author | mullan |
Mon, 26 Sep 2011 17:20:45 -0700 | |
changeset 10694 | cf59e2badd14 |
parent 1337 | e8d6cef36199 |
child 18240 | cda839ac048f |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
5 |
/* |
|
1337 | 6 |
* Copyright 1999-2007 The Apache Software Foundation. |
2 | 7 |
* |
8 |
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
9 |
* you may not use this file except in compliance with the License. |
|
10 |
* You may obtain a copy of the License at |
|
11 |
* |
|
12 |
* http://www.apache.org/licenses/LICENSE-2.0 |
|
13 |
* |
|
14 |
* Unless required by applicable law or agreed to in writing, software |
|
15 |
* distributed under the License is distributed on an "AS IS" BASIS, |
|
16 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
17 |
* See the License for the specific language governing permissions and |
|
18 |
* limitations under the License. |
|
19 |
* |
|
20 |
*/ |
|
21 |
package com.sun.org.apache.xml.internal.security.transforms.implementations; |
|
22 |
||
23 |
import java.io.ByteArrayInputStream; |
|
24 |
import java.io.ByteArrayOutputStream; |
|
25 |
import java.io.IOException; |
|
26 |
import java.io.OutputStream; |
|
1337 | 27 |
import java.lang.reflect.Method; |
2 | 28 |
|
29 |
import javax.xml.transform.Source; |
|
30 |
import javax.xml.transform.Transformer; |
|
31 |
import javax.xml.transform.TransformerConfigurationException; |
|
32 |
import javax.xml.transform.TransformerException; |
|
33 |
import javax.xml.transform.TransformerFactory; |
|
34 |
import javax.xml.transform.dom.DOMSource; |
|
35 |
import javax.xml.transform.stream.StreamResult; |
|
36 |
import javax.xml.transform.stream.StreamSource; |
|
37 |
||
38 |
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; |
|
39 |
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; |
|
1337 | 40 |
import com.sun.org.apache.xml.internal.security.transforms.Transform; |
2 | 41 |
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; |
42 |
import com.sun.org.apache.xml.internal.security.transforms.TransformationException; |
|
43 |
import com.sun.org.apache.xml.internal.security.transforms.Transforms; |
|
44 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
|
45 |
import org.w3c.dom.Element; |
|
46 |
||
47 |
/** |
|
48 |
* Class TransformXSLT |
|
49 |
* |
|
50 |
* Implements the <CODE>http://www.w3.org/TR/1999/REC-xslt-19991116</CODE> |
|
51 |
* transform. |
|
52 |
* |
|
53 |
* @author Christian Geuer-Pollmann |
|
54 |
*/ |
|
55 |
public class TransformXSLT extends TransformSpi { |
|
56 |
||
57 |
/** Field implementedTransformURI */ |
|
58 |
public static final String implementedTransformURI = |
|
59 |
Transforms.TRANSFORM_XSLT; |
|
60 |
//J- |
|
61 |
static final String XSLTSpecNS = "http://www.w3.org/1999/XSL/Transform"; |
|
62 |
static final String defaultXSLTSpecNSprefix = "xslt"; |
|
63 |
static final String XSLTSTYLESHEET = "stylesheet"; |
|
64 |
||
1337 | 65 |
static java.util.logging.Logger log = |
66 |
java.util.logging.Logger.getLogger( |
|
67 |
TransformXSLT.class.getName()); |
|
2 | 68 |
|
69 |
/** |
|
70 |
* Method engineGetURI |
|
71 |
* |
|
72 |
* @inheritDoc |
|
73 |
*/ |
|
74 |
protected String engineGetURI() { |
|
75 |
return implementedTransformURI; |
|
76 |
} |
|
77 |
||
78 |
/** |
|
79 |
* Method enginePerformTransform |
|
80 |
* |
|
81 |
* @param input the input for this transform |
|
82 |
* @return the result of this Transform |
|
83 |
* @throws IOException |
|
84 |
* @throws TransformationException |
|
85 |
*/ |
|
1337 | 86 |
protected XMLSignatureInput enginePerformTransform |
87 |
(XMLSignatureInput input, Transform _transformObject) |
|
2 | 88 |
throws IOException, |
89 |
TransformationException { |
|
1337 | 90 |
return enginePerformTransform(input, null, _transformObject); |
2 | 91 |
} |
1337 | 92 |
|
93 |
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,OutputStream baos, Transform _transformObject) |
|
2 | 94 |
throws IOException, |
95 |
TransformationException { |
|
96 |
try { |
|
1337 | 97 |
