author | jlaskey |
Thu, 21 Jun 2018 08:58:59 -0300 | |
changeset 50695 | 36ca515343e0 |
parent 50614 | 3810c9a2efa1 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
2 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
21 |
* under the License. |
2 | 22 |
*/ |
23 |
package com.sun.org.apache.xml.internal.security.transforms; |
|
24 |
||
25 |
import java.io.IOException; |
|
26 |
import java.io.OutputStream; |
|
27 |
||
28 |
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; |
|
29 |
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; |
|
30 |
import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException; |
|
31 |
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; |
|
32 |
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; |
|
33 |
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; |
|
34 |
import com.sun.org.apache.xml.internal.security.utils.Constants; |
|
35 |
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; |
|
36 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
|
37 |
import org.w3c.dom.DOMException; |
|
38 |
import org.w3c.dom.Document; |
|
39 |
import org.w3c.dom.Element; |
|
40 |
import org.w3c.dom.NodeList; |
|
41 |
||
42 |
/** |
|
1337 | 43 |
* Holder of the {@link com.sun.org.apache.xml.internal.security.transforms.Transform} steps to |
44 |
* be performed on the data. |
|
45 |
* The input to the first Transform is the result of dereferencing the |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
46 |
* {@code URI} attribute of the {@code Reference} element. |
1337 | 47 |
* The output from the last Transform is the input for the |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
48 |
* {@code DigestMethod algorithm} |
2 | 49 |
* |
50 |
* @see Transform |
|
51 |
* @see com.sun.org.apache.xml.internal.security.signature.Reference |
|
52 |
*/ |
|
53 |
public class Transforms extends SignatureElementProxy { |
|
54 |
||
1337 | 55 |
/** Canonicalization - Required Canonical XML (omits comments) */ |
56 |
public static final String TRANSFORM_C14N_OMIT_COMMENTS |
|
57 |
= Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
58 |
|
1337 | 59 |
/** Canonicalization - Recommended Canonical XML with Comments */ |
60 |
public static final String TRANSFORM_C14N_WITH_COMMENTS |
|
61 |
= Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
62 |
|
1337 | 63 |
/** Canonicalization - Required Canonical XML 1.1 (omits comments) */ |
64 |
public static final String TRANSFORM_C14N11_OMIT_COMMENTS |
|
65 |
= Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
66 |
|
1337 | 67 |
/** Canonicalization - Recommended Canonical XML 1.1 with Comments */ |
68 |
public static final String TRANSFORM_C14N11_WITH_COMMENTS |
|
69 |
= Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
70 |
|
1337 | 71 |
/** Canonicalization - Required Exclusive Canonicalization (omits comments) */ |
72 |
public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS |
|
73 |
= Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
74 |
|
1337 | 75 |
/** Canonicalization - Recommended Exclusive Canonicalization with Comments */ |
76 |
public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS |
|
77 |
= Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
78 |
|
1337 | 79 |
/** Transform - Optional XSLT */ |
80 |
public static final String TRANSFORM_XSLT |
|
81 |
= "http://www.w3.org/TR/1999/REC-xslt-19991116"; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
82 |
|
1337 | 83 |
/** Transform - Required base64 decoding */ |
84 |
public static final String TRANSFORM_BASE64_DECODE |
|
85 |
= Constants.SignatureSpecNS + "base64"; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
86 |
|
1337 | 87 |
/** Transform - Recommended XPath */ |
88 |
public static final String TRANSFORM_XPATH |
|
89 |
= "http://www.w3.org/TR/1999/REC-xpath-19991116"; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
90 |
|
1337 | 91 |
/** Transform - Required Enveloped Signature */ |
92 |
public static final String TRANSFORM_ENVELOPED_SIGNATURE |
|
93 |
= Constants.SignatureSpecNS + "enveloped-signature"; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
94 |
|
1337 | 95 |
/** Transform - XPointer */ |
96 |
public static final String TRANSFORM_XPOINTER |
|
97 |
= "http://www.w3.org/TR/2001/WD-xptr-20010108"; |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
98 |
|
1337 | 99 |
/** Transform - XPath Filter */ |
100 |
public static final String TRANSFORM_XPATH2FILTER |
|
101 |
= "http://www.w3.org/2002/06/xmldsig-filter2"; |
|
2 | 102 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
103 |
private static final com.sun.org.slf4j.internal.Logger LOG = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
104 |
com.sun.org.slf4j.internal.LoggerFactory.getLogger(Transforms.class); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
105 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
106 |
private Element[] transforms; |
2 | 107 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
108 |
protected Transforms() { } |
2 | 109 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
110 |
private boolean secureValidation; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
111 |
|
1337 | 112 |
/** |
113 |
* Constructs {@link Transforms}. |
|
114 |
* |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
115 |
* @param doc the {@link Document} in which {@code XMLSignature} will |
1337 | 116 |
* be placed |
117 |
*/ |
|
118 |
public Transforms(Document doc) { |
|
119 |
super(doc); |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
120 |
addReturnToSelf(); |
1337 | 121 |
} |
122 |
||
123 |
/** |
|
124 |
* Constructs {@link Transforms} from {@link Element} which is |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
125 |
* {@code Transforms} Element |
1337 | 126 |
* |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
127 |
