Search in sources :

Example 41 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class AbstractPerformanceTest method doDOMSignatureOutbound.

protected void doDOMSignatureOutbound(File file, int tagCount) throws Exception {
    Document document = XMLUtils.read(new FileInputStream(file), false);
    XMLSignature sig = new XMLSignature(document, "", "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
    Element root = document.getDocumentElement();
    root.insertBefore(sig.getElement(), root.getFirstChild());
    Transforms transforms = new Transforms(document);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
    sig.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
    sig.sign(key);
    sig.addKeyInfo(cert);
    XMLUtils.outputDOM(document, new BufferedOutputStream(new FileOutputStream(new File(getTmpFilePath(), "signature-dom-" + tagCount + ".xml"))));
}
Also used : XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) FileOutputStream(java.io.FileOutputStream) Document(org.w3c.dom.Document) BufferedOutputStream(java.io.BufferedOutputStream) File(java.io.File) FileInputStream(java.io.FileInputStream)

Example 42 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class RetrievalMethodResolver method resolveInput.

/**
 * Resolves the input from the given retrieval method
 * @return the input from the given retrieval method
 * @throws XMLSecurityException
 */
private static XMLSignatureInput resolveInput(RetrievalMethod rm, String baseURI, boolean secureValidation) throws XMLSecurityException {
    Attr uri = rm.getURIAttr();
    // Apply the transforms
    Transforms transforms = rm.getTransforms();
    ResourceResolverContext resContext = new ResourceResolverContext(uri, baseURI, secureValidation);
    XMLSignatureInput resource = ResourceResolver.resolve(resContext);
    if (transforms != null) {
        LOG.debug("We have Transforms");
        resource = transforms.performTransforms(resource);
    }
    return resource;
}
Also used : Transforms(org.apache.xml.security.transforms.Transforms) ResourceResolverContext(org.apache.xml.security.utils.resolver.ResourceResolverContext) XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput) Attr(org.w3c.dom.Attr)

Example 43 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class Reference method getContentsAfterTransformation.

private XMLSignatureInput getContentsAfterTransformation(XMLSignatureInput input, OutputStream os) throws XMLSignatureException {
    try {
        Transforms transforms = this.getTransforms();
        XMLSignatureInput output = null;
        if (transforms != null) {
            output = transforms.performTransforms(input, os);
            // new XMLSignatureInput(output.getBytes());
            this.transformsOutput = output;
        // this.transformsOutput.setSourceURI(output.getSourceURI());
        } else {
            output = input;
        }
        return output;
    } catch (XMLSecurityException ex) {
        throw new XMLSignatureException(ex);
    }
}
Also used : Transforms(org.apache.xml.security.transforms.Transforms) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)

Example 44 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class Reference method getHTMLRepresentation.

/**
 * Method getHTMLRepresentation
 * @return The HTML of the transformation
 * @throws XMLSignatureException
 */
public String getHTMLRepresentation() throws XMLSignatureException {
    try {
        XMLSignatureInput nodes = this.getNodesetBeforeFirstCanonicalization();
        Transforms transforms = this.getTransforms();
        Transform c14nTransform = null;
        if (transforms != null) {
            for (int i = 0; i < transforms.getLength(); i++) {
                Transform t = transforms.item(i);
                String uri = t.getURI();
                if (uri.equals(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS) || uri.equals(Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS)) {
                    c14nTransform = t;
                    break;
                }
            }
        }
        Set<String> inclusiveNamespaces = new HashSet<>();
        if (c14nTransform != null && c14nTransform.length(InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES) == 1) {
            // there is one InclusiveNamespaces element
            InclusiveNamespaces in = new InclusiveNamespaces(XMLUtils.selectNode(c14nTransform.getElement().getFirstChild(), InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES, 0), this.getBaseURI());
            inclusiveNamespaces = InclusiveNamespaces.prefixStr2Set(in.getInclusiveNamespaces());
        }
        return nodes.getHTMLRepresentation(inclusiveNamespaces);
    } catch (XMLSecurityException ex) {
        throw new XMLSignatureException(ex);
    }
}
Also used : Transforms(org.apache.xml.security.transforms.Transforms) InclusiveNamespaces(org.apache.xml.security.transforms.params.InclusiveNamespaces) Transform(org.apache.xml.security.transforms.Transform) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) HashSet(java.util.HashSet)

Example 45 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class Reference method calculateDigest.

