Commit 68a68903acdfc738ad313211e0d669c479741285 - libxml-security-java

+1

-1

NOTICE less more

0	0	Apache Santuario - XML Security for Java
1		Copyright 1999-2014 The Apache Software Foundation
	1	Copyright 1999-2015 The Apache Software Foundation
2	2
3	3	This product includes software developed at
4	4	The Apache Software Foundation (http://www.apache.org/).

+10

-10

pom.xml less more

21	21	<artifactId>xmlsec</artifactId>
22	22	<packaging>bundle</packaging>
23	23	<name>Apache XML Security for Java</name>
24		<version>2.0.3</version>
	24	<version>2.0.4</version>
25	25	<description>
26	26	Apache XML Security for Java supports XML-Signature Syntax and Processing,
27	27	W3C Recommendation 12 February 2002, and XML Encryption Syntax and

56	56	</licenses>
57	57	<scm>
58	58	<connection>
59		scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.3
	59	scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.4
60	60	</connection>
61	61	<developerConnection>
62		scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.3
	62	scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.4
63	63	</developerConnection>
64		<url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.3</url>
	64	<url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.4</url>
65	65	</scm>
66	66	<organization>
67	67	<name>The Apache Software Foundation</name>

71	71	<parent>
72	72	<groupId>org.apache</groupId>
73	73	<artifactId>apache</artifactId>
74		<version>14</version>
	74	<version>16</version>
75	75	</parent>
76	76
77	77	<build>

132	132	<plugin>
133	133	<groupId>org.apache.maven.plugins</groupId>
134	134	<artifactId>maven-compiler-plugin</artifactId>
135		<version>3.1</version>
	135	<version>3.3</version>
136	136	<configuration>
137	137	<source>1.6</source>
138	138	<target>1.6</target>

267	267	<plugin>
268	268	<groupId>org.apache.maven.plugins</groupId>
269	269	<artifactId>maven-javadoc-plugin</artifactId>
270		<version>2.9.1</version>
	270	<version>2.10.1</version>
271	271	</plugin>
272	272
273	273	</plugins>

277	277	<plugin>
278	278	<groupId>org.apache.maven.plugins</groupId>
279	279	<artifactId>maven-javadoc-plugin</artifactId>
280		<version>2.9.1</version>
	280	<version>2.10.1</version>
281	281	<executions>
282	282	<execution>
283	283	<goals>

411	411	<xerces.version>2.11.0</xerces.version>
412	412	<junit.version>4.12</junit.version>
413	413	<log4j.version>1.2.17</log4j.version>
414		<bcprov.version>1.51</bcprov.version>
415		<xmlunit.version>1.5</xmlunit.version>
	414	<bcprov.version>1.52</bcprov.version>
	415	<xmlunit.version>1.6</xmlunit.version>
416	416	<commons.codec.version>1.10</commons.codec.version>
417	417	<woodstox.core.asl.version>4.4.1</woodstox.core.asl.version>
418	418	<jetty.version>8.1.4.v20120524</jetty.version>

+6

-6

src/main/java/org/apache/jcp/xml/dsig/internal/DigesterOutputStream.java less more

33	33
34	34	/**
35	35	* This class has been modified slightly to use java.security.MessageDigest
36		* objects as input, rather than
	36	* objects as input, rather than
37	37	* org.apache.xml.security.algorithms.MessageDigestAlgorithm objects.
38	38	* It also optionally caches the input bytes.
39	39	*

77	77	}
78	78	md.update((byte)input);
79	79	}
80
	80
81	81	@Override
82	82	public void write(byte[] input, int offset, int len) {
83	83	if (buffer) {

93	93	}
94	94	md.update(input, offset, len);
95	95	}
96
	96
97	97	/**
98		* @return the digest value
	98	* @return the digest value
99	99	*/
100	100	public byte[] getDigestValue() {
101		return md.digest();
	101	return md.digest();
102	102	}
103	103
104	104	/**

112	112	return null;
113	113	}
114	114	}
115
	115
116	116	@Override
117	117	public void close() throws IOException {
118	118	if (buffer) {

+2

-2

src/main/java/org/apache/jcp/xml/dsig/internal/MacOutputStream.java less more

21	21	import javax.crypto.Mac;
22	22
23	23	/**
24		* Derived from Apache sources and changed to use Mac objects instead of
	24	* Derived from Apache sources and changed to use Mac objects instead of
25	25	* org.apache.xml.security.algorithms.SignatureAlgorithm objects.
26	26	*
27	27	* @author raul

40	40	super.write(arg0);
41	41	mac.update((byte) arg0);
42	42	}
43
	43
44	44	@Override
45	45	public void write(byte[] arg0, int arg1, int arg2) {
46	46	super.write(arg0, arg1, arg2);

+2

-2

src/main/java/org/apache/jcp/xml/dsig/internal/SignerOutputStream.java less more

28	28	import java.security.SignatureException;
29	29
30	30	/**
31		* Derived from Apache sources and changed to use java.security.Signature
32		* objects as input instead of
	31	* Derived from Apache sources and changed to use java.security.Signature
	32	* objects as input instead of
33	33	* org.apache.xml.security.algorithms.SignatureAlgorithm objects.
34	34	*
35	35	* @author raul

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/AbstractDOMSignatureMethod.java less more

82	82	throws InvalidKeyException, XMLSignatureException;
83	83
84	84	/**
85		* Returns the java.security.Signature or javax.crypto.Mac standard
	85	* Returns the java.security.Signature or javax.crypto.Mac standard
86	86	* algorithm name.
87	87	*/
88	88	abstract String getJCAAlgorithm();

179	179	return getAlgorithm().equals(osm.getAlgorithm()) &&
180	180	paramsEqual(osm.getParameterSpec());
181	181	}
182
	182
183	183	@Override
184	184	public int hashCode() {
185	185	int result = 17;

188	188	if (spec != null) {
189	189	result = 31 * result + spec.hashCode();
190	190	}
191
	191
192	192	return result;
193	193	}
194	194

+7

-7

src/main/java/org/apache/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: ApacheCanonicalizer.java 1537965 2013-11-01 15:49:08Z coheigea $
	22	* $Id: ApacheCanonicalizer.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

58	58	protected C14NMethodParameterSpec params;
59	59	protected Document ownerDoc;
60	60	protected Element transformElem;
61
	61
62	62	public final AlgorithmParameterSpec getParameterSpec()
63	63	{
64	64	return params;

101	101	((javax.xml.crypto.dom.DOMStructure)parent).getNode();
102	102	ownerDoc = DOMUtils.getOwnerDocument(transformElem);
103	103	}
104
105		public Data canonicalize(Data data, XMLCryptoContext xc)
	104
	105	public Data canonicalize(Data data, XMLCryptoContext xc)
106	106	throws TransformException
107	107	{
108	108	return canonicalize(data, xc, null);
109	109	}
110	110
111		public Data canonicalize(Data data, XMLCryptoContext xc, OutputStream os)
	111	public Data canonicalize(Data data, XMLCryptoContext xc, OutputStream os)
112	112	throws TransformException
113	113	{
114	114	if (apacheCanonicalizer == null) {

135	135	try {
136	136	Set<Node> nodeSet = null;
137	137	if (data instanceof ApacheData) {
138		XMLSignatureInput in =
	138	XMLSignatureInput in =
139	139	((ApacheData)data).getXMLSignatureInput();
140	140	if (in.isElement()) {
141	141	if (inclusiveNamespaces != null) {

209	209
210	210	if (apacheTransform == null) {
211	211	try {
212		apacheTransform =
	212	apacheTransform =
213	213	new Transform(ownerDoc, getAlgorithm(), transformElem.getChildNodes());
214	214	apacheTransform.setElement(transformElem, xc.getBaseURI());
215	215	boolean secVal = Utils.secureValidation(xc);

+2

-2

src/main/java/org/apache/jcp/xml/dsig/internal/dom/ApacheData.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: ApacheData.java 1333869 2012-05-04 10:42:44Z coheigea $
	22	* $Id: ApacheData.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

27	27	import org.apache.xml.security.signature.XMLSignatureInput;
28	28
29	29	/**
30		* XMLSignatureInput Data wrapper.
	30	* XMLSignatureInput Data wrapper.
31	31	*
32	32	* @author Sean Mullan
33	33	*/

+2

-2

src/main/java/org/apache/jcp/xml/dsig/internal/dom/ApacheOctetStreamData.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: ApacheOctetStreamData.java 1423915 2012-12-19 16:17:25Z coheigea $
	22	* $Id: ApacheOctetStreamData.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

28	28	import org.apache.xml.security.c14n.CanonicalizationException;
29	29	import org.apache.xml.security.signature.XMLSignatureInput;
30	30
31		public class ApacheOctetStreamData extends OctetStreamData
	31	public class ApacheOctetStreamData extends OctetStreamData
32	32	implements ApacheData {
33	33
34	34	private XMLSignatureInput xi;

+7

-7

src/main/java/org/apache/jcp/xml/dsig/internal/dom/ApacheTransform.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: ApacheTransform.java 1537965 2013-11-01 15:49:08Z coheigea $
	22	* $Id: ApacheTransform.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

79	79	if (!(parent instanceof javax.xml.crypto.dom.DOMStructure)) {
80	80	throw new ClassCastException("parent must be of type DOMStructure");
81	81	}
82		transformElem = (Element)
	82	transformElem = (Element)
83	83	((javax.xml.crypto.dom.DOMStructure) parent).getNode();
84	84	ownerDoc = DOMUtils.getOwnerDocument(transformElem);
85	85	}

98	98	if (!(parent instanceof javax.xml.crypto.dom.DOMStructure)) {
99	99	throw new ClassCastException("parent must be of type DOMStructure");
100	100	}
101		transformElem = (Element)
	101	transformElem = (Element)
102	102	((javax.xml.crypto.dom.DOMStructure) parent).getNode();
103	103	ownerDoc = DOMUtils.getOwnerDocument(transformElem);
104	104	}

135	135
136	136	if (apacheTransform == null) {
137	137	try {
138		apacheTransform =
	138	apacheTransform =
139	139	new Transform(ownerDoc, getAlgorithm(), transformElem.getChildNodes());
140	140	apacheTransform.setElement(transformElem, xc.getBaseURI());
141	141	boolean secVal = Utils.secureValidation(xc);

147	147	} catch (Exception ex) {
148	148	throw new TransformException("Couldn't find Transform for: " +
149	149	getAlgorithm(), ex);
150		}
151		}
152
	150	}
	151	}
	152
153	153	if (Utils.secureValidation(xc)) {
154	154	String algorithm = getAlgorithm();
155	155	if (Transforms.TRANSFORM_XSLT.equals(algorithm)) {

+1

-1

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMCanonicalXMLC14N11Method.java less more

41	41	public final class DOMCanonicalXMLC14N11Method extends ApacheCanonicalizer {
42	42
43	43	public static final String C14N_11 = "http://www.w3.org/2006/12/xml-c14n11";
44		public static final String C14N_11_WITH_COMMENTS
	44	public static final String C14N_11_WITH_COMMENTS
45	45	= "http://www.w3.org/2006/12/xml-c14n11#WithComments";
46	46
47	47	@Override

+5

-5

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMCanonicalizationMethod.java 1585385 2014-04-07 05:12:23Z coheigea $
	22	* $Id: DOMCanonicalizationMethod.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

38	38	*
39	39	* @author Sean Mullan
40	40	*/
41		public class DOMCanonicalizationMethod extends DOMTransform
	41	public class DOMCanonicalizationMethod extends DOMTransform
42	42	implements CanonicalizationMethod {
43	43
44	44	/**

68	68	super(cmElem, context, provider);
69	69	if (!(spi instanceof ApacheCanonicalizer) && !isC14Nalg(spi.getAlgorithm())) {
70	70	throw new MarshalException("Illegal CanonicalizationMethod");
71		}
	71	}
72	72	}
73	73
74	74	/**

110	110	return getAlgorithm().equals(ocm.getAlgorithm()) &&
111	111	DOMUtils.paramsEqual(getParameterSpec(), ocm.getParameterSpec());
112	112	}
113
	113
114	114	@Override
115	115	public int hashCode() {
116	116	int result = 17;

122	122
123	123	return result;
124	124	}
125
	125
126	126	private static boolean isC14Nalg(String alg) {
127	127	return alg.equals(CanonicalizationMethod.INCLUSIVE)
128	128	\|\| alg.equals(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS)

+6

-6

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMDigestMethod.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMDigestMethod.java 1596535 2014-05-21 10:43:40Z coheigea $
	22	* $Id: DOMDigestMethod.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

149	149	}
150	150
151	151	/**
152		* Unmarshals <code>DigestMethodParameterSpec</code> from the specified
	152	* Unmarshals <code>DigestMethodParameterSpec</code> from the specified
153	153	* <code>Element</code>. By default, this method throws an exception since
154		* most DigestMethod algorithms do not have parameters. Subclasses should
	154	* most DigestMethod algorithms do not have parameters. Subclasses should
155	155	* override it if they have parameters.
156	156	*
157	157	* @param paramsElem the <code>Element</code> holding the input params

168	168	}
169	169
170	170	/**
171		* This method invokes the abstract {@link #marshalParams marshalParams}
	171	* This method invokes the abstract {@link #marshalParams marshalParams}
172	172	* method to marshal any algorithm-specific parameters.
173	173	*/
174	174	public static void marshal(XmlWriter xwriter, DigestMethod digest, String prefix)

200	200
201	201	return getAlgorithm().equals(odm.getAlgorithm()) && paramsEqual;
202	202	}
203
	203
204	204	@Override
205	205	public int hashCode() {
206	206	int result = 17;

208	208	result = 31 * result + params.hashCode();
209	209	}
210	210	result = 31 * result + getAlgorithm().hashCode();
211
	211
212	212	return result;
213	213	}
214	214

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMHMACSignatureMethod.java 1596803 2014-05-22 10:31:25Z coheigea $
	22	* $Id: DOMHMACSignatureMethod.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

69	69	private SignatureMethodParameterSpec params;
70	70
71	71	/**
72		* Creates a <code>DOMHMACSignatureMethod</code> with the specified params
	72	* Creates a <code>DOMHMACSignatureMethod</code> with the specified params
73	73	*
74	74	* @param params algorithm-specific parameters (may be <code>null</code>)
75	75	* @throws InvalidAlgorithmParameterException if params are inappropriate

99	99	}
100	100
101	101	@Override
102		void checkParams(SignatureMethodParameterSpec params)
	102	void checkParams(SignatureMethodParameterSpec params)
103	103	throws InvalidAlgorithmParameterException
104	104	{
105	105	if (params != null) {

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyInfo.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMKeyInfo.java 1602377 2014-06-13 11:20:43Z coheigea $
	22	* $Id: DOMKeyInfo.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

197	197
198	198	return keyInfoTypes.equals(oki.getContent()) && idsEqual;
199	199	}
200
	200
201	201	@Override
202	202	public int hashCode() {
203	203	int result = 17;

205	205	result = 31 * result + id.hashCode();
206	206	}
207	207	result = 31 * result + keyInfoTypes.hashCode();
208
	208
209	209	return result;
210	210	}
211	211	}

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMKeyInfoFactory.java 1602127 2014-06-12 11:33:42Z coheigea $
	22	* $Id: DOMKeyInfoFactory.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

147	147	if (!(xmlStructure instanceof javax.xml.crypto.dom.DOMStructure)) {
148	148	throw new ClassCastException("xmlStructure must be of type DOMStructure");
149	149	}
150		Node node =
	150	Node node =
151	151	((javax.xml.crypto.dom.DOMStructure) xmlStructure).getNode();
152	152	node.normalize();
153	153

174	174	throw new MarshalException("invalid KeyInfo tag: " + namespace + ":" + tag);
175	175	}
176	176	}
177
	177
178	178	private static class UnmarshalContext extends DOMCryptoContext {
179	179	UnmarshalContext() {}
180	180	}

+4

-4

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyName.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMKeyName.java 1496610 2013-06-25 19:44:49Z mullan $
	22	* $Id: DOMKeyName.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

37	37	private final String name;
38	38
39	39	/**
40		* Creates a <code>DOMKeyName</code>.
	40	* Creates a <code>DOMKeyName</code>.
41	41	*
42	42	* @param name the name of the key identifier
43	43	* @throws NullPointerException if <code>name</code> is null

74	74	KeyName okn = (KeyName)obj;
75	75	return name.equals(okn.getName());
76	76	}
77
	77
78	78	@Override
79	79	public int hashCode() {
80	80	int result = 17;
81	81	result = 31 * result + name.hashCode();
82
	82
83	83	return result;
84	84	}
85	85	}

+2

-2

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMKeyValue.java 1602376 2014-06-13 11:20:10Z mullan $
	22	* $Id: DOMKeyValue.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

65	65	*/
66	66	public abstract class DOMKeyValue<K extends PublicKey> extends BaseStructure implements KeyValue {
67	67
68		private static final String XMLDSIG_11_XMLNS
	68	private static final String XMLDSIG_11_XMLNS
69	69	= "http://www.w3.org/2009/xmldsig11#";
70	70	private final K publicKey;
71	71

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMManifest.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMManifest.java 1634871 2014-10-28 13:13:52Z mullan $
	22	* $Id: DOMManifest.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

