Example 41 with XMLSecEvent
use of org.apache.xml.security.stax.ext.stax.XMLSecEvent in project santuario-java by apache.
the class AbstractSignatureReferenceVerifyInputProcessor method processNextEvent.
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
switch(xmlSecEvent.getEventType()) {
case XMLStreamConstants.START_ELEMENT:
XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
List<ReferenceType> referenceTypes = resolvesResource(xmlSecStartElement);
if (!referenceTypes.isEmpty()) {
for (int i = 0; i < referenceTypes.size(); i++) {
ReferenceType referenceType = referenceTypes.get(i);
if (processedReferences.contains(referenceType)) {
throw new XMLSecurityException("signature.Verification.MultipleIDs", new Object[] { referenceType.getURI() });
}
InternalSignatureReferenceVerifier internalSignatureReferenceVerifier = getSignatureReferenceVerifier(getSecurityProperties(), inputProcessorChain, referenceType, xmlSecStartElement);
if (!internalSignatureReferenceVerifier.isFinished()) {
internalSignatureReferenceVerifier.processEvent(xmlSecEvent, inputProcessorChain);
inputProcessorChain.addProcessor(internalSignatureReferenceVerifier);
}
processedReferences.add(referenceType);
inputProcessorChain.getDocumentContext().setIsInSignedContent(inputProcessorChain.getProcessors().indexOf(internalSignatureReferenceVerifier), internalSignatureReferenceVerifier);
processElementPath(internalSignatureReferenceVerifier.getStartElementPath(), inputProcessorChain, internalSignatureReferenceVerifier.getStartElement(), referenceType);
}
}
break;
}
return xmlSecEvent;
}
Also used :
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
ReferenceType(org.apache.xml.security.binding.xmldsig.ReferenceType)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
Example 42 with XMLSecEvent
use of org.apache.xml.security.stax.ext.stax.XMLSecEvent in project santuario-java by apache.
the class LogInputProcessor method processNextEvent.
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
StringWriter stringWriter = new StringWriter();
xmlSecEvent.writeAsEncodedUnicode(stringWriter);
LOG.trace(stringWriter.toString());
return xmlSecEvent;
}
Also used :
StringWriter(java.io.StringWriter)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
Example 43 with XMLSecEvent
use of org.apache.xml.security.stax.ext.stax.XMLSecEvent in project santuario-java by apache.
the class XMLEncryptedKeyInputHandler method handle.
@Override
public void handle(final InputProcessorChain inputProcessorChain, final XMLSecurityProperties securityProperties, final Deque<XMLSecEvent> eventQueue, final Integer index) throws XMLSecurityException {
@SuppressWarnings("unchecked") final EncryptedKeyType encryptedKeyType = ((JAXBElement<EncryptedKeyType>) parseStructure(eventQueue, index, securityProperties)).getValue();
final XMLSecEvent responsibleXMLSecStartXMLEvent = getResponsibleStartXMLEvent(eventQueue, index);
handle(inputProcessorChain, encryptedKeyType, responsibleXMLSecStartXMLEvent, securityProperties);
}
Also used :
EncryptedKeyType(org.apache.xml.security.binding.xmlenc.EncryptedKeyType)
JAXBElement(javax.xml.bind.JAXBElement)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
Example 44 with XMLSecEvent
use of org.apache.xml.security.stax.ext.stax.XMLSecEvent in project santuario-java by apache.
the class XMLSecurityInputProcessor method processNextEvent.
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
// add the buffer processor (for signature) when this processor is called for the first time
if (!decryptOnly && internalBufferProcessor == null) {
internalBufferProcessor = new InternalBufferProcessor(getSecurityProperties());
inputProcessorChain.addProcessor(internalBufferProcessor);
}
XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
switch(xmlSecEvent.getEventType()) {
case XMLStreamConstants.START_ELEMENT:
final XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
if (!decryptOnly && xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
if (signatureElementFound) {
throw new XMLSecurityException("stax.multipleSignaturesNotSupported");
}
signatureElementFound = true;
startIndexForProcessor = internalBufferProcessor.getXmlSecEventList().size() - 1;
} else if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)) {
encryptedDataElementFound = true;
XMLDecryptInputProcessor decryptInputProcessor = new XMLDecryptInputProcessor(getSecurityProperties());
decryptInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
decryptInputProcessor.addAfterProcessor(XMLEventReaderInputProcessor.class.getName());
decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.class.getName());
decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.InternalBufferProcessor.class.getName());
inputProcessorChain.addProcessor(decryptInputProcessor);
if (!decryptOnly) {
final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
// remove the last event (EncryptedData)
xmlSecEventList.pollFirst();
}
// temporary processor to return the EncryptedData element for the DecryptionProcessor
AbstractInputProcessor abstractInputProcessor = new AbstractInputProcessor(getSecurityProperties()) {
@Override
public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
return processNextEvent(inputProcessorChain);
}
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
inputProcessorChain.removeProcessor(this);
return xmlSecStartElement;
}
};
abstractInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
abstractInputProcessor.addBeforeProcessor(decryptInputProcessor);
inputProcessorChain.addProcessor(abstractInputProcessor);
// fetch the next event from the original chain
inputProcessorChain.reset();
xmlSecEvent = inputProcessorChain.processEvent();
// check if the decrypted element is a Signature element
if (!decryptOnly && xmlSecEvent.isStartElement() && xmlSecEvent.asStartElement().getName().equals(XMLSecurityConstants.TAG_dsig_Signature) && !signatureElementFound) {
throw new XMLSecurityException("Internal error");
}
}
break;
case XMLStreamConstants.END_ELEMENT:
XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
// Handle the signature
if (signatureElementFound && xmlSecEndElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
XMLSignatureInputHandler inputHandler = new XMLSignatureInputHandler();
final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
inputHandler.handle(inputProcessorChain, getSecurityProperties(), xmlSecEventList, startIndexForProcessor);
inputProcessorChain.removeProcessor(internalBufferProcessor);
// add the replay processor to the chain...
