author | weijun |
Tue, 19 Jun 2018 08:06:35 +0800 | |
changeset 50614 | 3810c9a2efa1 |
parent 47216 | 71c04702a3d5 |
child 59240 | b3116877866f |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18240 | 5 |
/** |
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
|
7 |
* or more contributor license agreements. See the NOTICE file |
|
8 |
* distributed with this work for additional information |
|
9 |
* regarding copyright ownership. The ASF licenses this file |
|
10 |
* to you under the Apache License, Version 2.0 (the |
|
11 |
* "License"); you may not use this file except in compliance |
|
12 |
* with the License. You may obtain a copy of the License at |
|
2 | 13 |
* |
18240 | 14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18240 | 16 |
* Unless required by applicable law or agreed to in writing, |
17 |
* software distributed under the License is distributed on an |
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
|
19 |
* KIND, either express or implied. See the License for the |
|
20 |
* specific language governing permissions and limitations |
|
21 |
* under the License. |
|
2 | 22 |
*/ |
23 |
package com.sun.org.apache.xml.internal.security.c14n; |
|
24 |
||
25 |
import java.io.ByteArrayInputStream; |
|
18240 | 26 |
import java.io.InputStream; |
2 | 27 |
import java.io.OutputStream; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
28 |
import java.nio.charset.StandardCharsets; |
2 | 29 |
import java.util.Map; |
30 |
import java.util.Set; |
|
18240 | 31 |
import java.util.concurrent.ConcurrentHashMap; |
2 | 32 |
|
33 |
import javax.xml.parsers.DocumentBuilder; |
|
34 |
||
18240 | 35 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments; |
36 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments; |
|
37 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments; |
|
38 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments; |
|
39 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments; |
|
40 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
41 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical; |
2 | 42 |
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException; |
27081 | 43 |
import com.sun.org.apache.xml.internal.security.utils.JavaUtils; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
44 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
2 | 45 |
import org.w3c.dom.Document; |
46 |
import org.w3c.dom.Node; |
|
47 |
import org.w3c.dom.NodeList; |
|
48 |
import org.xml.sax.InputSource; |
|
49 |
||
50 |
/** |
|
51 |
* |
|
52 |
*/ |
|
53 |
public class Canonicalizer { |
|
54 |
||
1337 | 55 |
/** The output encoding of canonicalized data */ |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
56 |
public static final String ENCODING = StandardCharsets.UTF_8.name(); |
2 | 57 |
|
1337 | 58 |
/** |
18240 | 59 |
* XPath Expression for selecting every node and continuous comments joined |
1337 | 60 |
* in only one node |
2 | 61 |
*/ |
1337 | 62 |
public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE = |
63 |
"(.//. | .//@* | .//namespace::*)"; |
|
2 | 64 |
|
1337 | 65 |
/** |
2 | 66 |
* The URL defined in XML-SEC Rec for inclusive c14n <b>without</b> comments. |
67 |
*/ |
|
1337 | 68 |
public static final String ALGO_ID_C14N_OMIT_COMMENTS = |
69 |
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; |
|
70 |
/** |
|
71 |
* The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments. |
|
72 |
*/ |
|
73 |
public static final String ALGO_ID_C14N_WITH_COMMENTS = |
|
74 |
ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments"; |
|
75 |
/** |
|
76 |
* The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments. |
|
77 |
*/ |
|
78 |
public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = |
|
79 |
"http://www.w3.org/2001/10/xml-exc-c14n#"; |
|
80 |
/** |
|
81 |
* The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments. |
|
82 |
*/ |
|
83 |
public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = |
|
84 |
ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments"; |
|
85 |
/** |
|
86 |
* The URI for inclusive c14n 1.1 <b>without</b> comments. |
|
87 |
*/ |
|
88 |
public static final String ALGO_ID_C14N11_OMIT_COMMENTS = |
|
89 |
"http://www.w3.org/2006/12/xml-c14n11"; |
|
90 |
/** |
|
91 |
* The URI for inclusive c14n 1.1 <b>with</b> comments. |
|
92 |
*/ |
|
93 |
public static final String ALGO_ID_C14N11_WITH_COMMENTS = |
|
94 |
