All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl Maven / Gradle / Ivy

Go to download

Apache XML Security for Java supports XML-Signature Syntax and Processing, W3C Recommendation 12 February 2002, and XML Encryption Syntax and Processing, W3C Recommendation 10 December 2002. As of version 1.4, the library supports the standard Java API JSR-105: XML Digital Signature APIs.

The newest version!
/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.apache.xml.security.c14n.implementations;

import java.io.IOException;
import java.io.OutputStream;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;

import org.apache.xml.security.c14n.CanonicalizationException;
import org.apache.xml.security.c14n.helper.C14nHelper;
import org.apache.xml.security.parser.XMLParserException;
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.transforms.params.InclusiveNamespaces;
import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;

/**
 * Implements " Exclusive XML
 * Canonicalization, Version 1.0 " 

* Credits: During restructuring of the Canonicalizer framework, Ren?? * Kollmorgen from Software AG submitted an implementation of ExclC14n which * fitted into the old architecture and which based heavily on my old (and slow) * implementation of "Canonical XML". A big "thank you" to Ren?? for this. *

* THIS implementation is a complete rewrite of the algorithm. * * @see * Exclusive XML Canonicalization, Version 1.0 */ public abstract class Canonicalizer20010315Excl extends CanonicalizerBase { /** * This Set contains the names (Strings like "xmlns" or "xmlns:foo") of * the inclusive namespaces. */ private SortedSet inclusiveNSSet = Collections.emptySortedSet(); private boolean propagateDefaultNamespace = false; /** * Constructor Canonicalizer20010315Excl * * @param includeComments */ public Canonicalizer20010315Excl(boolean includeComments) { super(includeComments); } /** * Method engineCanonicalizeSubTree * {@inheritDoc} * @param rootNode * @param writer OutputStream to write the canonicalization result * @throws CanonicalizationException */ @Override public void engineCanonicalizeSubTree(Node rootNode, OutputStream writer) throws CanonicalizationException { engineCanonicalizeSubTree(rootNode, "", null, writer); } /** * Method engineCanonicalizeSubTree * {@inheritDoc} * @param rootNode * @param inclusiveNamespaces * @param writer OutputStream to write the canonicalization result * @throws CanonicalizationException */ @Override public void engineCanonicalizeSubTree( Node rootNode, String inclusiveNamespaces, OutputStream writer ) throws CanonicalizationException { engineCanonicalizeSubTree(rootNode, inclusiveNamespaces, null, writer); } /** * Method engineCanonicalizeSubTree * {@inheritDoc} * @param rootNode * @param inclusiveNamespaces * @param propagateDefaultNamespace If true the default namespace will be propagated to the c14n-ized root element * @param writer OutputStream to write the canonicalization result * @throws CanonicalizationException */ @Override public void engineCanonicalizeSubTree( Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace, OutputStream writer ) throws CanonicalizationException { this.propagateDefaultNamespace = propagateDefaultNamespace; engineCanonicalizeSubTree(rootNode, inclusiveNamespaces, null, writer); } /** * Method engineCanonicalizeSubTree * @param rootNode * @param inclusiveNamespaces * @param excl A element to exclude from the c14n process. * @param writer OutputStream to write the canonicalization result * @throws CanonicalizationException */ public void engineCanonicalizeSubTree( Node rootNode, String inclusiveNamespaces, Node excl, OutputStream writer ) throws CanonicalizationException{ inclusiveNSSet = InclusiveNamespaces.prefixStr2Set(inclusiveNamespaces); super.engineCanonicalizeSubTree(rootNode, excl, writer); } /** * * @param rootNode * @param inclusiveNamespaces * @param writer OutputStream to write the canonicalization result * @param secureValidation Whether secure validation is enabled * @throws CanonicalizationException */ public void engineCanonicalize( XMLSignatureInput rootNode, String inclusiveNamespaces, OutputStream writer, boolean secureValidation ) throws CanonicalizationException { inclusiveNSSet = InclusiveNamespaces.prefixStr2Set(inclusiveNamespaces); super.engineCanonicalize(rootNode, writer, secureValidation); } /** * Method engineCanonicalizeXPathNodeSet * {@inheritDoc} * @param xpathNodeSet * @param inclusiveNamespaces * @param writer OutputStream to write the canonicalization result * @throws CanonicalizationException */ @Override public void engineCanonicalizeXPathNodeSet( Set xpathNodeSet, String inclusiveNamespaces, OutputStream writer ) throws CanonicalizationException { inclusiveNSSet = InclusiveNamespaces.prefixStr2Set(inclusiveNamespaces); super.engineCanonicalizeXPathNodeSet(xpathNodeSet, writer); } @Override protected void outputAttributesSubtree(Element element, NameSpaceSymbTable ns, Map cache, OutputStream writer) throws CanonicalizationException, DOMException, IOException { // result will contain the attrs which have to be output SortedSet result = new TreeSet<>(COMPARE); // The prefix visibly utilized (in the attribute or in the name) in // the element SortedSet visiblyUtilized = new TreeSet<>(); if (!inclusiveNSSet.isEmpty()) { visiblyUtilized.addAll(inclusiveNSSet); } if (element.hasAttributes()) { NamedNodeMap attrs = element.getAttributes(); int attrsLength = attrs.getLength(); for (int i = 0; i < attrsLength; i++) { Attr attribute = (Attr) attrs.item(i); String NName = attribute.getLocalName(); String NNodeValue = attribute.getNodeValue(); if (!XMLNS_URI.equals(attribute.getNamespaceURI())) { // Not a namespace definition. // The Element is output element, add the prefix (if used) to // visiblyUtilized String prefix = attribute.getPrefix(); if (prefix != null && !