Element transformElement = _transformObject.getElement(); |
2 | 98 |
|
99 |
Element _xsltElement = |
|
100 |
XMLUtils.selectNode(transformElement.getFirstChild(), |
|
101 |
XSLTSpecNS,"stylesheet", 0); |
|
102 |
||
103 |
if (_xsltElement == null) { |
|
104 |
Object exArgs[] = { "xslt:stylesheet", "Transform" }; |
|
105 |
||
106 |
throw new TransformationException("xml.WrongContent", exArgs); |
|
107 |
} |
|
108 |
||
109 |
TransformerFactory tFactory = TransformerFactory.newInstance(); |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
110 |
|
2 | 111 |
// Process XSLT stylesheets in a secure manner |
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
112 |
tFactory.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE); |
2 | 113 |
/* |
114 |
* This transform requires an octet stream as input. If the actual |
|
115 |
* input is an XPath node-set, then the signature application should |
|
116 |
* attempt to convert it to octets (apply Canonical XML]) as described |
|
117 |
* in the Reference Processing Model (section 4.3.3.2). |
|
118 |
*/ |
|
119 |
Source xmlSource = |
|
120 |
new StreamSource(new ByteArrayInputStream(input.getBytes())); |
|
121 |
Source stylesheet; |
|
122 |
||
123 |
/* |
|
124 |
* This complicated transformation of the stylesheet itself is necessary |
|
125 |
* because of the need to get the pure style sheet. If we simply say |
|
126 |
* Source stylesheet = new DOMSource(this._xsltElement); |
|
127 |
* whereby this._xsltElement is not the rootElement of the Document, |
|
128 |
* this causes problems; |
|
129 |
* so we convert the stylesheet to byte[] and use this as input stream |
|
130 |
*/ |
|
131 |
{ |
|
132 |
ByteArrayOutputStream os = new ByteArrayOutputStream(); |
|
133 |
Transformer transformer = tFactory.newTransformer(); |
|
134 |
DOMSource source = new DOMSource(_xsltElement); |
|
135 |
StreamResult result = new StreamResult(os); |
|
136 |
||
137 |
transformer.transform(source, result); |
|
138 |
||
139 |
stylesheet = |
|
140 |
new StreamSource(new ByteArrayInputStream(os.toByteArray())); |
|
141 |
} |
|
142 |
||
143 |
Transformer transformer = tFactory.newTransformer(stylesheet); |
|
1337 | 144 |
|
145 |
// Force Xalan to use \n as line separator on all OSes. This |
|
146 |
// avoids OS specific signature validation failures due to line |
|
147 |
// separator differences in the transformed output. Unfortunately, |
|
148 |
// this is not a standard JAXP property so will not work with non-Xalan |
|
149 |
// implementations. |
|
150 |
try { |
|
151 |
transformer.setOutputProperty |
|
152 |
("{http://xml.apache.org/xalan}line-separator", "\n"); |
|
153 |
} catch (Exception e) { |
|
154 |
log.log(java.util.logging.Level.WARNING, "Unable to set Xalan line-separator property: " |
|
155 |
+ e.getMessage()); |
|
156 |
} |
|
157 |
||
2 | 158 |
if (baos==null) { |
1337 | 159 |
ByteArrayOutputStream baos1 = new ByteArrayOutputStream(); |
160 |
StreamResult outputTarget = new StreamResult(baos1); |
|
161 |
transformer.transform(xmlSource, outputTarget); |
|
162 |
return new XMLSignatureInput(baos1.toByteArray()); |
|
2 | 163 |
} |
164 |
StreamResult outputTarget = new StreamResult(baos); |
|
165 |
||
166 |
transformer.transform(xmlSource, outputTarget); |
|
167 |
XMLSignatureInput output=new XMLSignatureInput((byte[])null); |
|
168 |
output.setOutputStream(baos); |
|
169 |
return output; |
|
170 |
} catch (XMLSecurityException ex) { |
|
171 |
Object exArgs[] = { ex.getMessage() }; |
|
172 |
||
173 |
throw new TransformationException("generic.EmptyMessage", exArgs, ex); |
|
174 |
} catch (TransformerConfigurationException ex) { |
|
175 |
Object exArgs[] = { ex.getMessage() }; |
|
176 |
||
177 |
throw new TransformationException("generic.EmptyMessage", exArgs, ex); |
|
178 |
} catch (TransformerException ex) { |
|
179 |
Object exArgs[] = { ex.getMessage() }; |
|
180 |
||
181 |
throw new TransformationException("generic.EmptyMessage", exArgs, ex); |
|
182 |
} |
|
183 |
} |
|
184 |
} |