Example 6 with XMLSecStartElement
use of org.apache.xml.security.stax.ext.stax.XMLSecStartElement in project santuario-java by apache.
the class XMLSecurityInputProcessor method processNextEvent.
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
// add the buffer processor (for signature) when this processor is called for the first time
if (!decryptOnly && internalBufferProcessor == null) {
internalBufferProcessor = new InternalBufferProcessor(getSecurityProperties());
inputProcessorChain.addProcessor(internalBufferProcessor);
}
XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
switch(xmlSecEvent.getEventType()) {
case XMLStreamConstants.START_ELEMENT:
final XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
if (!decryptOnly && xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
if (signatureElementFound) {
throw new XMLSecurityException("stax.multipleSignaturesNotSupported");
}
signatureElementFound = true;
startIndexForProcessor = internalBufferProcessor.getXmlSecEventList().size() - 1;
} else if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)) {
encryptedDataElementFound = true;
XMLDecryptInputProcessor decryptInputProcessor = new XMLDecryptInputProcessor(getSecurityProperties());
decryptInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
decryptInputProcessor.addAfterProcessor(XMLEventReaderInputProcessor.class.getName());
decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.class.getName());
decryptInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.InternalBufferProcessor.class.getName());
inputProcessorChain.addProcessor(decryptInputProcessor);
if (!decryptOnly) {
final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
// remove the last event (EncryptedData)
xmlSecEventList.pollFirst();
}
// temporary processor to return the EncryptedData element for the DecryptionProcessor
AbstractInputProcessor abstractInputProcessor = new AbstractInputProcessor(getSecurityProperties()) {
@Override
public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
return processNextEvent(inputProcessorChain);
}
@Override
public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
inputProcessorChain.removeProcessor(this);
return xmlSecStartElement;
}
};
abstractInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
abstractInputProcessor.addBeforeProcessor(decryptInputProcessor);
inputProcessorChain.addProcessor(abstractInputProcessor);
// fetch the next event from the original chain
inputProcessorChain.reset();
xmlSecEvent = inputProcessorChain.processEvent();
// check if the decrypted element is a Signature element
if (!decryptOnly && xmlSecEvent.isStartElement() && xmlSecEvent.asStartElement().getName().equals(XMLSecurityConstants.TAG_dsig_Signature) && !signatureElementFound) {
throw new XMLSecurityException("Internal error");
}
}
break;
case XMLStreamConstants.END_ELEMENT:
XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
// Handle the signature
if (signatureElementFound && xmlSecEndElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
XMLSignatureInputHandler inputHandler = new XMLSignatureInputHandler();
final ArrayDeque<XMLSecEvent> xmlSecEventList = internalBufferProcessor.getXmlSecEventList();
inputHandler.handle(inputProcessorChain, getSecurityProperties(), xmlSecEventList, startIndexForProcessor);
inputProcessorChain.removeProcessor(internalBufferProcessor);
// add the replay processor to the chain...
InternalReplayProcessor internalReplayProcessor = new InternalReplayProcessor(getSecurityProperties(), xmlSecEventList);
internalReplayProcessor.addBeforeProcessor(XMLSignatureReferenceVerifyInputProcessor.class.getName());
inputProcessorChain.addProcessor(internalReplayProcessor);
// ...and let the SignatureVerificationProcessor process the buffered events (enveloped signature).
InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this, false);
while (!xmlSecEventList.isEmpty()) {
subInputProcessorChain.reset();
subInputProcessorChain.processEvent();
}
// copy all processor back to main chain for finalization
inputProcessorChain.getProcessors().clear();
inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());
}
break;
}
return xmlSecEvent;
}
Also used :
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
ArrayDeque(java.util.ArrayDeque)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
InputProcessorChain(org.apache.xml.security.stax.ext.InputProcessorChain)
XMLStreamException(javax.xml.stream.XMLStreamException)
XMLSecEndElement(org.apache.xml.security.stax.ext.stax.XMLSecEndElement)
AbstractInputProcessor(org.apache.xml.security.stax.ext.AbstractInputProcessor)
Example 7 with XMLSecStartElement
use of org.apache.xml.security.stax.ext.stax.XMLSecStartElement in project santuario-java by apache.
the class XMLEncryptOutputProcessor method processEvent.
