author | weijun |
Thu, 10 Oct 2019 17:36:38 +0300 | |
changeset 59240 | b3116877866f |
parent 50614 | 3810c9a2efa1 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18240 | 5 |
/** |
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
|
7 |
* or more contributor license agreements. See the NOTICE file |
|
8 |
* distributed with this work for additional information |
|
9 |
* regarding copyright ownership. The ASF licenses this file |
|
10 |
* to you under the Apache License, Version 2.0 (the |
|
11 |
* "License"); you may not use this file except in compliance |
|
12 |
* with the License. You may obtain a copy of the License at |
|
2 | 13 |
* |
18240 | 14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18240 | 16 |
* Unless required by applicable law or agreed to in writing, |
17 |
* software distributed under the License is distributed on an |
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
|
19 |
* KIND, either express or implied. See the License for the |
|
20 |
* specific language governing permissions and limitations |
|
21 |
* under the License. |
|
2 | 22 |
*/ |
23 |
package com.sun.org.apache.xml.internal.security.c14n; |
|
24 |
||
25 |
import java.io.ByteArrayInputStream; |
|
18240 | 26 |
import java.io.InputStream; |
2 | 27 |
import java.io.OutputStream; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
28 |
import java.nio.charset.StandardCharsets; |
2 | 29 |
import java.util.Map; |
30 |
import java.util.Set; |
|
18240 | 31 |
import java.util.concurrent.ConcurrentHashMap; |
2 | 32 |
|
18240 | 33 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_OmitComments; |
34 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer11_WithComments; |
|
35 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclOmitComments; |
|
36 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315ExclWithComments; |
|
37 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments; |
|
38 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
39 |
import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical; |
2 | 40 |
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException; |
27081 | 41 |
import com.sun.org.apache.xml.internal.security.utils.JavaUtils; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
42 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
2 | 43 |
import org.w3c.dom.Document; |
44 |
import org.w3c.dom.Node; |
|
45 |
import org.w3c.dom.NodeList; |
|
46 |
import org.xml.sax.InputSource; |
|
47 |
||
48 |
/** |
|
49 |
* |
|
50 |
*/ |
|
51 |
public class Canonicalizer { |
|
52 |
||
1337 | 53 |
/** The output encoding of canonicalized data */ |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
54 |
public static final String ENCODING = StandardCharsets.UTF_8.name(); |
2 | 55 |
|
1337 | 56 |
/** |
18240 | 57 |
* XPath Expression for selecting every node and continuous comments joined |
1337 | 58 |
* in only one node |
2 | 59 |
*/ |
1337 | 60 |
public static final String XPATH_C14N_WITH_COMMENTS_SINGLE_NODE = |
61 |
"(.//. | .//@* | .//namespace::*)"; |
|
2 | 62 |
|
1337 | 63 |
/** |
2 | 64 |
* The URL defined in XML-SEC Rec for inclusive c14n <b>without</b> comments. |
65 |
*/ |
|
1337 | 66 |
public static final String ALGO_ID_C14N_OMIT_COMMENTS = |
67 |
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; |
|
68 |
/** |
|
69 |
* The URL defined in XML-SEC Rec for inclusive c14n <b>with</b> comments. |
|
70 |
*/ |
|
71 |
public static final String ALGO_ID_C14N_WITH_COMMENTS = |
|
72 |
ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments"; |
|
73 |
/** |
|
74 |
* The URL defined in XML-SEC Rec for exclusive c14n <b>without</b> comments. |
|
75 |
*/ |
|
76 |
public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = |
|
77 |
"http://www.w3.org/2001/10/xml-exc-c14n#"; |
|
78 |
/** |
|
79 |
* The URL defined in XML-SEC Rec for exclusive c14n <b>with</b> comments. |
|
80 |
*/ |
|
81 |
public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = |
|
82 |
ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments"; |
|
83 |
/** |
|
84 |
* The URI for inclusive c14n 1.1 <b>without</b> comments. |
|
85 |
*/ |
|
86 |
public static final String ALGO_ID_C14N11_OMIT_COMMENTS = |
|
87 |
"http://www.w3.org/2006/12/xml-c14n11"; |
|
88 |
/** |
|
89 |