154	154
155	155	return idsEqual && references.equals(oman.getReferences());
156	156	}
157
	157
158	158	@Override
159	159	public int hashCode() {
160	160	int result = 17;

162	162	result = 31 * result + id.hashCode();
163	163	}
164	164	result = 31 * result + references.hashCode();
165
	165
166	166	return result;
167	167	}
168	168	}

+13

-13

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMPGPData.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMPGPData.java 1602377 2014-06-13 11:20:43Z coheigea $
	22	* $Id: DOMPGPData.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

46	46	private final List<XMLStructure> externalElements;
47	47
48	48	/**
49		* Creates a <code>DOMPGPData</code> containing the specified key packet.
	49	* Creates a <code>DOMPGPData</code> containing the specified key packet.
50	50	* and optional list of external elements.
51	51	*
52		* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
53		* <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a>. The
	52	* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
	53	* <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a>. The
54	54	* array is cloned to prevent subsequent modification.
55	55	* @param other a list of {@link XMLStructure}s representing elements from
56	56	* an external namespace. The list is defensively copied to prevent
57	57	* subsequent modification. May be <code>null</code> or empty.
58		* @throws NullPointerException if <code>keyPacket</code> is
	58	* @throws NullPointerException if <code>keyPacket</code> is
59	59	* <code>null</code>
60		* @throws IllegalArgumentException if the key packet is not in the
	60	* @throws IllegalArgumentException if the key packet is not in the
61	61	* correct format
62	62	* @throws ClassCastException if <code>other</code> contains any
63	63	* entries that are not of type {@link XMLStructure}

87	87	* Creates a <code>DOMPGPData</code> containing the specified key id and
88	88	* optional key packet and list of external elements.
89	89	*
90		* @param keyId a PGP public key id as defined in section 11.2 of
91		* <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a>. The
	90	* @param keyId a PGP public key id as defined in section 11.2 of
	91	* <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a>. The
92	92	* array is cloned to prevent subsequent modification.
93		* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
	93	* @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
94	94	* <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a> (may
95		* be <code>null</code>). The array is cloned to prevent subsequent
	95	* be <code>null</code>). The array is cloned to prevent subsequent
96	96	* modification.
97	97	* @param other a list of {@link XMLStructure}s representing elements from
98	98	* an external namespace. The list is defensively copied to prevent
99	99	* subsequent modification. May be <code>null</code> or empty.
100	100	* @throws NullPointerException if <code>keyId</code> is <code>null</code>
101		* @throws IllegalArgumentException if the key id or packet is not in the
	101	* @throws IllegalArgumentException if the key id or packet is not in the
102	102	* correct format
103	103	* @throws ClassCastException if <code>other</code> contains any
104	104	* entries that are not of type {@link XMLStructure}
105	105	*/
106	106	public DOMPGPData(byte[] keyId, byte[] keyPacket,
107		List<? extends XMLStructure> other)
	107	List<? extends XMLStructure> other)
108	108	{
109	109	if (keyId == null) {
110	110	throw new NullPointerException("keyId cannot be null");

190	190	* section 4 of RFC 2440.
191	191	*
192	192	* This method only checks if the packet contains a valid tag. The
193		* contents of the packet should be checked by the application.
	193	* contents of the packet should be checked by the application.
194	194	*/
195	195	private void checkKeyPacket(byte[] keyPacket) {
196	196	// length must be at least 3 (one byte for tag, one byte for length,

+19

-19

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java less more

26	26	* ===========================================================================
27	27	*/
28	28	/*
29		* $Id: DOMReference.java 1602127 2014-06-12 11:33:42Z coheigea $
	29	* $Id: DOMReference.java 1667527 2015-03-18 12:54:20Z mullan $
30	30	*/
31	31	package org.apache.jcp.xml.dsig.internal.dom;
32	32

56	56	* @author Sean Mullan
57	57	* @author Joyce Leung
58	58	*/
59		public final class DOMReference extends DOMStructure
	59	public final class DOMReference extends DOMStructure
60	60	implements Reference, DOMURIReference {
61
	61
62	62	/**
63	63	* The maximum number of transforms per reference, if secure validation is enabled.
64	64	*/

181	181	this.appliedTransformData = result;
182	182	this.provider = provider;
183	183	}
184
	184
185	185	/**
186	186	* Creates a <code>DOMReference</code> from an element.
187	187	*
188	188	* @param refElem a Reference element
189	189	*/
190		public DOMReference(Element refElem, XMLCryptoContext context,
	190	public DOMReference(Element refElem, XMLCryptoContext context,
191	191	Provider provider)
192	192	throws MarshalException
193	193	{
194	194	boolean secVal = Utils.secureValidation(context);
195
	195
196	196	// unmarshal Transforms, if specified
197	197	Element nextSibling = DOMUtils.getFirstChildElement(refElem);
198	198	List<Transform> transforms = new ArrayList<Transform>(5);

233	233	Element dmElem = nextSibling;
234	234	this.digestMethod = DOMDigestMethod.unmarshal(dmElem);
235	235	String digestMethodAlgorithm = this.digestMethod.getAlgorithm();
236		if (secVal
	236	if (secVal
237	237	&& MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(digestMethodAlgorithm)) {
238	238	throw new MarshalException(
239	239	"It is forbidden to use algorithm " + digestMethod + " when secure validation is enabled"

343	343	xwriter.writeEndElement(); // "Reference"
344	344	}
345	345
346		public void digest(XMLSignContext signContext)
	346	public void digest(XMLSignContext signContext)
347	347	throws XMLSignatureException
348	348	{
349	349	Data data = null;

406	406	return dis;
407	407	}
408	408
409		private Data dereference(XMLCryptoContext context)
	409	private Data dereference(XMLCryptoContext context)
410	410	throws XMLSignatureException
411	411	{
412	412	Data data = null;

429	429	return data;
430	430	}
431	431
432		private byte[] transform(Data dereferencedData,
	432	private byte[] transform(Data dereferencedData,
433	433	XMLCryptoContext context)
434	434	throws XMLSignatureException
435	435	{

463	463	data = transform.transform(data, context, os);
464	464	}
465	465	}
466
	466
467	467	if (data != null) {
468	468	XMLSignatureInput xi;
469	469	// explicitly use C14N 1.1 when generating signature

519	519	spi = TransformService.getInstance(c14nalg, "DOM");
520	520	}
521	521	}
522
	522
523	523	DOMTransform t = new DOMTransform(spi);
524	524	Element transformsElem = null;
525	525	String dsPrefix = DOMUtils.getSignaturePrefix(context);
526	526	if (allTransforms.isEmpty()) {
527	527	transformsElem = DOMUtils.createElement(
528		refElem.getOwnerDocument(),
	528	refElem.getOwnerDocument(),
529	529	"Transforms", XMLSignature.XMLNS, dsPrefix);
530		refElem.insertBefore(transformsElem,
	530	refElem.insertBefore(transformsElem,
531	531	DOMUtils.getFirstChildElement(refElem));
532	532	} else {
533	533	transformsElem = DOMUtils.getFirstChildElement(refElem);

561	561	os.close();
562	562	} catch (IOException e) {
563	563	throw new XMLSignatureException(e);
564		}
	564	}
565	565	}
566	566	if (dos != null) {
567	567	try {
568	568	dos.close();
569	569	} catch (IOException e) {
570	570	throw new XMLSignatureException(e);
571		}
	571	}
572	572	}
573	573	}
574	574	}

599	599	Arrays.equals(digestValue, oref.getDigestValue());
600	600
601	601	return digestMethod.equals(oref.getDigestMethod()) && idsEqual &&
602		urisEqual && typesEqual &&
	602	urisEqual && typesEqual &&
603	603	allTransforms.equals(oref.getTransforms()) && digestValuesEqual;
604	604	}
605
	605
606	606	@Override
607	607	public int hashCode() {
608	608	int result = 17;

620	620	}
621	621	result = 31 * result + digestMethod.hashCode();
622	622	result = 31 * result + allTransforms.hashCode();
623
	623
624	624	return result;
625	625	}
626	626

+10

-10

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java less more

26	26	* ===========================================================================
27	27	*/
28	28	/*
29		* $Id: DOMRetrievalMethod.java 1650331 2015-01-08 17:03:10Z coheigea $
	29	* $Id: DOMRetrievalMethod.java 1667527 2015-03-18 12:54:20Z mullan $
30	30	*/
31	31	package org.apache.jcp.xml.dsig.internal.dom;
32	32

73	73	private Attr here;
74	74
75	75	/**
76		* Creates a <code>DOMRetrievalMethod</code> containing the specified
	76	* Creates a <code>DOMRetrievalMethod</code> containing the specified
77	77	* URIReference and List of Transforms.
78	78	*
79	79	* @param uri the URI

81	81	* @param transforms a list of {@link Transform}s. The list is defensively
82	82	* copied to prevent subsequent modification. May be <code>null</code>
83	83	* or empty.
84		* @throws IllegalArgumentException if the format of <code>uri</code> is
	84	* @throws IllegalArgumentException if the format of <code>uri</code> is
85	85	* invalid, as specified by Reference's URI attribute in the W3C
86	86	* specification for XML-Signature Syntax and Processing
87	87	* @throws NullPointerException if <code>uriReference</code>
88		* is <code>null</code>
	88	* is <code>null</code>
89	89	* @throws ClassCastException if <code>transforms</code> contains any
90	90	* entries that are not of type {@link Transform}
91	91	*/

118	118
119	119	this.type = type;
120	120	}
121
	121
122	122	/**
123	123	* Creates a <code>DOMRetrievalMethod</code> from an element.
124	124	*

134	134
135	135	// get here node
136	136	here = rmElem.getAttributeNodeNS(null, "URI");
137
	137
138	138	boolean secVal = Utils.secureValidation(context);
139	139
140	140	// get Transforms, if specified
141	141	List<Transform> transforms = new ArrayList<Transform>();
142	142	Element transformsElem = DOMUtils.getFirstChildElement(rmElem);
143
	143
144	144	if (transformsElem != null) {
145	145	String localName = transformsElem.getLocalName();
146	146	String namespace = transformsElem.getNamespaceURI();

226	226	}
227	227
228	228	/*
229		* If URIDereferencer is specified in context; use it, otherwise use
	229	* If URIDereferencer is specified in context; use it, otherwise use
230	230	* built-in.
231	231	*/
232	232	URIDereferencer deref = context.getURIDereferencer();

304	304	return uri.equals(orm.getURI()) &&
305	305	transforms.equals(orm.getTransforms()) && typesEqual;
306	306	}
307
	307
308	308	@Override
309	309	public int hashCode() {
310	310	int result = 17;

313	313	}
314	314	result = 31 * result + uri.hashCode();
315	315	result = 31 * result + transforms.hashCode();
316
	316
317	317	return result;
318	318	}
319	319	}

+5

-5

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureMethod.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMSignatureMethod.java 1599464 2014-06-03 10:12:00Z coheigea $
	22	* $Id: DOMSignatureMethod.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

49	49
50	50	private SignatureMethodParameterSpec params;
51	51	private Signature signature;
52
	52
53	53	// see RFC 4051 for these algorithm definitions
54	54	static final String RSA_SHA224 =
55	55	"http://www.w3.org/2001/04/xmldsig-more#rsa-sha224";

97	97	* @throws InvalidAlgorithmParameterException if the parameters are not
98	98	* appropriate for this signature method
99	99	*/
100		DOMSignatureMethod(AlgorithmParameterSpec params)
	100	DOMSignatureMethod(AlgorithmParameterSpec params)
101	101	throws InvalidAlgorithmParameterException
102	102	{
103		if (params != null &&
	103	if (params != null &&
104	104	!(params instanceof SignatureMethodParameterSpec)) {
105	105	throw new InvalidAlgorithmParameterException
106	106	("params must be of type SignatureMethodParameterSpec");

726	726	return Type.ECDSA;
727	727	}
728	728	}
729
	729
730	730	}

+6

-6

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMSignatureProperties.java 1602377 2014-06-13 11:20:43Z coheigea $
	22	* $Id: DOMSignatureProperties.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

38	38	*/
39	39	public final class DOMSignatureProperties extends BaseStructure
40	40	implements SignatureProperties {
41
	41
42	42	private final String id;
43	43	private final List<SignatureProperty> properties;
44	44
45	45	/**
46		* Creates a <code>DOMSignatureProperties</code> from the specified
	46	* Creates a <code>DOMSignatureProperties</code> from the specified
47	47	* parameters.
48	48	*
49		* @param properties a list of one or more {@link SignatureProperty}s. The
	49	* @param properties a list of one or more {@link SignatureProperty}s. The
50	50	* list is defensively copied to protect against subsequent modification.
51	51	* @param id the Id (may be <code>null</code>)
52	52	* @throws ClassCastException if <code>properties</code> contains any

151	151
152	152	return properties.equals(osp.getProperties()) && idsEqual;
153	153	}
154
	154
155	155	@Override
156	156	public int hashCode() {
157	157	int result = 17;

159	159	result = 31 * result + id.hashCode();
160	160	}
161	161	result = 31 * result + properties.hashCode();
162
	162
163	163	return result;
164	164	}
165	165	}

+4

-4

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMSignatureProperty.java 1602377 2014-06-13 11:20:43Z coheigea $
	22	* $Id: DOMSignatureProperty.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

38	38	*/
39	39	public final class DOMSignatureProperty extends BaseStructure
40	40	implements SignatureProperty {
41
	41
42	42	private final String id;
43	43	private final String target;
44	44	private final List<XMLStructure> content;

53	53	* @throws ClassCastException if <code>content</code> contains any
54	54	* entries that are not of type {@link XMLStructure}
55	55	* @throws IllegalArgumentException if <code>content</code> is empty
56		* @throws NullPointerException if <code>content</code> or
	56	* @throws NullPointerException if <code>content</code> or
57	57	* <code>target</code> is <code>null</code>
58	58	*/
59	59	public DOMSignatureProperty(List<? extends XMLStructure> content,

159	159	return equalsContent(ospContent) &&
160	160	target.equals(osp.getTarget()) && idsEqual;
161	161	}
162
	162
163	163	@Override
164	164	public int hashCode() {
165	165	int result = 17;

+16

-16

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSignedInfo.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMSignedInfo.java 1602353 2014-06-13 09:52:36Z coheigea $
	22	* $Id: DOMSignedInfo.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

45	45	* @author Sean Mullan
46	46	*/
47	47	public final class DOMSignedInfo extends DOMStructure implements SignedInfo {
48
	48
49	49	/**
50	50	* The maximum number of references per Manifest, if secure validation is enabled.
51	51	*/

55	55	org.slf4j.LoggerFactory.getLogger(DOMSignedInfo.class);
56	56
57	57	/** Signature - NOT Recommended RSAwithMD5 */
58		private static final String ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5 =
	58	private static final String ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5 =
59	59	Constants.MoreAlgorithmsSpecNS + "rsa-md5";
60
	60
61	61	/** HMAC - NOT Recommended HMAC-MD5 */
62		private static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 =
	62	private static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 =
63	63	Constants.MoreAlgorithmsSpecNS + "hmac-md5";
64
	64
65	65	private List<Reference> references;
66	66	private CanonicalizationMethod canonicalizationMethod;
67	67	private SignatureMethod signatureMethod;

77	77	* @param sm the signature method
78	78	* @param references the list of references. The list is copied.
79	79	* @throws NullPointerException if
80		* <code>cm</code>, <code>sm</code>, or <code>references</code> is
	80	* <code>cm</code>, <code>sm</code>, or <code>references</code> is
81	81	* <code>null</code>
82	82	* @throws IllegalArgumentException if <code>references</code> is empty
83	83	* @throws ClassCastException if any of the references are not of

120	120	* @throws ClassCastException if any of the references are not of
121	121	* type <code>Reference</code>
122	122	*/
123		public DOMSignedInfo(CanonicalizationMethod cm, SignatureMethod sm,
	123	public DOMSignedInfo(CanonicalizationMethod cm, SignatureMethod sm,
124	124	List<? extends Reference> references, String id) {
125	125	this(cm, sm, references);
126	126	this.id = id;

150	150	"SignatureMethod",
151	151	XMLSignature.XMLNS);
152	152	signatureMethod = DOMSignatureMethod.unmarshal(smElem);
153
	153
154	154	boolean secVal = Utils.secureValidation(context);
155	155
156	156	String signatureMethodAlgorithm = signatureMethod.getAlgorithm();

160	160	"It is forbidden to use algorithm " + signatureMethod + " when secure validation is enabled"
161	161	);
162	162	}
163
	163
164	164	// unmarshal References
165	165	ArrayList<Reference> refList = new ArrayList<Reference>(5);
166	166	Element refElem = DOMUtils.getNextSiblingElement(smElem, "Reference", XMLSignature.XMLNS);
167	167	refList.add(new DOMReference(refElem, context, provider));
168
	168
169	169	refElem = DOMUtils.getNextSiblingElement(refElem);
170	170	while (refElem != null) {
171	171	String name = refElem.getLocalName();

217	217	}
218	218
219	219	OutputStream os = new UnsyncBufferedOutputStream(bos);
220
	220
221	221	DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true);
222	222	try {
223		((DOMCanonicalizationMethod)
	223	((DOMCanonicalizationMethod)
224	224	canonicalizationMethod).canonicalize(subTree, context, os);
225	225	} catch (TransformException te) {
226	226	throw new XMLSignatureException(te);
227	227	}
228
	228
229	229	try {
230	230	os.flush();
231	231	} catch (IOException e) {

