream is = new ByteArrayInputStream(fragment)) {
- return deserialize(ctx, new InputSource(is));
+ return deserialize(ctx, is);
}
}
@@ -59,18 +58,18 @@ public class DocumentSerializer extends
*/
public Node deserialize(String source, Node ctx) throws XMLEncryptionException {
String fragment = createContext(source, ctx);
- return deserialize(ctx, new InputSource(new StringReader(fragment)));
+ return deserialize(ctx, new ByteArrayInputStream(fragment.getBytes(StandardCharsets.UTF_8)));
}
/**
* @param ctx
- * @param inputSource
+ * @param inputStream
* @return the Node resulting from the parse of the source
* @throws XMLEncryptionException
*/
- private Node deserialize(Node ctx, InputSource inputSource) throws XMLEncryptionException {
+ private Node deserialize(Node ctx, InputStream inputStream) throws XMLEncryptionException {
try {
- Document d = XMLUtils.read(inputSource, secureValidation);
+ Document d = XMLUtils.read(inputStream, secureValidation);
Document contextDocument = null;
if (Node.DOCUMENT_NODE == ctx.getNodeType()) {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/XMLUtils.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/XMLUtils.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/XMLUtils.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/XMLUtils.java Thu Jan 9 13:39:25 2020
@@ -50,7 +50,6 @@ import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
-import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
/**
@@ -1027,10 +1026,6 @@ public final class XMLUtils {
return doc;
}
- public static Document read(InputStream inputStream) throws ParserConfigurationException, SAXException, IOException {
- return read(inputStream, true);
- }
-
public static Document read(InputStream inputStream, boolean disAllowDocTypeDeclarations) throws ParserConfigurationException, SAXException, IOException {
ClassLoader loader = getContextClassLoader();
if (loader == null) {
@@ -1048,48 +1043,6 @@ public final class XMLUtils {
repoolDocumentBuilder(documentBuilder, queue);
return doc;
}
-
- public static Document read(String uri, boolean disAllowDocTypeDeclarations)
- throws ParserConfigurationException, SAXException, IOException {
- ClassLoader loader = getContextClassLoader();
- if (loader == null) {
- loader = getClassLoader(XMLUtils.class);
- }
- // If the ClassLoader is null then just create a DocumentBuilder and use it
- if (loader == null) {
- DocumentBuilder documentBuilder = createDocumentBuilder(disAllowDocTypeDeclarations);
- return documentBuilder.parse(uri);
- }
-
- Queue<DocumentBuilder> queue = getDocumentBuilderQueue(disAllowDocTypeDeclarations, loader);
- DocumentBuilder documentBuilder = getDocumentBuilder(disAllowDocTypeDeclarations, queue);
- Document doc = documentBuilder.parse(uri);
- repoolDocumentBuilder(documentBuilder, queue);
- return doc;
- }
-
- public static Document read(InputSource inputSource) throws ParserConfigurationException, SAXException, IOException {
- return read(inputSource, true);
- }
-
- public static Document read(InputSource inputSource, boolean disAllowDocTypeDeclarations)
- throws ParserConfigurationException, SAXException, IOException {
- ClassLoader loader = getContextClassLoader();
- if (loader == null) {
- loader = getClassLoader(XMLUtils.class);
- }
- // If the ClassLoader is null then just create a DocumentBuilder and use it
- if (loader == null) {
- DocumentBuilder documentBuilder = createDocumentBuilder(disAllowDocTypeDeclarations);
- return documentBuilder.parse(inputSource);
- }
-
- Queue<DocumentBuilder> queue = getDocumentBuilderQueue(disAllowDocTypeDeclarations, loader);
- DocumentBuilder documentBuilder = getDocumentBuilder(disAllowDocTypeDeclarations, queue);
- Document doc = documentBuilder.parse(inputSource);
- repoolDocumentBuilder(documentBuilder, queue);
- return doc;
- }
/**
* Returns a byte-array representation of a <code>{@link BigInteger}</code>.