* The URI for inclusive c14n 1.1 <b>with</b> comments. |
|
90 |
*/ |
|
91 |
public static final String ALGO_ID_C14N11_WITH_COMMENTS = |
|
92 |
ALGO_ID_C14N11_OMIT_COMMENTS + "#WithComments"; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
93 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
94 |
* Non-standard algorithm to serialize the physical representation for XML Encryption |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
95 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
96 |
public static final String ALGO_ID_C14N_PHYSICAL = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
97 |
"http://santuario.apache.org/c14n/physical"; |
2 | 98 |
|
18240 | 99 |
private static Map<String, Class<? extends CanonicalizerSpi>> canonicalizerHash = |
100 |
new ConcurrentHashMap<String, Class<? extends CanonicalizerSpi>>(); |
|
1337 | 101 |
|
18240 | 102 |
private final CanonicalizerSpi canonicalizerSpi; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
103 |
private boolean secureValidation; |
2 | 104 |
|
1337 | 105 |
/** |
106 |
* Constructor Canonicalizer |
|
107 |
* |
|
108 |
* @param algorithmURI |
|
109 |
* @throws InvalidCanonicalizerException |
|
110 |
*/ |
|
18240 | 111 |
private Canonicalizer(String algorithmURI) throws InvalidCanonicalizerException { |
1337 | 112 |
try { |
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
113 |
Class<? extends CanonicalizerSpi> implementingClass = |
18240 | 114 |
canonicalizerHash.get(algorithmURI); |
2 | 115 |
|
37782
ad8fe7507ecc
6850612: Deprecate Class.newInstance since it violates the checked exception language contract
darcy
parents:
27081
diff
changeset
|
116 |
@SuppressWarnings("deprecation") |
ad8fe7507ecc
6850612: Deprecate Class.newInstance since it violates the checked exception language contract
darcy
parents:
27081
diff
changeset
|
117 |
CanonicalizerSpi tmp = implementingClass.newInstance(); |
ad8fe7507ecc
6850612: Deprecate Class.newInstance since it violates the checked exception language contract
darcy
parents:
27081
diff
changeset
|
118 |
canonicalizerSpi = tmp; |
18240 | 119 |
canonicalizerSpi.reset = true; |
1337 | 120 |
} catch (Exception e) { |
121 |
Object exArgs[] = { algorithmURI }; |
|
122 |
throw new InvalidCanonicalizerException( |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
123 |
e, "signature.Canonicalizer.UnknownCanonicalizer", exArgs |
18240 | 124 |
); |
1337 | 125 |
} |
126 |
} |
|
2 | 127 |
|
1337 | 128 |
/** |
129 |
* Method getInstance |
|
130 |
* |
|
131 |
* @param algorithmURI |
|
18240 | 132 |
* @return a Canonicalizer instance ready for the job |
1337 | 133 |
* @throws InvalidCanonicalizerException |
134 |
*/ |
|
135 |
public static final Canonicalizer getInstance(String algorithmURI) |
|
18240 | 136 |
throws InvalidCanonicalizerException { |
137 |
return new Canonicalizer(algorithmURI); |
|
1337 | 138 |
} |
2 | 139 |
|
1337 | 140 |
/** |
141 |
* Method register |
|
142 |
* |
|
143 |
* @param algorithmURI |
|
144 |
* @param implementingClass |
|
145 |
* @throws AlgorithmAlreadyRegisteredException |
|
27081 | 146 |
* @throws SecurityException if a security manager is installed and the |
147 |
* caller does not have permission to register the canonicalizer |
|
1337 | 148 |
*/ |
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
149 |
@SuppressWarnings("unchecked") |
1337 | 150 |
public static void register(String algorithmURI, String implementingClass) |
18240 | 151 |
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException { |
27081 | 152 |
JavaUtils.checkRegisterPermission(); |
18240 | 153 |
// check whether URI is already registered |
154 |
Class<? extends CanonicalizerSpi> registeredClass = |
|
155 |
canonicalizerHash.get(algorithmURI); |
|
156 |
||
157 |
if (registeredClass != null) { |
|
158 |
Object exArgs[] = { algorithmURI, registeredClass }; |
|
159 |
throw new AlgorithmAlreadyRegisteredException("algorithm.alreadyRegistered", exArgs); |
|
160 |
} |
|
2 | 161 |
|
18240 | 162 |
canonicalizerHash.put( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
163 |
algorithmURI, (Class<? extends CanonicalizerSpi>) |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
164 |
ClassLoaderUtils.loadClass(implementingClass, Canonicalizer.class) |
18240 | 165 |
); |
166 |