ALGO_ID_C14N11_OMIT_COMMENTS + "#WithComments"; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
95 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
96 |
* Non-standard algorithm to serialize the physical representation for XML Encryption |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
97 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
98 |
public static final String ALGO_ID_C14N_PHYSICAL = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
99 |
"http://santuario.apache.org/c14n/physical"; |
2 | 100 |
|
18240 | 101 |
private static Map<String, Class<? extends CanonicalizerSpi>> canonicalizerHash = |
102 |
new ConcurrentHashMap<String, Class<? extends CanonicalizerSpi>>(); |
|
1337 | 103 |
|
18240 | 104 |
private final CanonicalizerSpi canonicalizerSpi; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
105 |
private boolean secureValidation; |
2 | 106 |
|
1337 | 107 |
/** |
108 |
* Constructor Canonicalizer |
|
109 |
* |
|
110 |
* @param algorithmURI |
|
111 |
* @throws InvalidCanonicalizerException |
|
112 |
*/ |
|
18240 | 113 |
private Canonicalizer(String algorithmURI) throws InvalidCanonicalizerException { |
1337 | 114 |
try { |
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
115 |
Class<? extends CanonicalizerSpi> implementingClass = |
18240 | 116 |
canonicalizerHash.get(algorithmURI); |
2 | 117 |
|
37782
ad8fe7507ecc
6850612: Deprecate Class.newInstance since it violates the checked exception language contract
darcy
parents:
27081
diff
changeset
|
118 |
@SuppressWarnings("deprecation") |
ad8fe7507ecc
6850612: Deprecate Class.newInstance since it violates the checked exception language contract
darcy
parents:
27081
diff
changeset
|
119 |
CanonicalizerSpi tmp = implementingClass.newInstance(); |
ad8fe7507ecc
6850612: Deprecate Class.newInstance since it violates the checked exception language contract
darcy
parents:
27081
diff
changeset
|
120 |
canonicalizerSpi = tmp; |
18240 | 121 |
canonicalizerSpi.reset = true; |
1337 | 122 |
} catch (Exception e) { |
123 |
Object exArgs[] = { algorithmURI }; |
|
124 |
throw new InvalidCanonicalizerException( |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
125 |
e, "signature.Canonicalizer.UnknownCanonicalizer", exArgs |
18240 | 126 |
); |
1337 | 127 |
} |
128 |
} |
|
2 | 129 |
|
1337 | 130 |
/** |
131 |
* Method getInstance |
|
132 |
* |
|
133 |
* @param algorithmURI |
|
18240 | 134 |
* @return a Canonicalizer instance ready for the job |
1337 | 135 |
* @throws InvalidCanonicalizerException |
136 |
*/ |
|
137 |
public static final Canonicalizer getInstance(String algorithmURI) |
|
18240 | 138 |
throws InvalidCanonicalizerException { |
139 |
return new Canonicalizer(algorithmURI); |
|
1337 | 140 |
} |
2 | 141 |
|
1337 | 142 |
/** |
143 |
* Method register |
|
144 |
* |
|
145 |
* @param algorithmURI |
|
146 |
* @param implementingClass |
|
147 |
* @throws AlgorithmAlreadyRegisteredException |
|
27081 | 148 |
* @throws SecurityException if a security manager is installed and the |
149 |
* caller does not have permission to register the canonicalizer |
|
1337 | 150 |
*/ |
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
151 |
@SuppressWarnings("unchecked") |
1337 | 152 |
public static void register(String algorithmURI, String implementingClass) |
18240 | 153 |
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException { |
27081 | 154 |
JavaUtils.checkRegisterPermission(); |
18240 | 155 |
// check whether URI is already registered |
156 |
Class<? extends CanonicalizerSpi> registeredClass = |
|
157 |
canonicalizerHash.get(algorithmURI); |
|
158 |
||
159 |
if (registeredClass != null) { |
|
160 |
Object exArgs[] = { algorithmURI, registeredClass }; |
|
161 |
throw new AlgorithmAlreadyRegisteredException("algorithm.alreadyRegistered", exArgs); |
|
162 |
} |
|
2 | 163 |
|
18240 | 164 |
canonicalizerHash.put( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
165 |
algorithmURI, (Class<? extends CanonicalizerSpi>) |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
166 |
ClassLoaderUtils.loadClass(implementingClass, Canonicalizer.class) |
18240 | 167 |
); |
168 |
} |
|
169 |
||
170 |
/** |
|
171 |
* Method register |
|
172 |
* |
|
173 |
* @param algorithmURI |
|
174 |
* @param implementingClass |
|
175 |
* @throws AlgorithmAlreadyRegisteredException |
|
27081 | 176 |
* @throws SecurityException if a security manager is installed and the |
177 |
* caller does not have permission to register the canonicalizer |
|
