1 /* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5 /* 6 * Copyright 1999-2004 The Apache Software Foundation. 7 * 8 * Licensed under the Apache License, Version 2.0 (the "License"); 9 * you may not use this file except in compliance with the License. 10 * You may obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, software 15 * distributed under the License is distributed on an "AS IS" BASIS, 16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 17 * See the License for the specific language governing permissions and 18 * limitations under the License. 19 * 20 */ 21 package com.sun.org.apache.xml.internal.security.utils.resolver.implementations; 22 23 24 25 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; 26 import com.sun.org.apache.xml.internal.security.utils.XMLUtils; 27 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException; 28 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi; 29 import org.w3c.dom.Attr; 30 import org.w3c.dom.Document; 31 import org.w3c.dom.Element; 32 import org.w3c.dom.Node; 33 34 35 /** 36 * This resolver is used for resolving same-document URIs like URI="" of URI="#id". 37 * 38 * @author $Author: mullan $ 39 * @see <A HREF="http://www.w3.org/TR/xmldsig-core/#sec-ReferenceProcessingModel">The Reference processing model in the XML Signature spec</A> 40 * @see <A HREF="http://www.w3.org/TR/xmldsig-core/#sec-Same-Document">Same-Document URI-References in the XML Signature spec</A> 41 * @see <A HREF="http://www.ietf.org/rfc/rfc2396.txt">Section 4.2 of RFC 2396</A> 42 */ 43 public class ResolverFragment extends ResourceResolverSpi { 44 45 /** {@link java.util.logging} logging facility */ 46 static java.util.logging.Logger log = 47 java.util.logging.Logger.getLogger( 48 ResolverFragment.class.getName()); 49 public boolean engineIsThreadSafe() { 50 return true; 51 } 52 /** 53 * Method engineResolve 54 * 55 * @inheritDoc 56 * @param uri 57 * @param baseURI 58 */ 59 public XMLSignatureInput engineResolve(Attr uri, String baseURI) 60 throws ResourceResolverException 61 { 62 String uriNodeValue = uri.getNodeValue(); 63 Document doc = uri.getOwnerElement().getOwnerDocument(); 64 65 Node selectedElem = null; 66 if (uriNodeValue.equals("")) { 67 68 /* 69 * Identifies the node-set (minus any comment nodes) of the XML 70 * resource containing the signature 71 */ 72 73 log.log(java.util.logging.Level.FINE, "ResolverFragment with empty URI (means complete document)"); 74 selectedElem = doc; 75 } else { 76 77 /* 78 * URI="#chapter1" 79 * Identifies a node-set containing the element with ID attribute 80 * value 'chapter1' of the XML resource containing the signature. 81 * XML Signature (and its applications) modify this node-set to 82 * include the element plus all descendents including namespaces and 83 * attributes -- but not comments. 84 */ 85 String id = uriNodeValue.substring(1); 86 87 selectedElem = doc.getElementById(id); 88 if (selectedElem == null) { 89 Object exArgs[] = { id }; 90 throw new ResourceResolverException( 91 "signature.Verification.MissingID", exArgs, uri, baseURI); 92 } 93 if (secureValidation) { 94 Element start = uri.getOwnerDocument().getDocumentElement(); 95 if (!XMLUtils.protectAgainstWrappingAttack(start, id)) { 96 Object exArgs[] = { id }; 97 throw new ResourceResolverException( 98 "signature.Verification.MultipleIDs", exArgs, 99 uri, baseURI); 100 } 101 } 102 if (log.isLoggable(java.util.logging.Level.FINE)) 103 log.log(java.util.logging.Level.FINE, "Try to catch an Element with ID " + id + " and Element was " + selectedElem); 104 } 105 106 XMLSignatureInput result = new XMLSignatureInput(selectedElem); 107 result.setExcludeComments(true); 108 109 result.setMIMEType("text/xml"); 110 if (baseURI != null && baseURI.length() > 0) { 111 result.setSourceURI(baseURI.concat(uri.getNodeValue())); 112 } else { 113 result.setSourceURI(uri.getNodeValue()); 114 } 115 return result; 116 } 117 118 /** 119 * Method engineCanResolve 120 * @inheritDoc 121 * @param uri 122 * @param BaseURI 123 * 124 */ 125 public boolean engineCanResolve(Attr uri, String BaseURI) { 126 127 if (uri == null) { 128 log.log(java.util.logging.Level.FINE, "Quick fail for null uri"); 129 return false; 130 } 131 132 String uriNodeValue = uri.getNodeValue(); 133 134 if (uriNodeValue.equals("") || 135 ( 136 (uriNodeValue.charAt(0)=='#') 137 && !((uriNodeValue.charAt(1)=='x') && uriNodeValue.startsWith("#xpointer(")) 138 ) 139 ){ 140 if (log.isLoggable(java.util.logging.Level.FINE)) 141 log.log(java.util.logging.Level.FINE, "State I can resolve reference: \"" + uriNodeValue + "\""); 142 return true; 143 } 144 if (log.isLoggable(java.util.logging.Level.FINE)) 145 log.log(java.util.logging.Level.FINE, "Do not seem to be able to resolve reference: \"" + uriNodeValue + "\""); 146 return false; 147 } 148 149 } | 1 /* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5 /** 6 * Licensed to the Apache Software Foundation (ASF) under one 7 * or more contributor license agreements. See the NOTICE file 8 * distributed with this work for additional information 9 * regarding copyright ownership. The ASF licenses this file 10 * to you under the Apache License, Version 2.0 (the 11 * "License"); you may not use this file except in compliance 12 * with the License. You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, 17 * software distributed under the License is distributed on an 18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19 * KIND, either express or implied. See the License for the 20 * specific language governing permissions and limitations 21 * under the License. 