* @param element is {@code Transforms} element |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
128 |
* @param baseURI the URI where the XML instance was stored |
1337 | 129 |
* @throws DOMException |
130 |
* @throws InvalidTransformException |
|
131 |
* @throws TransformationException |
|
132 |
* @throws XMLSecurityException |
|
133 |
* @throws XMLSignatureException |
|
134 |
*/ |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
135 |
public Transforms(Element element, String baseURI) |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
136 |
throws DOMException, XMLSignatureException, InvalidTransformException, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
137 |
TransformationException, XMLSecurityException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
138 |
super(element, baseURI); |
2 | 139 |
|
1337 | 140 |
int numberOfTransformElems = this.getLength(); |
2 | 141 |
|
1337 | 142 |
if (numberOfTransformElems == 0) { |
143 |
// At least one Transform element must be present. Bad. |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
144 |
Object exArgs[] = { Constants._TAG_TRANSFORM, Constants._TAG_TRANSFORMS }; |
2 | 145 |
|
1337 | 146 |
throw new TransformationException("xml.WrongContent", exArgs); |
147 |
} |
|
148 |
} |
|
2 | 149 |
|
1337 | 150 |
/** |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
151 |
* Set whether secure validation is enabled or not. The default is false. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
152 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
153 |
public void setSecureValidation(boolean secureValidation) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
154 |
this.secureValidation = secureValidation; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
155 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
156 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
157 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
158 |
* Adds the {@code Transform} with the specified <code>Transform |
1337 | 159 |
* algorithm URI</code> |
160 |
* |
|
161 |
* @param transformURI the URI form of transform that indicates which |
|
162 |
* transformation is applied to data |
|
163 |
* @throws TransformationException |
|
164 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
165 |
public void addTransform(String transformURI) throws TransformationException { |
1337 | 166 |
try { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
167 |
LOG.debug("Transforms.addTransform({})", transformURI); |
2 | 168 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
169 |
Transform transform = new Transform(getDocument(), transformURI); |
2 | 170 |
|
1337 | 171 |
this.addTransform(transform); |
172 |
} catch (InvalidTransformException ex) { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
173 |
throw new TransformationException(ex); |
1337 | 174 |
} |
175 |
} |
|
2 | 176 |
|
1337 | 177 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
178 |
* Adds the {@code Transform} with the specified <code>Transform |
1337 | 179 |
* algorithm URI</code> |
180 |
* |
|
181 |
* @param transformURI the URI form of transform that indicates which |
|
182 |
* transformation is applied to data |
|
183 |
* @param contextElement |
|
184 |
* @throws TransformationException |
|
185 |
*/ |
|
186 |
public void addTransform(String transformURI, Element contextElement) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
187 |
throws TransformationException { |
1337 | 188 |
try { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
189 |
LOG.debug("Transforms.addTransform({})", transformURI); |
2 | 190 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
191 |
Transform transform = new Transform(getDocument(), transformURI, contextElement); |
2 | 192 |
|
1337 | 193 |
this.addTransform(transform); |
194 |
} catch (InvalidTransformException ex) { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
195 |
throw new TransformationException(ex); |
1337 | 196 |
} |
197 |
} |
|
2 | 198 |
|
1337 | 199 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
200 |
* Adds the {@code Transform} with the specified <code>Transform |
1337 | 201 |
* algorithm URI</code>. |
202 |
* |
|
203 |
* @param transformURI the URI form of transform that indicates which |
|
204 |
* transformation is applied to data |
|
205 |
* @param contextNodes |
|
206 |
* @throws TransformationException |
|
207 |
*/ |
|
208 |
public void addTransform(String transformURI, NodeList contextNodes) |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
209 |
throws TransformationException { |
2 | 210 |
|
1337 | 211 |
try { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
212 |
Transform transform = new Transform(getDocument(), transformURI, contextNodes); |
1337 | 213 |
this.addTransform(transform); |
214 |
} catch (InvalidTransformException ex) { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
215 |
throw new TransformationException(ex); |
1337 | 216 |
} |
217 |
} |
|
2 | 218 |
|
1337 | 219 |
/** |
220 |
* Adds a user-provided Transform step. |
|
221 |
* |
|
222 |
* @param transform {@link Transform} object |
|
223 |
*/ |
|
224 |
private void addTransform(Transform transform) { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
225 |
LOG.debug("Transforms.addTransform({})", transform.getURI()); |
2 | 226 |
|
1337 | 227 |
Element transformElement = transform.getElement(); |
2 | 228 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
229 |
appendSelf(transformElement); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
230 |
addReturnToSelf(); |
1337 | 231 |
} |
2 | 232 |
|
1337 | 233 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
234 |
* Applies all included {@code Transform}s to xmlSignatureInput and |
1337 | 235 |
* returns the result of these transformations. |
236 |
* |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
237 |
* @param xmlSignatureInput the input for the {@code Transform}s |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