18240 | 178 |
*/ |
27081 | 179 |
public static void register(String algorithmURI, Class<? extends CanonicalizerSpi> implementingClass) |
18240 | 180 |
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException { |
27081 | 181 |
JavaUtils.checkRegisterPermission(); |
1337 | 182 |
// check whether URI is already registered |
18240 | 183 |
Class<? extends CanonicalizerSpi> registeredClass = canonicalizerHash.get(algorithmURI); |
2 | 184 |
|
1337 | 185 |
if (registeredClass != null) { |
186 |
Object exArgs[] = { algorithmURI, registeredClass }; |
|
18240 | 187 |
throw new AlgorithmAlreadyRegisteredException("algorithm.alreadyRegistered", exArgs); |
1337 | 188 |
} |
2 | 189 |
|
18240 | 190 |
canonicalizerHash.put(algorithmURI, implementingClass); |
191 |
} |
|
192 |
||
193 |
/** |
|
194 |
* This method registers the default algorithms. |
|
195 |
*/ |
|
196 |
public static void registerDefaultAlgorithms() { |
|
197 |
canonicalizerHash.put( |
|
198 |
Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS, |
|
199 |
Canonicalizer20010315OmitComments.class |
|
200 |
); |
|
201 |
canonicalizerHash.put( |
|
202 |
Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS, |
|
203 |
Canonicalizer20010315WithComments.class |
|
204 |
); |
|
205 |
canonicalizerHash.put( |
|
206 |
Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS, |
|
207 |
Canonicalizer20010315ExclOmitComments.class |
|
208 |
); |
|
209 |
canonicalizerHash.put( |
|
210 |
Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS, |
|
211 |
Canonicalizer20010315ExclWithComments.class |
|
212 |
); |
|
213 |
canonicalizerHash.put( |
|
214 |
Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS, |
|
215 |
Canonicalizer11_OmitComments.class |
|
216 |
); |
|
217 |
canonicalizerHash.put( |
|
218 |
Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS, |
|
219 |
Canonicalizer11_WithComments.class |
|
220 |
); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
221 |
canonicalizerHash.put( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
222 |
Canonicalizer.ALGO_ID_C14N_PHYSICAL, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
223 |
CanonicalizerPhysical.class |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
224 |
); |
1337 | 225 |
} |
2 | 226 |
|
1337 | 227 |
/** |
228 |
* Method getURI |
|
229 |
* |
|
230 |
* @return the URI defined for this c14n instance. |
|
231 |
*/ |
|
232 |
public final String getURI() { |
|
18240 | 233 |
return canonicalizerSpi.engineGetURI(); |
1337 | 234 |
} |
2 | 235 |
|
1337 | 236 |
/** |
237 |
* Method getIncludeComments |
|
238 |
* |
|
239 |
* @return true if the c14n respect the comments. |
|
240 |
*/ |
|
241 |
public boolean getIncludeComments() { |
|
18240 | 242 |
return canonicalizerSpi.engineGetIncludeComments(); |
1337 | 243 |
} |
2 | 244 |
|
1337 | 245 |
/** |
246 |
* This method tries to canonicalize the given bytes. It's possible to even |
|
247 |
* canonicalize non-wellformed sequences if they are well-formed after being |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
248 |
* wrapped with a {@code >a<...>/a<}. |
1337 | 249 |
* |
250 |
* @param inputBytes |
|
18240 | 251 |
* @return the result of the canonicalization. |
1337 | 252 |
* @throws CanonicalizationException |
253 |
* @throws java.io.IOException |
|
254 |
* @throws javax.xml.parsers.ParserConfigurationException |
|
255 |
* @throws org.xml.sax.SAXException |
|
256 |
*/ |
|
257 |
public byte[] canonicalize(byte[] inputBytes) |
|
18240 | 258 |
throws javax.xml.parsers.ParserConfigurationException, |
259 |
java.io.IOException, org.xml.sax.SAXException, CanonicalizationException { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
260 |
Document document = null; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
261 |
try (InputStream bais = new ByteArrayInputStream(inputBytes)) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
262 |
InputSource in = new InputSource(bais); |
2 | 263 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
264 |
// needs to validate for ID attribute normalization |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
265 |
DocumentBuilder db = XMLUtils.createDocumentBuilder(true, secureValidation); |
2 | 266 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
267 |
/* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
268 |
* for some of the test vectors from the specification, |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
269 |
