2
|
1 |
/*
|
|
2 |
* reserved comment block
|
|
3 |
* DO NOT REMOVE OR ALTER!
|
|
4 |
*/
|
|
5 |
/*
|
|
6 |
* Copyright 1999-2004 The Apache Software Foundation.
|
|
7 |
*
|
|
8 |
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
9 |
* you may not use this file except in compliance with the License.
|
|
10 |
* You may obtain a copy of the License at
|
|
11 |
*
|
|
12 |
* http://www.apache.org/licenses/LICENSE-2.0
|
|
13 |
*
|
|
14 |
* Unless required by applicable law or agreed to in writing, software
|
|
15 |
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
16 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
17 |
* See the License for the specific language governing permissions and
|
|
18 |
* limitations under the License.
|
|
19 |
*
|
|
20 |
*/
|
|
21 |
package com.sun.org.apache.xml.internal.security.transforms.implementations;
|
|
22 |
|
|
23 |
|
|
24 |
|
|
25 |
import java.io.IOException;
|
|
26 |
import java.util.ArrayList;
|
1337
|
27 |
import java.util.HashSet;
|
|
28 |
import java.util.Iterator;
|
2
|
29 |
import java.util.List;
|
1337
|
30 |
import java.util.Set;
|
2
|
31 |
|
|
32 |
import javax.xml.parsers.ParserConfigurationException;
|
|
33 |
import javax.xml.transform.TransformerException;
|
|
34 |
|
|
35 |
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
|
|
36 |
import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException;
|
|
37 |
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
|
|
38 |
import com.sun.org.apache.xml.internal.security.signature.NodeFilter;
|
|
39 |
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
|
1337
|
40 |
import com.sun.org.apache.xml.internal.security.transforms.Transform;
|
2
|
41 |
import com.sun.org.apache.xml.internal.security.transforms.TransformSpi;
|
|
42 |
import com.sun.org.apache.xml.internal.security.transforms.TransformationException;
|
|
43 |
import com.sun.org.apache.xml.internal.security.transforms.Transforms;
|
|
44 |
import com.sun.org.apache.xml.internal.security.transforms.params.XPath2FilterContainer;
|
|
45 |
import com.sun.org.apache.xml.internal.security.utils.CachedXPathAPIHolder;
|
|
46 |
import com.sun.org.apache.xml.internal.security.utils.CachedXPathFuncHereAPI;
|
|
47 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
|
|
48 |
import org.w3c.dom.DOMException;
|
|
49 |
import org.w3c.dom.Document;
|
|
50 |
import org.w3c.dom.Element;
|
|
51 |
import org.w3c.dom.Node;
|
|
52 |
import org.w3c.dom.NodeList;
|
|
53 |
import org.xml.sax.SAXException;
|
|
54 |
|
|
55 |
/**
|
|
56 |
* Implements the <I>XML Signature XPath Filter v2.0</I>
|
|
57 |
*
|
|
58 |
* @author $Author: mullan $
|
|
59 |
* @see <A HREF="http://www.w3.org/TR/xmldsig-filter2/">XPath Filter v2.0 (TR)</A>
|
|
60 |
* @see <a HREF="http://www.w3.org/Signature/Drafts/xmldsig-xfilter2/">XPath Filter v2.0 (editors copy)</a>
|
|
61 |
*/
|
|
62 |
public class TransformXPath2Filter extends TransformSpi {
|
|
63 |
|
|
64 |
/** {@link java.util.logging} logging facility */
|
|
65 |
// static java.util.logging.Logger log =
|
|
66 |
// java.util.logging.Logger.getLogger(
|
|
67 |
// TransformXPath2Filter.class.getName());
|
|
68 |
|
|
69 |
/** Field implementedTransformURI */
|
|
70 |
public static final String implementedTransformURI =
|
|
71 |
Transforms.TRANSFORM_XPATH2FILTER;
|
|
72 |
//J-
|
|
73 |
// contains the type of the filter
|
|
74 |
|
|
75 |
// contains the node set
|
|
76 |
|
|
77 |
/**
|
|
78 |
* Method engineGetURI
|
|
79 |
*
|
|
80 |
* @inheritDoc
|
|
81 |
*/
|
|
82 |
protected String engineGetURI() {
|
|
83 |
return implementedTransformURI;
|
|
84 |
}
|
|
85 |
|
|
86 |
|
|
87 |
|
|
88 |
/**
|
|
89 |
* Method enginePerformTransform
|
|
90 |
* @inheritDoc
|
|
91 |