(prefix.equals(XML) || prefix.equals(XMLNS))) { visiblyUtilized.add(prefix); } // Add to the result. result.add(attribute); } else if (!(XML.equals(NName) && XML_LANG_URI.equals(NNodeValue)) && ns.addMapping(NName, NNodeValue, attribute) && C14nHelper.namespaceIsRelative(NNodeValue)) { // The default mapping for xml must not be output. // New definition check if it is relative. Object[] exArgs = {element.getTagName(), NName, attribute.getNodeValue()}; throw new CanonicalizationException( "c14n.Canonicalizer.RelativeNamespace", exArgs ); } } } if (propagateDefaultNamespace && ns.getLevel() == 1 && inclusiveNSSet.contains(XMLNS) && ns.getMappingWithoutRendered(XMLNS) == null) { ns.removeMapping(XMLNS); ns.addMapping( XMLNS, "", getNullNode(element.getOwnerDocument())); } String prefix = null; if (element.getNamespaceURI() != null && !(element.getPrefix() == null || element.getPrefix().length() == 0)) { prefix = element.getPrefix(); } else { prefix = XMLNS; } visiblyUtilized.add(prefix); for (String s : visiblyUtilized) { Attr key = ns.getMapping(s); if (key != null) { result.add(key); } } //we output all Attrs which are available for (Attr attr : result) { outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache); } } @Override protected void outputAttributes(Element element, NameSpaceSymbTable ns, Map cache, OutputStream writer) throws CanonicalizationException, DOMException, IOException { // result will contain the attrs which have to be output SortedSet result = new TreeSet<>(COMPARE); // The prefix visibly utilized (in the attribute or in the name) in // the element Set visiblyUtilized = null; // It's the output selected. boolean isOutputElement = isVisibleDO(element, ns.getLevel()) == 1; if (isOutputElement) { visiblyUtilized = new TreeSet<>(); if (!inclusiveNSSet.isEmpty()) { visiblyUtilized.addAll(inclusiveNSSet); } } if (element.hasAttributes()) { NamedNodeMap attrs = element.getAttributes(); int attrsLength = attrs.getLength(); for (int i = 0; i < attrsLength; i++) { Attr attribute = (Attr) attrs.item(i); String NName = attribute.getLocalName(); String NNodeValue = attribute.getNodeValue(); if (!XMLNS_URI.equals(attribute.getNamespaceURI())) { if (isVisible(attribute) && isOutputElement) { // The Element is output element, add the prefix (if used) // to visibyUtilized String prefix = attribute.getPrefix(); if (prefix != null && !(prefix.equals(XML) || prefix.equals(XMLNS))) { visiblyUtilized.add(prefix); } // Add to the result. result.add(attribute); } } else if (isOutputElement && !isVisible(attribute) && !XMLNS.equals(NName)) { ns.removeMappingIfNotRender(NName); } else { if (!isOutputElement && isVisible(attribute) && inclusiveNSSet.contains(NName) && !ns.removeMappingIfRender(NName)) { Node n = ns.addMappingAndRender(NName, NNodeValue, attribute); if (n != null) { result.add((Attr)n); if (C14nHelper.namespaceIsRelative(attribute)) { Object[] exArgs = { element.getTagName(), NName, attribute.getNodeValue() }; throw new CanonicalizationException( "c14n.Canonicalizer.RelativeNamespace", exArgs ); } } } if (ns.addMapping(NName, NNodeValue, attribute) && C14nHelper.namespaceIsRelative(NNodeValue)) { // New definition check if it is relative Object[] exArgs = { element.getTagName(), NName, attribute.getNodeValue() }; throw new CanonicalizationException( "c14n.Canonicalizer.RelativeNamespace", exArgs ); } } } } if (isOutputElement) { // The element is visible, handle the xmlns definition Attr xmlns = element.getAttributeNodeNS(XMLNS_URI, XMLNS); if (xmlns != null && !isVisible(xmlns)) { // There is a definition but the xmlns is not selected by the // xpath. then xmlns="" ns.addMapping(XMLNS, "", getNullNode(xmlns.getOwnerDocument())); } String prefix = null; if (element.getNamespaceURI() != null && !(element.getPrefix() == null || element.getPrefix().length() == 0)) { prefix = element.getPrefix(); } else { prefix = XMLNS; } visiblyUtilized.add(prefix); for (String s : visiblyUtilized) { Attr key = ns.getMapping(s); if (key != null) { result.add(key); } } } //we output all Attrs which are available for (Attr attr : result) { outputAttrToWriter(attr.getNodeName(), attr.getNodeValue(), writer, cache); } } @Override protected void circumventBugIfNeeded(XMLSignatureInput input) throws XMLParserException, IOException { if (!input.isNeedsToBeExpanded() || inclusiveNSSet.isEmpty()) { return; } Document doc = null; if (input.getSubNode() != null) { doc = XMLUtils.getOwnerDocument(input.getSubNode()); } else { doc = XMLUtils.getOwnerDocument(input.getNodeSet()); } XMLUtils.circumventBug2650(doc); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy