Search in sources :

Example 1 with AbstractInputProcessor

use of org.apache.xml.security.stax.ext.AbstractInputProcessor in project santuario-java by apache.

the class XMLSecurityInputProcessor method processNextEvent.

@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
    // add the buffer processor (for signature) when this processor is called for the first time
    if (!decryptOnly && internalBufferProcessor == null) {
        internalBufferProcessor = new InternalBufferProcessor(getSecurityProperties());
        inputProcessorChain.addProcessor(internalBufferProcessor);
    }
    XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
    switch(xmlSecEvent.getEventType()) {
        case XMLStreamConstants.START_ELEMENT:
            final XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
            if (!decryptOnly && xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
                if (signatureElementFound) {
                    throw new XMLSecurityException("stax.multipleSignaturesNotSupported");
                }
                signatureElementFound = true;
                startIndexForProcessor = internalBufferProcessor.getXmlSecEventList().size() - 1;
            } else if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)) {
                encryptedDataElementFound = true;
                XMLDecryptInputProcessor decryptInputProcessor = new XMLDecryptInputProcessor(getSecurityProperties());
                decryptInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
                decryptInputProcessor.addAfterProcessor(XMLEventReaderInputProcessor.class.getName());
                decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.class.getName());
                decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.InternalBufferProcessor.class.getName());
                inputProcessorChain.addProcessor(decryptInputProcessor);
                if (!decryptOnly) {
                    final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
                    // remove the last event (EncryptedData)
                    xmlSecEventList.pollFirst();
                }
                // temporary processor to return the EncryptedData element for the DecryptionProcessor
                AbstractInputProcessor abstractInputProcessor = new AbstractInputProcessor(getSecurityProperties()) {

                    @Override
                    public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
                        return processNextEvent(inputProcessorChain);
                    }

                    @Override
                    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
                        inputProcessorChain.removeProcessor(this);
                        return xmlSecStartElement;
                    }
                };
                abstractInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
                abstractInputProcessor.addBeforeProcessor(decryptInputProcessor);
                inputProcessorChain.addProcessor(abstractInputProcessor);
                // fetch the next event from the original chain
                inputProcessorChain.reset();
                xmlSecEvent = inputProcessorChain.processEvent();
                // check if the decrypted element is a Signature element
                if (!decryptOnly && xmlSecEvent.isStartElement() && xmlSecEvent.asStartElement().getName().equals(XMLSecurityConstants.TAG_dsig_Signature) && !signatureElementFound) {
                    throw new XMLSecurityException("Internal error");
                }
            }
            break;
        case XMLStreamConstants.END_ELEMENT:
            XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
            // Handle the signature
            if (signatureElementFound && xmlSecEndElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
                XMLSignatureInputHandler inputHandler = new XMLSignatureInputHandler();
                final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
                inputHandler.handle(inputProcessorChain, getSecurityProperties(), xmlSecEventList, startIndexForProcessor);
                inputProcessorChain.removeProcessor(internalBufferProcessor);
                // add the replay processor to the chain...
                InternalReplayProcessor internalReplayProcessor = new InternalReplayProcessor(getSecurityProperties(), xmlSecEventList);
                internalReplayProcessor.addBeforeProcessor(XMLSignatureReferenceVerifyInputProcessor.class.getName());
                inputProcessorChain.addProcessor(internalReplayProcessor);
                // ...and let the SignatureVerificationProcessor process the buffered events (enveloped signature).
                InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this, false);
                while (!xmlSecEventList.isEmpty()) {
                    subInputProcessorChain.reset();
                    subInputProcessorChain.processEvent();
                }
                // copy all processor back to main chain for finalization
                inputProcessorChain.getProcessors().clear();
                inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());
            }
            break;
    }
    return xmlSecEvent;
}
Also used : XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) ArrayDeque(java.util.ArrayDeque) XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent) XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement) InputProcessorChain(org.apache.xml.security.stax.ext.InputProcessorChain) XMLStreamException(javax.xml.stream.XMLStreamException) XMLSecEndElement(org.apache.xml.security.stax.ext.stax.XMLSecEndElement) AbstractInputProcessor(org.apache.xml.security.stax.ext.AbstractInputProcessor)

Aggregations

ArrayDeque (java.util.ArrayDeque)1 XMLStreamException (javax.xml.stream.XMLStreamException)1 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1 AbstractInputProcessor (org.apache.xml.security.stax.ext.AbstractInputProcessor)1 InputProcessorChain (org.apache.xml.security.stax.ext.InputProcessorChain)1 XMLSecEndElement (org.apache.xml.security.stax.ext.stax.XMLSecEndElement)1 XMLSecEvent (org.apache.xml.security.stax.ext.stax.XMLSecEvent)1 XMLSecStartElement (org.apache.xml.security.stax.ext.stax.XMLSecStartElement)1