* there has to be a validating parser for ID attributes, default |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
270 |
* attribute values, NMTOKENS, etc. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
271 |
* Unfortunately, the test vectors do use different DTDs or |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
272 |
* even no DTD. So Xerces 1.3.1 fires many warnings about using |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
273 |
* ErrorHandlers. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
274 |
* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
275 |
* Text from the spec: |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
276 |
* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
277 |
* The input octet stream MUST contain a well-formed XML document, |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
278 |
* but the input need not be validated. However, the attribute |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
279 |
* value normalization and entity reference resolution MUST be |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
280 |
* performed in accordance with the behaviors of a validating |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
281 |
* XML processor. As well, nodes for default attributes (declared |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
282 |
* in the ATTLIST with an AttValue but not specified) are created |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
283 |
* in each element. Thus, the declarations in the document type |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
284 |
* declaration are used to help create the canonical form, even |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
285 |
* though the document type declaration is not retained in the |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
286 |
* canonical form. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
287 |
*/ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
288 |
db.setErrorHandler(new com.sun.org.apache.xml.internal.security.utils.IgnoreAllErrorHandler()); |
2 | 289 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
290 |
document = db.parse(in); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
291 |
} |
18240 | 292 |
return this.canonicalizeSubtree(document); |
1337 | 293 |
} |
2 | 294 |
|
1337 | 295 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
296 |
* Canonicalizes the subtree rooted by {@code node}. |
1337 | 297 |
* |
18240 | 298 |
* @param node The node to canonicalize |
1337 | 299 |
* @return the result of the c14n. |
300 |
* |
|
301 |
* @throws CanonicalizationException |
|
302 |
*/ |
|
18240 | 303 |
public byte[] canonicalizeSubtree(Node node) throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
304 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 305 |
return canonicalizerSpi.engineCanonicalizeSubTree(node); |
1337 | 306 |
} |
2 | 307 |
|
1337 | 308 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
309 |
* Canonicalizes the subtree rooted by {@code node}. |
1337 | 310 |
* |
311 |
* @param node |
|
312 |
* @param inclusiveNamespaces |
|
313 |
* @return the result of the c14n. |
|
314 |
* @throws CanonicalizationException |
|
315 |
*/ |
|
316 |
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces) |
|
18240 | 317 |
throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
318 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 319 |
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces); |
1337 | 320 |
} |
2 | 321 |
|
1337 | 322 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
323 |
* Canonicalizes the subtree rooted by {@code node}. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
324 |
* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
325 |
* @param node |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
326 |
* @param inclusiveNamespaces |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
327 |
* @return the result of the c14n. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
328 |
* @throws CanonicalizationException |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
329 |
*/ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
330 |
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces, boolean propagateDefaultNamespace) |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
331 |
throws CanonicalizationException { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
332 |