249	249	}
250	250
251	251	this.canonData = new ByteArrayInputStream(signedInfoBytes);
252
	252
253	253	try {
254	254	os.close();
255	255	} catch (IOException e) {

322	322	result = 31 * result + canonicalizationMethod.hashCode();
323	323	result = 31 * result + signatureMethod.hashCode();
324	324	result = 31 * result + references.hashCode();
325
	325
326	326	return result;
327	327	}
328	328	}

+1

-1

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMSubTreeData.java less more

171	171	nodeSet.add(node);
172	172	break;
173	173	case Node.COMMENT_NODE:
174		if (withComments) {
	174	if (withComments) {
175	175	nodeSet.add(node);
176	176	}
177	177	}

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMTransform.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMTransform.java 1585385 2014-04-07 05:12:23Z coheigea $
	22	* $Id: DOMTransform.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

186	186
187	187	return result;
188	188	}
189
	189
190	190	/**
191	191	* Transforms the specified data using the underlying transform algorithm.
192	192	* This method invokes the {@link #marshal marshal} method and passes it

198	198	* @param context the marshalling context
199	199	* @return the transformed data
200	200	* @throws MarshalException if an exception occurs while marshalling
201		* @throws NullPointerException if <code>data</code> or <code>context</code>
	201	* @throws NullPointerException if <code>data</code> or <code>context</code>
202	202	* is <code>null</code>
203	203	* @throws XMLSignatureException if an unexpected error occurs while
204	204	* executing the transform

+9

-9

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMURIDereferencer.java 1537952 2013-11-01 15:17:16Z coheigea $
	22	* $Id: DOMURIDereferencer.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

41	41	* @author Sean Mullan
42	42	*/
43	43	public class DOMURIDereferencer implements URIDereferencer {
44
	44
45	45	static final URIDereferencer INSTANCE = new DOMURIDereferencer();
46	46
47	47	private DOMURIDereferencer() {

66	66	String uri = uriRef.getURI();
67	67	DOMCryptoContext dcc = (DOMCryptoContext) context;
68	68	String baseURI = context.getBaseURI();
69
	69
70	70	boolean secVal = Utils.secureValidation(context);
71
	71
72	72	// Check if same-document URI and already registered on the context
73	73	if (uri != null && uri.length() != 0 && uri.charAt(0) == '#') {
74	74	String id = uri.substring(1);

88	88	throw new URIReferenceException(error);
89	89	}
90	90	}
91
	91
92	92	XMLSignatureInput result = new XMLSignatureInput(referencedElem);
93	93	result.setSecureValidation(secVal);
94	94	if (!uri.substring(1).startsWith("xpointer(id(")) {

97	97
98	98	result.setMIMEType("text/xml");
99	99	if (baseURI != null && baseURI.length() > 0) {
100		result.setSourceURI(baseURI.concat(uriAttr.getNodeValue()));
	100	result.setSourceURI(baseURI.concat(uriAttr.getNodeValue()));
101	101	} else {
102		result.setSourceURI(uriAttr.getNodeValue());
	102	result.setSourceURI(uriAttr.getNodeValue());
103	103	}
104	104	return new ApacheNodeSetData(result);
105	105	}
106		}
	106	}
107	107
108	108	try {
109		ResourceResolver apacheResolver =
	109	ResourceResolver apacheResolver =
110	110	ResourceResolver.getInstance(uriAttr, baseURI, secVal);
111	111	XMLSignatureInput in = apacheResolver.resolve(uriAttr, baseURI, secVal);
112	112	if (in.isOctetStream()) {

+18

-18

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMUtils.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMUtils.java 1602377 2014-06-13 11:20:43Z coheigea $
	22	* $Id: DOMUtils.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

44	44	public final class DOMUtils {
45	45
46	46	// class cannot be instantiated
47		private DOMUtils() {}
	47	private DOMUtils() {}
48	48
49	49	/**
50	50	* Returns the owner document of the specified node.

92	92	}
93	93
94	94	/**
95		* Sets an element's attribute (using DOM level 2) with the
	95	* Sets an element's attribute (using DOM level 2) with the
96	96	* specified value and namespace prefix.
97	97	*
98	98	* @param elem the element to set the attribute on
99	99	* @param name the name of the attribute
100		* @param value the attribute value. If null, no attribute is set.
	100	* @param value the attribute value. If null, no attribute is set.
101	101	*/
102	102	public static void setAttribute(Element elem, String name, String value) {
103	103	if (value == null) {

107	107	}
108	108
109	109	/**
110		* Sets an element's attribute (using DOM level 2) with the
	110	* Sets an element's attribute (using DOM level 2) with the
111	111	* specified value and namespace prefix AND registers the ID value with
112	112	* the specified element. This is for resolving same-document
113	113	* ID references.
114	114	*
115	115	* @param elem the element to set the attribute on
116	116	* @param name the name of the attribute
117		* @param value the attribute value. If null, no attribute is set.
	117	* @param value the attribute value. If null, no attribute is set.
118	118	*/
119	119	public static void setAttributeID(Element elem, String name, String value) {
120	120	if (value == null) {

125	125	}
126	126
127	127	/**
128		* Returns the first child element of the specified node, or null if there
	128	* Returns the first child element of the specified node, or null if there
129	129	* is no such element.
130	130	*
131	131	* @param node the node
132		* @return the first child element of the specified node, or null if there
	132	* @return the first child element of the specified node, or null if there
133	133	* is no such element
134	134	* @throws NullPointerException if <code>node == null</code>
135	135	*/

206	206	}
207	207
208	208	/**
209		* Returns the last child element of the specified node, or null if there
	209	* Returns the last child element of the specified node, or null if there
210	210	* is no such element.
211	211	*
212	212	* @param node the node
213		* @return the last child element of the specified node, or null if there
	213	* @return the last child element of the specified node, or null if there
214	214	* is no such element
215	215	* @throws NullPointerException if <code>node == null</code>
216	216	*/

223	223	}
224	224
225	225	/**
226		* Returns the next sibling element of the specified node, or null if there
	226	* Returns the next sibling element of the specified node, or null if there
227	227	* is no such element.
228	228	*
229	229	* @param node the node
230		* @return the next sibling element of the specified node, or null if there
	230	* @return the next sibling element of the specified node, or null if there
231	231	* is no such element
232	232	* @throws NullPointerException if <code>node == null</code>
233	233	*/

238	238	}
239	239	return (Element)sibling;
240	240	}
241
	241
242	242	/**
243	243	* Returns the next sibling element of the specified node and checks that
244	244	* the local name is equal to {@code localName}.

275	275
276	276	/**
277	277	* Returns the attribute value for the attribute with the specified name.
278		* Returns null if there is no such attribute, or
	278	* Returns null if there is no such attribute, or
279	279	* the empty string if the attribute value is empty.
280	280	*
281	281	* <p>This works around a limitation of the DOM

356	356	};
357	357	}
358	358	}
359
	359
360	360	/**
361	361	* Returns the prefix associated with the specified namespace URI
362	362	*

384	384	public static String getSignaturePrefix(XMLCryptoContext context) {
385	385	return getNSPrefix(context, XMLSignature.XMLNS);
386	386	}
387
	387
388	388	/**
389	389	* Removes all children nodes from the specified node.
390	390	*

414	414	}
415	415
416	416	/**
417		* Checks if child element has same owner document before
	417	* Checks if child element has same owner document before
418	418	* appending to the parent, and imports it to the parent's document
419	419	* if necessary.
420	420	*/

501	501	}
502	502	Node ostylesheetElem =
503	503	((javax.xml.crypto.dom.DOMStructure) ostylesheet).getNode();
504		XMLStructure stylesheet = spec1.getStylesheet();
	504	XMLStructure stylesheet = spec1.getStylesheet();
505	505	Node stylesheetElem =
506	506	((javax.xml.crypto.dom.DOMStructure) stylesheet).getNode();
507	507	return nodesEqual(stylesheetElem, ostylesheetElem);

+7

-7

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMX509Data.java 1602377 2014-06-13 11:20:43Z coheigea $
	22	* $Id: DOMX509Data.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

55	55	* {@link String} (subject names), <code>byte[]</code> (subject key ids),
56	56	* {@link java.security.cert.X509Certificate}, {@link X509CRL},
57	57	* or {@link javax.xml.dsig.XMLStructure}
58		* objects or elements from an external namespace). The list is
	58	* objects or elements from an external namespace). The list is
59	59	* defensively copied to protect against subsequent modification.
60	60	* @throws NullPointerException if <code>content</code> is <code>null</code>
61	61	* @throws IllegalArgumentException if <code>content</code> is empty

185	185	}
186	186	}
187	187
188		private X509Certificate unmarshalX509Certificate(Element elem)
	188	private X509Certificate unmarshalX509Certificate(Element elem)
189	189	throws MarshalException
190	190	{
191	191	try {

205	205	}
206	206	}
207	207
208		private ByteArrayInputStream unmarshalBase64Binary(Element elem)
	208	private ByteArrayInputStream unmarshalBase64Binary(Element elem)
209	209	throws MarshalException {
210	210	try {
211	211	if (cf == null) {

240	240	Object x = content.get(i);
241	241	Object ox = ocontent.get(i);
242	242	if (x instanceof byte[]) {
243		if (!(ox instanceof byte[]) \|\|
	243	if (!(ox instanceof byte[]) \|\|
244	244	!Arrays.equals((byte[])x, (byte[])ox)) {
245	245	return false;
246		}
	246	}
247	247	} else {
248	248	if (!(x.equals(ox))) {
249	249	return false;

253	253
254	254	return true;
255	255	}
256
	256
257	257	@Override
258	258	public int hashCode() {
259	259	int result = 17;

+6

-6

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMX509IssuerSerial.java 1602127 2014-06-12 11:33:42Z coheigea $
	22	* $Id: DOMX509IssuerSerial.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

45	45	private final BigInteger serialNumber;
46	46
47	47	/**
48		* Creates a <code>DOMX509IssuerSerial</code> containing the specified
	48	* Creates a <code>DOMX509IssuerSerial</code> containing the specified
49	49	* issuer distinguished name/serial number pair.
50	50	*
51		* @param issuerName the X.509 issuer distinguished name in RFC 2253
	51	* @param issuerName the X.509 issuer distinguished name in RFC 2253
52	52	* String format
53	53	* @param serialNumber the serial number
54	54	* @throws IllegalArgumentException if the format of <code>issuerName</code>
55	55	* is not RFC 2253 compliant
56		* @throws NullPointerException if <code>issuerName</code> or
57		* <code>serialNumber</code> is <code>null</code>
	56	* @throws NullPointerException if <code>issuerName</code> or
	57	* <code>serialNumber</code> is <code>null</code>
58	58	*/
59	59	public DOMX509IssuerSerial(String issuerName, BigInteger serialNumber) {
60	60	if (issuerName == null) {

107	107	return issuerName.equals(ois.getIssuerName()) &&
108	108	serialNumber.equals(ois.getSerialNumber());
109	109	}
110
	110
111	111	@Override
112	112	public int hashCode() {
113	113	int result = 17;

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLObject.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMXMLObject.java 1602377 2014-06-13 11:20:43Z coheigea $
	22	* $Id: DOMXMLObject.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

90	90	{
91	91	// unmarshal attributes
92	92	this.encoding = DOMUtils.getAttributeValue(objElem, "Encoding");
93
	93
94	94	Attr attr = objElem.getAttributeNodeNS(null, "Id");
95	95	if (attr != null) {
96	96	this.id = attr.getValue();

206	206	return idsEqual && encodingsEqual && mimeTypesEqual &&
207	207	equalsContent(getXmlObjectContent(oxo));
208	208	}
209
	209
210	210	@Override
211	211	public int hashCode() {
212	212	int result = 17;

+9

-9

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignature.java less more

26	26	* ===========================================================================
27	27	*/
28	28	/*
29		* $Id: DOMXMLSignature.java 1602127 2014-06-12 11:33:42Z coheigea $
	29	* $Id: DOMXMLSignature.java 1667527 2015-03-18 12:54:20Z mullan $
30	30	*/
31	31	package org.apache.jcp.xml.dsig.internal.dom;
32	32

74	74	static {
75	75	org.apache.xml.security.Init.init();
76	76	}
77
	77
78	78	/**
79	79	* Creates a <code>DOMXMLSignature</code> from the specified components.
80	80	*

133	133	XMLSignature.XMLNS);
134	134	si = new DOMSignedInfo(siElem, context, provider);
135	135
136		// unmarshal SignatureValue
	136	// unmarshal SignatureValue
137	137	Element sigValElem = DOMUtils.getNextSiblingElement(siElem,
138	138	"SignatureValue",
139	139	XMLSignature.XMLNS);

163	163	context, provider));
164	164	nextSibling = DOMUtils.getNextSiblingElement(nextSibling);
165	165	}
166		objects = Collections.unmodifiableList(tempObjects);
	166	objects = Collections.unmodifiableList(tempObjects);
167	167	}
168	168	}
169	169

232	232	}
233	233
234	234	@Override
235		public boolean validate(XMLValidateContext vc)
	235	public boolean validate(XMLValidateContext vc)
236	236	throws XMLSignatureException
237	237	{
238	238	if (vc == null) {

315	315	}
316	316
317	317	@Override
318		public void sign(XMLSignContext signContext)
	318	public void sign(XMLSignContext signContext)
319	319	throws MarshalException, XMLSignatureException
320	320	{
321	321	if (signContext == null) {

426	426	si.equals(osig.getSignedInfo()) &&
427	427	objects.equals(osig.getObjects());
428	428	}
429
	429
430	430	@Override
431	431	public int hashCode() {
432	432	int result = 17;

483	483	ref.digest(signContext);
484	484	}
485	485
486		public class DOMSignatureValue extends DOMStructure
	486	public class DOMSignatureValue extends DOMStructure
487	487	implements SignatureValue
488	488	{
489	489	private String id;

587	587	//XXX compare signature values?
588	588	return idEqual;
589	589	}
590
	590
591	591	@Override
592	592	public int hashCode() {
593	593	int result = 17;

+10

-10

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMXMLSignatureFactory.java 1602127 2014-06-12 11:33:42Z coheigea $
	22	* $Id: DOMXMLSignatureFactory.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

171	171	throw new ClassCastException("xmlStructure must be of type DOMStructure");
172	172	}
173	173	return unmarshal
174		(((javax.xml.crypto.dom.DOMStructure) xmlStructure).getNode(),
	174	(((javax.xml.crypto.dom.DOMStructure) xmlStructure).getNode(),
175	175	new UnmarshalContext());
176	176	}
177	177

179	179	UnmarshalContext() {}
180	180	}
181	181
182		private XMLSignature unmarshal(Node node, XMLCryptoContext context)
	182	private XMLSignature unmarshal(Node node, XMLCryptoContext context)
183	183	throws MarshalException {
184	184
185	185	node.normalize();
186
	186
187	187	Element element = null;
188	188	if (node.getNodeType() == Node.DOCUMENT_NODE) {
189	189	element = ((Document) node).getDocumentElement();

321	321	public Transform newTransform(String algorithm,
322	322	TransformParameterSpec params) throws NoSuchAlgorithmException,
323	323	InvalidAlgorithmParameterException {
324
	324
325	325	TransformService spi;
326	326	if (getProvider() == null) {
327	327	spi = TransformService.getInstance(algorithm, "DOM");

332	332	spi = TransformService.getInstance(algorithm, "DOM");
333	333	}
334	334	}
335
	335
336	336	spi.init(params);
337	337	return new DOMTransform(spi);
338	338	}

351	351	spi = TransformService.getInstance(algorithm, "DOM");
352	352	}
353	353	}
354
	354
355	355	if (params == null) {
356	356	spi.init(null);
357	357	} else {

374	374	spi = TransformService.getInstance(algorithm, "DOM");
375	375	}
376	376	}
377
	377
378	378	spi.init(params);
379	379	return new DOMCanonicalizationMethod(spi);
380	380	}

383	383	public CanonicalizationMethod newCanonicalizationMethod(String algorithm,
384	384	XMLStructure params) throws NoSuchAlgorithmException,
385	385	InvalidAlgorithmParameterException {
386		TransformService spi;
	386	TransformService spi;
387	387	if (getProvider() == null) {
388	388	spi = TransformService.getInstance(algorithm, "DOM");
389	389	} else {

398	398	} else {
399	399	spi.init(params, null);
400	400	}
401
	401
402	402	return new DOMCanonicalizationMethod(spi);
403	403	}
404	404

+4

-4

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXPathFilter2Transform.java less more

26	26	* Portions copyright 2005 Sun Microsystems, Inc. All rights reserved.
27	27	*/
28	28	/*
29		* $Id: DOMXPathFilter2Transform.java 1511298 2013-08-07 13:17:53Z coheigea $
	29	* $Id: DOMXPathFilter2Transform.java 1667527 2015-03-18 12:54:20Z mullan $
30	30	*/
31	31	package org.apache.jcp.xml.dsig.internal.dom;
32	32

91	91	XPathType.Filter filter = null;
92	92	if (filterVal.equals("intersect")) {
93	93	filter = XPathType.Filter.INTERSECT;
94		} else if (filterVal.equals("subtract")) {
	94	} else if (filterVal.equals("subtract")) {
95	95	filter = XPathType.Filter.SUBTRACT;
96	96	} else if (filterVal.equals("union")) {
97	97	filter = XPathType.Filter.UNION;

