Example 11 with XMLSignatureInput
use of org.apache.xml.security.signature.XMLSignatureInput in project santuario-java by apache.
the class TransformBase64Decode method enginePerformTransform.
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, OutputStream os, Transform transformObject) throws IOException, CanonicalizationException, TransformationException {
if (input.isElement()) {
Node el = input.getSubNode();
if (input.getSubNode().getNodeType() == Node.TEXT_NODE) {
el = el.getParentNode();
}
StringBuilder sb = new StringBuilder();
traverseElement((Element) el, sb);
if (os == null) {
byte[] decodedBytes = Base64.getMimeDecoder().decode(sb.toString());
XMLSignatureInput output = new XMLSignatureInput(decodedBytes);
output.setSecureValidation(secureValidation);
return output;
}
byte[] bytes = Base64.getMimeDecoder().decode(sb.toString());
os.write(bytes);
XMLSignatureInput output = new XMLSignatureInput((byte[]) null);
output.setSecureValidation(secureValidation);
output.setOutputStream(os);
return output;
}
if (input.isOctetStream() || input.isNodeSet()) {
if (os == null) {
byte[] base64Bytes = input.getBytes();
byte[] decodedBytes = Base64.getMimeDecoder().decode(base64Bytes);
XMLSignatureInput output = new XMLSignatureInput(decodedBytes);
output.setSecureValidation(secureValidation);
return output;
}
if (input.isByteArray() || input.isNodeSet()) {
byte[] bytes = Base64.getMimeDecoder().decode(input.getBytes());
os.write(bytes);
} else {
byte[] inputBytes = JavaUtils.getBytesFromStream(input.getOctetStreamReal());
byte[] bytes = Base64.getMimeDecoder().decode(inputBytes);
os.write(bytes);
}
XMLSignatureInput output = new XMLSignatureInput((byte[]) null);
output.setSecureValidation(secureValidation);
output.setOutputStream(os);
return output;
}
try {
// Exceptional case there is current not text case testing this(Before it was a
// a common case).
Document doc = XMLUtils.createDocumentBuilder(false, secureValidation).parse(input.getOctetStream());
Element rootNode = doc.getDocumentElement();
StringBuilder sb = new StringBuilder();
traverseElement(rootNode, sb);
byte[] decodedBytes = Base64.getMimeDecoder().decode(sb.toString());
XMLSignatureInput output = new XMLSignatureInput(decodedBytes);
output.setSecureValidation(secureValidation);
return output;
} catch (ParserConfigurationException e) {
throw new TransformationException(e, "c14n.Canonicalizer.Exception");
} catch (SAXException e) {
throw new TransformationException(e, "SAX exception");
}
}
Also used :
TransformationException(org.apache.xml.security.transforms.TransformationException)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Document(org.w3c.dom.Document)
SAXException(org.xml.sax.SAXException)
Example 12 with XMLSignatureInput
use of org.apache.xml.security.signature.XMLSignatureInput in project santuario-java by apache.
the class TransformC14N11 method enginePerformTransform.
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, OutputStream os, Transform transform) throws CanonicalizationException {
Canonicalizer11_OmitComments c14n = new Canonicalizer11_OmitComments();
c14n.setSecureValidation(secureValidation);
if (os != null) {
c14n.setWriter(os);
}
byte[] result = null;
result = c14n.engineCanonicalize(input);
XMLSignatureInput output = new XMLSignatureInput(result);
output.setSecureValidation(secureValidation);
if (os != null) {
output.setOutputStream(os);
}
return output;
}
Also used :
Canonicalizer11_OmitComments(org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments)
XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput)
Example 13 with XMLSignatureInput
use of org.apache.xml.security.signature.XMLSignatureInput in project santuario-java by apache.
the class TransformC14NExclusive method enginePerformTransform.
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, OutputStream os, Transform transformObject) throws CanonicalizationException {
try {
String inclusiveNamespaces = null;
if (transformObject.length(InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES) == 1) {
Element inclusiveElement = XMLUtils.selectNode(transformObject.getElement().getFirstChild(), InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES, 0);
inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement, transformObject.getBaseURI()).getInclusiveNamespaces();
}
Canonicalizer20010315ExclOmitComments c14n = new Canonicalizer20010315ExclOmitComments();
c14n.setSecureValidation(secureValidation);
if (os != null) {
c14n.setWriter(os);
}
byte[] result = c14n.engineCanonicalize(input, inclusiveNamespaces);
XMLSignatureInput output = new XMLSignatureInput(result);
output.setSecureValidation(secureValidation);
if (os != null) {
output.setOutputStream(os);
}
return output;
} catch (XMLSecurityException ex) {
throw new CanonicalizationException(ex);
}
}
Also used :
CanonicalizationException(org.apache.xml.security.c14n.CanonicalizationException)
Element(org.w3c.dom.Element)
InclusiveNamespaces(org.apache.xml.security.transforms.params.InclusiveNamespaces)
XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput)
Canonicalizer20010315ExclOmitComments(org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 14 with XMLSignatureInput
use of org.apache.xml.security.signature.XMLSignatureInput in project santuario-java by apache.
the class TransformC14NWithComments method enginePerformTransform.