canonicalizerSpi.secureValidation = secureValidation; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
333 |
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces, propagateDefaultNamespace); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
334 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
335 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
336 |
/** |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
337 |
* Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated |
1337 | 338 |
* as a list of XPath nodes, not as a list of subtrees. |
339 |
* |
|
340 |
* @param xpathNodeSet |
|
341 |
* @return the result of the c14n. |
|
342 |
* @throws CanonicalizationException |
|
343 |
*/ |
|
344 |
public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet) |
|
18240 | 345 |
throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
346 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 347 |
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); |
1337 | 348 |
} |
2 | 349 |
|
1337 | 350 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
351 |
* Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated |
1337 | 352 |
* as a list of XPath nodes, not as a list of subtrees. |
353 |
* |
|
354 |
* @param xpathNodeSet |
|
355 |
* @param inclusiveNamespaces |
|
356 |
* @return the result of the c14n. |
|
357 |
* @throws CanonicalizationException |
|
358 |
*/ |
|
359 |
public byte[] canonicalizeXPathNodeSet( |
|
18240 | 360 |
NodeList xpathNodeSet, String inclusiveNamespaces |
361 |
) throws CanonicalizationException { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
362 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 363 |
return |
364 |
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces); |
|
1337 | 365 |
} |
2 | 366 |
|
1337 | 367 |
/** |
368 |
* Canonicalizes an XPath node set. |
|
369 |
* |
|
370 |
* @param xpathNodeSet |
|
371 |
* @return the result of the c14n. |
|
372 |
* @throws CanonicalizationException |
|
373 |
*/ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
374 |
public byte[] canonicalizeXPathNodeSet(Set<Node> xpathNodeSet) |
18240 | 375 |
throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
376 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 377 |
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); |
1337 | 378 |
} |
2 | 379 |
|
1337 | 380 |
/** |
381 |
* Canonicalizes an XPath node set. |
|
382 |
* |
|
383 |
* @param xpathNodeSet |
|
384 |
* @param inclusiveNamespaces |
|
385 |
* @return the result of the c14n. |
|
386 |
* @throws CanonicalizationException |
|
387 |
*/ |
|
18240 | 388 |
public byte[] canonicalizeXPathNodeSet( |
389 |
Set<Node> xpathNodeSet, String inclusiveNamespaces |
|
390 |
) throws CanonicalizationException { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
391 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 392 |
return |
393 |
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces); |
|
1337 | 394 |
} |
2 | 395 |
|
1337 | 396 |
/** |
397 |
* Sets the writer where the canonicalization ends. ByteArrayOutputStream |
|
398 |
* if none is set. |
|
399 |
* @param os |
|
400 |
*/ |
|
401 |
public void setWriter(OutputStream os) { |
|
18240 | 402 |
canonicalizerSpi.setWriter(os); |
1337 | 403 |
} |
2 | 404 |
|
1337 | 405 |
/** |
406 |
* Returns the name of the implementing {@link CanonicalizerSpi} class |
|
407 |
* |
|
408 |
* @return the name of the implementing {@link CanonicalizerSpi} class |
|
409 |
*/ |
|
410 |
public String getImplementingCanonicalizerClass() { |
|
18240 | 411 |
return canonicalizerSpi.getClass().getName(); |
1337 | 412 |
} |
2 | 413 |
|
1337 | 414 |
/** |
415 |
* Set the canonicalizer behaviour to not reset. |
|
416 |
*/ |
|
417 |
public void notReset() { |
|
18240 | 418 |
canonicalizerSpi.reset = false; |
1337 | 419 |
} |
18240 | 420 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
421 |
public boolean isSecureValidation() { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
422 |
return secureValidation; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
423 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
424 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
425 |
public void setSecureValidation(boolean secureValidation) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
426 |
this.secureValidation = secureValidation; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
427 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
428 |
|
2 | 429 |
} |