You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2016/10/20 11:35:43 UTC
svn commit: r1765803 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/signature/Reference.java
test/java/org/apache/xml/security/test/dom/secure_val/ForbiddenAlgorithmTest.java
Author: coheigea
Date: Thu Oct 20 11:35:43 2016
New Revision: 1765803
URL: http://svn.apache.org/viewvc?rev=1765803&view=rev
Log:
More refactoring
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/Reference.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/secure_val/ForbiddenAlgorithmTest.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/Reference.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/Reference.java?rev=1765803&r1=1765802&r2=1765803&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/Reference.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/Reference.java Thu Oct 20 11:35:43 2016
@@ -708,16 +708,15 @@ public class Reference extends Signature
private byte[] calculateDigest(boolean validating)
throws ReferenceNotInitializedException, XMLSignatureException {
XMLSignatureInput input = this.getContentsBeforeTransformation();
- if(input.isPreCalculatedDigest()) {
+ if (input.isPreCalculatedDigest()) {
return getPreCalculatedDigest(input);
}
- OutputStream os = null;
- try {
- MessageDigestAlgorithm mda = this.getMessageDigestAlgorithm();
-
- mda.reset();
- DigesterOutputStream diOs = new DigesterOutputStream(mda);
- os = new UnsyncBufferedOutputStream(diOs);
+
+ MessageDigestAlgorithm mda = this.getMessageDigestAlgorithm();
+ mda.reset();
+
+ try (DigesterOutputStream diOs = new DigesterOutputStream(mda);
+ OutputStream os = new UnsyncBufferedOutputStream(diOs)) {
XMLSignatureInput output = this.dereferenceURIandPerformTransforms(os);
// if signing and c14n11 property == true explicitly add
// C14N11 transform if needed
@@ -747,14 +746,6 @@ public class Reference extends Signature
throw new ReferenceNotInitializedException(ex);
} catch (IOException ex) {
throw new ReferenceNotInitializedException(ex);
- } finally {
- if (os != null) {
- try {
- os.close();
- } catch (IOException ex) {
- throw new ReferenceNotInitializedException(ex);
- }
- }
}
}
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/secure_val/ForbiddenAlgorithmTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/secure_val/ForbiddenAlgorithmTest.java?rev=1765803&r1=1765802&r2=1765803&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/secure_val/ForbiddenAlgorithmTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/secure_val/ForbiddenAlgorithmTest.java Thu Oct 20 11:35:43 2016
@@ -55,7 +55,9 @@ public class ForbiddenAlgorithmTest exte
readAndVerifySignature("src/test/resources/interop/c14n/Y2", "signature-joseph-exc.xml", true);
fail("Failure expected when secure validation is enabled");
} catch (XMLSignatureException ex) {
- assertTrue(ex.getMessage().contains("no XMLSignatureInput"));
+ String error = "It is forbidden to use algorithm http://www.w3.org/2001/04/xmldsig-more#md5 "
+ + "when secure validation is enabled";
+ assertTrue(ex.getMessage().equals(error));
}
}