Examples with ValidationFailedHandler - org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler

Example 1 with ValidationFailedHandler

use of org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler in project camel by apache.

the class XmlVerifierProcessor method handleSignatureValidationFailed.

@SuppressWarnings("unchecked")
protected boolean handleSignatureValidationFailed(DOMValidateContext valContext, XMLSignature signature) throws Exception {
    //NOPMD
    ValidationFailedHandler handler = getConfiguration().getValidationFailedHandler();
    LOG.debug("handleSignatureValidationFailed called");
    try {
        handler.start();
        // first check signature value, see
        // https://www.isecpartners.com/media/12012/XMLDSIG_Command_Injection.pdf
        SignatureValue sigValue = signature.getSignatureValue();
        boolean sv = sigValue.validate(valContext);
        if (!sv) {
            handler.signatureValueValidationFailed(sigValue);
        }
        // check the validation status of each Reference
        for (Reference ref : (List<Reference>) signature.getSignedInfo().getReferences()) {
            boolean refValid = ref.validate(valContext);
            if (!refValid) {
                handler.referenceValidationFailed(ref);
            }
        }
        // validate Manifests, if property set
        if (Boolean.TRUE.equals(valContext.getProperty("org.jcp.xml.dsig.validateManifests"))) {
            for (XMLObject xo : (List<XMLObject>) signature.getObjects()) {
                List<XMLStructure> content = xo.getContent();
                for (XMLStructure xs : content) {
                    if (xs instanceof Manifest) {
                        Manifest man = (Manifest) xs;
                        for (Reference ref : (List<Reference>) man.getReferences()) {
                            boolean refValid = ref.validate(valContext);
                            if (!refValid) {
                                handler.manifestReferenceValidationFailed(ref);
                            }
                        }
                    }
                }
            }
        }
        boolean goon = handler.ignoreCoreValidationFailure();
        LOG.debug("Ignore Core Validation failure: {}", goon);
        return goon;
    } finally {
        handler.end();
    }
}

Also used : ValidationFailedHandler(org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler) SignatureValue(javax.xml.crypto.dsig.XMLSignature.SignatureValue) Reference(javax.xml.crypto.dsig.Reference) XMLObject(javax.xml.crypto.dsig.XMLObject) ArrayList(java.util.ArrayList) NodeList(org.w3c.dom.NodeList) List(java.util.List) XMLStructure(javax.xml.crypto.XMLStructure) Manifest(javax.xml.crypto.dsig.Manifest)

Aggregations

ArrayList (java.util.ArrayList)1 List (java.util.List)1 XMLStructure (javax.xml.crypto.XMLStructure)1 Manifest (javax.xml.crypto.dsig.Manifest)1 Reference (javax.xml.crypto.dsig.Reference)1 XMLObject (javax.xml.crypto.dsig.XMLObject)1 SignatureValue (javax.xml.crypto.dsig.XMLSignature.SignatureValue)1 ValidationFailedHandler (org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler)1 NodeList (org.w3c.dom.NodeList)1