238 |
* @return the result of the {@code Transforms} |
1337 | 239 |
* @throws TransformationException |
240 |
*/ |
|
241 |
public XMLSignatureInput performTransforms( |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
242 |
XMLSignatureInput xmlSignatureInput |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
243 |
) throws TransformationException { |
1337 | 244 |
return performTransforms(xmlSignatureInput, null); |
245 |
} |
|
2 | 246 |
|
1337 | 247 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
248 |
* Applies all included {@code Transform}s to xmlSignatureInput and |
1337 | 249 |
* returns the result of these transformations. |
250 |
* |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
251 |
* @param xmlSignatureInput the input for the {@code Transform}s |
1337 | 252 |
* @param os where to output the last transformation. |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
253 |
* @return the result of the {@code Transforms} |
1337 | 254 |
* @throws TransformationException |
255 |
*/ |
|
2 | 256 |
public XMLSignatureInput performTransforms( |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
257 |
XMLSignatureInput xmlSignatureInput, OutputStream os |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
258 |
) throws TransformationException { |
1337 | 259 |
try { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
260 |
int last = this.getLength() - 1; |
1337 | 261 |
for (int i = 0; i < last; i++) { |
262 |
Transform t = this.item(i); |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
263 |
LOG.debug("Perform the ({})th {} transform", i, t.getURI()); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
264 |
checkSecureValidation(t); |
1337 | 265 |
xmlSignatureInput = t.performTransform(xmlSignatureInput); |
2 | 266 |
} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
267 |
if (last >= 0) { |
1337 | 268 |
Transform t = this.item(last); |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
269 |
LOG.debug("Perform the ({})th {} transform", last, t.getURI()); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
270 |
checkSecureValidation(t); |
1337 | 271 |
xmlSignatureInput = t.performTransform(xmlSignatureInput, os); |
272 |
} |
|
2 | 273 |
|
1337 | 274 |
return xmlSignatureInput; |
275 |
} catch (IOException ex) { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
276 |
throw new TransformationException(ex); |
1337 | 277 |
} catch (CanonicalizationException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
278 |
throw new TransformationException(ex); |
1337 | 279 |
} catch (InvalidCanonicalizerException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
280 |
throw new TransformationException(ex); |
1337 | 281 |
} |
282 |
} |
|
2 | 283 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
284 |
private void checkSecureValidation(Transform transform) throws TransformationException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
285 |
String uri = transform.getURI(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
286 |
if (secureValidation && Transforms.TRANSFORM_XSLT.equals(uri)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
287 |
Object exArgs[] = { uri }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
288 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
289 |
throw new TransformationException( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
290 |
"signature.Transform.ForbiddenTransform", exArgs |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
291 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
292 |
} |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
293 |
transform.setSecureValidation(secureValidation); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
294 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
295 |
|
1337 | 296 |
/** |
297 |
* Return the nonnegative number of transformations. |
|
298 |
* |
|
299 |
* @return the number of transformations |
|
300 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
301 |
public int getLength() { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
302 |
initTransforms(); |
1337 | 303 |
return transforms.length; |
304 |
} |
|
2 | 305 |
|
1337 | 306 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
307 |
* Return the <i>i</i><sup>th</sup> {@code {@link Transform}}. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
308 |
* Valid {@code i} values are 0 to {@code {@link #getLength}-1}. |
1337 | 309 |
* |
310 |
* @param i index of {@link Transform} to return |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
311 |
* @return the <i>i</i><sup>th</sup> Transform |
1337 | 312 |
* @throws TransformationException |
313 |
*/ |
|
314 |
public Transform item(int i) throws TransformationException { |
|
315 |
try { |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
316 |
initTransforms(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18240
diff
changeset
|
317 |
return new Transform(transforms[i], this.baseURI); |
1337 | 318 |
} catch (XMLSecurityException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
319 |
throw new TransformationException(ex); |
1337 | 320 |
} |
321 |
} |
|
2 | 322 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
323 |
private void initTransforms() { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
324 |
if (transforms == null) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
325 |
transforms = XMLUtils.selectDsNodes(getFirstChild(), "Transform"); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
326 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
327 |
} |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
328 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
329 |
/** {@inheritDoc} */ |
1337 | 330 |
public String getBaseLocalName() { |
331 |
return Constants._TAG_TRANSFORMS; |
|
332 |
} |
|
2 | 333 |
} |