22 */ 23 package com.sun.org.apache.xml.internal.security.utils.resolver.implementations; 24 25 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; 26 import com.sun.org.apache.xml.internal.security.utils.XMLUtils; 27 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverContext; 28 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException; 29 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi; 30 import org.w3c.dom.Document; 31 import org.w3c.dom.Element; 32 import org.w3c.dom.Node; 33 34 /** 35 * This resolver is used for resolving same-document URIs like URI="" of URI="#id". 36 * 37 * @author $Author: coheigea $ 38 * @see <A HREF="http://www.w3.org/TR/xmldsig-core/#sec-ReferenceProcessingModel">The Reference processing model in the XML Signature spec</A> 39 * @see <A HREF="http://www.w3.org/TR/xmldsig-core/#sec-Same-Document">Same-Document URI-References in the XML Signature spec</A> 40 * @see <A HREF="http://www.ietf.org/rfc/rfc2396.txt">Section 4.2 of RFC 2396</A> 41 */ 42 public class ResolverFragment extends ResourceResolverSpi { 43 44 /** {@link org.apache.commons.logging} logging facility */ 45 private static java.util.logging.Logger log = 46 java.util.logging.Logger.getLogger(ResolverFragment.class.getName()); 47 48 @Override 49 public boolean engineIsThreadSafe() { 50 return true; 51 } 52 53 /** 54 * Method engineResolve 55 * 56 * @inheritDoc 57 * @param uri 58 * @param baseURI 59 */ 60 public XMLSignatureInput engineResolveURI(ResourceResolverContext context) 61 throws ResourceResolverException { 62 63 Document doc = context.attr.getOwnerElement().getOwnerDocument(); 64 65 Node selectedElem = null; 66 if (context.uriToResolve.equals("")) { 67 /* 68 * Identifies the node-set (minus any comment nodes) of the XML 69 * resource containing the signature 70 */ 71 if (log.isLoggable(java.util.logging.Level.FINE)) { 72 log.log(java.util.logging.Level.FINE, "ResolverFragment with empty URI (means complete document)"); 73 } 74 selectedElem = doc; 75 } else { 76 /* 77 * URI="#chapter1" 78 * Identifies a node-set containing the element with ID attribute 79 * value 'chapter1' of the XML resource containing the signature. 80 * XML Signature (and its applications) modify this node-set to 81 * include the element plus all descendants including namespaces and 82 * attributes -- but not comments. 83 */ 84 String id = context.uriToResolve.substring(1); 85 86 selectedElem = doc.getElementById(id); 87 if (selectedElem == null) { 88 Object exArgs[] = { id }; 89 throw new ResourceResolverException( 90 "signature.Verification.MissingID", exArgs, context.attr, context.baseUri 91 ); 92 } 93 if (context.secureValidation) { 94 Element start = context.attr.getOwnerDocument().getDocumentElement(); 95 if (!XMLUtils.protectAgainstWrappingAttack(start, id)) { 96 Object exArgs[] = { id }; 97 throw new ResourceResolverException( 98 "signature.Verification.MultipleIDs", exArgs, context.attr, context.baseUri 99 ); 100 } 101 } 102 if (log.isLoggable(java.util.logging.Level.FINE)) { 103 log.log(java.util.logging.Level.FINE, 104 "Try to catch an Element with ID " + id + " and Element was " + selectedElem 105 ); 106 } 107 } 108 109 XMLSignatureInput result = new XMLSignatureInput(selectedElem); 110 result.setExcludeComments(true); 111 112 result.setMIMEType("text/xml"); 113 if (context.baseUri != null && context.baseUri.length() > 0) { 114 result.setSourceURI(context.baseUri.concat(context.uriToResolve)); 115 } else { 116 result.setSourceURI(context.uriToResolve); 117 } 118 return result; 119 } 120 121 /** 122 * Method engineCanResolve 123 * @inheritDoc 124 * @param uri 125 * @param baseURI 126 */ 127 public boolean engineCanResolveURI(ResourceResolverContext context) { 128 if (context.uriToResolve == null) { 129 if (log.isLoggable(java.util.logging.Level.FINE)) { 130 log.log(java.util.logging.Level.FINE, "Quick fail for null uri"); 131 } 132 return false; 133 } 134 135 if (context.uriToResolve.equals("") || 136 ((context.uriToResolve.charAt(0) == '#') && !context.uriToResolve.startsWith("#xpointer(")) 137 ) { 138 if (log.isLoggable(java.util.logging.Level.FINE)) { 139 log.log(java.util.logging.Level.FINE, "State I can resolve reference: \"" + context.uriToResolve + "\""); 140 } 141 return true; 142 } 143 if (log.isLoggable(java.util.logging.Level.FINE)) { 144 log.log(java.util.logging.Level.FINE, "Do not seem to be able to resolve reference: \"" + context.uriToResolve + "\""); 145 } 146 return false; 147 } 148 149 } |