src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java
--- a/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java Mon Jun 18 15:24:48 2018 -0700
+++ b/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java Tue Jun 19 08:06:35 2018 +0800
@@ -26,9 +26,7 @@
import java.io.OutputStream;
import java.util.Set;
-import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
@@ -39,12 +37,12 @@
/**
* Base class which all Canonicalization algorithms extend.
*
- * @author Christian Geuer-Pollmann
*/
public abstract class CanonicalizerSpi {
/** Reset the writer after a c14n */
protected boolean reset = false;
+ protected boolean secureValidation;
/**
* Method canonicalize
@@ -61,17 +59,14 @@
throws javax.xml.parsers.ParserConfigurationException, java.io.IOException,
org.xml.sax.SAXException, CanonicalizationException {
- java.io.InputStream bais = new ByteArrayInputStream(inputBytes);
- InputSource in = new InputSource(bais);
- DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
- dfactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
+ Document document = null;
+ try (java.io.InputStream bais = new ByteArrayInputStream(inputBytes)) {
+ InputSource in = new InputSource(bais);
- // needs to validate for ID attribute normalization
- dfactory.setNamespaceAware(true);
+ DocumentBuilder db = XMLUtils.createDocumentBuilder(false, secureValidation);
- DocumentBuilder db = dfactory.newDocumentBuilder();
-
- Document document = db.parse(in);
+ document = db.parse(in);
+ }
return this.engineCanonicalizeSubTree(document);
}
@@ -160,10 +155,31 @@
throws CanonicalizationException;
/**
+ * C14n a node tree.
+ *
+ * @param rootNode
+ * @param inclusiveNamespaces
+ * @param propagateDefaultNamespace If true the default namespace will be propagated to the c14n-ized root element
+ * @return the c14n bytes
+ * @throws CanonicalizationException
+ */
+ public abstract byte[] engineCanonicalizeSubTree(
+ Node rootNode, String inclusiveNamespaces, boolean propagateDefaultNamespace)
+ throws CanonicalizationException;
+
+ /**
* Sets the writer where the canonicalization ends. ByteArrayOutputStream if
* none is set.
* @param os
*/
public abstract void setWriter(OutputStream os);
+ public boolean isSecureValidation() {
+ return secureValidation;
+ }
+
+ public void setSecureValidation(boolean secureValidation) {
+ this.secureValidation = secureValidation;
+ }
+
}