Examples of org.apache.xml.security.signature.XMLSignatureInput

• org.apache.xml.security.signature.XMLSignatureInput
  Class XMLSignatureInput @author Christian Geuer-Pollmann$todo$ check whether an XMLSignatureInput can be _both_, octet stream _and_ node set?

         Transformer transformer = tFactory.newTransformer(stylesheet);
         if (baos==null) {
               ByteArrayOutputStream baos1 = new ByteArrayOutputStream();
               StreamResult outputTarget = new StreamResult(baos1);
               transformer.transform(xmlSource, outputTarget);
               return new XMLSignatureInput(baos1.toByteArray());

         }
         StreamResult outputTarget = new StreamResult(baos);

         transformer.transform(xmlSource, outputTarget);
         XMLSignatureInput output=new XMLSignatureInput((byte[])null);
         output.setOutputStream(baos);
         return output;
      } catch (XMLSecurityException ex) {
         Object exArgs[] = { ex.getMessage() };

         throw new TransformationException("generic.EmptyMessage", exArgs, ex);

        try {
      String baseURI = context.getBaseURI();
            ResourceResolver apacheResolver =
          ResourceResolver.getInstance(uriAttr, baseURI);
            XMLSignatureInput in = apacheResolver.resolve(uriAttr, baseURI);
      if (in.isOctetStream()) {
          return new ApacheOctetStreamData(in);
      } else {
          return new ApacheNodeSetData(in);
      }
        } catch (Exception e) {

  }

  try {
      Set nodeSet = null;
      if (data instanceof ApacheData) {
    XMLSignatureInput in =
        ((ApacheData) data).getXMLSignatureInput();
    if (in.isElement()) {
        if (inclusiveNamespaces != null) {
                        return new OctetStreamData(new ByteArrayInputStream
                            (apacheCanonicalizer.canonicalizeSubtree
                                (in.getSubNode(), inclusiveNamespaces)));
                    } else {
                        return new OctetStreamData(new ByteArrayInputStream
                            (apacheCanonicalizer.canonicalizeSubtree
                                (in.getSubNode())));
                    }
                } else if (in.isNodeSet()) {
                    nodeSet = in.getNodeSet();
    } else {
        return new OctetStreamData(new ByteArrayInputStream(
            apacheCanonicalizer.canonicalize(
                Utils.readBytesFromStream(in.getOctetStream()))));
    }
      } else if (data instanceof DOMSubTreeData) {
          DOMSubTreeData subTree = (DOMSubTreeData) data;
          if (inclusiveNamespaces != null) {
              return new OctetStreamData(new ByteArrayInputStream

                throw new TransformException
                    ("Couldn't find Transform for: " + getAlgorithm(), ex);
            }
        }

        XMLSignatureInput in;
        if (data instanceof ApacheData) {
      if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "ApacheData = true");
      }
            in = ((ApacheData) data).getXMLSignatureInput();
        } else if (data instanceof NodeSetData) {
      if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "isNodeSet() = true");
      }
            if (data instanceof DOMSubTreeData) {
                DOMSubTreeData subTree = (DOMSubTreeData) data;
                in = new XMLSignatureInput(subTree.getRoot());
    in.setExcludeComments(subTree.excludeComments());
            } else {
                Set nodeSet =
                    Utils.toNodeSet(((NodeSetData) data).iterator());
                in = new XMLSignatureInput(nodeSet);
            }
        } else {
      if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "isNodeSet() = false");
      }
            try {
                in = new XMLSignatureInput
                    (((OctetStreamData)data).getOctetStream());
            } catch (Exception ex) {
                throw new TransformException(ex);
            }
        }

        try {
            in = apacheTransform.performTransform(in, os);
      if (!in.isNodeSet() && !in.isElement()) {
          return null;
      }
      if (in.isOctetStream()) {
                return new ApacheOctetStreamData(in);
      } else {
                return new ApacheNodeSetData(in);
      }
        } catch (Exception ex) {

                throw new TransformException
        ("Couldn't find Transform for: " + getAlgorithm(), ex);
            }
  }