126	126	throws MarshalException
127	127	{
128	128	super.marshalParams(parent, context);
129		XPathFilter2ParameterSpec xp =
	129	XPathFilter2ParameterSpec xp =
130	130	(XPathFilter2ParameterSpec)getParameterSpec();
131	131	String prefix = DOMUtils.getNSPrefix(context, Transform.XPATH2);
132	132	String qname = prefix == null \|\| prefix.length() == 0

149	149	xpathType.getNamespaceMap().entrySet();
150	150	for (Map.Entry<String, String> entry : entries) {
151	151	elem.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:" +
152		entry.getKey(),
	152	entry.getKey(),
153	153	entry.getValue());
154	154	}
155	155

+2

-2

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXPathTransform.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMXPathTransform.java 1423915 2012-12-19 16:17:25Z coheigea $
	22	* $Id: DOMXPathTransform.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

90	90	throws MarshalException
91	91	{
92	92	super.marshalParams(parent, context);
93		XPathFilterParameterSpec xp =
	93	XPathFilterParameterSpec xp =
94	94	(XPathFilterParameterSpec)getParameterSpec();
95	95	Element xpathElem = DOMUtils.createElement(ownerDoc, "XPath",
96	96	XMLSignature.XMLNS, DOMUtils.getSignaturePrefix(context));

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMXSLTTransform.java less more

19	19	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
20	20	*/
21	21	/*
22		* $Id: DOMXSLTTransform.java 1423915 2012-12-19 16:17:25Z coheigea $
	22	* $Id: DOMXSLTTransform.java 1667527 2015-03-18 12:54:20Z mullan $
23	23	*/
24	24	package org.apache.jcp.xml.dsig.internal.dom;
25	25

68	68	public void marshalParams(XMLStructure parent, XMLCryptoContext context)
69	69	throws MarshalException {
70	70	super.marshalParams(parent, context);
71		XSLTTransformParameterSpec xp =
	71	XSLTTransformParameterSpec xp =
72	72	(XSLTTransformParameterSpec) getParameterSpec();
73		Node xsltElem =
	73	Node xsltElem =
74	74	((javax.xml.crypto.dom.DOMStructure) xp.getStylesheet()).getNode();
75	75	DOMUtils.appendChild(transformElem, xsltElem);
76	76	}

+3

-3

src/main/java/org/apache/jcp/xml/dsig/internal/dom/XMLDSigRI.java less more

26	26	* Portions copyright 2005 Sun Microsystems, Inc. All rights reserved.
27	27	*/
28	28	/*
29		* $Id: XMLDSigRI.java 1626713 2014-09-22 09:40:15Z coheigea $
	29	* $Id: XMLDSigRI.java 1667527 2015-03-18 12:54:20Z mullan $
30	30	*/
31	31	package org.apache.jcp.xml.dsig.internal.dom;
32	32

56	56
57	57	public XMLDSigRI() {
58	58	/* We are the ApacheXMLDSig provider */
59		super("ApacheXMLDSig", 2.03, INFO);
	59	super("ApacheXMLDSig", 2.04, INFO);
60	60
61	61	final Map<Object, Object> map = new HashMap<Object, Object>();
62	62	map.put("XMLSignatureFactory.DOM",

89	89	map.put("TransformService.http://www.w3.org/2006/12/xml-c14n11" +
90	90	" MechanismType", "DOM");
91	91
92		// InclusiveWithComments C14N 1.1
	92	// InclusiveWithComments C14N 1.1
93	93	map.put("TransformService.http://www.w3.org/2006/12/xml-c14n11#WithComments",
94	94	"org.apache.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14N11Method");
95	95	map.put("TransformService.http://www.w3.org/2006/12/xml-c14n11#WithComments" +

+39

-39

src/main/java/org/apache/xml/security/algorithms/JCEMapper.java less more

59	59	// Digest algorithms
60	60	algorithmsMap.put(
61	61	MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5,
62		new Algorithm("MD5", "MD5", "MessageDigest")
	62	new Algorithm("", "MD5", "MessageDigest")
63	63	);
64	64	algorithmsMap.put(
65	65	MessageDigestAlgorithm.ALGO_ID_DIGEST_RIPEMD160,
66		new Algorithm("RIPEMD160", "RIPEMD160", "MessageDigest")
	66	new Algorithm("", "RIPEMD160", "MessageDigest")
67	67	);
68	68	algorithmsMap.put(
69	69	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1,
70		new Algorithm("SHA-1", "SHA-1", "MessageDigest")
	70	new Algorithm("", "SHA-1", "MessageDigest")
71	71	);
72	72	algorithmsMap.put(
73	73	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA224,
74		new Algorithm("SHA-224", "SHA-224", "MessageDigest")
	74	new Algorithm("", "SHA-224", "MessageDigest")
75	75	);
76	76	algorithmsMap.put(
77	77	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256,
78		new Algorithm("SHA-256", "SHA-256", "MessageDigest")
	78	new Algorithm("", "SHA-256", "MessageDigest")
79	79	);
80	80	algorithmsMap.put(
81	81	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA384,
82		new Algorithm("SHA-384", "SHA-384", "MessageDigest")
	82	new Algorithm("", "SHA-384", "MessageDigest")
83	83	);
84	84	algorithmsMap.put(
85	85	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512,
86		new Algorithm("SHA-512", "SHA-512", "MessageDigest")
	86	new Algorithm("", "SHA-512", "MessageDigest")
87	87	);
88	88	algorithmsMap.put(
89	89	MessageDigestAlgorithm.ALGO_ID_DIGEST_WHIRLPOOL,
90		new Algorithm("WHIRLPOOL", "WHIRLPOOL", "MessageDigest")
	90	new Algorithm("", "WHIRLPOOL", "MessageDigest")
91	91	);
92	92	algorithmsMap.put(
93	93	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_224,
94		new Algorithm("SHA3-224", "SHA3-224", "MessageDigest")
	94	new Algorithm("", "SHA3-224", "MessageDigest")
95	95	);
96	96	algorithmsMap.put(
97	97	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_256,
98		new Algorithm("SHA3-256", "SHA3-256", "MessageDigest")
	98	new Algorithm("", "SHA3-256", "MessageDigest")
99	99	);
100	100	algorithmsMap.put(
101	101	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_384,
102		new Algorithm("SHA3-384", "SHA3-384", "MessageDigest")
	102	new Algorithm("", "SHA3-384", "MessageDigest")
103	103	);
104	104	algorithmsMap.put(
105	105	MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_512,
106		new Algorithm("SHA3-512", "SHA3-512", "MessageDigest")
	106	new Algorithm("", "SHA3-512", "MessageDigest")
107	107	);
108	108	// Signature algorithms
109	109	algorithmsMap.put(
110	110	XMLSignature.ALGO_ID_SIGNATURE_DSA,
111		new Algorithm("SHA1withDSA", "SHA1withDSA", "Signature")
	111	new Algorithm("DSA", "SHA1withDSA", "Signature")
112	112	);
113	113	algorithmsMap.put(
114	114	XMLSignature.ALGO_ID_SIGNATURE_DSA_SHA256,
115		new Algorithm("", "SHA256withDSA", "Signature")
	115	new Algorithm("DSA", "SHA256withDSA", "Signature")
116	116	);
117	117	algorithmsMap.put(
118	118	XMLSignature.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5,
119		new Algorithm("MD5withRSA", "MD5withRSA", "Signature")
	119	new Algorithm("RSA", "MD5withRSA", "Signature")
120	120	);
121	121	algorithmsMap.put(
122	122	XMLSignature.ALGO_ID_SIGNATURE_RSA_RIPEMD160,
123		new Algorithm("RIPEMD160withRSA", "RIPEMD160withRSA", "Signature")
	123	new Algorithm("RSA", "RIPEMD160withRSA", "Signature")
124	124	);
125	125	algorithmsMap.put(
126	126	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1,
127		new Algorithm("SHA1withRSA", "SHA1withRSA", "Signature")
	127	new Algorithm("RSA", "SHA1withRSA", "Signature")
128	128	);
129	129	algorithmsMap.put(
130	130	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224,
131		new Algorithm("SHA224withRSA", "SHA224withRSA", "Signature")
	131	new Algorithm("RSA", "SHA224withRSA", "Signature")
132	132	);
133	133	algorithmsMap.put(
134	134	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
135		new Algorithm("SHA256withRSA", "SHA256withRSA", "Signature")
	135	new Algorithm("RSA", "SHA256withRSA", "Signature")
136	136	);
137	137	algorithmsMap.put(
138	138	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384,
139		new Algorithm("SHA384withRSA", "SHA384withRSA", "Signature")
	139	new Algorithm("RSA", "SHA384withRSA", "Signature")
140	140	);
141	141	algorithmsMap.put(
142	142	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512,
143		new Algorithm("SHA512withRSA", "SHA512withRSA", "Signature")
	143	new Algorithm("RSA", "SHA512withRSA", "Signature")
144	144	);
145	145	algorithmsMap.put(
146	146	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1_MGF1,
147		new Algorithm("SHA1withRSAandMGF1", "SHA1withRSAandMGF1", "Signature")
	147	new Algorithm("RSA", "SHA1withRSAandMGF1", "Signature")
148	148	);
149	149	algorithmsMap.put(
150	150	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA224_MGF1,
151		new Algorithm("SHA224withRSAandMGF1", "SHA224withRSAandMGF1", "Signature")
	151	new Algorithm("RSA", "SHA224withRSAandMGF1", "Signature")
152	152	);
153	153	algorithmsMap.put(
154	154	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1,
155		new Algorithm("SHA256withRSAandMGF1", "SHA256withRSAandMGF1", "Signature")
	155	new Algorithm("RSA", "SHA256withRSAandMGF1", "Signature")
156	156	);
157	157	algorithmsMap.put(
158	158	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1,
159		new Algorithm("SHA384withRSAandMGF1", "SHA384withRSAandMGF1", "Signature")
	159	new Algorithm("RSA", "SHA384withRSAandMGF1", "Signature")
160	160	);
161	161	algorithmsMap.put(
162	162	XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1,
163		new Algorithm("SHA512withRSAandMGF1", "SHA512withRSAandMGF1", "Signature")
	163	new Algorithm("RSA", "SHA512withRSAandMGF1", "Signature")
164	164	);
165	165	algorithmsMap.put(
166	166	XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1,
167		new Algorithm("SHA1withECDSA", "SHA1withECDSA", "Signature")
	167	new Algorithm("EC", "SHA1withECDSA", "Signature")
168	168	);
169	169	algorithmsMap.put(
170	170	XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA224,
171		new Algorithm("SHA224withECDSA", "SHA224withECDSA", "Signature")
	171	new Algorithm("EC", "SHA224withECDSA", "Signature")
172	172	);
173	173	algorithmsMap.put(
174	174	XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256,
175		new Algorithm("SHA256withECDSA", "SHA256withECDSA", "Signature")
	175	new Algorithm("EC", "SHA256withECDSA", "Signature")
176	176	);
177	177	algorithmsMap.put(
178	178	XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384,
179		new Algorithm("SHA384withECDSA", "SHA384withECDSA", "Signature")
	179	new Algorithm("EC", "SHA384withECDSA", "Signature")
180	180	);
181	181	algorithmsMap.put(
182	182	XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512,
183		new Algorithm("SHA512withECDSA", "SHA512withECDSA", "Signature")
	183	new Algorithm("EC", "SHA512withECDSA", "Signature")
184	184	);
185	185	algorithmsMap.put(
186	186	XMLSignature.ALGO_ID_SIGNATURE_ECDSA_RIPEMD160,
187		new Algorithm("RIPEMD160withECDSA", "RIPEMD160withECDSA", "Signature")
	187	new Algorithm("EC", "RIPEMD160withECDSA", "Signature")
188	188	);
189	189	algorithmsMap.put(
190	190	XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5,
191		new Algorithm("HmacMD5", "HmacMD5", "Mac", 128, 0)
	191	new Algorithm("", "HmacMD5", "Mac", 128, 0)
192	192	);
193	193	algorithmsMap.put(
194	194	XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160,
195		new Algorithm("HMACRIPEMD160", "HMACRIPEMD160", "Mac", 160, 0)
	195	new Algorithm("", "HMACRIPEMD160", "Mac", 160, 0)
196	196	);
197	197	algorithmsMap.put(
198	198	XMLSignature.ALGO_ID_MAC_HMAC_SHA1,
199		new Algorithm("HmacSHA1", "HmacSHA1", "Mac", 160, 0)
	199	new Algorithm("", "HmacSHA1", "Mac", 160, 0)
200	200	);
201	201	algorithmsMap.put(
202	202	XMLSignature.ALGO_ID_MAC_HMAC_SHA224,
203		new Algorithm("HmacSHA224", "HmacSHA224", "Mac", 224, 0)
	203	new Algorithm("", "HmacSHA224", "Mac", 224, 0)
204	204	);
205	205	algorithmsMap.put(
206	206	XMLSignature.ALGO_ID_MAC_HMAC_SHA256,
207		new Algorithm("HmacSHA256", "HmacSHA256", "Mac", 256, 0)
	207	new Algorithm("", "HmacSHA256", "Mac", 256, 0)
208	208	);
209	209	algorithmsMap.put(
210	210	XMLSignature.ALGO_ID_MAC_HMAC_SHA384,
211		new Algorithm("HmacSHA384", "HmacSHA384", "Mac", 384, 0)
	211	new Algorithm("", "HmacSHA384", "Mac", 384, 0)
212	212	);
213	213	algorithmsMap.put(
214	214	XMLSignature.ALGO_ID_MAC_HMAC_SHA512,
215		new Algorithm("HmacSHA512", "HmacSHA512", "Mac", 512, 0)
	215	new Algorithm("", "HmacSHA512", "Mac", 512, 0)
216	216	);
217	217	// Encryption algorithms
218	218	algorithmsMap.put(

+1

-1

src/main/java/org/apache/xml/security/algorithms/implementations/IntegrityHmac.java less more

352	352	Element HMElem =
353	353	XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_HMACOUTPUTLENGTH);
354	354	Text HMText =
355		doc.createTextNode(Integer.valueOf(this.HMACOutputLength).toString());
	355	doc.createTextNode("" + this.HMACOutputLength);
356	356
357	357	HMElem.appendChild(HMText);
358	358	XMLUtils.addReturnToElement(element);

+0

-3

~~src/main/java/org/apache/xml/security/algorithms/implementations/package.html~~ less more

0		<HTML> <HEAD> </HEAD> <BODY> <P>
1		implementations of {@link org.apache.xml.security.algorithms.SignatureAlgorithmSpi}.
2		</P></BODY> </HTML>

+0

-3

~~src/main/java/org/apache/xml/security/algorithms/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		algorithm factories.
2		</P></BODY></HTML>⏎

+0

-3

~~src/main/java/org/apache/xml/security/c14n/helper/package.html~~ less more

0		<HTML> <HEAD> </HEAD> <BODY> <P>
1		helper classes for canonicalization.
2		</P></BODY> </HTML>

+1

-1

src/main/java/org/apache/xml/security/c14n/implementations/Canonicalizer20010315Excl.java less more

49	49	* <i>THIS </i> implementation is a complete rewrite of the algorithm.
50	50	*
51	51	* @author Christian Geuer-Pollmann <geuerp@apache.org>
52		* @version $Revision: 1558567 $
	52	* @version $Revision: 1657393 $
53	53	* @see <a href="http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ Exclusive#">
54	54	* XML Canonicalization, Version 1.0</a>
55	55	*/

+0

-3

~~src/main/java/org/apache/xml/security/c14n/implementations/package.html~~ less more

0		<HTML> <HEAD> </HEAD> <BODY> <P>
1		canonicalization implementations.
2		</P></BODY> </HTML>

+0

-3

~~src/main/java/org/apache/xml/security/c14n/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		Canonicalization related material and algorithms.
2		</P></BODY></HTML>

+32

-1

src/main/java/org/apache/xml/security/encryption/XMLCipher.java less more

251	251	CAMELLIA_128_KeyWrap + "\n" + CAMELLIA_192_KeyWrap + "\n" + CAMELLIA_256_KeyWrap + "\n" +
252	252	SEED_128_KeyWrap + "\n";
253	253
	254	private static final boolean HAVE_FUNCTIONAL_IDENTITY_TRANSFORMER = haveFunctionalIdentityTransformer();
	255
254	256	/** Cipher created during initialisation that is used for encryption */
255	257	private Cipher contextCipher;
256	258

356	358	}
357	359
358	360	if (serializer == null) {
359		serializer = new TransformSerializer();
	361	if (HAVE_FUNCTIONAL_IDENTITY_TRANSFORMER) {
	362	serializer = new TransformSerializer();
	363	} else {
	364	serializer = new DocumentSerializer();
	365	}
360	366	}
361	367	serializer.setCanonicalizer(this.canon);
362	368