/**
 * Method calculateDigest
 *
 * @param validating true if validating the reference
 * @return reference Calculate the digest of this reference.
 * @throws ReferenceNotInitializedException
 * @throws XMLSignatureException
 */
private byte[] calculateDigest(boolean validating) throws ReferenceNotInitializedException, XMLSignatureException {
    XMLSignatureInput input = this.getContentsBeforeTransformation();
    if (input.isPreCalculatedDigest()) {
        return getPreCalculatedDigest(input);
    }
    cacheDereferencedElement(input);
    MessageDigestAlgorithm mda = this.getMessageDigestAlgorithm();
    mda.reset();
    try (DigesterOutputStream diOs = new DigesterOutputStream(mda);
        OutputStream os = new UnsyncBufferedOutputStream(diOs)) {
        XMLSignatureInput output = this.getContentsAfterTransformation(input, os);
        this.transformsOutput = output;
        // C14N11 transform if needed
        if (Reference.useC14N11 && !validating && !output.isOutputStreamSet() && !output.isOctetStream()) {
            if (transforms == null) {
                transforms = new Transforms(getDocument());
                transforms.setSecureValidation(secureValidation);
                getElement().insertBefore(transforms.getElement(), digestMethodElem);
            }
            transforms.addTransform(Transforms.TRANSFORM_C14N11_OMIT_COMMENTS);
            output.updateOutputStream(os, true);
        } else {
            output.updateOutputStream(os);
        }
        os.flush();
        if (output.getOctetStreamReal() != null) {
            output.getOctetStreamReal().close();
        }
        return diOs.getDigestValue();
    } catch (XMLSecurityException | IOException ex) {
        throw new ReferenceNotInitializedException(ex);
    }
}
Also used : DigesterOutputStream(org.apache.xml.security.utils.DigesterOutputStream) OutputStream(java.io.OutputStream) UnsyncBufferedOutputStream(org.apache.xml.security.utils.UnsyncBufferedOutputStream) Transforms(org.apache.xml.security.transforms.Transforms) MessageDigestAlgorithm(org.apache.xml.security.algorithms.MessageDigestAlgorithm) DigesterOutputStream(org.apache.xml.security.utils.DigesterOutputStream) IOException(java.io.IOException) UnsyncBufferedOutputStream(org.apache.xml.security.utils.UnsyncBufferedOutputStream) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)

Aggregations

Transforms (org.apache.xml.security.transforms.Transforms)94 XMLSignature (org.apache.xml.security.signature.XMLSignature)66 Element (org.w3c.dom.Element)57 Document (org.w3c.dom.Document)45 XPath (javax.xml.xpath.XPath)24 XPathFactory (javax.xml.xpath.XPathFactory)23 ByteArrayOutputStream (java.io.ByteArrayOutputStream)22 DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)22 PrivateKey (java.security.PrivateKey)20 InputStream (java.io.InputStream)17 ByteArrayInputStream (java.io.ByteArrayInputStream)16 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)15 NodeList (org.w3c.dom.NodeList)14 SignatureAlgorithm (org.apache.xml.security.algorithms.SignatureAlgorithm)13 ObjectContainer (org.apache.xml.security.signature.ObjectContainer)13 FileInputStream (java.io.FileInputStream)12 XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)10 XPathContainer (org.apache.xml.security.transforms.params.XPathContainer)10 KeyStore (java.security.KeyStore)9 X509Certificate (java.security.cert.X509Certificate)8