/**
* {@inheritDoc}
*/
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, OutputStream os, Transform transformObject) throws CanonicalizationException {
Canonicalizer20010315WithComments c14n = new Canonicalizer20010315WithComments();
c14n.setSecureValidation(secureValidation);
if (os != null) {
c14n.setWriter(os);
}
byte[] result = null;
result = c14n.engineCanonicalize(input);
XMLSignatureInput output = new XMLSignatureInput(result);
output.setSecureValidation(secureValidation);
if (os != null) {
output.setOutputStream(os);
}
return output;
}
Also used :
XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput)
Canonicalizer20010315WithComments(org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments)
Example 15 with XMLSignatureInput
use of org.apache.xml.security.signature.XMLSignatureInput in project santuario-java by apache.
the class TransformXSLT method enginePerformTransform.
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, OutputStream baos, Transform transformObject) throws IOException, TransformationException {
try {
Element transformElement = transformObject.getElement();
Element xsltElement = XMLUtils.selectNode(transformElement.getFirstChild(), XSLTSpecNS, "stylesheet", 0);
if (xsltElement == null) {
Object[] exArgs = { "xslt:stylesheet", "Transform" };
throw new TransformationException("xml.WrongContent", exArgs);
}
TransformerFactory tFactory = TransformerFactory.newInstance();
// Process XSLT stylesheets in a secure manner
tFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
/*
* This transform requires an octet stream as input. If the actual
* input is an XPath node-set, then the signature application should
* attempt to convert it to octets (apply Canonical XML]) as described
* in the Reference Processing Model (section 4.3.3.2).
*/
Source stylesheet;
/*
* This complicated transformation of the stylesheet itself is necessary
* because of the need to get the pure style sheet. If we simply say
* Source stylesheet = new DOMSource(this.xsltElement);
* whereby this.xsltElement is not the rootElement of the Document,
* this causes problems;
* so we convert the stylesheet to byte[] and use this as input stream
*/
{
try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
Transformer transformer = tFactory.newTransformer();
DOMSource source = new DOMSource(xsltElement);
StreamResult result = new StreamResult(os);
transformer.transform(source, result);
stylesheet = new StreamSource(new ByteArrayInputStream(os.toByteArray()));
}
}
Transformer transformer = tFactory.newTransformer(stylesheet);
// implementations.
try {
transformer.setOutputProperty("{http://xml.apache.org/xalan}line-separator", "\n");
} catch (Exception e) {
LOG.warn("Unable to set Xalan line-separator property: " + e.getMessage());
}
try (InputStream is = new ByteArrayInputStream(input.getBytes())) {
Source xmlSource = new StreamSource(is);
if (baos == null) {
try (ByteArrayOutputStream baos1 = new ByteArrayOutputStream()) {
StreamResult outputTarget = new StreamResult(baos1);
transformer.transform(xmlSource, outputTarget);
XMLSignatureInput output = new XMLSignatureInput(baos1.toByteArray());
output.setSecureValidation(secureValidation);
return output;
}
}
StreamResult outputTarget = new StreamResult(baos);
transformer.transform(xmlSource, outputTarget);
}
XMLSignatureInput output = new XMLSignatureInput((byte[]) null);
output.setSecureValidation(secureValidation);
output.setOutputStream(baos);
return output;
} catch (XMLSecurityException ex) {
throw new TransformationException(ex);
} catch (TransformerConfigurationException ex) {
throw new TransformationException(ex);
} catch (TransformerException ex) {
throw new TransformationException(ex);
}
}
Also used :
TransformationException(org.apache.xml.security.transforms.TransformationException)
DOMSource(javax.xml.transform.dom.DOMSource)
TransformerFactory(javax.xml.transform.TransformerFactory)
Transformer(javax.xml.transform.Transformer)
StreamResult(javax.xml.transform.stream.StreamResult)
TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Element(org.w3c.dom.Element)
StreamSource(javax.xml.transform.stream.StreamSource)
XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
DOMSource(javax.xml.transform.dom.DOMSource)
StreamSource(javax.xml.transform.stream.StreamSource)
Source(javax.xml.transform.Source)
TransformerException(javax.xml.transform.TransformerException)
TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException)
IOException(java.io.IOException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
TransformationException(org.apache.xml.security.transforms.TransformationException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
TransformerException(javax.xml.transform.TransformerException)
Aggregations
XMLSignatureInput (org.apache.xml.security.signature.XMLSignatureInput)42
Document (org.w3c.dom.Document)12
Element (org.w3c.dom.Element)12
InputStream (java.io.InputStream)11
ByteArrayInputStream (java.io.ByteArrayInputStream)9
Node (org.w3c.dom.Node)9
ResourceResolverException (org.apache.xml.security.utils.resolver.ResourceResolverException)8
IOException (java.io.IOException)7
Canonicalizer20010315ExclOmitComments (org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments)6
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)6
StringReader (java.io.StringReader)5
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)5
CanonicalizationException (org.apache.xml.security.c14n.CanonicalizationException)5
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
Transforms (org.apache.xml.security.transforms.Transforms)4
InputSource (org.xml.sax.InputSource)4
SAXException (org.xml.sax.SAXException)4
URISyntaxException (java.net.URISyntaxException)3
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
Set (java.util.Set)3