3667	3673	}
3668	3674	}
3669	3675	}
	3676
	3677	private static boolean haveFunctionalIdentityTransformer() {
	3678	final String xml =
	3679	"<a:e1 xmlns:a=\"a\" xmlns:b=\"b\">"
	3680	+ "<a xmlns=\"a\" xmlns:b=\"b\"/>"
	3681	+ "</a:e1>";
	3682
	3683	try {
	3684	final javax.xml.transform.dom.DOMResult domResult = new javax.xml.transform.dom.DOMResult();
	3685	final javax.xml.transform.TransformerFactory transformerFactory =
	3686	javax.xml.transform.TransformerFactory.newInstance();
	3687	transformerFactory.newTransformer().transform(
	3688	new javax.xml.transform.stream.StreamSource(
	3689	new java.io.ByteArrayInputStream(xml.getBytes("UTF-8"))), domResult);
	3690
	3691	final boolean result = "http://www.w3.org/2000/xmlns/".equals(
	3692	domResult.getNode().getFirstChild().getFirstChild().getAttributes().item(1).getNamespaceURI());
	3693	log.debug("Have functional IdentityTransformer: " + result);
	3694	return result;
	3695
	3696	} catch (Exception e) {
	3697	log.debug(e.getMessage(), e);
	3698	return false;
	3699	}
	3700	}
3670	3701	}

+0

-25

~~src/main/java/org/apache/xml/security/encryption/package.html~~ less more

0		<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1		<html>
2		<head>
3		<title></title>
4		</head>
5		<body>
6		Provides classes for implementing XML Encryption applications. There are two
7		main families of classes in this package. The first group of classes is an
8		XML Schema to Java mapping of  the complex types and elements of the
9		XML Encryption Schema as outllined at <a
10		href="http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/">XML Encrtypyion
11		Specification</a>. The second group of classes are used to perform encryption
12		operations, and to manipulate the first group of classes. The most important
13		classes in this second group is <code><a
14		href="file://./org/apache/xml/security/encryption/XMLCipher.html">XMLCipher</a></code>,
15		<code><a
16		href="file://./org/apache/xml/security/encryption/XMLEncryptionFactory.html">XMLEncryptionFactory</a></code>
17		and <code>XMLSerializer</code>. <code>XMLCipher</code> was designed to resemble
18		<code>javax.crypto.Cipher</code>. The aforementioned classes were desinged
19		with ease-of-use and configurability in mind. Becuase of this, the programmer
20		may at times be exposed to lower level programming tasks. This library strives
21		to be as simple as possible to use, but no simpler.<br>
22		<br>
23		</body>
24		</html>

+0

-3

~~src/main/java/org/apache/xml/security/exceptions/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		general exceptions used by this library.
2		</P></BODY></HTML>

+0

-3

~~src/main/java/org/apache/xml/security/keys/content/keyvalues/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		basic handlers for elements that can occur inside <CODE>ds:KeyValue</CODE>.
2		</P></BODY></HTML>⏎

+0

-3

~~src/main/java/org/apache/xml/security/keys/content/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		basic handlers for elements that can occur inside <CODE>ds:KeyInfo</CODE>.
2		</P></BODY></HTML>⏎

+0

-3

~~src/main/java/org/apache/xml/security/keys/content/x509/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		basic handlers for elements that can occur inside <CODE>ds:X509Data</CODE>.
2		</P></BODY></HTML>⏎

+0

-3

~~src/main/java/org/apache/xml/security/keys/keyresolver/implementations/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		implementations for retrieval of certificates and public keys from elements.
2		</P></BODY></HTML>⏎

+0

-3

~~src/main/java/org/apache/xml/security/keys/keyresolver/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		the resolver framework for retrieval of certificates and public keys from elements.
2		</P></BODY></HTML>⏎

+0

-3

~~src/main/java/org/apache/xml/security/keys/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		general key related material.
2		</P></BODY></HTML>

+0

-3

~~src/main/java/org/apache/xml/security/keys/storage/implementations/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		implementations of resolvers for retrieval for certificates and public keys from user-specified locations.
2		</P></BODY></HTML>⏎

+0

-3

~~src/main/java/org/apache/xml/security/keys/storage/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		a resolver framework for certificates and public keys from user-specified locations.
2		</P></BODY></HTML>⏎

+0

-33

~~src/main/java/org/apache/xml/security/package.html~~ less more

0		<HTML>
1		<HEAD>
2		<TITLE>org.apache.xml.security</TITLE>
3		</HEAD>
4		<BODY>
5		<H1>Canonical XML and XML Signature Implementation</H1>
6		<H2>Needs the following packages</H2>
7		<UL>
8		<LI>Xerces v2.0.0 <A HREF="http://xml.apache.org/dist/xerces-j/">http://xml.apache.org/dist/xerces-j/</A></LI>
9		<LI>Xalan 2.2.0 <A HREF="http://xml.apache.org/dist/xalan-j/">http://xml.apache.org/dist/xalan-j/</A></LI>
10		<LI>JUnit 3.7 <A HREF="http://download.sourceforge.net/junit/junit3.7.zip">http://download.sourceforge.net/junit/junit3.5.zip</A></LI>
11		<LI>Jakarta Log4J 1.1.2 <A HREF="http://jakarta.apache.org/log4j/">http://jakarta.apache.org/log4j/</A></LI>
12		<LI>ANT <A HREF="http://jakarta.apache.org/builds/jakarta-ant/release/">http://jakarta.apache.org/builds/jakarta-ant/release/</A></LI>
13		</UL>
14		<H1>Packages</H1>
15		<UL>
16		<LI>{@link org.apache.xml.security.algorithms} contains algorithm factories </LI>
17		<LI>{@link org.apache.xml.security.c14n} contains Canonicalization related material and algorithms </LI>
18		<LI>{@link org.apache.xml.security.exceptions} contains all exceptions used by this library </LI>
19		<LI>{@link org.apache.xml.security.keys} contains key related material </LI>
20		<LI>{@link org.apache.xml.security.signature} contains the XML Signature specific classes </LI>
21		<LI>{@link org.apache.xml.security.transforms} XML Signature transformations </LI>
22		<LI>{@link org.apache.xml.security.utils} contains all utility classes </LI>
23		</UL>
24		<H2>Support</H2>
25		<P>See <A HREF="http://xml.apache.org/security/">the xml-security project</A> for further assistence</P>
26		<H2>Author</H2>
27		<P>Christian Geuer-Pollmann geuer-pollmann@nue.et-inf.uni-siegen.de<BR>
28		University of Siegen<BR>
29		Institute for Data Communications Systems<BR>
30		</P>
31		</BODY>
32		</HTML>

+17

-0

src/main/java/org/apache/xml/security/resource/config.xml less more

214	214	Description="Digital Signature Algorithm with SHA-1 message digest"
215	215	AlgorithmClass="Signature"
216	216	RequirementLevel="REQUIRED"
	217	RequiredKey="DSA"
217	218	JCEName="SHA1withDSA"/>
218	219
219	220	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"

221	222	AlgorithmClass="Signature"
222	223	RequirementLevel="NOT RECOMMENDED"
223	224	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	225	RequiredKey="RSA"
224	226	JCEName="MD5withRSA"/>
225	227
226	228	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"

228	230	AlgorithmClass="Signature"
229	231	RequirementLevel="OPTIONAL"
230	232	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	233	RequiredKey="RSA"
231	234	JCEName="RIPEMD160withRSA"/>
232	235
233	236	<Algorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
234	237	Description="RSA Signature with SHA-1 message digest"
235	238	AlgorithmClass="Signature"
236	239	RequirementLevel="RECOMMENDED"
	240	RequiredKey="RSA"
237	241	JCEName="SHA1withRSA"/>
238	242
239	243	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha2224"

241	245	AlgorithmClass="Signature"
242	246	RequirementLevel="OPTIONAL"
243	247	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	248	RequiredKey="RSA"
244	249	JCEName="SHA224withRSA"/>
245	250
246	251	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"

248	253	AlgorithmClass="Signature"
249	254	RequirementLevel="OPTIONAL"
250	255	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	256	RequiredKey="RSA"
251	257	JCEName="SHA256withRSA"/>
252	258
253	259	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"

255	261	AlgorithmClass="Signature"
256	262	RequirementLevel="OPTIONAL"
257	263	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	264	RequiredKey="RSA"
258	265	JCEName="SHA384withRSA"/>
259	266
260	267	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"

262	269	AlgorithmClass="Signature"
263	270	RequirementLevel="OPTIONAL"
264	271	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	272	RequiredKey="RSA"
265	273	JCEName="SHA512withRSA"/>
266	274
267	275	<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha1-rsa-MGF1"
268	276	Description="RSASSA-PSS Signature with SHA-1 message digest"
269	277	AlgorithmClass="Signature"
270	278	RequirementLevel="RECOMMENDED"
	279	RequiredKey="RSA"
271	280	JCEName="SHA1withRSAandMGF1"/>
272	281
273	282	<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha224-rsa-MGF1"

275	284	AlgorithmClass="Signature"
276	285	RequirementLevel="OPTIONAL"
277	286	SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt"
	287	RequiredKey="RSA"
278	288	JCEName="SHA224withRSAandMGF1"/>
279	289
280	290	<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1"

282	292	AlgorithmClass="Signature"
283	293	RequirementLevel="OPTIONAL"
284	294	SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt"
	295	RequiredKey="RSA"
285	296	JCEName="SHA256withRSAandMGF1"/>
286	297
287	298	<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1"

289	300	AlgorithmClass="Signature"
290	301	RequirementLevel="OPTIONAL"
291	302	SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt"
	303	RequiredKey="RSA"
292	304	JCEName="SHA384withRSAandMGF1"/>
293	305
294	306	<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1"

296	308	AlgorithmClass="Signature"
297	309	RequirementLevel="OPTIONAL"
298	310	SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt"
	311	RequiredKey="RSA"
299	312	JCEName="SHA512withRSAandMGF1"/>
300	313
301	314	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"

310	323	AlgorithmClass="Signature"
311	324	RequirementLevel="OPTIONAL"
312	325	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	326	RequiredKey="EC"
313	327	JCEName="SHA224withECDSA"/>
314	328
315	329	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"

317	331	AlgorithmClass="Signature"
318	332	RequirementLevel="OPTIONAL"
319	333	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	334	RequiredKey="EC"
320	335	JCEName="SHA256withECDSA"/>
321	336
322	337	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"

324	339	AlgorithmClass="Signature"
325	340	RequirementLevel="OPTIONAL"
326	341	SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt"
	342	RequiredKey="EC"
327	343	JCEName="SHA384withECDSA"/>
328	344
329	345	<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"

338	354	AlgorithmClass="Signature"
339	355	RequirementLevel="OPTIONAL"
340	356	SpecificationURL="https://tools.ietf.org/html/rfc6931"
	357	RequiredKey="EC"
341	358	JCEName="RIPEMD160withECDSA"/>
342	359
343	360	<!-- MAC Algorithms -->

+0

-3

~~src/main/java/org/apache/xml/security/resource/package.html~~ less more

0		<HTML> <HEAD> </HEAD> <BODY> <P>
1		software configuration and internationalization ({@link org.apache.xml.security.utils.I18n}).
2		</P></BODY> </HTML>

+1

-1

src/main/java/org/apache/xml/security/signature/Reference.java less more

264	264
265	265	String uri = digestMethodElem.getAttributeNS(null, Constants._ATT_ALGORITHM);
266	266
267		if (uri == null) {
	267	if ("".equals(uri)) {
268	268	return null;
269	269	}
270	270

+0

-3

~~src/main/java/org/apache/xml/security/signature/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		XML Signature specific classes.
2		</P></BODY></HTML>

+2

-2

src/main/java/org/apache/xml/security/stax/ext/stax/XMLSecEventFactory.java less more

31	31
32	32	/**
33	33	* @author $Author: giger $
34		* @version $Revision: 1399272 $ $Date: 2012-10-17 16:02:10 +0200 (Wed, 17 Oct 2012) $
	34	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
35	35	*/
36	36	public class XMLSecEventFactory {
37	37

74	74	return new XMLSecCharactersImpl(xmlStreamReader.getText(), false, true, xmlStreamReader.isWhiteSpace(), parentXMLSecStartElement);
75	75	case XMLStreamConstants.START_DOCUMENT:
76	76	String systemId = xmlStreamReader.getLocation() != null ? xmlStreamReader.getLocation().getSystemId() : null;
77		return new XMLSecStartDocumentImpl(systemId, xmlStreamReader.getEncoding(),
	77	return new XMLSecStartDocumentImpl(systemId, xmlStreamReader.getCharacterEncodingScheme(),
78	78	xmlStreamReader.standaloneSet() ? xmlStreamReader.isStandalone() : null, xmlStreamReader.getVersion());
79	79	case XMLStreamConstants.END_DOCUMENT:
80	80	return new XMLSecEndDocumentImpl();

+45

-1

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecAttributeImpl.java less more

22	22
23	23	import javax.xml.namespace.QName;
24	24	import javax.xml.stream.XMLStreamConstants;
	25	import javax.xml.stream.XMLStreamException;
	26	import java.io.IOException;
	27	import java.io.Writer;
25	28
26	29	/**
27	30	* Class to let XML-Attributes be comparable how it is requested by C14N
28	31	*
29	32	* @author $Author: giger $
30		* @version $Revision: 1399606 $ $Date: 2012-10-18 14:17:41 +0200 (Thu, 18 Oct 2012) $
	33	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
31	34	*/
32	35	public class XMLSecAttributeImpl extends XMLSecEventBaseImpl implements XMLSecAttribute {
33	36

107	110	public boolean isAttribute() {
108	111	return true;
109	112	}
	113
	114	@Override
	115	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	116	try {
	117	final String prefix = getName().getPrefix();
	118	if (prefix != null && !prefix.isEmpty()) {
	119	writer.write(prefix);
	120	writer.write(':');
	121	}
	122	writer.write(getName().getLocalPart());
	123	writer.write("=\"");
	124	writeEncoded(writer, getValue());
	125	writer.write("\"");
	126	} catch (IOException e) {
	127	throw new XMLStreamException(e);
	128	}
	129	}
	130
	131	private void writeEncoded(Writer writer, String text) throws IOException {
	132	final int length = text.length();
	133
	134	int i = 0;
	135	int idx = 0;
	136	while (i < length) {
	137	char c = text.charAt(i);
	138	switch (c) {
	139	case '&':
	140	writer.write(text, idx, i - idx);
	141	writer.write("&");
	142	idx = i + 1;
	143	break;
	144	case '"':
	145	writer.write(text, idx, i - idx);
	146	writer.write(""");
	147	idx = i + 1;
	148	break;
	149	}
	150	i++;
	151	}
	152	writer.write(text, idx, length - idx);
	153	}
110	154	}

+48

-1

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecCharactersImpl.java less more

21	21	import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
22	22
23	23	import javax.xml.stream.XMLStreamConstants;
	24	import javax.xml.stream.XMLStreamException;
	25	import java.io.IOException;
	26	import java.io.Writer;
24	27
25	28	/**
26	29	* @author $Author: giger $
27		* @version $Revision: 1399606 $ $Date: 2012-10-18 14:17:41 +0200 (Thu, 18 Oct 2012) $
	30	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
28	31	*/
29	32	public class XMLSecCharactersImpl extends XMLSecEventBaseImpl implements XMLSecCharacters {
30	33

98	101	public XMLSecCharacters asCharacters() {
99	102	return this;
100	103	}
	104
	105	@Override
	106	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	107	try {
	108	if (isCData) {
	109	writer.write("<![CDATA[");
	110	writer.write(getText());
	111	writer.write("]]>");
	112	} else {
	113	writeEncoded(writer, getText());
	114	}
	115	} catch (IOException e) {
	116	throw new XMLStreamException(e);
	117	}
	118	}
	119
	120	private void writeEncoded(Writer writer, char[] text) throws IOException {
	121	final int length = text.length;
	122
	123	int i = 0;
	124	int idx = 0;
	125	while (i < length) {
	126	char c = text[i];
	127	switch (c) {
	128	case '<':
	129	writer.write(text, idx, i - idx);
	130	writer.write("<");
	131	idx = i + 1;
	132	break;
	133	case '>':
	134	writer.write(text, idx, i - idx);
	135	writer.write(">");
	136	idx = i + 1;
	137	break;
	138	case '&':
	139	writer.write(text, idx, i - idx);
	140	writer.write("&");
	141	idx = i + 1;
	142	break;
	143	}
	144	i++;
	145	}
	146	writer.write(text, idx, length - idx);
	147	}
101	148	}

+16

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecCommentImpl.java less more

21	21	import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
22	22
23	23	import javax.xml.stream.XMLStreamConstants;
	24	import javax.xml.stream.XMLStreamException;
	25	import java.io.IOException;
	26	import java.io.Writer;
24	27
25	28	/**
26		* @author $Author: coheigea $
27		* @version $Revision: 1354896 $ $Date: 2012-06-28 12:11:05 +0200 (Thu, 28 Jun 2012) $
	29	* @author $Author: giger $
	30	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
28	31	*/
29	32	public class XMLSecCommentImpl extends XMLSecEventBaseImpl implements XMLSecComment {
30	33

44	47	public int getEventType() {
45	48	return XMLStreamConstants.COMMENT;
46	49	}
	50
	51	@Override
	52	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	53	try {
	54	writer.write("<!--");
	55	writer.write(getText());
	56	writer.write("-->");
	57	} catch (IOException e) {
	58	throw new XMLStreamException(e);
	59	}
	60	}
47	61	}