        XMLSignatureInput in;
  if (data instanceof ApacheData) {
      if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "ApacheData = true");
      }
      in = ((ApacheData) data).getXMLSignatureInput();
  } else if (data instanceof NodeSetData) {
      if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "isNodeSet() = true");
      }
      if (data instanceof DOMSubTreeData) {
    if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, "DOMSubTreeData = true");
                }
    DOMSubTreeData subTree = (DOMSubTreeData) data;
                in = new XMLSignatureInput(subTree.getRoot());
    in.setExcludeComments(subTree.excludeComments());
      } else {
    Set nodeSet =
        Utils.toNodeSet(((NodeSetData) data).iterator());
                in = new XMLSignatureInput(nodeSet);
      }
        } else {
      if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "isNodeSet() = false");
      }
            try {
                in = new XMLSignatureInput
        (((OctetStreamData)data).getOctetStream());
            } catch (Exception ex) {
                throw new TransformException(ex);
            }
        }

  try {
      if (os != null) {
          in = apacheTransform.performTransform(in, os);
    if (!in.isNodeSet() && !in.isElement()) {
        return null;
    }
      } else {
          in = apacheTransform.performTransform(in);
      }
      if (in.isOctetStream()) {
          return new ApacheOctetStreamData(in);
      } else {
          return new ApacheNodeSetData(in);
      }
  } catch (Exception ex) {

      }
        }

  try {
      if (data != null) {
          XMLSignatureInput xi;
          if (data instanceof ApacheData) {
              xi = ((ApacheData) data).getXMLSignatureInput();
          } else if (data instanceof OctetStreamData) {
              xi = new XMLSignatureInput
      (((OctetStreamData)data).getOctetStream());
          } else if (data instanceof NodeSetData) {
        TransformService spi = null;
        try {
            spi = TransformService.getInstance
                (CanonicalizationMethod.INCLUSIVE, "DOM");
        } catch (NoSuchAlgorithmException nsae) {
            spi = TransformService.getInstance
                (CanonicalizationMethod.INCLUSIVE, "DOM", provider);
        }
                    data = spi.transform(data, context);
              xi = new XMLSignatureInput
            (((OctetStreamData)data).getOctetStream());
          } else {
              throw new XMLSignatureException("unrecognized Data type");
          }
          xi.updateOutputStream(os);
      }
      os.flush();
      if (cache != null && cache.booleanValue() == true) {
                this.dis = dos.getInputStream();
            }

    private static Data copyDerefData(Data dereferencedData) {
        if (dereferencedData instanceof ApacheData) {
            // need to make a copy of the Data
            ApacheData ad = (ApacheData) dereferencedData;
            XMLSignatureInput xsi = ad.getXMLSignatureInput();
            if (xsi.isNodeSet()) {
                try {
                    final Set s = xsi.getNodeSet();
                    return new NodeSetData() {
                        public Iterator iterator() { return s.iterator(); }
                    };
                } catch (Exception e) {
                    // log a warning
                            log.log(Level.WARNING,
                        "cannot cache dereferenced data: " + e);
                    return null;
                }
            } else if (xsi.isElement()) {
                return new DOMSubTreeData
                    (xsi.getSubNode(), xsi.isExcludeComments());
            } else if (xsi.isOctetStream() || xsi.isByteArray()) {
                try {
                return new OctetStreamData
                  (xsi.getOctetStream(), xsi.getSourceURI(), xsi.getMIMEType());
                } catch (IOException ioe) {
                    // log a warning
                            log.log(Level.WARNING,
                        "cannot cache dereferenced data: " + ioe);
                    return null;

                        break;
                    }
                }
            } else {
                try {
                    XMLSignatureInput xmlSignatureInput =
                        new XMLSignatureInput(((OctetStreamData)data).getOctetStream());
                    str = (Element)xmlSignatureInput.getSubNode();
                } catch (Exception ex) {
                    throw new TransformException(ex);
                }
            }
            if (str == null) {
                throw new TransformException("No SecurityTokenReference found");
            }
            //
            // The element to transform MUST be a SecurityTokenReference
            // element.
            //
            SecurityTokenReference secRef = new SecurityTokenReference(str);

