Examples with ReferenceType org.apache.xml.security.binding.xmldsig.ReferenceType used on opensource projects

Example 1 with ReferenceType

use of org.apache.xml.security.binding.xmldsig.ReferenceType in project santuario-java by apache.

the class AbstractSignatureReferenceVerifyInputProcessor method resolvesResource.

protected List<ReferenceType> resolvesResource(XMLSecStartElement xmlSecStartElement) {
    List<ReferenceType> referenceTypes = Collections.emptyList();
    for (int i = 0; i < sameDocumentReferences.size(); i++) {
        KeyValue<ResourceResolver, ReferenceType> keyValue = sameDocumentReferences.get(i);
        ResourceResolver resolver = keyValue.getKey();
        boolean resourceMatches = false;
        try {
            // A reflection hack to avoid breaking the ResourceResolver interface for SANTUARIO-407.
            Method m = resolver.getClass().getMethod("matches", XMLSecStartElement.class, QName.class);
            if (m != null && (Boolean) m.invoke(resolver, xmlSecStartElement, getSecurityProperties().getIdAttributeNS())) {
                if (referenceTypes == Collections.<ReferenceType>emptyList()) {
                    referenceTypes = new ArrayList<>();
                }
                referenceTypes.add(keyValue.getValue());
                resourceMatches = true;
            }
        } catch (NoSuchMethodException ex) {
        // No need to report this
        } catch (InvocationTargetException ex) {
        // No need to report this
        } catch (IllegalAccessException ex) {
        // No need to report this
        }
        if (!resourceMatches && keyValue.getKey().matches(xmlSecStartElement)) {
            if (referenceTypes == Collections.<ReferenceType>emptyList()) {
                referenceTypes = new ArrayList<>();
            }
            referenceTypes.add(keyValue.getValue());
        }
    }
    return referenceTypes;
}

Example 2 with ReferenceType

use of org.apache.xml.security.binding.xmldsig.ReferenceType in project santuario-java by apache.

the class AbstractSignatureReferenceVerifyInputProcessor method processNextEvent.

@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
    XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
    switch(xmlSecEvent.getEventType()) {
        case XMLStreamConstants.START_ELEMENT:
            XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
            List<ReferenceType> referenceTypes = resolvesResource(xmlSecStartElement);
            if (!referenceTypes.isEmpty()) {
                for (int i = 0; i < referenceTypes.size(); i++) {
                    ReferenceType referenceType = referenceTypes.get(i);
                    if (processedReferences.contains(referenceType)) {
                        throw new XMLSecurityException("signature.Verification.MultipleIDs", new Object[] { referenceType.getURI() });
                    }
                    InternalSignatureReferenceVerifier internalSignatureReferenceVerifier = getSignatureReferenceVerifier(getSecurityProperties(), inputProcessorChain, referenceType, xmlSecStartElement);
                    if (!internalSignatureReferenceVerifier.isFinished()) {
                        internalSignatureReferenceVerifier.processEvent(xmlSecEvent, inputProcessorChain);
                        inputProcessorChain.addProcessor(internalSignatureReferenceVerifier);
                    }
                    processedReferences.add(referenceType);
                    inputProcessorChain.getDocumentContext().setIsInSignedContent(inputProcessorChain.getProcessors().indexOf(internalSignatureReferenceVerifier), internalSignatureReferenceVerifier);
                    processElementPath(internalSignatureReferenceVerifier.getStartElementPath(), inputProcessorChain, internalSignatureReferenceVerifier.getStartElement(), referenceType);
                }
            }
            break;
    }
    return xmlSecEvent;
}