+14

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecDTDImpl.java less more

21	21	import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
22	22
23	23	import javax.xml.stream.XMLStreamConstants;
	24	import javax.xml.stream.XMLStreamException;
	25	import java.io.IOException;
	26	import java.io.Writer;
24	27	import java.util.Collections;
25	28	import java.util.List;
26	29
27	30	/**
28		* @author $Author: coheigea $
29		* @version $Revision: 1354896 $ $Date: 2012-06-28 12:11:05 +0200 (Thu, 28 Jun 2012) $
	31	* @author $Author: giger $
	32	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
30	33	*/
31	34	public class XMLSecDTDImpl extends XMLSecEventBaseImpl implements XMLSecDTD {
32	35

61	64	public int getEventType() {
62	65	return XMLStreamConstants.DTD;
63	66	}
	67
	68	@Override
	69	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	70	try {
	71	writer.write(getDocumentTypeDeclaration());
	72	} catch (IOException e) {
	73	throw new XMLStreamException(e);
	74	}
	75	}
64	76	}

+9

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecEndDocumentImpl.java less more

20	20	import org.apache.xml.security.stax.ext.stax.XMLSecEndDocument;
21	21
22	22	import javax.xml.stream.XMLStreamConstants;
	23	import javax.xml.stream.XMLStreamException;
	24	import java.io.Writer;
23	25
24	26	/**
25		* @author $Author: coheigea $
26		* @version $Revision: 1354896 $ $Date: 2012-06-28 12:11:05 +0200 (Thu, 28 Jun 2012) $
	27	* @author $Author: giger $
	28	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
27	29	*/
28	30	public class XMLSecEndDocumentImpl extends XMLSecEventBaseImpl implements XMLSecEndDocument {
29	31

41	43	public XMLSecEndDocument asEndEndDocument() {
42	44	return this;
43	45	}
	46
	47	@Override
	48	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	49	// nothing to write.
	50	}
44	51	}

+20

-1

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecEndElementImpl.java less more

22	22
23	23	import javax.xml.namespace.QName;
24	24	import javax.xml.stream.XMLStreamConstants;
	25	import javax.xml.stream.XMLStreamException;
	26	import java.io.IOException;
	27	import java.io.Writer;
25	28	import java.util.Iterator;
26	29
27	30	/**
28	31	* @author $Author: giger $
29		* @version $Revision: 1393096 $ $Date: 2012-10-02 20:59:13 +0200 (Tue, 02 Oct 2012) $
	32	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
30	33	*/
31	34	public class XMLSecEndElementImpl extends XMLSecEventBaseImpl implements XMLSecEndElement {
32	35

61	64	public XMLSecEndElement asEndElement() {
62	65	return this;
63	66	}
	67
	68	@Override
	69	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	70	try {
	71	writer.write("</");
	72	final String prefix = getName().getPrefix();
	73	if (prefix != null && !prefix.isEmpty()) {
	74	writer.write(getName().getPrefix());
	75	writer.write(':');
	76	}
	77	writer.write(getName().getLocalPart());
	78	writer.write('>');
	79	} catch (IOException e) {
	80	throw new XMLStreamException(e);
	81	}
	82	}
64	83	}

+20

-1

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecEntityDeclarationImpl.java less more

20	20	import org.apache.xml.security.stax.ext.stax.XMLSecEntityDeclaration;
21	21
22	22	import javax.xml.stream.XMLStreamConstants;
	23	import javax.xml.stream.XMLStreamException;
	24	import java.io.IOException;
	25	import java.io.Writer;
23	26
24	27	/**
25	28	* @author $Author: giger $
26		* @version $Revision: 1399272 $ $Date: 2012-10-17 16:02:10 +0200 (Wed, 17 Oct 2012) $
	29	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
27	30	*/
28	31	public class XMLSecEntityDeclarationImpl extends XMLSecEventBaseImpl implements XMLSecEntityDeclaration {
29	32

72	75	public boolean isEntityReference() {
73	76	return true;
74	77	}
	78
	79	@Override
	80	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	81	try {
	82	writer.write("<!ENTITY ");
	83	writer.write(getName());
	84	writer.write(" \"");
	85	final String replacementText = getReplacementText();
	86	if (replacementText != null) {
	87	writer.write(replacementText);
	88	}
	89	writer.write("\">");
	90	} catch (IOException e) {
	91	throw new XMLStreamException(e);
	92	}
	93	}
75	94	}

+16

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecEntityReferenceImpl.java less more

21	21	import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
22	22
23	23	import javax.xml.stream.XMLStreamConstants;
	24	import javax.xml.stream.XMLStreamException;
24	25	import javax.xml.stream.events.EntityDeclaration;
	26	import java.io.IOException;
	27	import java.io.Writer;
25	28
26	29	/**
27		* @author $Author: coheigea $
28		* @version $Revision: 1354896 $ $Date: 2012-06-28 12:11:05 +0200 (Thu, 28 Jun 2012) $
	30	* @author $Author: giger $
	31	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
29	32	*/
30	33	public class XMLSecEntityReferenceImpl extends XMLSecEventBaseImpl implements XMLSecEntityReference {
31	34

57	60	public boolean isEntityReference() {
58	61	return true;
59	62	}
	63
	64	@Override
	65	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	66	try {
	67	writer.write('&');
	68	writer.write(getName());
	69	writer.write(';');
	70	} catch (IOException e) {
	71	throw new XMLStreamException(e);
	72	}
	73	}
60	74	}

+3

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecEventBaseImpl.java less more

33	33
34	34	/**
35	35	* @author $Author: giger $
36		* @version $Revision: 1393096 $ $Date: 2012-10-02 20:59:13 +0200 (Tue, 02 Oct 2012) $
	36	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
37	37	*/
38	38	public abstract class XMLSecEventBaseImpl implements XMLSecEvent {
39	39

157	157
158	158	@Override
159	159	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
160		throw new UnsupportedOperationException();
	160	throw new UnsupportedOperationException(
	161	"writeAsEncodedUnicode not implemented for " + this.getClass().getName());
161	162	}
162	163
163	164	static final class LocationImpl implements Location {

+45

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecNamespaceImpl.java less more

22	22	import javax.xml.XMLConstants;
23	23	import javax.xml.namespace.QName;
24	24	import javax.xml.stream.XMLStreamConstants;
	25	import javax.xml.stream.XMLStreamException;
	26	import java.io.IOException;
	27	import java.io.Writer;
25	28	import java.util.Map;
26	29	import java.util.WeakHashMap;
27	30
28	31	/**
29	32	* Class to let XML-Namespaces be comparable how it is requested by C14N
30	33	*
31		* @author $Author: coheigea $
32		* @version $Revision: 1513098 $ $Date: 2013-08-12 12:28:33 +0200 (Mon, 12 Aug 2013) $
	34	* @author $Author: giger $
	35	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
33	36	*/
34	37	public class XMLSecNamespaceImpl extends XMLSecEventBaseImpl implements XMLSecNamespace {
35	38

148	151	}
149	152
150	153	@Override
	154	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	155	try {
	156	writer.write("xmlns");
	157	if (getPrefix() != null && !getPrefix().isEmpty()) {
	158	writer.write(':');
	159	writer.write(getPrefix());
	160	}
	161	writer.write("=\"");
	162	writeEncoded(writer, getValue());
	163	writer.write("\"");
	164	} catch (IOException e) {
	165	throw new XMLStreamException(e);
	166	}
	167	}
	168
	169	private void writeEncoded(Writer writer, String text) throws IOException {
	170	final int length = text.length();
	171
	172	int i = 0;
	173	int idx = 0;
	174	while (i < length) {
	175	char c = text.charAt(i);
	176	switch (c) {
	177	case '&':
	178	writer.write(text, idx, i - idx);
	179	writer.write("&");
	180	idx = i + 1;
	181	break;
	182	case '"':
	183	writer.write(text, idx, i - idx);
	184	writer.write(""");
	185	idx = i + 1;
	186	break;
	187	}
	188	i++;
	189	}
	190	writer.write(text, idx, length - idx);
	191	}
	192
	193	@Override
151	194	public String toString() {
152	195	if (this.prefix == null \|\| this.prefix.isEmpty()) {
153	196	return "xmlns=\"" + this.uri + "\"";

+21

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecProcessingInstructionImpl.java less more

21	21	import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
22	22
23	23	import javax.xml.stream.XMLStreamConstants;
	24	import javax.xml.stream.XMLStreamException;
	25	import java.io.IOException;
	26	import java.io.Writer;
24	27
25	28	/**
26		* @author $Author: coheigea $
27		* @version $Revision: 1354896 $ $Date: 2012-06-28 12:11:05 +0200 (Thu, 28 Jun 2012) $
	29	* @author $Author: giger $
	30	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
28	31	*/
29	32	public class XMLSecProcessingInstructionImpl extends XMLSecEventBaseImpl implements XMLSecProcessingInstruction {
30	33

56	59	public boolean isProcessingInstruction() {
57	60	return true;
58	61	}
	62
	63	@Override
	64	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	65	try {
	66	writer.write("<?");
	67	writer.write(getTarget());
	68	final String data = getData();
	69	if (data != null && !data.isEmpty()) {
	70	writer.write(' ');
	71	writer.write(data);
	72	}
	73	writer.write("?>");
	74	} catch (IOException e) {
	75	throw new XMLStreamException(e);
	76	}
	77	}
59	78	}

+33

-2

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecStartDocumentImpl.java less more

20	20	import org.apache.xml.security.stax.ext.stax.XMLSecStartDocument;
21	21
22	22	import javax.xml.stream.XMLStreamConstants;
	23	import javax.xml.stream.XMLStreamException;
	24	import java.io.IOException;
	25	import java.io.Writer;
23	26
24	27	/**
25		* @author $Author: coheigea $
26		* @version $Revision: 1354896 $ $Date: 2012-06-28 12:11:05 +0200 (Thu, 28 Jun 2012) $
	28	* @author $Author: giger $
	29	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
27	30	*/
28	31	public class XMLSecStartDocumentImpl extends XMLSecEventBaseImpl implements XMLSecStartDocument {
29	32

83	86	public XMLSecStartDocument asStartDocument() {
84	87	return this;
85	88	}
	89
	90	@Override
	91	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	92	try {
	93	writer.write("<?xml version=\"");
	94	if (getVersion() == null \|\| getVersion().isEmpty()) {
	95	writer.write("1.0");
	96	} else {
	97	writer.write(getVersion());
	98	}
	99	writer.write('"');
	100	if (encodingSet()) {
	101	writer.write(" encoding=\"");
	102	writer.write(getCharacterEncodingScheme());
	103	writer.write('"');
	104	}
	105	if (standaloneSet()) {
	106	if (isStandalone()) {
	107	writer.write(" standalone=\"yes\"");
	108	} else {
	109	writer.write(" standalone=\"no\"");
	110	}
	111	}
	112	writer.write(" ?>");
	113	} catch (IOException e) {
	114	throw new XMLStreamException(e);
	115	}
	116	}
86	117	}

+49

-3

src/main/java/org/apache/xml/security/stax/impl/stax/XMLSecStartElementImpl.java less more

24	24	import javax.xml.namespace.NamespaceContext;
25	25	import javax.xml.namespace.QName;
26	26	import javax.xml.stream.XMLStreamConstants;
27
	27	import javax.xml.stream.XMLStreamException;
	28
	29	import java.io.IOException;
	30	import java.io.Writer;
28	31	import java.util.*;
29	32
30	33	/**
31		* @author $Author: coheigea $
32		* @version $Revision: 1545342 $ $Date: 2013-11-25 18:01:00 +0100 (Mon, 25 Nov 2013) $
	34	* @author $Author: giger $
	35	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
33	36	*/
34	37	public class XMLSecStartElementImpl extends XMLSecEventBaseImpl implements XMLSecStartElement {
35	38

243	246	public XMLSecStartElement asStartElement() {
244	247	return this;
245	248	}
	249
	250	@Override
	251	public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException {
	252	try {
	253	writer.write('<');
	254	final String prefix = getName().getPrefix();
	255	if (prefix != null && !prefix.isEmpty()) {
	256	writer.write(prefix);
	257	writer.write(':');
	258	}
	259	writer.write(getName().getLocalPart());
	260
	261	for (XMLSecNamespace xmlSecNamespace : namespaces) {
	262	writer.write(" xmlns");
	263
	264	final String nsPrefix = xmlSecNamespace.getPrefix();
	265	if (nsPrefix != null && !nsPrefix.isEmpty()) {
	266	writer.write(':');
	267	writer.write(nsPrefix);
	268	}
	269	writer.write("=\"");
	270	writer.write(xmlSecNamespace.getValue());
	271	writer.write('"');
	272	}
	273
	274	for (XMLSecAttribute xmlSecAttribute : attributes) {
	275	writer.write(' ');
	276	final String attrPrefix = xmlSecAttribute.getName().getPrefix();
	277	if (attrPrefix != null && !attrPrefix.isEmpty()) {
	278	writer.write(attrPrefix);
	279	writer.write(':');
	280	}
	281	writer.write(xmlSecAttribute.getName().getLocalPart());
	282	writer.write("=\"");
	283	writer.write(xmlSecAttribute.getValue());
	284	writer.write('"');
	285	}
	286
	287	writer.write('>');
	288	} catch (IOException e) {
	289	throw new XMLStreamException(e);
	290	}
	291	}
246	292	}

+2

-2

src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/Canonicalizer11.java less more

25	25	import java.util.*;
26	26
27	27	/**
28		* @author $Author: giger $
29		* @version $Revision: 1460408 $ $Date: 2013-03-24 16:47:32 +0100 (Sun, 24 Mar 2013) $
	28	* @author $Author: coheigea $
	29	* @version $Revision: 1661635 $ $Date: 2015-02-23 12:01:42 +0100 (Mon, 23 Feb 2015) $
30	30	*/
31	31	public class Canonicalizer11 extends CanonicalizerBase {
32	32	public Canonicalizer11(boolean includeComments) {

+1

-1

src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/Canonicalizer20010315.java less more

19	19
20	20	/**
21	21	* @author $Author: coheigea $
22		* @version $Revision: 1354896 $ $Date: 2012-06-28 12:11:05 +0200 (Thu, 28 Jun 2012) $
	22	* @version $Revision: 1661635 $ $Date: 2015-02-23 12:01:42 +0100 (Mon, 23 Feb 2015) $
23	23	*/
24	24	public abstract class Canonicalizer20010315 extends CanonicalizerBase {
25	25

+1

-1

src/main/java/org/apache/xml/security/stax/impl/transformer/canonicalizer/Canonicalizer20010315_Excl.java less more

24	24
25	25	/**
26	26	* @author $Author: coheigea $
27		* @version $Revision: 1556187 $ $Date: 2014-01-07 12:46:31 +0100 (Tue, 07 Jan 2014) $
	27	* @version $Revision: 1661635 $ $Date: 2015-02-23 12:01:42 +0100 (Mon, 23 Feb 2015) $
28	28	*/
29	29	public abstract class Canonicalizer20010315_Excl extends CanonicalizerBase {
30	30

+5

-1

src/main/java/org/apache/xml/security/transforms/Transforms.java less more

262	262	int last = this.getLength() - 1;
263	263	for (int i = 0; i < last; i++) {
264	264	Transform t = this.item(i);
265		String uri = t.getURI();
266	265	if (log.isDebugEnabled()) {
	266	String uri = t.getURI();
267	267	log.debug("Perform the (" + i + ")th " + uri + " transform");
268	268	}
269	269	checkSecureValidation(t);

271	271	}
272	272	if (last >= 0) {
273	273	Transform t = this.item(last);
	274	if (log.isDebugEnabled()) {
	275	String uri = t.getURI();
	276	log.debug("Perform the (" + last + ")th " + uri + " transform");
	277	}
274	278	checkSecureValidation(t);
275	279	xmlSignatureInput = t.performTransform(xmlSignatureInput, os);
276	280	}

+0

-3

~~src/main/java/org/apache/xml/security/transforms/implementations/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		implementations of XML Signature transforms.
2		</P></BODY></HTML>

+0

-3

~~src/main/java/org/apache/xml/security/transforms/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		the framework for XML Signature transforms.
2		</P></BODY></HTML>

+11

-12

src/main/java/org/apache/xml/security/utils/WeakObjectPool.java less more

26	26
27	27	/**
28	28	* Abstract base class for pooling objects. The two public methods are
29		* {@link #getObject()} and ({@link #repool()}. Objects are held through
	29	* {@link #getObject()} and ({@link #repool(Object)}. Objects are held through
30	30	* weak references so even objects that are not repooled are subject to garbage collection.
31	31	*
32	32	* Subclasses must implement the abstract {@link #createObject()}.

38	38	public abstract class WeakObjectPool<T, E extends Throwable> {
39	39
40	40	private static final Integer MARKER_VALUE = Integer.MAX_VALUE;//once here rather than auto-box it?
	41
	42	/** created, available objects to be checked out to clients */
	43	private final BlockingQueue<WeakReference<T>> available;
	44
	45	/**
	46	* Synchronized, identity map of loaned out objects (WeakHashMap);
	47	* use to ensure we repool only object originating from here
	48	* and do it once.
	49	*/
	50	private final Map<T, Integer> onLoan;
41	51
42	52	/**
43	53	* The lone constructor.

