private static X509Certificate getRawCertificate(XMLSignatureInput resource) throws CanonicalizationException, IOException, CertificateException { byte inputBytes[] = resource.getBytes(); // if the resource stores a raw certificate, we have to handle it CertificateFactory certFact = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID); try (InputStream is = new ByteArrayInputStream(inputBytes)) { return (X509Certificate) certFact.generateCertificate(is); } }
void convertToNodes() throws CanonicalizationException, ParserConfigurationException, IOException, SAXException { DocumentBuilder db = XMLUtils.createDocumentBuilder(false, secureValidation); // select all nodes, also the comments. try { db.setErrorHandler(new org.apache.xml.security.utils.IgnoreAllErrorHandler()); Document doc = db.parse(this.getOctetStream()); this.subNode = doc; } catch (SAXException ex) { byte[] result = null; // if a not-wellformed nodeset exists, put a container around it... try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) { baos.write("<container>".getBytes(StandardCharsets.UTF_8)); baos.write(this.getBytes()); baos.write("</container>".getBytes(StandardCharsets.UTF_8)); result = baos.toByteArray(); } try (InputStream is = new ByteArrayInputStream(result)) { Document document = db.parse(is); this.subNode = document.getDocumentElement().getFirstChild().getFirstChild(); } } finally { XMLUtils.repoolDocumentBuilder(db); if (this.inputOctetStreamProxy != null) { this.inputOctetStreamProxy.close(); } this.inputOctetStreamProxy = null; this.bytes = null; } }
public XMLStructure dereferenceAsXMLStructure(XMLCryptoContext context) throws URIReferenceException { DocumentBuilder db = null; boolean secVal = Utils.secureValidation(context); ApacheData data = (ApacheData)dereference(context); try (InputStream is = new ByteArrayInputStream(data.getXMLSignatureInput().getBytes())) { db = XMLUtils.createDocumentBuilder(false, secVal); Document doc = db.parse(is); Element kiElem = doc.getDocumentElement(); if (kiElem.getLocalName().equals("X509Data") && XMLSignature.XMLNS.equals(kiElem.getNamespaceURI())) { return new DOMX509Data(kiElem); } else { return null; // unsupported } } catch (Exception e) { throw new URIReferenceException(e); } finally { if (db != null) { XMLUtils.repoolDocumentBuilder(db); } } }
/** * Method getReferencedBytes * * @return the bytes that will be used to generated digest. * @throws ReferenceNotInitializedException * @throws XMLSignatureException */ public byte[] getReferencedBytes() throws ReferenceNotInitializedException, XMLSignatureException { try { XMLSignatureInput output = this.dereferenceURIandPerformTransforms(null); return output.getBytes(); } catch (IOException ex) { throw new ReferenceNotInitializedException(ex); } catch (CanonicalizationException ex) { throw new ReferenceNotInitializedException(ex); } }
try (InputStream is = new ByteArrayInputStream(input.getBytes())) { Source xmlSource = new StreamSource(is); if (baos == null) {
/** * Resolve the Element effectively represented by the XML signature input source. * * @param resource * @return the Element effectively represented by the XML signature input source. * @throws CanonicalizationException * @throws ParserConfigurationException * @throws IOException * @throws SAXException * @throws KeyResolverException */ private Element obtainReferenceElement(XMLSignatureInput resource) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException, KeyResolverException { Element e; if (resource.isElement()){ e = (Element) resource.getSubNode(); } else if (resource.isNodeSet()) { LOG.debug("De-reference of KeyInfoReference returned an unsupported NodeSet"); return null; } else { // Retrieved resource is a byte stream byte inputBytes[] = resource.getBytes(); e = getDocFromBytes(inputBytes, this.secureValidation); } return e; } }