            Canonicalizer canon = Canonicalizer.getInstance(canonAlgo);

            ByteArrayOutputStream bos = null;
            byte[] buf = null;

            //
            // Third and fourth step are performed by dereferenceSTR()
            //
            Object wsDocInfoObject = xc.getProperty(TRANSFORM_WS_DOC_INFO);
            WSDocInfo wsDocInfo = null;
            if (wsDocInfoObject instanceof WSDocInfo) {
                wsDocInfo = (WSDocInfo)wsDocInfoObject;
            }
            if (wsDocInfo == null && doDebug) {
                log.debug("STRTransform: no WSDocInfo found");
            }

            Document doc = str.getOwnerDocument();
            Element dereferencedToken =
                STRTransformUtil.dereferenceSTR(doc, secRef, wsDocInfo);

            if (dereferencedToken != null) {
                String type = dereferencedToken.getAttributeNS(null, "ValueType");
                if ((X509Security.X509_V3_TYPE.equals(type)
                    || PKIPathSecurity.getType().equals(type))) {
                    //
                    // Add the WSSE/WSU namespaces to the element for C14n
                    //
                    WSSecurityUtil.setNamespace(
                        dereferencedToken, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX
                    );
                    WSSecurityUtil.setNamespace(
                        dereferencedToken, WSConstants.WSU_NS, WSConstants.WSU_PREFIX
                    );
                }
            }

            //
            // C14n with specified algorithm. According to WSS Specification.
            //
            buf = canon.canonicalizeSubtree(dereferencedToken, "#default");
            if (doDebug) {
                bos = new ByteArrayOutputStream(buf.length);
                bos.write(buf, 0, buf.length);
                log.debug("after c14n: " + bos.toString());
            }

            //
            // Alert: Hacks ahead According to WSS spec an Apex node must
            // contain a default namespace. If none is availabe in the first
            // node of the c14n output (this is the apex element) then we do
            // some editing to insert an empty default namespace
            //
            // TODO: Rework theses hacks after c14n was updated and can be
            // instructed to insert empty default namespace if required
            //
            // If the problem with c14n method is solved then just do:
            // return new XMLSignatureInput(buf);

            // start of HACK
            StringBuilder bf = new StringBuilder(new String(buf));
            String bf1 = bf.toString();

            //
            // Find start and end of first element <....>, this is the Apex node
            //
            int gt = bf1.indexOf('>');
            //
            // Lookup the default namespace
            //
            int idx = bf1.indexOf("xmlns=");
            //
            // If none found or if it is outside of this (Apex) element look for
            // first blank in, insert default namespace there (this is the
            // correct place according to c14n specification)
            //
            if (idx < 0 || idx > gt) {
                idx = bf1.indexOf(' ');
                bf.insert(idx + 1, "xmlns=\"\" ");
                bf1 = bf.toString();
            }
            if (doDebug) {
                log.debug("last result: ");
                log.debug(bf1);
            }
            XMLSignatureInput output = new XMLSignatureInput(bf1.getBytes());
            if (os != null) {
                output.updateOutputStream(os);
                return null;
            }
            return new OctetStreamData(output.getOctetStream());
        } catch (Exception ex) {
            throw new TransformException(ex);
        }
    }

            }
            if (doDebug) {
                log.debug("last result: ");
                log.debug(bf1);
            }
            return new XMLSignatureInput(bf1.getBytes());
        }
        // End of HACK
        catch (WSSecurityException ex) {
            log.debug(ex.getMessage(), ex);
            throw (new CanonicalizationException("c14n.Canonicalizer.Exception", ex));

                            BaseURI);
                }
            }
        }

        XMLSignatureInput result = new XMLSignatureInput(selectedElem);
        result.setMIMEType("text/xml");
        try {
            URI uriNew = new URI(new URI(BaseURI), uri.getNodeValue());
            result.setSourceURI(uriNew.toString());
        } catch (URI.MalformedURIException ex) {
            result.setSourceURI(BaseURI);
        }
        if (doDebug) {
            log.debug("exit engineResolve, result: " + result);
        }
        return result;