75	85	if (retValue == null) {
76	86	//empty pool; create & add new one
77	87	retValue = createObject();
78		ref = new WeakReference<T>(retValue);
79	88	}
80	89	onLoan.put(retValue, MARKER_VALUE);
81	90	return retValue;

101	110	}
102	111	return false;
103	112	}
104
105		/** created, available objects to be checked out to clients */
106		private final BlockingQueue<WeakReference<T>> available;
107
108		/**
109		* Synchronized, identity map of loaned out objects (WeakHashMap);
110		* use to ensure we repool only object originating from here
111		* and do it once.
112		*/
113		private final Map<T, Integer> onLoan;
114	113	}

+2

-15

src/main/java/org/apache/xml/security/utils/XMLUtils.java less more

1073	1073	/**
1074	1074	* Return this document builder to be reused
1075	1075	* @param db DocumentBuilder returned from any of {@link #createDocumentBuilder} methods.
1076		* @param disAllowDocTypeDeclarations We can't figure out its value from the documentBuilder itself
1077		* @return whether it was successfully returned to the pool
	1076	* @return whether it was successfully returned to the pool
1078	1077	*/
1079	1078	public static boolean repoolDocumentBuilder(DocumentBuilder db) {
1080		if (db == null \|\| !(db instanceof DocumentBuilderProxy)) {
	1079	if (!(db instanceof DocumentBuilderProxy)) {
1081	1080	return false;
1082	1081	}
1083	1082	db.reset();

1106	1105	return disAllowDocTypeDeclarations;
1107	1106	}
1108	1107
1109		public int hashCode() {
1110		return delegate.hashCode();
1111		}
1112
1113	1108	public void reset() {
1114	1109	delegate.reset();
1115	1110	}
1116	1111
1117	1112	public Document parse(InputStream is) throws SAXException, IOException {
1118	1113	return delegate.parse(is);
1119		}
1120
1121		public boolean equals(Object obj) {
1122		return delegate.equals(obj);
1123	1114	}
1124	1115
1125	1116	public Document parse(InputStream is, String systemId)

1133	1124
1134	1125	public Document parse(File f) throws SAXException, IOException {
1135	1126	return delegate.parse(f);
1136		}
1137
1138		public String toString() {
1139		return delegate.toString();
1140	1127	}
1141	1128
1142	1129	public Schema getSchema() {

+0

-3

~~src/main/java/org/apache/xml/security/utils/package.html~~ less more

0		<HTML><HEAD></HEAD><BODY><P>
1		general utility classes.
2		</P></BODY></HTML>

+0

-8

~~src/main/java/org/apache/xml/security/utils/resolver/implementations/package.html~~ less more

0		<HTML>
1		<HEAD> </HEAD>
2		<BODY>
3		<P>
4		implememtations of different ResourceResolver classes used to resolve ds:Reference URIs.
5		</P>
6		</BODY>
7		</HTML>

+0

-8

~~src/main/java/org/apache/xml/security/utils/resolver/package.html~~ less more

0		<HTML>
1		<HEAD> </HEAD>
2		<BODY>
3		<P>
4		the ResourceResolver classes used to resolve ds:Reference URIs.
5		</P>
6		</BODY>
7		</HTML>

+181

-0

src/test/java/org/apache/xml/security/test/dom/encryption/SignedEncryptedTest.java less more

	0	/**
	1	* Licensed to the Apache Software Foundation (ASF) under one
	2	* or more contributor license agreements. See the NOTICE file
	3	* distributed with this work for additional information
	4	* regarding copyright ownership. The ASF licenses this file
	5	* to you under the Apache License, Version 2.0 (the
	6	* "License"); you may not use this file except in compliance
	7	* with the License. You may obtain a copy of the License at
	8	*
	9	* http://www.apache.org/licenses/LICENSE-2.0
	10	*
	11	* Unless required by applicable law or agreed to in writing,
	12	* software distributed under the License is distributed on an
	13	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	14	* KIND, either express or implied. See the License for the
	15	* specific language governing permissions and limitations
	16	* under the License.
	17	*/
	18	package org.apache.xml.security.test.dom.encryption;
	19
	20	import org.apache.xml.security.encryption.DocumentSerializer;
	21	import org.apache.xml.security.encryption.TransformSerializer;
	22	import org.apache.xml.security.encryption.XMLCipher;
	23	import org.apache.xml.security.signature.XMLSignature;
	24	import org.apache.xml.security.test.dom.DSNamespaceContext;
	25	import org.apache.xml.security.transforms.Transforms;
	26	import org.apache.xml.security.utils.Constants;
	27	import org.apache.xml.security.utils.XMLUtils;
	28	import org.junit.Assert;
	29	import org.junit.Before;
	30	import org.junit.Ignore;
	31	import org.junit.Test;
	32	import org.w3c.dom.Document;
	33	import org.w3c.dom.Element;
	34
	35	import javax.crypto.KeyGenerator;
	36	import javax.crypto.SecretKey;
	37	import javax.xml.parsers.DocumentBuilder;
	38	import javax.xml.transform.TransformerFactory;
	39	import javax.xml.xpath.XPath;
	40	import javax.xml.xpath.XPathConstants;
	41	import javax.xml.xpath.XPathFactory;
	42	import java.io.ByteArrayInputStream;
	43	import java.lang.reflect.Field;
	44	import java.security.KeyPair;
	45	import java.security.KeyPairGenerator;
	46	import java.security.PrivateKey;
	47	import java.security.PublicKey;
	48	import java.util.UUID;
	49
	50	/**
	51	* @author $Author: giger $
	52	* @version $Revision: 1656895 $ $Date: 2015-02-03 20:20:08 +0100 (Tue, 03 Feb 2015) $
	53	*/
	54	public class SignedEncryptedTest extends Assert {
	55
	56	private static final String SAMPLE_MSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
	57	+ "<SOAP-ENV:Envelope "
	58	+ "xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" "
	59	+ "xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" "
	60	+ "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">"
	61	+ "<SOAP-ENV:Body xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">"
	62	+ "<add xmlns=\"http://ws.apache.org/counter/counter_port_type\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">"
	63	+ "<value xmlns=\"http://blah.com\">15</value>"
	64	+ "<o:other xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:o=\"http://other.com\" xmlns=\"\">0</o:other>"
	65	+ "</add>"
	66	+ "</SOAP-ENV:Body>"
	67	+ "</SOAP-ENV:Envelope>";
	68
	69	@Before
	70	public void setUp() throws Exception {
	71	org.apache.xml.security.Init.init();
	72	}
	73
	74	/**
	75	* This test uses the oracle jdk "built-in" identity-transformer to
	76	* insert the decrypted content into the original document.
	77	*
	78	* @throws Exception
	79	*/
	80	@Ignore
	81	@Test
	82	public void decryptUsingSunTransformer() throws Exception {
	83	try {
	84	Class<?> tf = getClass().getClassLoader().loadClass(
	85	"com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
	86	secureAndVerify((TransformerFactory) tf.newInstance(), false);
	87	} catch (ClassNotFoundException e) {
	88	System.out.println(
	89	"com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl not found, skipping test");
	90	}
	91	}
	92
	93	/**
	94	* This test uses the xalan identity-transformer to insert the decrypted content into the original document.
	95	*
	96	* @throws Exception
	97	*/
	98	@Test
	99	public void decryptUsingXalanTransformer() throws Exception {
	100	try {
	101	Class<?> tf = getClass().getClassLoader().loadClass(
	102	"org.apache.xalan.processor.TransformerFactoryImpl");
	103	secureAndVerify((TransformerFactory) tf.newInstance(), false);
	104	} catch (ClassNotFoundException e) {
	105	System.out.println(
	106	"org.apache.xalan.processor.TransformerFactoryImpl not found, skipping test");
	107	}
	108	}
	109
	110	/**
	111	* This test does not use the IdentityTransformer but instead it uses the DocumentSerializer
	112	* which uses the DocumentBuilder to read in the decrypted content and then does a DOM2DOM copy.
	113	*
	114	* @throws Exception
	115	*/
	116	@Test
	117	public void decryptUsingSunDOMSerializer() throws Exception {
	118	secureAndVerify(null, true);
	119	}
	120
	121	public void secureAndVerify(TransformerFactory transformerFactory, boolean useDocumentSerializer) throws Exception {
	122	DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
	123	Document document = builder.parse(new ByteArrayInputStream(SAMPLE_MSG.getBytes("UTF-8")));
	124
	125	// Set up the Key
	126	KeyPairGenerator rsaKeygen = KeyPairGenerator.getInstance("RSA");
	127	KeyPair kp = rsaKeygen.generateKeyPair();
	128	PrivateKey priv = kp.getPrivate();
	129	PublicKey pub = kp.getPublic();
	130
	131	XMLSignature sig = new XMLSignature(document, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1,
	132	Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
	133	Element sigElement = sig.getElement();
	134	document.getDocumentElement().appendChild(sigElement);
	135
	136	XPathFactory xpf = XPathFactory.newInstance();
	137	XPath xpath = xpf.newXPath();
	138	xpath.setNamespaceContext(new DSNamespaceContext());
	139
	140	Element element =
	141	(Element) xpath.evaluate("//*[local-name()='Body']", document, XPathConstants.NODE);
	142
	143	String id = UUID.randomUUID().toString();
	144	element.setAttributeNS(null, "Id", id);
	145	element.setIdAttributeNS(null, "Id", true);
	146
	147	Transforms transforms = new Transforms(document);
	148	transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
	149	sig.addDocument("#" + id, transforms, Constants.ALGO_ID_DIGEST_SHA1);
	150
	151	sig.addKeyInfo(pub);
	152	sig.sign(priv);
	153
	154	KeyGenerator keygen = KeyGenerator.getInstance("AES");
	155	keygen.init(256);
	156	SecretKey secretKey = keygen.generateKey();
	157
	158	XMLCipher cipher = XMLCipher.getInstance(XMLCipher.AES_128);
	159	cipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
	160
	161	document = cipher.doFinal(document, element, true);
	162
	163	XMLCipher deCipher = XMLCipher.getInstance(XMLCipher.AES_128);
	164	if (transformerFactory != null) {
	165	if (deCipher.getSerializer() instanceof TransformSerializer) {
	166	Field f = deCipher.getSerializer().getClass().getDeclaredField("transformerFactory");
	167	f.setAccessible(true);
	168	f.set(deCipher.getSerializer(), transformerFactory);
	169	}
	170	}
	171	if (useDocumentSerializer) {
	172	deCipher.setSerializer(new DocumentSerializer());
	173	}
	174	deCipher.init(XMLCipher.DECRYPT_MODE, secretKey);
	175	deCipher.doFinal(document, element, true);
	176
	177	XMLSignature xmlSignatureVerifier = new XMLSignature(sigElement, "");
	178	Assert.assertTrue(xmlSignatureVerifier.checkSignatureValue(pub));
	179	}
	180	}

+0

-0

src/test/java/org/apache/xml/security/test/dom/signature/InvalidKeyTest.java less more

(No changes)

+176

-0

src/test/java/org/apache/xml/security/test/dom/utils/DocumentBuilderPoolingTest.java less more

	0	/**
	1	* Licensed to the Apache Software Foundation (ASF) under one
	2	* or more contributor license agreements. See the NOTICE file
	3	* distributed with this work for additional information
	4	* regarding copyright ownership. The ASF licenses this file
	5	* to you under the Apache License, Version 2.0 (the
	6	* "License"); you may not use this file except in compliance
	7	* with the License. You may obtain a copy of the License at
	8	*
	9	* http://www.apache.org/licenses/LICENSE-2.0
	10	*
	11	* Unless required by applicable law or agreed to in writing,
	12	* software distributed under the License is distributed on an
	13	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	14	* KIND, either express or implied. See the License for the
	15	* specific language governing permissions and limitations
	16	* under the License.
	17	*/
	18	package org.apache.xml.security.test.dom.utils;
	19
	20	import org.apache.xml.security.utils.WeakObjectPool;
	21	import org.apache.xml.security.utils.XMLUtils;
	22	import org.junit.Test;
	23
	24	import javax.xml.parsers.DocumentBuilder;
	25	import java.lang.ref.WeakReference;
	26	import java.lang.reflect.Field;
	27	import java.util.Iterator;
	28	import java.util.concurrent.*;
	29
	30	import static org.junit.Assert.*;
	31
	32	public class DocumentBuilderPoolingTest {
	33
	34	private static final String DOCUMENTBUILDERPROXY_CLASSNAME =
	35	"org.apache.xml.security.utils.XMLUtils$DocumentBuilderProxy";
	36
	37	@Test
	38	public void testEquals() throws Exception {
	39	DocumentBuilder documentBuilder = XMLUtils.createDocumentBuilder(true);
	40	assertEquals(documentBuilder, documentBuilder);
	41	assertSame(documentBuilder, documentBuilder);
	42	}
	43
	44	@Test
	45	public void testGetValidatingDocumentBuilder() throws Exception {
	46	DocumentBuilder documentBuilder = XMLUtils.createDocumentBuilder(true);
	47	assertTrue(documentBuilder.isValidating());
	48	}
	49
	50	@Test
	51	public void testGetNonValidatingDocumentBuilder() throws Exception {
	52	DocumentBuilder documentBuilder = XMLUtils.createDocumentBuilder(false);
	53	assertFalse(documentBuilder.isValidating());
	54	}
	55
	56	@Test
	57	public void testGetValidatingAndAllowDocTypeDeclarationsDocumentBuilder() throws Exception {
	58	DocumentBuilder documentBuilder = XMLUtils.createDocumentBuilder(true, false);
	59	assertTrue(documentBuilder.isValidating());
	60	assertEquals(documentBuilder.getClass().getName(), DOCUMENTBUILDERPROXY_CLASSNAME);
	61	assertAllowDocTypeDeclarations(documentBuilder, false);
	62	}
	63
	64	@Test
	65	public void testGetValidatingAndDisAllowDocTypeDeclarationsDocumentBuilder() throws Exception {
	66	DocumentBuilder documentBuilder = XMLUtils.createDocumentBuilder(true, true);
	67	assertTrue(documentBuilder.isValidating());
	68	assertEquals(documentBuilder.getClass().getName(), DOCUMENTBUILDERPROXY_CLASSNAME);
	69	assertAllowDocTypeDeclarations(documentBuilder, true);
	70	}
	71
	72	private void assertAllowDocTypeDeclarations(DocumentBuilder documentBuilder, boolean allow) throws Exception {
	73	Field field = documentBuilder.getClass().getDeclaredField("disAllowDocTypeDeclarations");
	74	field.setAccessible(true);
	75	assertEquals(allow, field.get(documentBuilder));
	76	}
	77
	78	@Test
	79	public void testNewDocumentBuilderInstances() throws Exception {
	80	int count = 4;
	81
	82	// get all possible combinations of DocumentBuilders:
	83	DocumentBuilder[] documentBuilders = new DocumentBuilder[count];
	84	for (int i = 0; i < count; i++) {
	85	documentBuilders[i] = XMLUtils.createDocumentBuilder(i / 2 > 0, i % 2 == 1);
	86	}
	87
	88	//test that we got always a new instance:
	89	for (int i = 0; i < count; i++) {
	90	for (int j = i + 1; j < count; j++) {
	91	assertNotEquals(documentBuilders[i], documentBuilders[j]);
	92	assertNotSame(documentBuilders[i], documentBuilders[j]);
	93	}
	94	}
	95	}
	96
	97	@Test
	98	public void testRepoolingTwice() throws Exception {
	99	DocumentBuilder documentBuilder = XMLUtils.createDocumentBuilder(true);
	100	assertTrue(XMLUtils.repoolDocumentBuilder(documentBuilder));
	101	assertFalse("can't repool the same object twice!", XMLUtils.repoolDocumentBuilder(documentBuilder));
	102	}
	103
	104	@Test(timeout = 30000)
	105	public void testPooling() throws Exception {
	106	int nThreads = 8;
	107	ExecutorService exec = Executors.newFixedThreadPool(nThreads);
	108	Future<?>[] results = new Future[nThreads];
	109	for (int i = 0; i < nThreads - 1; i++) {
	110	results[i] = exec.submit(new Runnable() {
	111	@Override
	112	public void run() {
	113	try {
	114	while (true) {
	115	// retrieve some DocumentBuilders...
	116	DocumentBuilder documentBuilders[] = new DocumentBuilder[10];
	117	for (int i = 0; i < documentBuilders.length; i++) {
	118	documentBuilders[i] = XMLUtils.createDocumentBuilder(false);
	119	assertNotNull(documentBuilders[i]);
	120	}
	121	// ...then repool them so that another thread may pickup them again
	122	for (int i = 0; i < documentBuilders.length; i++) {
	123	assertTrue(XMLUtils.repoolDocumentBuilder(documentBuilders[i]));
	124	}
	125	}
	126	} catch (Exception e) {
	127	throw new RuntimeException(e);
	128	}
	129	}
	130	});
	131	}
	132	// more or less mimic gc
	133	results[nThreads - 1] = exec.submit(new Runnable() {
	134	@Override
	135	public void run() {
	136	try {
	137	final Field poolField = XMLUtils.class.getDeclaredField("pools");
	138	poolField.setAccessible(true);
	139	final WeakObjectPool[] weakObjectPools = (WeakObjectPool[]) poolField.get(null);
	140
	141	final Field availableField = WeakObjectPool.class.getDeclaredField("available");
	142	availableField.setAccessible(true);
	143
	144	while (true) {
	145	final BlockingDeque blockingDeque = (BlockingDeque) availableField.get(weakObjectPools[1]);
	146	Iterator iterator = blockingDeque.iterator();
	147	while (iterator.hasNext()) {
	148	((WeakReference) iterator.next()).clear();
	149	}
	150	Thread.sleep(200);
	151	}
	152	} catch (InterruptedException e) {
	153	return;
	154	} catch (Exception e) {
	155	throw new RuntimeException(e);
	156	}
	157	}
	158	});
	159
	160	exec.shutdown();
	161	exec.awaitTermination(5, TimeUnit.SECONDS);
	162	for (Future<?> f : results) {
	163	if (!f.isDone()) {
	164	f.cancel(false);
	165	}
	166	try {
	167	assertNull(f.get(1000, TimeUnit.MILLISECONDS));
	168	} catch (CancellationException ce) {
	169	;//expected since we did cancel it
	170	} catch (TimeoutException e) {
	171	fail(f + "didn't cancel after timeout?");
	172	}
	173	}
	174	}
	175	}