private static Element obtainReferenceElement(XMLSignatureInput resource, boolean secureValidation) throws CanonicalizationException, ParserConfigurationException, IOException, SAXException, KeyResolverException { Element e; if (resource.isElement()){ e = (Element) resource.getSubNode(); } else if (resource.isNodeSet()) { // Retrieved resource is a nodeSet e = getDocumentElement(resource.getNodeSet()); } else { // Retrieved resource is an inputStream byte inputBytes[] = resource.getBytes(); e = getDocFromBytes(inputBytes, secureValidation); // otherwise, we parse the resource, create an Element and delegate LOG.debug("we have to parse {} bytes", inputBytes.length); } return e; }
/** * Method toString * {@inheritDoc} */ public String toString() { if (isNodeSet()) { return "XMLSignatureInput/NodeSet/" + inputNodeSet.size() + " nodes/" + getSourceURI(); } if (isElement()) { return "XMLSignatureInput/Element/" + subNode + " exclude "+ excludeNode + " comments:" + excludeComments +"/" + getSourceURI(); } try { return "XMLSignatureInput/OctetStream/" + getBytes().length + " octets/" + getSourceURI(); } catch (IOException iex) { return "XMLSignatureInput/OctetStream//" + getSourceURI(); } catch (CanonicalizationException cex) { return "XMLSignatureInput/OctetStream//" + getSourceURI(); } }
public byte[] transform(final Node input) throws DSSException { try { final String dssTransformAlgorithm = dssTransform.getAlgorithm(); final NodeList childNodes = document.getFirstChild().getChildNodes(); final Transform transformObject = new Transform(document, dssTransformAlgorithm, childNodes); final XMLSignatureInput xmlSignatureInput = new XMLSignatureInput(input); final XMLSignatureInput xmlSignatureInputOut = transformObject.performTransform(xmlSignatureInput); return xmlSignatureInputOut.getBytes(); } catch (TransformationException e) { throw new DSSException(e); } catch (InvalidTransformException e) { throw new DSSException(e); } catch (InvalidCanonicalizerException e) { throw new DSSException(e); } catch (CanonicalizationException e) { throw new DSSException(e); } catch (IOException e) { throw new DSSException(e); } } }
/** * Method getSignedContentItem * * @param i * @return The signed content of the i reference. * * @throws XMLSignatureException */ public byte[] getSignedContentItem(int i) throws XMLSignatureException { try { return this.getReferencedContentAfterTransformsItem(i).getBytes(); } catch (IOException ex) { throw new XMLSignatureException(ex); } catch (CanonicalizationException ex) { throw new XMLSignatureException(ex); } catch (InvalidCanonicalizerException ex) { throw new XMLSignatureException(ex); } catch (XMLSecurityException ex) { throw new XMLSignatureException(ex); } }
public byte[] transform(final DSSDocument input) throws DSSException { try { final String dssTransformAlgorithm = dssTransform.getAlgorithm(); final NodeList childNodes = document.getFirstChild().getChildNodes(); final Transform transformObject = new Transform(document, dssTransformAlgorithm, childNodes); final byte[] bytes = input.getBytes(); final XMLSignatureInput xmlSignatureInput = new XMLSignatureInput(bytes); final XMLSignatureInput xmlSignatureInputOut = transformObject.performTransform(xmlSignatureInput); return xmlSignatureInputOut.getBytes(); } catch (TransformationException e) { throw new DSSException(e); } catch (InvalidTransformException e) { throw new DSSException(e); } catch (InvalidCanonicalizerException e) { throw new DSSException(e); } catch (CanonicalizationException e) { throw new DSSException(e); } catch (IOException e) { throw new DSSException(e); } }
private void addToDigestInput(XMLSignatureInput refData, Document doc) throws CannotAddDataToDigestInputException { try { if (refData.isNodeSet() || refData.isElement()) { Transform c14nTransform = TransformUtils.createTransform(this.c14n, this.parametersMarshallingProvider, doc); refData = c14nTransform.performTransform(refData); // Fall through to add the bytes resulting from the canonicalization. } if (refData.isByteArray()) { digestInput.write(refData.getBytes()); } else if (refData.isOctetStream()) { StreamUtils.readWrite(refData.getOctetStream(), digestInput); } } catch (Exception ex) { throw new CannotAddDataToDigestInputException(ex); } }
return input.getBytes(); } catch (IOException ex) { throw new XMLEncryptionException(ex);
return engineCanonicalize(input.getBytes());