Example 1 with AbstractInputProcessor
use of org.apache.xml.security.stax.ext.AbstractInputProcessor in project santuario-java by apache.
the class XMLSecurityInputProcessor method processNextEvent.
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
// add the buffer processor (for signature) when this processor is called for the first time
if (!decryptOnly && internalBufferProcessor == null) {
internalBufferProcessor = new InternalBufferProcessor(getSecurityProperties());
inputProcessorChain.addProcessor(internalBufferProcessor);
}
XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
switch(xmlSecEvent.getEventType()) {
case XMLStreamConstants.START_ELEMENT:
final XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
if (!decryptOnly && xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
if (signatureElementFound) {
throw new XMLSecurityException("stax.multipleSignaturesNotSupported");
}
signatureElementFound = true;
startIndexForProcessor = internalBufferProcessor.getXmlSecEventList().size() - 1;
} else if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)) {
encryptedDataElementFound = true;
XMLDecryptInputProcessor decryptInputProcessor = new XMLDecryptInputProcessor(getSecurityProperties());
decryptInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
decryptInputProcessor.addAfterProcessor(XMLEventReaderInputProcessor.class.getName());
decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.class.getName());
decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.InternalBufferProcessor.class.getName());
inputProcessorChain.addProcessor(decryptInputProcessor);
if (!decryptOnly) {
final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
// remove the last event (EncryptedData)
xmlSecEventList.pollFirst();
}
// temporary processor to return the EncryptedData element for the DecryptionProcessor
AbstractInputProcessor abstractInputProcessor = new AbstractInputProcessor(getSecurityProperties()) {
@Override
public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
return processNextEvent(inputProcessorChain);
}
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
inputProcessorChain.removeProcessor(this);
return xmlSecStartElement;
}
};
abstractInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
abstractInputProcessor.addBeforeProcessor(decryptInputProcessor);
inputProcessorChain.addProcessor(abstractInputProcessor);
// fetch the next event from the original chain
inputProcessorChain.reset();
xmlSecEvent = inputProcessorChain.processEvent();
// check if the decrypted element is a Signature element
if (!decryptOnly && xmlSecEvent.isStartElement() && xmlSecEvent.asStartElement().getName().equals(XMLSecurityConstants.TAG_dsig_Signature) && !signatureElementFound) {
throw new XMLSecurityException("Internal error");
}
}
break;
case XMLStreamConstants.END_ELEMENT:
XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
// Handle the signature
if (signatureElementFound && xmlSecEndElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
XMLSignatureInputHandler inputHandler = new XMLSignatureInputHandler();
final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
inputHandler.handle(inputProcessorChain, getSecurityProperties(), xmlSecEventList, startIndexForProcessor);
inputProcessorChain.removeProcessor(internalBufferProcessor);
// add the replay processor to the chain...
InternalReplayProcessor internalReplayProcessor = new InternalReplayProcessor(getSecurityProperties(), xmlSecEventList);
internalReplayProcessor.addBeforeProcessor(XMLSignatureReferenceVerifyInputProcessor.class.getName());
inputProcessorChain.addProcessor(internalReplayProcessor);
// ...and let the SignatureVerificationProcessor process the buffered events (enveloped signature).
InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this, false);
while (!xmlSecEventList.isEmpty()) {
subInputProcessorChain.reset();
subInputProcessorChain.processEvent();
}
// copy all processor back to main chain for finalization
inputProcessorChain.getProcessors().clear();
inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());
}
break;
}
return xmlSecEvent;
}
Also used :
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
ArrayDeque(java.util.ArrayDeque)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
InputProcessorChain(org.apache.xml.security.stax.ext.InputProcessorChain)
XMLStreamException(javax.xml.stream.XMLStreamException)
XMLSecEndElement(org.apache.xml.security.stax.ext.stax.XMLSecEndElement)
AbstractInputProcessor(org.apache.xml.security.stax.ext.AbstractInputProcessor)
Aggregations
ArrayDeque (java.util.ArrayDeque)1
XMLStreamException (javax.xml.stream.XMLStreamException)1
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1
AbstractInputProcessor (org.apache.xml.security.stax.ext.AbstractInputProcessor)1
InputProcessorChain (org.apache.xml.security.stax.ext.InputProcessorChain)1
XMLSecEndElement (org.apache.xml.security.stax.ext.stax.XMLSecEndElement)1
XMLSecEvent (org.apache.xml.security.stax.ext.stax.XMLSecEvent)1
XMLSecStartElement (org.apache.xml.security.stax.ext.stax.XMLSecStartElement)1