@Override
public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
if (xmlSecEvent.getEventType() == XMLStreamConstants.START_ELEMENT) {
XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
// avoid double encryption when child elements matches too
if (getActiveInternalEncryptionOutputProcessor() == null) {
SecurePart securePart = securePartMatches(xmlSecStartElement, outputProcessorChain, XMLSecurityConstants.ENCRYPTION_PARTS);
if (securePart != null) {
LOG.debug("Matched encryptionPart for encryption");
String tokenId = outputProcessorChain.getSecurityContext().get(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
final OutboundSecurityToken securityToken = securityTokenProvider.getSecurityToken();
EncryptionPartDef encryptionPartDef = new EncryptionPartDef();
encryptionPartDef.setSecurePart(securePart);
encryptionPartDef.setModifier(securePart.getModifier());
encryptionPartDef.setEncRefId(IDGenerator.generateID(null));
encryptionPartDef.setKeyId(securityTokenProvider.getId());
encryptionPartDef.setSymmetricKey(securityToken.getSecretKey(getSecurityProperties().getEncryptionSymAlgorithm()));
outputProcessorChain.getSecurityContext().putAsList(EncryptionPartDef.class, encryptionPartDef);
AbstractInternalEncryptionOutputProcessor internalEncryptionOutputProcessor = createInternalEncryptionOutputProcessor(encryptionPartDef, xmlSecStartElement, outputProcessorChain.getDocumentContext().getEncoding(), (OutboundSecurityToken) securityToken.getKeyWrappingToken());
internalEncryptionOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
internalEncryptionOutputProcessor.setAction(getAction());
internalEncryptionOutputProcessor.init(outputProcessorChain);
setActiveInternalEncryptionOutputProcessor(internalEncryptionOutputProcessor);
}
}
}
outputProcessorChain.processEvent(xmlSecEvent);
}
Also used :
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
EncryptionPartDef(org.apache.xml.security.stax.impl.EncryptionPartDef)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
Example 8 with XMLSecStartElement
use of org.apache.xml.security.stax.ext.stax.XMLSecStartElement in project santuario-java by apache.
the class AbstractOutputProcessor method createStartElementAndOutputAsEvent.
public void createStartElementAndOutputAsEvent(OutputProcessorChain outputProcessorChain, QName element, List<XMLSecNamespace> namespaces, List<XMLSecAttribute> attributes) throws XMLStreamException, XMLSecurityException {
XMLSecStartElement xmlSecStartElement = XMLSecEventFactory.createXmlSecStartElement(element, attributes, namespaces);
outputAsEvent(outputProcessorChain, xmlSecStartElement);
}
Also used :
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
Example 9 with XMLSecStartElement
use of org.apache.xml.security.stax.ext.stax.XMLSecStartElement in project santuario-java by apache.
the class XMLSecurityUtils method getExcC14NInclusiveNamespacePrefixes.