+0

-149

~~src/test/java/org/apache/xml/security/test/dom/utils/PoolingTest.java~~ less more

0		/**
1		* Licensed to the Apache Software Foundation (ASF) under one
2		* or more contributor license agreements. See the NOTICE file
3		* distributed with this work for additional information
4		* regarding copyright ownership. The ASF licenses this file
5		* to you under the Apache License, Version 2.0 (the
6		* "License"); you may not use this file except in compliance
7		* with the License. You may obtain a copy of the License at
8		*
9		* http://www.apache.org/licenses/LICENSE-2.0
10		*
11		* Unless required by applicable law or agreed to in writing,
12		* software distributed under the License is distributed on an
13		* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14		* KIND, either express or implied. See the License for the
15		* specific language governing permissions and limitations
16		* under the License.
17		*/
18		package org.apache.xml.security.test.dom.utils;
19
20		import static org.junit.Assert.assertFalse;
21		import static org.junit.Assert.assertNotEquals;
22		import static org.junit.Assert.assertNotNull;
23		import static org.junit.Assert.assertNotSame;
24		import static org.junit.Assert.assertNull;
25		import static org.junit.Assert.assertSame;
26		import static org.junit.Assert.assertTrue;
27		import static org.junit.Assert.fail;
28
29		import java.util.Random;
30		import java.util.concurrent.CancellationException;
31		import java.util.concurrent.ExecutionException;
32		import java.util.concurrent.ExecutorService;
33		import java.util.concurrent.Executors;
34		import java.util.concurrent.Future;
35		import java.util.concurrent.TimeUnit;
36		import java.util.concurrent.TimeoutException;
37
38		import javax.xml.parsers.DocumentBuilder;
39		import javax.xml.parsers.ParserConfigurationException;
40
41		import org.apache.xml.security.utils.XMLUtils;
42		import org.junit.Test;
43
44		public class PoolingTest {
45
46		@Test
47		public void testPooling() throws ParserConfigurationException, InterruptedException, ExecutionException {
48		//assert parameters
49		DocumentBuilder db = XMLUtils.createDocumentBuilder(true);
50		assertTrue(db.isValidating());
51		DocumentBuilder db2 = XMLUtils.createDocumentBuilder(false);
52		assertFalse(db2.isValidating());
53		assertNotEquals(db2, db);
54		DocumentBuilder db3 = XMLUtils.createDocumentBuilder(true, false);
55		assertTrue(db3.isValidating());
56		DocumentBuilder db4 = XMLUtils.createDocumentBuilder(false, false);
57		assertFalse(db4.isValidating());
58
59		//assert get
60		DocumentBuilder db_ = XMLUtils.createDocumentBuilder(true);
61		assertNotSame("db wasn't returned", db, db_);
62		DocumentBuilder db2_ = XMLUtils.createDocumentBuilder(false);
63		assertNotSame(db2, db2_);
64		DocumentBuilder db3_ = XMLUtils.createDocumentBuilder(true, false);
65		assertNotSame(db3, db3_);
66		DocumentBuilder db4_ = XMLUtils.createDocumentBuilder(false, false);
67		assertNotSame(db4, db4_);
68
69		//assert get after return
70		assertTrue(XMLUtils.repoolDocumentBuilder(db_));
71		assertFalse("can't repool the same object twice!", XMLUtils.repoolDocumentBuilder(db_));
72		DocumentBuilder db_1 = XMLUtils.createDocumentBuilder(true);
73		assertSame(db_, db_1);
74
75		assertTrue(XMLUtils.repoolDocumentBuilder(db2_));
76		assertFalse("can't repool the same object twice!", XMLUtils.repoolDocumentBuilder(db2_));
77		DocumentBuilder db_2 = XMLUtils.createDocumentBuilder(false);
78		assertSame(db2_, db_2);
79
80		assertTrue(XMLUtils.repoolDocumentBuilder(db3_));
81		assertFalse("can't repool the same object twice!", XMLUtils.repoolDocumentBuilder(db3_));
82		DocumentBuilder db_3 = XMLUtils.createDocumentBuilder(true, false);
83		assertSame(db3_, db_3);
84
85		assertTrue(XMLUtils.repoolDocumentBuilder(db4_));
86		assertFalse("can't repool the same object twice!", XMLUtils.repoolDocumentBuilder(db4_));
87		DocumentBuilder db_4 = XMLUtils.createDocumentBuilder(false, false);
88		assertSame(db4_, db_4);
89
90		// final byte[] largeArrays[] = new byte[1024][];
91		// final DocumentBuilder[] dbLargeArrays = new DocumentBuilder[largeArrays.length];
92
93		int nThreads = Runtime.getRuntime().availableProcessors();
94		ExecutorService exec = Executors.newFixedThreadPool(nThreads);
95		Future<?>[] results = new Future[nThreads];
96		for(int i = 0; i < nThreads-1; i++) {
97		results[i] = exec.submit(new Runnable() {
98		@Override
99		public void run() {
100		for(;;) {
101		DocumentBuilder dbA[] = new DocumentBuilder[10];
102		for (int i = 0; i < dbA.length; i++) {
103		try {
104		dbA[i] = XMLUtils.createDocumentBuilder(false);
105		assertNotNull(dbA[i]);
106		} catch (ParserConfigurationException e) {
107		e.printStackTrace();
108		fail(e.toString());
109		}
110		assertNotNull(dbA[i]);
111		}
112		for(int i = 0; i < new Random().nextInt(dbA.length); i++) {
113		assertTrue(XMLUtils.repoolDocumentBuilder(dbA[i]));
114		}
115		}
116		}
117		});
118		}
119		results[nThreads-1] = exec.submit(new Runnable() {
120		@Override
121		public void run() {
122		for(;;) {
123		byte[] largeArrays[] = new byte[1024][];
124		for (int i = 0; i < largeArrays.length; i++)
125		try {
126		largeArrays[i] = new byte[1024*1024];
127		} catch (OutOfMemoryError e) {
128		System.out.println("OOM from largeArray");
129		break;
130		}
131		}
132		}
133		});
134		exec.shutdown();
135		exec.awaitTermination(5, TimeUnit.SECONDS);
136		for(Future<?> f : results) {
137		if (!f.isDone())
138		f.cancel(false);
139		try {
140		assertNull(f.get(1000, TimeUnit.MILLISECONDS));
141		} catch (CancellationException ce) {
142		;//expected since we did cancel it
143		} catch (TimeoutException e) {
144		fail(f + "didn't cancel after timeout?");
145		}
146		}
147		}
148		}

+190

-0

src/test/java/org/apache/xml/security/test/stax/XMLSecEventTest.java less more

	0	/**
	1	* Licensed to the Apache Software Foundation (ASF) under one
	2	* or more contributor license agreements. See the NOTICE file
	3	* distributed with this work for additional information
	4	* regarding copyright ownership. The ASF licenses this file
	5	* to you under the Apache License, Version 2.0 (the
	6	* "License"); you may not use this file except in compliance
	7	* with the License. You may obtain a copy of the License at
	8	*
	9	* http://www.apache.org/licenses/LICENSE-2.0
	10	*
	11	* Unless required by applicable law or agreed to in writing,
	12	* software distributed under the License is distributed on an
	13	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	14	* KIND, either express or implied. See the License for the
	15	* specific language governing permissions and limitations
	16	* under the License.
	17	*/
	18	package org.apache.xml.security.test.stax;
	19
	20	import org.apache.xml.security.stax.ext.stax.*;
	21	import org.apache.xml.security.stax.impl.XMLSecurityEventReader;
	22	import org.apache.xml.security.stax.impl.stax.*;
	23	import org.codehaus.stax2.ri.evt.CharactersEventImpl;
	24	import org.junit.Assert;
	25	import org.junit.Test;
	26
	27	import javax.xml.namespace.QName;
	28	import javax.xml.stream.XMLEventReader;
	29	import javax.xml.stream.XMLInputFactory;
	30	import javax.xml.stream.XMLStreamReader;
	31	import javax.xml.stream.events.XMLEvent;
	32	import java.io.PrintWriter;
	33	import java.io.StringWriter;
	34	import java.io.Writer;
	35	import java.util.ArrayDeque;
	36	import java.util.Deque;
	37
	38	/**
	39	* @author $Author: giger $
	40	* @version $Revision: 1659901 $ $Date: 2015-02-15 10:11:24 +0100 (Sun, 15 Feb 2015) $
	41	*/
	42	public class XMLSecEventTest extends Assert {
	43
	44	@Test
	45	public void testWriteCharactersEncoded() throws Exception {
	46	StringWriter stringWriter = new StringWriter();
	47	XMLSecCharacters xmlSecCharacters = new XMLSecCharactersImpl("test", false, false, false, null);
	48	xmlSecCharacters.writeAsEncodedUnicode(stringWriter);
	49	Assert.assertEquals("test", stringWriter.toString());
	50
	51	stringWriter = new StringWriter();
	52	xmlSecCharacters = new XMLSecCharactersImpl("<", false, false, false, null);
	53	xmlSecCharacters.writeAsEncodedUnicode(stringWriter);
	54	Assert.assertEquals("<", stringWriter.toString());
	55
	56	stringWriter = new StringWriter();
	57	xmlSecCharacters = new XMLSecCharactersImpl(">", false, false, false, null);
	58	xmlSecCharacters.writeAsEncodedUnicode(stringWriter);
	59	Assert.assertEquals(">", stringWriter.toString());
	60
	61	stringWriter = new StringWriter();
	62	xmlSecCharacters = new XMLSecCharactersImpl("&", false, false, false, null);
	63	xmlSecCharacters.writeAsEncodedUnicode(stringWriter);
	64	Assert.assertEquals("&", stringWriter.toString());
	65
	66	stringWriter = new StringWriter();
	67	xmlSecCharacters = new XMLSecCharactersImpl("<&>", false, false, false, null);
	68	xmlSecCharacters.writeAsEncodedUnicode(stringWriter);
	69	Assert.assertEquals("<&>", stringWriter.toString());
	70
	71	stringWriter = new StringWriter();
	72	xmlSecCharacters = new XMLSecCharactersImpl(" < & > ", false, false, false, null);
	73	xmlSecCharacters.writeAsEncodedUnicode(stringWriter);
	74	Assert.assertEquals(" < & > ", stringWriter.toString());
	75	}
	76
	77	@Test
	78	public void testWriteAttributeEncoded() throws Exception {
	79	StringWriter stringWriter = new StringWriter();
	80	XMLSecAttribute xmlSecAttribute = new XMLSecAttributeImpl(new QName("test", "test", "test"), "test");
	81	xmlSecAttribute.writeAsEncodedUnicode(stringWriter);
	82	Assert.assertEquals("test:test=\"test\"", stringWriter.toString());
	83
	84	stringWriter = new StringWriter();
	85	xmlSecAttribute = new XMLSecAttributeImpl(new QName("test"), "\"");
	86	xmlSecAttribute.writeAsEncodedUnicode(stringWriter);
	87	Assert.assertEquals("test=\""\"", stringWriter.toString());
	88
	89	stringWriter = new StringWriter();
	90	xmlSecAttribute = new XMLSecAttributeImpl(new QName("test"), "&");
	91	xmlSecAttribute.writeAsEncodedUnicode(stringWriter);
	92	Assert.assertEquals("test=\"&\"", stringWriter.toString());
	93
	94	stringWriter = new StringWriter();
	95	xmlSecAttribute = new XMLSecAttributeImpl(new QName("test"), " & \" > < ");
	96	xmlSecAttribute.writeAsEncodedUnicode(stringWriter);
	97	Assert.assertEquals("test=\" & " > < \"", stringWriter.toString());
	98	}
	99
	100	@Test
	101	public void testWriteComment() throws Exception {
	102	StringWriter stringWriter = new StringWriter();
	103	XMLSecComment xmlSecAttribute = new XMLSecCommentImpl(" < > & \" '", null);
	104	xmlSecAttribute.writeAsEncodedUnicode(stringWriter);
	105	Assert.assertEquals("<!-- < > & \" '-->", stringWriter.toString());
	106	}
	107
	108	@Test
	109	public void testWriteEntityDeclaration() throws Exception {
	110	StringWriter stringWriter = new StringWriter();
	111	XMLSecEntityDeclaration xmlSecEntityDeclaration = new XMLSecEntityDeclarationImpl("test");
	112	xmlSecEntityDeclaration.writeAsEncodedUnicode(stringWriter);
	113	Assert.assertEquals("<!ENTITY test \"\">", stringWriter.toString());
	114	}
	115
	116	@Test
	117	public void testWriteEntityReference() throws Exception {
	118	StringWriter stringWriter = new StringWriter();
	119	XMLSecEntityReference xmlSecEntityReference = new XMLSecEntityReferenceImpl("test", null, null);
	120	xmlSecEntityReference.writeAsEncodedUnicode(stringWriter);
	121	Assert.assertEquals("&test;", stringWriter.toString());
	122	}
	123
	124	@Test
	125	public void testWriteNamespaceEncoded() throws Exception {
	126	StringWriter stringWriter = new StringWriter();
	127	XMLSecNamespace xmlSecNamespace = XMLSecNamespaceImpl.getInstance("test", "test");
	128	xmlSecNamespace.writeAsEncodedUnicode(stringWriter);
	129	Assert.assertEquals("xmlns:test=\"test\"", stringWriter.toString());
	130
	131	stringWriter = new StringWriter();
	132	xmlSecNamespace = XMLSecNamespaceImpl.getInstance("", "\"");
	133	xmlSecNamespace.writeAsEncodedUnicode(stringWriter);
	134	Assert.assertEquals("xmlns=\""\"", stringWriter.toString());
	135
	136	stringWriter = new StringWriter();
	137	xmlSecNamespace = XMLSecNamespaceImpl.getInstance("test", "&");
	138	xmlSecNamespace.writeAsEncodedUnicode(stringWriter);
	139	Assert.assertEquals("xmlns:test=\"&\"", stringWriter.toString());
	140
	141	stringWriter = new StringWriter();
	142	xmlSecNamespace = XMLSecNamespaceImpl.getInstance("test", " & \" > < ");
	143	xmlSecNamespace.writeAsEncodedUnicode(stringWriter);
	144	Assert.assertEquals("xmlns:test=\" & " > < \"", stringWriter.toString());
	145	}
	146
	147	@Test
	148	public void testWriteProcessingInstruction() throws Exception {
	149	StringWriter stringWriter = new StringWriter();
	150	XMLSecProcessingInstruction xmlSecProcessingInstruction =
	151	new XMLSecProcessingInstructionImpl("test", "test", null);
	152	xmlSecProcessingInstruction.writeAsEncodedUnicode(stringWriter);
	153	Assert.assertEquals("<?test test?>", stringWriter.toString());
	154	}
	155
	156	@Test
	157	public void testwWiteAsEncodedUnicode() throws Exception {
	158	XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
	159	XMLStreamReader xmlStreamReader =
	160	xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream(
	161	"org/apache/xml/security/c14n/inExcl/plain-soap-1.1.xml"));
	162
	163	Deque<XMLSecEvent> xmlSecEventDeque = new ArrayDeque<XMLSecEvent>();
	164	do {
	165	xmlSecEventDeque.push(XMLSecEventFactory.allocate(xmlStreamReader, null));
	166	xmlStreamReader.next();
	167	}
	168	while (xmlStreamReader.hasNext());
	169	xmlSecEventDeque.push((XMLSecEventFactory.allocate(xmlStreamReader, null)));//EndDocumentEvent
	170
	171	XMLSecurityEventReader xmlSecurityEventReader = new XMLSecurityEventReader(xmlSecEventDeque, 0);
	172
	173	XMLEventReader xmlEventReader =
	174	xmlInputFactory.createXMLEventReader(this.getClass().getClassLoader().getResourceAsStream(
	175	"org/apache/xml/security/c14n/inExcl/plain-soap-1.1.xml"));
	176
	177	final StringWriter stdWriter = new StringWriter();
	178	final StringWriter secWriter = new StringWriter();
	179	while (xmlEventReader.hasNext()) {
	180	XMLEvent stdXmlEvent = xmlEventReader.nextEvent();
	181	XMLEvent secXmlEvent = xmlSecurityEventReader.nextEvent();
	182
	183	stdXmlEvent.writeAsEncodedUnicode(stdWriter);
	184	secXmlEvent.writeAsEncodedUnicode(secWriter);
	185	}
	186
	187	Assert.assertEquals(secWriter.toString(), stdWriter.toString());
	188	}
	189	}