| /* |
| * reserved comment block |
| * DO NOT REMOVE OR ALTER! |
| */ |
| /** |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package com.sun.org.apache.xml.internal.security.transforms.implementations; |
| |
| import java.io.OutputStream; |
| |
| import com.sun.org.apache.xml.internal.security.signature.NodeFilter; |
| import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; |
| import com.sun.org.apache.xml.internal.security.transforms.Transform; |
| import com.sun.org.apache.xml.internal.security.transforms.TransformSpi; |
| import com.sun.org.apache.xml.internal.security.transforms.TransformationException; |
| import com.sun.org.apache.xml.internal.security.transforms.Transforms; |
| import com.sun.org.apache.xml.internal.security.utils.Constants; |
| import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
| import org.w3c.dom.Element; |
| import org.w3c.dom.Node; |
| |
| /** |
| * Implements the <CODE>http://www.w3.org/2000/09/xmldsig#enveloped-signature</CODE> |
| * transform. |
| * |
| * @author Christian Geuer-Pollmann |
| */ |
| public class TransformEnvelopedSignature extends TransformSpi { |
| |
| /** Field implementedTransformURI */ |
| public static final String implementedTransformURI = |
| Transforms.TRANSFORM_ENVELOPED_SIGNATURE; |
| |
| /** |
| * Method engineGetURI |
| * |
| * @inheritDoc |
| */ |
| protected String engineGetURI() { |
| return implementedTransformURI; |
| } |
| |
| /** |
| * @inheritDoc |
| */ |
| protected XMLSignatureInput enginePerformTransform( |
| XMLSignatureInput input, OutputStream os, Transform transformObject |
| ) throws TransformationException { |
| /** |
| * If the actual input is an octet stream, then the application MUST |
| * convert the octet stream to an XPath node-set suitable for use by |
| * Canonical XML with Comments. (A subsequent application of the |
| * REQUIRED Canonical XML algorithm would strip away these comments.) |
| * |
| * ... |
| * |
| * The evaluation of this expression includes all of the document's nodes |
| * (including comments) in the node-set representing the octet stream. |
| */ |
| |
| Node signatureElement = transformObject.getElement(); |
| |
| signatureElement = searchSignatureElement(signatureElement); |
| input.setExcludeNode(signatureElement); |
| input.addNodeFilter(new EnvelopedNodeFilter(signatureElement)); |
| return input; |
| } |
| |
| /** |
| * @param signatureElement |
| * @return the node that is the signature |
| * @throws TransformationException |
| */ |
| private static Node searchSignatureElement(Node signatureElement) |
| throws TransformationException { |
| boolean found = false; |
| |
| while (true) { |
| if (signatureElement == null |
| || signatureElement.getNodeType() == Node.DOCUMENT_NODE) { |
| break; |
| } |
| Element el = (Element) signatureElement; |
| if (el.getNamespaceURI().equals(Constants.SignatureSpecNS) |
| && el.getLocalName().equals(Constants._TAG_SIGNATURE)) { |
| found = true; |
| break; |
| } |
| |
| signatureElement = signatureElement.getParentNode(); |
| } |
| |
| if (!found) { |
| throw new TransformationException( |
| "transform.envelopedSignatureTransformNotInSignatureElement"); |
| } |
| return signatureElement; |
| } |
| |
| static class EnvelopedNodeFilter implements NodeFilter { |
| |
| Node exclude; |
| |
| EnvelopedNodeFilter(Node n) { |
| exclude = n; |
| } |
| |
| public int isNodeIncludeDO(Node n, int level) { |
| if (n == exclude) { |
| return -1; |
| } |
| return 1; |
| } |
| |
| /** |
| * @see com.sun.org.apache.xml.internal.security.signature.NodeFilter#isNodeInclude(org.w3c.dom.Node) |
| */ |
| public int isNodeInclude(Node n) { |
| if (n == exclude || XMLUtils.isDescendantOrSelf(exclude, n)) { |
| return -1; |
| } |
| return 1; |
| //return !XMLUtils.isDescendantOrSelf(exclude,n); |
| } |
| } |
| } |