public static Set<String> getExcC14NInclusiveNamespacePrefixes(XMLSecStartElement xmlSecStartElement, boolean excludeVisible) {
if (xmlSecStartElement == null) {
return Collections.emptySet();
}
Set<String> prefixes = new TreeSet<>();
XMLSecStartElement parentXMXmlSecStartElement = xmlSecStartElement.getParentXMLSecStartElement();
if (parentXMXmlSecStartElement != null) {
List<XMLSecNamespace> onElementDeclaredNamespaces = parentXMXmlSecStartElement.getOnElementDeclaredNamespaces();
List<XMLSecNamespace> xmlSecNamespaces = new ArrayList<>();
parentXMXmlSecStartElement.getNamespacesFromCurrentScope(xmlSecNamespaces);
xmlSecNamespaces = xmlSecNamespaces.subList(0, xmlSecNamespaces.size() - onElementDeclaredNamespaces.size());
// reverse iteration -> From current element namespaces to parent namespaces
for (int i = xmlSecNamespaces.size() - 1; i >= 0; i--) {
XMLSecNamespace xmlSecNamespace = xmlSecNamespaces.get(i);
String prefix = xmlSecNamespace.getPrefix();
if (prefix == null || prefix.isEmpty()) {
prefixes.add("#default");
} else {
prefixes.add(xmlSecNamespace.getPrefix());
}
}
if (excludeVisible) {
for (int i = 0; i < onElementDeclaredNamespaces.size(); i++) {
XMLSecNamespace xmlSecNamespace = onElementDeclaredNamespaces.get(i);
String prefix = xmlSecNamespace.getPrefix();
if (prefix == null || prefix.isEmpty()) {
prefixes.remove("#default");
} else {
prefixes.remove(prefix);
}
}
if (xmlSecStartElement.getName().getPrefix() == null || xmlSecStartElement.getName().getPrefix().isEmpty()) {
prefixes.remove("#default");
} else {
prefixes.remove(xmlSecStartElement.getName().getPrefix());
}
}
}
return prefixes;
}
Also used :
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
XMLSecNamespace(org.apache.xml.security.stax.ext.stax.XMLSecNamespace)
Example 10 with XMLSecStartElement
use of org.apache.xml.security.stax.ext.stax.XMLSecStartElement in project santuario-java by apache.
the class TransformEnvelopedSignature method transform.
@Override
public void transform(XMLSecEvent xmlSecEvent) throws XMLStreamException {
switch(xmlSecEvent.getEventType()) {
case XMLStreamConstants.START_ELEMENT:
curLevel++;
XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
if (XMLSecurityConstants.TAG_dsig_Signature.equals(xmlSecStartElement.getName())) {
sigElementLevel = curLevel;
return;
}
break;
case XMLStreamConstants.END_ELEMENT:
XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
if (sigElementLevel == curLevel && XMLSecurityConstants.TAG_dsig_Signature.equals(xmlSecEndElement.getName())) {
sigElementLevel = -1;
return;
}
curLevel--;
}
if (sigElementLevel == -1) {
super.transform(xmlSecEvent);
}
}
Also used :
XMLSecStartElement(org.apache.xml.security.stax.ext.stax.XMLSecStartElement)
XMLSecEndElement(org.apache.xml.security.stax.ext.stax.XMLSecEndElement)
Aggregations
XMLSecStartElement (org.apache.xml.security.stax.ext.stax.XMLSecStartElement)10
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)4
XMLSecAttribute (org.apache.xml.security.stax.ext.stax.XMLSecAttribute)3
XMLSecEvent (org.apache.xml.security.stax.ext.stax.XMLSecEvent)3
Key (java.security.Key)2
XMLSecEndElement (org.apache.xml.security.stax.ext.stax.XMLSecEndElement)2
XMLSecNamespace (org.apache.xml.security.stax.ext.stax.XMLSecNamespace)2
SignaturePartDef (org.apache.xml.security.stax.impl.SignaturePartDef)2
OutboundSecurityToken (org.apache.xml.security.stax.securityToken.OutboundSecurityToken)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
NoSuchProviderException (java.security.NoSuchProviderException)1
ArrayDeque (java.util.ArrayDeque)1
ArrayList (java.util.ArrayList)1
QName (javax.xml.namespace.QName)1
XMLStreamException (javax.xml.stream.XMLStreamException)1
XMLStreamReader (javax.xml.stream.XMLStreamReader)1
Attribute (javax.xml.stream.events.Attribute)1
ReferenceType (org.apache.xml.security.binding.xmldsig.ReferenceType)1
EncryptedDataType (org.apache.xml.security.binding.xmlenc.EncryptedDataType)1
ReferenceType (org.apache.xml.security.binding.xmlenc.ReferenceType)1