InternalReplayProcessor internalReplayProcessor = new InternalReplayProcessor(getSecurityProperties(), xmlSecEventList);
internalReplayProcessor.addBeforeProcessor(XMLSignatureReferenceVerifyInputProcessor.class.getName());
inputProcessorChain.addProcessor(internalReplayProcessor);
// ...and let the SignatureVerificationProcessor process the buffered events (enveloped signature).
InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this, false);
while (!xmlSecEventList.isEmpty()) {
subInputProcessorChain.reset();
subInputProcessorChain.processEvent();
}
// copy all processor back to main chain for finalization
inputProcessorChain.getProcessors().clear();
inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());
}
break;
}
return xmlSecEvent;
}
Also used :
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
ArrayDeque(java.util.ArrayDeque)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
InputProcessorChain(org.apache.xml.security.stax.ext.InputProcessorChain)
XMLStreamException(javax.xml.stream.XMLStreamException)
XMLSecEndElement(org.apache.xml.security.stax.ext.stax.XMLSecEndElement)
AbstractInputProcessor(org.apache.xml.security.stax.ext.AbstractInputProcessor)
Example 45 with XMLSecEvent
use of org.apache.xml.security.stax.ext.stax.XMLSecEvent in project santuario-java by apache.
the class XMLSecurityStreamReader method getNamespacePrefix.
@SuppressWarnings("unchecked")
@Override
public String getNamespacePrefix(int index) {
XMLSecEvent xmlSecEvent = getCurrentEvent();
switch(xmlSecEvent.getEventType()) {
case START_ELEMENT:
return xmlSecEvent.asStartElement().getOnElementDeclaredNamespaces().get(index).getPrefix();
case END_ELEMENT:
int count = 0;
Iterator<Namespace> namespaceIterator = xmlSecEvent.asEndElement().getNamespaces();
while (namespaceIterator.hasNext()) {
Namespace namespace = namespaceIterator.next();
if (count == index) {
return namespace.getPrefix();
}
count++;
}
throw new ArrayIndexOutOfBoundsException(index);
default:
throw new IllegalStateException(ERR_STATE_NOT_ELEM);
}
}
Also used :
Namespace(javax.xml.stream.events.Namespace)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
Aggregations
XMLSecEvent (org.apache.xml.security.stax.ext.stax.XMLSecEvent)46
ByteArrayOutputStream (java.io.ByteArrayOutputStream)25
Test (org.junit.Test)25
XMLEventReader (javax.xml.stream.XMLEventReader)22
XMLSecurityConstants (org.apache.xml.security.stax.ext.XMLSecurityConstants)16
InputStream (java.io.InputStream)15
OutputStream (java.io.OutputStream)14
Map (java.util.Map)14
QName (javax.xml.namespace.QName)14
Transformer (org.apache.xml.security.stax.ext.Transformer)14
IOException (java.io.IOException)10
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)9
XMLStreamException (javax.xml.stream.XMLStreamException)6
Canonicalizer20010315_OmitCommentsTransformer (org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_OmitCommentsTransformer)6
ArrayList (java.util.ArrayList)5
TransformBase64Decode (org.apache.xml.security.stax.impl.transformer.TransformBase64Decode)5
TransformIdentity (org.apache.xml.security.stax.impl.transformer.TransformIdentity)5
XMLStreamReader (javax.xml.stream.XMLStreamReader)4
Canonicalizer20010315_WithCommentsTransformer (org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_WithCommentsTransformer)4
UnixInputStream (org.apache.xml.security.test.stax.utils.UnixInputStream)4