Modified: santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/CreateBaltimore23Test.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/CreateBaltimore23Test.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/CreateBaltimore23Test.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/CreateBaltimore23Test.java Thu Jan 9 13:39:25 2020
@@ -35,7 +35,6 @@ import java.security.cert.X509CRL;
import java.util.*;
import org.w3c.dom.*;
-import org.xml.sax.InputSource;
import org.xml.sax.SAXParseException;
import javax.xml.crypto.KeySelector;
@@ -599,7 +598,7 @@ public class CreateBaltimore23Test {
// read document back into DOM tree
try {
- doc = XMLUtils.read(new InputSource(new StringReader(sw.toString())), false);
+ doc = XMLUtils.read(new ByteArrayInputStream(sw.toString().getBytes(StandardCharsets.UTF_8)), false);
} catch (SAXParseException spe) {
System.err.println("line:" + spe.getLineNumber());
System.err.println("xml:" + sw.toString());
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer11Test.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer11Test.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer11Test.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer11Test.java Thu Jan 9 13:39:25 2020
@@ -24,6 +24,7 @@ import java.io.FileOutputStream;
import java.util.HashMap;
import java.util.Map;
+import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathFactory;
@@ -31,7 +32,6 @@ import javax.xml.xpath.XPathFactory;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.test.dom.DSNamespaceContext;
import org.apache.xml.security.utils.JavaUtils;
-import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;
@@ -237,7 +237,11 @@ public class Canonicalizer11Test {
Map<String, String> namespaces
) throws Exception {
- Document doc = XMLUtils.read(fileIn, false);
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ dbf.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbf.setNamespaceAware(true);
+
+ Document doc = dbf.newDocumentBuilder().parse(fileIn);
Canonicalizer c14n = Canonicalizer.getInstance(c14nURI);
byte[] c14nBytes = null;
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315ExclusiveTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315ExclusiveTest.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315ExclusiveTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315ExclusiveTest.java Thu Jan 9 13:39:25 2020
@@ -19,9 +19,10 @@
package org.apache.xml.security.test.dom.c14n.implementations;
+import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
-import java.io.StringReader;
+import java.nio.charset.StandardCharsets;
import java.util.HashSet;
import java.util.Set;
@@ -44,7 +45,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import org.xml.sax.InputSource;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -238,7 +238,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
Set<Node> nodeSet = new HashSet<>();
@@ -332,7 +332,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
{
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
@@ -395,7 +395,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
{
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
@@ -445,7 +445,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
{
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
@@ -495,7 +495,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
{
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
@@ -545,7 +545,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
byte[] bytes = c14n.engineCanonicalizeSubTree(doc.getDocumentElement().getFirstChild(), "#default", true);
@@ -580,7 +580,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
byte[] bytes = c14n.engineCanonicalizeSubTree(doc.getDocumentElement().getFirstChild(), "#default", true);
@@ -615,7 +615,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
byte[] bytes = c14n.engineCanonicalizeSubTree(doc.getDocumentElement().getFirstChild(), "#default", true);
@@ -650,7 +650,7 @@ public class Canonicalizer20010315Exclus
+ "</ns0:Ping>"
+ "</env:Body>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
byte[] bytes = c14n.engineCanonicalizeSubTree(doc.getDocumentElement().getFirstChild(), "#default", true);
@@ -680,7 +680,7 @@ public class Canonicalizer20010315Exclus
+ "<ns0:text xsi:type=\"xsd:string\">hello</ns0:text>"
+ "</ns0:Ping>";
- Document doc = XMLUtils.read(new InputSource(new StringReader(XML)), false);
+ Document doc = XMLUtils.read(new ByteArrayInputStream(XML.getBytes(StandardCharsets.UTF_8)), false);
Canonicalizer20010315ExclOmitComments c14n =
new Canonicalizer20010315ExclOmitComments();
byte[] bytes = c14n.engineCanonicalizeSubTree(doc.getDocumentElement().getFirstChild().getFirstChild(), "#default", true);
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315Test.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315Test.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315Test.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/c14n/implementations/Canonicalizer20010315Test.java Thu Jan 9 13:39:25 2020
@@ -28,6 +28,7 @@ import java.io.InputStream;
import java.util.HashMap;
import java.util.Map;
+import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
@@ -695,8 +696,11 @@ public class Canonicalizer20010315Test {
Map<String, String> namespaces
) throws Exception {
- Document doc = XMLUtils.read(fileIn, false);
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ dbf.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbf.setNamespaceAware(true);
+ Document doc = dbf.newDocumentBuilder().parse(fileIn);
Canonicalizer c14n = Canonicalizer.getInstance(c14nURI);
byte[] c14nBytes = null;
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/utils/XMLUtilsPerformanceTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/utils/XMLUtilsPerformanceTest.java?rev=1872537&r1=1872536&r2=1872537&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/utils/XMLUtilsPerformanceTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/utils/XMLUtilsPerformanceTest.java Thu Jan 9 13:39:25 2020
@@ -18,7 +18,10 @@
*/
package org.apache.xml.security.test.dom.utils;
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
import java.io.StringReader;
+import java.nio.charset.StandardCharsets;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
@@ -39,8 +42,8 @@ public class XMLUtilsPerformanceTest ext
@BenchmarkOptions(callgc = false, benchmarkRounds = 100000, warmupRounds = 100)
@Test
public void testXMLUtils() throws Exception {
- InputSource inputSource = new InputSource(new StringReader("<xml>123</xml>"));
- XMLUtils.read(inputSource, false);
+ InputStream inputStream = new ByteArrayInputStream("<xml>123</xml>".getBytes(StandardCharsets.UTF_8));
+ XMLUtils.read(inputStream, false);
}
@BenchmarkOptions(callgc = false, benchmarkRounds = 100000, warmupRounds = 100)