Example 1 with UnsyncByteArrayInputStream
use of org.apache.xml.security.utils.UnsyncByteArrayInputStream in project santuario-java by apache.
the class AbstractDecryptInputProcessor method writeWrapperStartElement.
private InputStream writeWrapperStartElement(XMLSecStartElement xmlSecStartElement) throws IOException {
// temporary writer to write the dummy wrapper element with all namespaces in the current scope
// spec says (4.2): "The cleartext octet sequence obtained in step 3 is interpreted as UTF-8 encoded character data."
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.append('<');
stringBuilder.append(wrapperElementName.getPrefix());
stringBuilder.append(':');
stringBuilder.append(wrapperElementName.getLocalPart());
stringBuilder.append(' ');
stringBuilder.append("xmlns:");
stringBuilder.append(wrapperElementName.getPrefix());
stringBuilder.append("=\"");
stringBuilder.append(wrapperElementName.getNamespaceURI());
stringBuilder.append('\"');
// apply all namespaces from current scope to get a valid documentfragment:
List<XMLSecNamespace> comparableNamespacesToApply = new ArrayList<>();
List<XMLSecNamespace> comparableNamespaceList = new ArrayList<>();
xmlSecStartElement.getNamespacesFromCurrentScope(comparableNamespaceList);
// reverse iteration -> From current element namespaces to parent namespaces
for (int i = comparableNamespaceList.size() - 1; i >= 0; i--) {
XMLSecNamespace comparableNamespace = comparableNamespaceList.get(i);
if (!comparableNamespacesToApply.contains(comparableNamespace)) {
comparableNamespacesToApply.add(comparableNamespace);
stringBuilder.append(' ');
String prefix = comparableNamespace.getPrefix();
String uri = comparableNamespace.getNamespaceURI();
if (prefix == null || prefix.isEmpty()) {
stringBuilder.append("xmlns=\"");
stringBuilder.append(uri);
stringBuilder.append("\"");
} else {
stringBuilder.append("xmlns:");
stringBuilder.append(prefix);
stringBuilder.append("=\"");
stringBuilder.append(uri);
stringBuilder.append("\"");
}
}
}
stringBuilder.append('>');
return new UnsyncByteArrayInputStream(stringBuilder.toString().getBytes(StandardCharsets.UTF_8));
}
Also used :
XMLSecNamespace(org.apache.xml.security.stax.ext.stax.XMLSecNamespace)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
Example 2 with UnsyncByteArrayInputStream
use of org.apache.xml.security.utils.UnsyncByteArrayInputStream in project santuario-java by apache.
the class TransformBase64Decode method transform.
@Override
public void transform(XMLSecEvent xmlSecEvent) throws XMLStreamException {
int eventType = xmlSecEvent.getEventType();
switch(eventType) {
case XMLStreamConstants.CHARACTERS:
if (getOutputStream() != null) {
// encoding shouldn't matter here, because the data is Base64 encoded and is therefore in the ASCII range.
try {
getOutputStream().write(xmlSecEvent.asCharacters().getData().getBytes());
} catch (IOException e) {
throw new XMLStreamException(e);
}
} else {
// we have a child transformer
if (childOutputMethod == null) {
final XMLSecurityConstants.TransformMethod preferredChildTransformMethod = getTransformer().getPreferredTransformMethod(XMLSecurityConstants.TransformMethod.XMLSecEvent);
switch(preferredChildTransformMethod) {
case XMLSecEvent:
{
childOutputMethod = new ChildOutputMethod() {
private UnsyncByteArrayOutputStream byteArrayOutputStream;
private Base64OutputStream base64OutputStream;
@Override
public void transform(Object object) throws XMLStreamException {
if (base64OutputStream == null) {
byteArrayOutputStream = new UnsyncByteArrayOutputStream();
base64OutputStream = new Base64OutputStream(byteArrayOutputStream, false);
}
try {
base64OutputStream.write((byte[]) object);
} catch (IOException e) {
throw new XMLStreamException(e);
}
}
@Override
public void doFinal() throws XMLStreamException {
try {
base64OutputStream.close();
} catch (IOException e) {
throw new XMLStreamException(e);
}
try (InputStream is = new UnsyncByteArrayInputStream(byteArrayOutputStream.toByteArray())) {
XMLEventReaderInputProcessor xmlEventReaderInputProcessor = new XMLEventReaderInputProcessor(null, getXmlInputFactory().createXMLStreamReader(is));
XMLSecEvent xmlSecEvent;
do {
xmlSecEvent = xmlEventReaderInputProcessor.processNextEvent(null);
getTransformer().transform(xmlSecEvent);
} while (xmlSecEvent.getEventType() != XMLStreamConstants.END_DOCUMENT);
} catch (XMLSecurityException | IOException e) {
throw new XMLStreamException(e);
}
getTransformer().doFinal();
}
};
break;
}
case InputStream:
{
childOutputMethod = new ChildOutputMethod() {
private UnsyncByteArrayOutputStream byteArrayOutputStream;
private Base64OutputStream base64OutputStream;
@Override
public void transform(Object object) throws XMLStreamException {
if (base64OutputStream == null) {
byteArrayOutputStream = new UnsyncByteArrayOutputStream();
base64OutputStream = new Base64OutputStream(byteArrayOutputStream, false);
}
try {
base64OutputStream.write((byte[]) object);
} catch (IOException e) {
throw new XMLStreamException(e);
}
}
@Override
public void doFinal() throws XMLStreamException {
try {
base64OutputStream.close();
} catch (IOException e) {
throw new XMLStreamException(e);
}
try (InputStream is = new UnsyncByteArrayInputStream(byteArrayOutputStream.toByteArray())) {
getTransformer().transform(is);
getTransformer().doFinal();
} catch (IOException ex) {
throw new XMLStreamException(ex);
}
}
};
break;
}
}
}
childOutputMethod.transform(xmlSecEvent.asCharacters().getData().getBytes());
}
break;
}
}
Also used :
XMLSecurityConstants(org.apache.xml.security.stax.ext.XMLSecurityConstants)
UnsyncByteArrayOutputStream(org.apache.xml.security.utils.UnsyncByteArrayOutputStream)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
Base64InputStream(org.apache.commons.codec.binary.Base64InputStream)
XMLEventReaderInputProcessor(org.apache.xml.security.stax.impl.processor.input.XMLEventReaderInputProcessor)
Base64OutputStream(org.apache.commons.codec.binary.Base64OutputStream)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
XMLStreamException(javax.xml.stream.XMLStreamException)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
Example 3 with UnsyncByteArrayInputStream
use of org.apache.xml.security.utils.UnsyncByteArrayInputStream in project santuario-java by apache.
the class CanonicalizerBase method doFinal.
@Override
public void doFinal() throws XMLStreamException {
if (getTransformer() != null) {
UnsyncByteArrayOutputStream baos = (UnsyncByteArrayOutputStream) getOutputStream();
try (InputStream is = new UnsyncByteArrayInputStream(baos.toByteArray())) {
getTransformer().transform(is);
getTransformer().doFinal();
} catch (IOException ex) {
throw new XMLStreamException(ex);
}
}
}
Also used :
UnsyncByteArrayOutputStream(org.apache.xml.security.utils.UnsyncByteArrayOutputStream)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
Example 4 with UnsyncByteArrayInputStream
use of org.apache.xml.security.utils.UnsyncByteArrayInputStream in project santuario-java by apache.
the class TransformIdentity method transform.
@Override
public void transform(XMLSecEvent xmlSecEvent) throws XMLStreamException {
if (getXmlEventWriterForOutputStream() != null) {
// we have an output stream
getXmlEventWriterForOutputStream().add(xmlSecEvent);
} else {
// we have a child transformer
if (childOutputMethod == null) {
final XMLSecurityConstants.TransformMethod preferredChildTransformMethod = getTransformer().getPreferredTransformMethod(XMLSecurityConstants.TransformMethod.XMLSecEvent);
switch(preferredChildTransformMethod) {
case XMLSecEvent:
{
childOutputMethod = new ChildOutputMethod() {
@Override
public void transform(Object object) throws XMLStreamException {
getTransformer().transform((XMLSecEvent) object);
}
@Override
public void doFinal() throws XMLStreamException {
getTransformer().doFinal();
}
};
break;
}
case InputStream:
{
childOutputMethod = new ChildOutputMethod() {
private UnsyncByteArrayOutputStream baos;
private XMLEventWriter xmlEventWriter;
@Override
public void transform(Object object) throws XMLStreamException {
if (xmlEventWriter == null) {
baos = new UnsyncByteArrayOutputStream();
xmlEventWriter = getXmlOutputFactory().createXMLEventWriter(baos);
}
xmlEventWriter.add((XMLSecEvent) object);
}
@Override
public void doFinal() throws XMLStreamException {
xmlEventWriter.close();
try (InputStream is = new UnsyncByteArrayInputStream(baos.toByteArray())) {
getTransformer().transform(is);
getTransformer().doFinal();
} catch (IOException ex) {
throw new XMLStreamException(ex);
}
}
};
break;
}
}
}
if (childOutputMethod != null) {
childOutputMethod.transform(xmlSecEvent);
}
}
}
Also used :
XMLSecurityConstants(org.apache.xml.security.stax.ext.XMLSecurityConstants)
UnsyncByteArrayOutputStream(org.apache.xml.security.utils.UnsyncByteArrayOutputStream)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
Example 5 with UnsyncByteArrayInputStream
use of org.apache.xml.security.utils.UnsyncByteArrayInputStream in project santuario-java by apache.