} |
|
167 |
||
168 |
/** |
|
169 |
* Method register |
|
170 |
* |
|
171 |
* @param algorithmURI |
|
172 |
* @param implementingClass |
|
173 |
* @throws AlgorithmAlreadyRegisteredException |
|
27081 | 174 |
* @throws SecurityException if a security manager is installed and the |
175 |
* caller does not have permission to register the canonicalizer |
|
18240 | 176 |
*/ |
27081 | 177 |
public static void register(String algorithmURI, Class<? extends CanonicalizerSpi> implementingClass) |
18240 | 178 |
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException { |
27081 | 179 |
JavaUtils.checkRegisterPermission(); |
1337 | 180 |
// check whether URI is already registered |
18240 | 181 |
Class<? extends CanonicalizerSpi> registeredClass = canonicalizerHash.get(algorithmURI); |
2 | 182 |
|
1337 | 183 |
if (registeredClass != null) { |
184 |
Object exArgs[] = { algorithmURI, registeredClass }; |
|
18240 | 185 |
throw new AlgorithmAlreadyRegisteredException("algorithm.alreadyRegistered", exArgs); |
1337 | 186 |
} |
2 | 187 |
|
18240 | 188 |
canonicalizerHash.put(algorithmURI, implementingClass); |
189 |
} |
|
190 |
||
191 |
/** |
|
192 |
* This method registers the default algorithms. |
|
193 |
*/ |
|
194 |
public static void registerDefaultAlgorithms() { |
|
195 |
canonicalizerHash.put( |
|
196 |
Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS, |
|
197 |
Canonicalizer20010315OmitComments.class |
|
198 |
); |
|
199 |
canonicalizerHash.put( |
|
200 |
Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS, |
|
201 |
Canonicalizer20010315WithComments.class |
|
202 |
); |
|
203 |
canonicalizerHash.put( |
|
204 |
Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS, |
|
205 |
Canonicalizer20010315ExclOmitComments.class |
|
206 |
); |
|
207 |
canonicalizerHash.put( |
|
208 |
Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS, |
|
209 |
Canonicalizer20010315ExclWithComments.class |
|
210 |
); |
|
211 |
canonicalizerHash.put( |
|
212 |
Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS, |
|
213 |
Canonicalizer11_OmitComments.class |
|
214 |
); |
|
215 |
canonicalizerHash.put( |
|
216 |
Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS, |
|
217 |
Canonicalizer11_WithComments.class |
|
218 |
); |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
219 |
canonicalizerHash.put( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
220 |
Canonicalizer.ALGO_ID_C14N_PHYSICAL, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
221 |
CanonicalizerPhysical.class |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
222 |
); |
1337 | 223 |
} |
2 | 224 |
|
1337 | 225 |
/** |
226 |
* Method getURI |
|
227 |
* |
|
228 |
* @return the URI defined for this c14n instance. |
|
229 |
*/ |
|
230 |
public final String getURI() { |
|
18240 | 231 |
return canonicalizerSpi.engineGetURI(); |
1337 | 232 |
} |
2 | 233 |
|
1337 | 234 |
/** |
235 |
* Method getIncludeComments |
|
236 |
* |
|
237 |
* @return true if the c14n respect the comments. |
|
238 |
*/ |
|
239 |
public boolean getIncludeComments() { |
|
18240 | 240 |
return canonicalizerSpi.engineGetIncludeComments(); |
1337 | 241 |
} |
2 | 242 |
|
1337 | 243 |
/** |
244 |
* This method tries to canonicalize the given bytes. It's possible to even |
|
245 |
* canonicalize non-wellformed sequences if they are well-formed after being |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
246 |
* wrapped with a {@code >a<...>/a<}. |
1337 | 247 |
* |
248 |
* @param inputBytes |
|
18240 | 249 |
* @return the result of the canonicalization. |
1337 | 250 |
* @throws CanonicalizationException |
251 |
* @throws java.io.IOException |
|
252 |
* @throws javax.xml.parsers.ParserConfigurationException |
|
253 |
* @throws org.xml.sax.SAXException |
|
254 |
*/ |
|
255 |
public byte[] canonicalize(byte[] inputBytes) |
|
18240 | 256 |
throws javax.xml.parsers.ParserConfigurationException, |
257 |
java.io.IOException, org.xml.sax.SAXException, CanonicalizationException { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
258 |
Document document = null; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
259 |
try (InputStream bais = new ByteArrayInputStream(inputBytes)) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
260 |
InputSource in = new InputSource(bais); |