* @param input
|
|
92 |
*
|
|
93 |
* @throws TransformationException
|
|
94 |
*/
|
1337
|
95 |
protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform _transformObject)
|
2
|
96 |
throws TransformationException {
|
1337
|
97 |
CachedXPathAPIHolder.setDoc(_transformObject.getElement().getOwnerDocument());
|
2
|
98 |
try {
|
|
99 |
List unionNodes=new ArrayList();
|
|
100 |
List substractNodes=new ArrayList();
|
|
101 |
List intersectNodes=new ArrayList();
|
|
102 |
|
|
103 |
CachedXPathFuncHereAPI xPathFuncHereAPI =
|
|
104 |
new CachedXPathFuncHereAPI(CachedXPathAPIHolder.getCachedXPathAPI());
|
|
105 |
|
|
106 |
|
|
107 |
Element []xpathElements =XMLUtils.selectNodes(
|
1337
|
108 |
_transformObject.getElement().getFirstChild(),
|
2
|
109 |
XPath2FilterContainer.XPathFilter2NS,
|
|
110 |
XPath2FilterContainer._TAG_XPATH2);
|
|
111 |
int noOfSteps = xpathElements.length;
|
|
112 |
|
|
113 |
|
|
114 |
if (noOfSteps == 0) {
|
|
115 |
Object exArgs[] = { Transforms.TRANSFORM_XPATH2FILTER, "XPath" };
|
|
116 |
|
|
117 |
throw new TransformationException("xml.WrongContent", exArgs);
|
|
118 |
}
|
|
119 |
|
|
120 |
Document inputDoc = null;
|
|
121 |
if (input.getSubNode() != null) {
|
|
122 |
inputDoc = XMLUtils.getOwnerDocument(input.getSubNode());
|
|
123 |
} else {
|
|
124 |
inputDoc = XMLUtils.getOwnerDocument(input.getNodeSet());
|
|
125 |
}
|
|
126 |
|
|
127 |
for (int i = 0; i < noOfSteps; i++) {
|
|
128 |
Element xpathElement =XMLUtils.selectNode(
|
1337
|
129 |
_transformObject.getElement().getFirstChild(),
|
2
|
130 |
XPath2FilterContainer.XPathFilter2NS,
|
|
131 |
XPath2FilterContainer._TAG_XPATH2,i);
|
|
132 |
XPath2FilterContainer xpathContainer =
|
|
133 |
XPath2FilterContainer.newInstance(xpathElement,
|
|
134 |
input.getSourceURI());
|
|
135 |
|
|
136 |
|
|
137 |
NodeList subtreeRoots = xPathFuncHereAPI.selectNodeList(inputDoc,
|
|
138 |
xpathContainer.getXPathFilterTextNode(),
|
|
139 |
CachedXPathFuncHereAPI.getStrFromNode(xpathContainer.getXPathFilterTextNode()),
|
|
140 |
xpathContainer.getElement());
|
|
141 |
if (xpathContainer.isIntersect()) {
|
|
142 |
intersectNodes.add(subtreeRoots);
|
|
143 |
} else if (xpathContainer.isSubtract()) {
|
|
144 |
substractNodes.add(subtreeRoots);
|
|
145 |
} else if (xpathContainer.isUnion()) {
|
|
146 |
unionNodes.add(subtreeRoots);
|
|
147 |
}
|
|
148 |
}
|
|
149 |
|
|
150 |
|
1337
|
151 |
input.addNodeFilter(new XPath2NodeFilter(convertNodeListToSet(unionNodes),
|
|
152 |
convertNodeListToSet(substractNodes),convertNodeListToSet(intersectNodes)));
|
2
|
153 |
input.setNodeSet(true);
|
|
154 |
return input;
|
|
155 |
} catch (TransformerException ex) {
|
|
156 |
throw new TransformationException("empty", ex);
|
|
157 |
} catch (DOMException ex) {
|
|
158 |
throw new TransformationException("empty", ex);
|
|
159 |
} catch (CanonicalizationException ex) {
|
|
160 |
throw new TransformationException("empty", ex);
|
|
161 |
} catch (InvalidCanonicalizerException ex) {
|
|
162 |
throw new TransformationException("empty", ex);
|
|
163 |
} catch (XMLSecurityException ex) {
|
|
164 |
throw new TransformationException("empty", ex);
|
|
165 |
} catch (SAXException ex) {
|
|
166 |
throw new TransformationException("empty", ex);
|
|
167 |
} catch (IOException ex) {
|
|
168 |
throw new TransformationException("empty", ex);
|
|
169 |
} catch (ParserConfigurationException ex) {
|
|
170 |
throw new TransformationException("empty", ex);
|
|
171 |
}
|
|
172 |
}
|
1337
|
173 |
static Set convertNodeListToSet(List l){
|
|
174 |
Set result=new HashSet();
|
|
175 |
for (int j=0;j<l.size();j++) {
|
|
176 |
NodeList rootNodes=(NodeList) l.get(j);
|
|
177 |
int length = rootNodes.getLength();
|
|
178 |
