Examples with ResourceResolver org.apache.xml.security.utils.resolver.ResourceResolver used on opensource projects

Example 1 with ResourceResolver

use of org.apache.xml.security.utils.resolver.ResourceResolver in project xades4j by luisgoncalves.

the class OtherSignerTests method testSignUsingCustomResolver.

@Test
public void testSignUsingCustomResolver() throws Exception {
    System.out.println("signUsingCustomResolver");
    Document doc = getNewDocument();
    XadesSigner signer = new XadesBesSigningProfile(keyingProviderMy).newSigner();
    MyResolverSpi resolverSpi = new MyResolverSpi();
    SignedDataObjects dataObjs = new SignedDataObjects().withSignedDataObject(new DataObjectReference("xades4j://ref")).withResourceResolver(new ResourceResolver(resolverSpi));
    signer.sign(dataObjs, doc);
    assertEquals(1, resolverSpi.resolveCount);
}

Example 2 with ResourceResolver

use of org.apache.xml.security.utils.resolver.ResourceResolver in project xades4j by luisgoncalves.

the class XadesVerifierImpl method doCoreVerification.

private static void doCoreVerification(XMLSignature signature, SignatureSpecificVerificationOptions verificationOptions, X509Certificate validationCert) throws XAdES4jXMLSigException, InvalidSignatureException {
    List<ResourceResolver> resolvers = verificationOptions.getResolvers();
    if (!CollectionUtils.nullOrEmpty(resolvers)) {
        for (ResourceResolver resolver : resolvers) {
            signature.addResourceResolver(resolver);
        }
    }
    InputStream nullURIReferenceData = verificationOptions.getDataForAnonymousReference();
    if (nullURIReferenceData != null) {
        signature.addResourceResolver(new ResolverAnonymous(nullURIReferenceData));
    }
    try {
        if (signature.checkSignatureValue(validationCert)) {
            return;
        }
    } catch (XMLSignatureException ex) {
        throw new XAdES4jXMLSigException("Error verifying the signature", ex);
    }
    try {
        if (signature.getSignedInfo().verifyReferences()) // References are OK; this is a problem on the signature value
        // itself.
        {
            throw new SignatureValueException(signature);
        } else {
            // References are NOT OK; get the first invalid Reference.
            SignedInfo si = signature.getSignedInfo();
            for (int i = 0; i < si.getLength(); i++) {
                Reference r = si.item(i);
                if (!r.verify()) {
                    throw new ReferenceValueException(signature, r);
                }
            }
        }
    } catch (XMLSecurityException ex) {
        throw new XAdES4jXMLSigException("Error verifying the references", ex);
    }
}

Example 3 with ResourceResolver

use of org.apache.xml.security.utils.resolver.ResourceResolver in project santuario-java by apache.

the class RetrievalMethodResolver method resolveInput.

/**
 * Resolves the input from the given retrieval method
 * @return the input from the given retrieval method
 * @throws XMLSecurityException
 */
private static XMLSignatureInput resolveInput(RetrievalMethod rm, String baseURI, boolean secureValidation) throws XMLSecurityException {
    Attr uri = rm.getURIAttr();
    // Apply the transforms
    Transforms transforms = rm.getTransforms();
    ResourceResolver resRes = ResourceResolver.getInstance(uri, baseURI, secureValidation);
    XMLSignatureInput resource = resRes.resolve(uri, baseURI, secureValidation);
    if (transforms != null) {
        LOG.debug("We have Transforms");
        resource = transforms.performTransforms(resource);
    }
    return resource;
}

Example 4 with ResourceResolver

use of org.apache.xml.security.utils.resolver.ResourceResolver in project santuario-java by apache.

the class XMLCipherInput method getDecryptBytes.

/**
 * Internal method to get bytes in decryption mode
 * @return the decrypted bytes
 * @throws XMLEncryptionException
 */
private byte[] getDecryptBytes() throws XMLEncryptionException {
    String base64EncodedEncryptedOctets = null;
    if (cipherData.getDataType() == CipherData.REFERENCE_TYPE) {
        // Fun time!
        LOG.debug("Found a reference type CipherData");
        CipherReference cr = cipherData.getCipherReference();
        // Need to wrap the uri in an Attribute node so that we can
        // Pass to the resource resolvers
        Attr uriAttr = cr.getURIAsAttr();
        XMLSignatureInput input = null;
        try {
            ResourceResolver resolver = ResourceResolver.getInstance(uriAttr, null, secureValidation);
            input = resolver.resolve(uriAttr, null, secureValidation);
        } catch (ResourceResolverException ex) {
            throw new XMLEncryptionException(ex);
        }
        if (input != null) {
            LOG.debug("Managed to resolve URI \"{}\"", cr.getURI());
        } else {
            LOG.debug("Failed to resolve URI \"{}\"", cr.getURI());
        }
        // Lets see if there are any transforms
        Transforms transforms = cr.getTransforms();
        if (transforms != null) {
            LOG.debug("Have transforms in cipher reference");
            try {
                org.apache.xml.security.transforms.Transforms dsTransforms = transforms.getDSTransforms();
                dsTransforms.setSecureValidation(secureValidation);
                input = dsTransforms.performTransforms(input);
            } catch (TransformationException ex) {
                throw new XMLEncryptionException(ex);
            }
        }
        try {
            return input.getBytes();
        } catch (IOException ex) {
            throw new XMLEncryptionException(ex);
        } catch (CanonicalizationException ex) {
            throw new XMLEncryptionException(ex);
        }
    // retrieve the cipher text
    } else if (cipherData.getDataType() == CipherData.VALUE_TYPE) {
        base64EncodedEncryptedOctets = cipherData.getCipherValue().getValue();
    } else {
        throw new XMLEncryptionException("CipherData.getDataType() returned unexpected value");
    }
    LOG.debug("Encrypted octets:\n{}", base64EncodedEncryptedOctets);
    return Base64.getMimeDecoder().decode(base64EncodedEncryptedOctets);
}

Example 5 with ResourceResolver

use of org.apache.xml.security.utils.resolver.ResourceResolver in project santuario-java by apache.

the class ResolverDirectHTTPTest method testBug40783.

@Test
public void testBug40783() throws Exception {
    Document doc = XMLUtils.createDocumentBuilder(false).newDocument();
    Attr uri = doc.createAttribute("id");
    uri.setNodeValue("urn:ddd:uuu");
    doc.createElement("test").setAttributeNode(uri);
    try {
        ResourceResolver resolver = ResourceResolver.getInstance(uri, null, true);
        fail("No exception thrown, but resolver found: " + resolver);
    } catch (ResourceResolverException e) {
    // 
    }
}