2 | 261 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
262 |
/* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
263 |
* Text from the spec: |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
264 |
* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
265 |
* The input octet stream MUST contain a well-formed XML document, |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
266 |
* but the input need not be validated. However, the attribute |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
267 |
* value normalization and entity reference resolution MUST be |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
268 |
* performed in accordance with the behaviors of a validating |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
269 |
* XML processor. As well, nodes for default attributes (declared |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
270 |
* in the ATTLIST with an AttValue but not specified) are created |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
271 |
* in each element. Thus, the declarations in the document type |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
272 |
* declaration are used to help create the canonical form, even |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
273 |
* though the document type declaration is not retained in the |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
274 |
* canonical form. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
275 |
*/ |
59240
b3116877866f
8231507: Update Apache Santuario (XML Signature) to version 2.1.4
weijun
parents:
50614
diff
changeset
|
276 |
document = XMLUtils.read(in, secureValidation); |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
277 |
} |
18240 | 278 |
return this.canonicalizeSubtree(document); |
1337 | 279 |
} |
2 | 280 |
|
1337 | 281 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
282 |
* Canonicalizes the subtree rooted by {@code node}. |
1337 | 283 |
* |
18240 | 284 |
* @param node The node to canonicalize |
1337 | 285 |
* @return the result of the c14n. |
286 |
* |
|
287 |
* @throws CanonicalizationException |
|
288 |
*/ |
|
18240 | 289 |
public byte[] canonicalizeSubtree(Node node) throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
290 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 291 |
return canonicalizerSpi.engineCanonicalizeSubTree(node); |
1337 | 292 |
} |
2 | 293 |
|
1337 | 294 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
295 |
* Canonicalizes the subtree rooted by {@code node}. |
1337 | 296 |
* |
297 |
* @param node |
|
298 |
* @param inclusiveNamespaces |
|
299 |
* @return the result of the c14n. |
|
300 |
* @throws CanonicalizationException |
|
301 |
*/ |
|
302 |
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces) |
|
18240 | 303 |
throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
304 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 305 |
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces); |
1337 | 306 |
} |
2 | 307 |
|
1337 | 308 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
309 |
* Canonicalizes the subtree rooted by {@code node}. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
310 |
* |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
311 |
* @param node |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
312 |
* @param inclusiveNamespaces |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
313 |
* @return the result of the c14n. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
314 |
* @throws CanonicalizationException |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
315 |
*/ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
316 |
public byte[] canonicalizeSubtree(Node node, String inclusiveNamespaces, boolean propagateDefaultNamespace) |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
317 |
throws CanonicalizationException { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
318 |
canonicalizerSpi.secureValidation = secureValidation; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
319 |
return canonicalizerSpi.engineCanonicalizeSubTree(node, inclusiveNamespaces, propagateDefaultNamespace); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
320 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