|
|
179 |
for (int i = 0; i < length; i++) {
|
|
180 |
Node rootNode = rootNodes.item(i);
|
|
181 |
result.add(rootNode);
|
|
182 |
|
|
183 |
}
|
|
184 |
|
|
185 |
}
|
|
186 |
return result;
|
|
187 |
}
|
2
|
188 |
}
|
|
189 |
|
|
190 |
class XPath2NodeFilter implements NodeFilter {
|
1337
|
191 |
boolean hasUnionNodes;
|
|
192 |
boolean hasSubstractNodes;
|
|
193 |
boolean hasIntersectNodes;
|
|
194 |
XPath2NodeFilter(Set unionNodes, Set substractNodes,
|
|
195 |
Set intersectNodes) {
|
2
|
196 |
this.unionNodes=unionNodes;
|
1337
|
197 |
hasUnionNodes=!unionNodes.isEmpty();
|
2
|
198 |
this.substractNodes=substractNodes;
|
1337
|
199 |
hasSubstractNodes=!substractNodes.isEmpty();
|
2
|
200 |
this.intersectNodes=intersectNodes;
|
1337
|
201 |
hasIntersectNodes=!intersectNodes.isEmpty();
|
2
|
202 |
}
|
1337
|
203 |
Set unionNodes;
|
|
204 |
Set substractNodes;
|
|
205 |
Set intersectNodes;
|
2
|
206 |
|
|
207 |
|
|
208 |
/**
|
|
209 |
* @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node)
|
|
210 |
*/
|
1337
|
211 |
public int isNodeInclude(Node currentNode) {
|
|
212 |
int result=1;
|
|
213 |
|
|
214 |
if (hasSubstractNodes && rooted(currentNode, substractNodes)) {
|
|
215 |
result = -1;
|
|
216 |
} else if (hasIntersectNodes && !rooted(currentNode, intersectNodes)) {
|
|
217 |
result = 0;
|
2
|
218 |
}
|
|
219 |
|
1337
|
220 |
//TODO OPTIMIZE
|
|
221 |
if (result==1)
|
|
222 |
return 1;
|
|
223 |
if (hasUnionNodes) {
|
|
224 |
if (rooted(currentNode, unionNodes)) {
|
|
225 |
return 1;
|
|
226 |
}
|
|
227 |
result=0;
|
|
228 |
}
|
|
229 |
return result;
|
2
|
230 |
|
|
231 |
}
|
1337
|
232 |
int inSubstract=-1;
|
|
233 |
int inIntersect=-1;
|
|
234 |
int inUnion=-1;
|
|
235 |
public int isNodeIncludeDO(Node n, int level) {
|
|
236 |
int result=1;
|
|
237 |
if (hasSubstractNodes) {
|
|
238 |
if ((inSubstract==-1) || (level<=inSubstract)) {
|
|
239 |
if (inList(n, substractNodes)) {
|
|
240 |
inSubstract=level;
|
|
241 |
} else {
|
|
242 |
inSubstract=-1;
|
|
243 |
}
|
|
244 |
}
|
|
245 |
if (inSubstract!=-1){
|
|
246 |
result=-1;
|
|
247 |
}
|
|
248 |
}
|
|
249 |
if (result!=-1){
|
|
250 |
if (hasIntersectNodes) {
|
|
251 |
if ((inIntersect==-1) || (level<=inIntersect)) {
|
|
252 |
if (!inList(n, intersectNodes)) {
|
|
253 |
inIntersect=-1;
|
|
254 |
result=0;
|
|
255 |
} else {
|
|
256 |
inIntersect=level;
|
|
257 |
}
|
|
258 |
}
|
|
259 |
}
|
|
260 |
}
|
|
261 |
|
|
262 |
if (level<=inUnion)
|
|
263 |
inUnion=-1;
|
|
264 |
if (result==1)
|
|
265 |
return 1;
|
|
266 |
if (hasUnionNodes) {
|
|
267 |
if ((inUnion==-1) && inList(n, unionNodes)) {
|
|
268 |
inUnion=level;
|
|
269 |
}
|
|
270 |
if (inUnion!=-1)
|
|
271 |
return 1;
|
|
272 |
result=0;
|
|
273 |
}
|
|
274 |
|
|
275 |
return result;
|
|
276 |
}
|
2
|
277 |
|
|
278 |
/**
|
|
279 |
* Method rooted
|
|
280 |
* @param currentNode
|
|
281 |
* @param nodeList
|
|
282 |
*
|
|
283 |
* @return if rooted bye the rootnodes
|
|
284 |
*/
|
1337
|
285 |
static boolean rooted(Node currentNode, Set nodeList ) {
|
|
286 |
if (nodeList.contains(currentNode)) {
|
|
287 |
return true;
|
|
288 |
}
|
|
289 |
Iterator it=nodeList.iterator();
|
|
290 |
while (it.hasNext()) {
|
|
291 |
Node rootNode = (Node) it.next();
|
|
292 |
if (XMLUtils.isDescendantOrSelf(rootNode,currentNode)) {
|
|
293 |
return true;
|
|
294 |
}
|
2
|
295 |
}
|
|
296 |
return false;
|
|
297 |
}
|
1337
|
298 |
|
|
299 |
/**
|
|
300 |
* Method rooted
|
|
301 |
* @param currentNode
|
|
302 |
* @param nodeList
|
|
303 |
*
|
|
304 |
* @return if rooted bye the rootnodes
|
|
305 |
*/
|
|
306 |
static boolean inList(Node currentNode, Set nodeList ) {
|
|
307 |
return nodeList.contains(currentNode);
|
|
308 |
}
|
2
|
309 |
}
|