the class AbstractSignatureInputHandler method reparseSignedInfo.
protected Deque<XMLSecEvent> reparseSignedInfo(InputProcessorChain inputProcessorChain, XMLSecurityProperties securityProperties, SignatureType signatureType, Deque<XMLSecEvent> eventDeque, int index) throws XMLSecurityException {
Deque<XMLSecEvent> signedInfoDeque = new ArrayDeque<XMLSecEvent>();
try (UnsyncByteArrayOutputStream unsynchronizedByteArrayOutputStream = new UnsyncByteArrayOutputStream()) {
Transformer transformer = XMLSecurityUtils.getTransformer(null, unsynchronizedByteArrayOutputStream, null, signatureType.getSignedInfo().getCanonicalizationMethod().getAlgorithm(), XMLSecurityConstants.DIRECTION.IN);
Iterator<XMLSecEvent> iterator = eventDeque.descendingIterator();
// forward to <Signature> Element
int i = 0;
while (i < index) {
iterator.next();
i++;
}
loop: while (iterator.hasNext()) {
XMLSecEvent xmlSecEvent = iterator.next();
switch(xmlSecEvent.getEventType()) {
case XMLStreamConstants.START_ELEMENT:
if (xmlSecEvent.asStartElement().getName().equals(XMLSecurityConstants.TAG_dsig_SignedInfo)) {
transformer.transform(xmlSecEvent);
break loop;
}
break;
}
}
loop: while (iterator.hasNext()) {
XMLSecEvent xmlSecEvent = iterator.next();
transformer.transform(xmlSecEvent);
switch(xmlSecEvent.getEventType()) {
case XMLStreamConstants.END_ELEMENT:
if (xmlSecEvent.asEndElement().getName().equals(XMLSecurityConstants.TAG_dsig_SignedInfo)) {
break loop;
}
break;
}
}
transformer.doFinal();
try (InputStream is = new UnsyncByteArrayInputStream(unsynchronizedByteArrayOutputStream.toByteArray())) {
XMLStreamReader xmlStreamReader = inputProcessorChain.getSecurityContext().<XMLInputFactory>get(XMLSecurityConstants.XMLINPUTFACTORY).createXMLStreamReader(is);
while (xmlStreamReader.hasNext()) {
XMLSecEvent xmlSecEvent = XMLSecEventFactory.allocate(xmlStreamReader, null);
signedInfoDeque.push(xmlSecEvent);
xmlStreamReader.next();
}
@SuppressWarnings("unchecked") final SignedInfoType signedInfoType = ((JAXBElement<SignedInfoType>) parseStructure(signedInfoDeque, 0, securityProperties)).getValue();
signatureType.setSignedInfo(signedInfoType);
return signedInfoDeque;
}
} catch (XMLStreamException | IOException e) {
throw new XMLSecurityException(e);
}
}
Also used :
XMLStreamReader(javax.xml.stream.XMLStreamReader)
UnsyncByteArrayOutputStream(org.apache.xml.security.utils.UnsyncByteArrayOutputStream)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
InputStream(java.io.InputStream)
SignedInfoType(org.apache.xml.security.binding.xmldsig.SignedInfoType)
JAXBElement(javax.xml.bind.JAXBElement)
IOException(java.io.IOException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
XMLSecEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent)
XMLStreamException(javax.xml.stream.XMLStreamException)
UnsyncByteArrayInputStream(org.apache.xml.security.utils.UnsyncByteArrayInputStream)
Aggregations
UnsyncByteArrayInputStream (org.apache.xml.security.utils.UnsyncByteArrayInputStream)5
UnsyncByteArrayOutputStream (org.apache.xml.security.utils.UnsyncByteArrayOutputStream)4
XMLStreamException (javax.xml.stream.XMLStreamException)2
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)2
XMLSecurityConstants (org.apache.xml.security.stax.ext.XMLSecurityConstants)2
XMLSecEvent (org.apache.xml.security.stax.ext.stax.XMLSecEvent)2
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
JAXBElement (javax.xml.bind.JAXBElement)1
XMLStreamReader (javax.xml.stream.XMLStreamReader)1
Base64InputStream (org.apache.commons.codec.binary.Base64InputStream)1
Base64OutputStream (org.apache.commons.codec.binary.Base64OutputStream)1
SignedInfoType (org.apache.xml.security.binding.xmldsig.SignedInfoType)1
XMLSecNamespace (org.apache.xml.security.stax.ext.stax.XMLSecNamespace)1
XMLEventReaderInputProcessor (org.apache.xml.security.stax.impl.processor.input.XMLEventReaderInputProcessor)1