321 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
322 |
/** |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
323 |
* Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated |
1337 | 324 |
* as a list of XPath nodes, not as a list of subtrees. |
325 |
* |
|
326 |
* @param xpathNodeSet |
|
327 |
* @return the result of the c14n. |
|
328 |
* @throws CanonicalizationException |
|
329 |
*/ |
|
330 |
public byte[] canonicalizeXPathNodeSet(NodeList xpathNodeSet) |
|
18240 | 331 |
throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
332 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 333 |
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); |
1337 | 334 |
} |
2 | 335 |
|
1337 | 336 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
337 |
* Canonicalizes an XPath node set. The {@code xpathNodeSet} is treated |
1337 | 338 |
* as a list of XPath nodes, not as a list of subtrees. |
339 |
* |
|
340 |
* @param xpathNodeSet |
|
341 |
* @param inclusiveNamespaces |
|
342 |
* @return the result of the c14n. |
|
343 |
* @throws CanonicalizationException |
|
344 |
*/ |
|
345 |
public byte[] canonicalizeXPathNodeSet( |
|
18240 | 346 |
NodeList xpathNodeSet, String inclusiveNamespaces |
347 |
) throws CanonicalizationException { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
348 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 349 |
return |
350 |
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces); |
|
1337 | 351 |
} |
2 | 352 |
|
1337 | 353 |
/** |
354 |
* Canonicalizes an XPath node set. |
|
355 |
* |
|
356 |
* @param xpathNodeSet |
|
357 |
* @return the result of the c14n. |
|
358 |
* @throws CanonicalizationException |
|
359 |
*/ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
360 |
public byte[] canonicalizeXPathNodeSet(Set<Node> xpathNodeSet) |
18240 | 361 |
throws CanonicalizationException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
362 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 363 |
return canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet); |
1337 | 364 |
} |
2 | 365 |
|
1337 | 366 |
/** |
367 |
* Canonicalizes an XPath node set. |
|
368 |
* |
|
369 |
* @param xpathNodeSet |
|
370 |
* @param inclusiveNamespaces |
|
371 |
* @return the result of the c14n. |
|
372 |
* @throws CanonicalizationException |
|
373 |
*/ |
|
18240 | 374 |
public byte[] canonicalizeXPathNodeSet( |
375 |
Set<Node> xpathNodeSet, String inclusiveNamespaces |
|
376 |
) throws CanonicalizationException { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
377 |
canonicalizerSpi.secureValidation = secureValidation; |
18240 | 378 |
return |
379 |
canonicalizerSpi.engineCanonicalizeXPathNodeSet(xpathNodeSet, inclusiveNamespaces); |
|
1337 | 380 |
} |
2 | 381 |
|
1337 | 382 |
/** |
383 |
* Sets the writer where the canonicalization ends. ByteArrayOutputStream |
|
384 |
* if none is set. |
|
385 |
* @param os |
|
386 |
*/ |
|
387 |
public void setWriter(OutputStream os) { |
|
18240 | 388 |
canonicalizerSpi.setWriter(os); |
1337 | 389 |
} |
2 | 390 |
|
1337 | 391 |
/** |
392 |
* Returns the name of the implementing {@link CanonicalizerSpi} class |
|
393 |
* |
|
394 |
* @return the name of the implementing {@link CanonicalizerSpi} class |
|
395 |
*/ |
|
396 |
public String getImplementingCanonicalizerClass() { |
|
18240 | 397 |
return canonicalizerSpi.getClass().getName(); |
1337 | 398 |
} |
2 | 399 |
|
1337 | 400 |
/** |
401 |
* Set the canonicalizer behaviour to not reset. |
|
402 |
*/ |
|
403 |
public void notReset() { |
|
18240 | 404 |
canonicalizerSpi.reset = false; |
1337 | 405 |
} |
18240 | 406 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
407 |
public boolean isSecureValidation() { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
408 |
return secureValidation; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
409 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
410 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
411 |
public void setSecureValidation(boolean secureValidation) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
412 |
this.secureValidation = secureValidation; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
413 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
414 |
|
2 | 415 |
} |