1 /* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5 /** 6 * Licensed to the Apache Software Foundation (ASF) under one 7 * or more contributor license agreements. See the NOTICE file 8 * distributed with this work for additional information 9 * regarding copyright ownership. The ASF licenses this file 10 * to you under the Apache License, Version 2.0 (the 11 * "License"); you may not use this file except in compliance 12 * with the License. You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, 17 * software distributed under the License is distributed on an 18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19 * KIND, either express or implied. See the License for the 20 * specific language governing permissions and limitations 21 * under the License. 22 */ 23 /* 24 * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. 25 */ 26 /* 27 * $Id: DOMURIDereferencer.java 1231033 2012-01-13 12:12:12Z coheigea $ 28 */ 29 package org.jcp.xml.dsig.internal.dom; 30 31 import org.w3c.dom.Attr; 32 import org.w3c.dom.Element; 33 import org.w3c.dom.Node; 34 35 import com.sun.org.apache.xml.internal.security.Init; 36 import com.sun.org.apache.xml.internal.security.utils.XMLUtils; 37 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver; 38 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; 39 40 import javax.xml.crypto.*; 41 import javax.xml.crypto.dom.*; 42 43 /** 44 * DOM-based implementation of URIDereferencer. 45 * 46 * @author Sean Mullan 47 */ 48 public class DOMURIDereferencer implements URIDereferencer { 49 50 static final URIDereferencer INSTANCE = new DOMURIDereferencer(); 51 52 private DOMURIDereferencer() { 53 // need to call com.sun.org.apache.xml.internal.security.Init.init() 54 // before calling any apache security code 55 Init.init(); 56 } 57 58 public Data dereference(URIReference uriRef, XMLCryptoContext context) 59 throws URIReferenceException { 60 61 if (uriRef == null) { 62 throw new NullPointerException("uriRef cannot be null"); 63 } 64 if (context == null) { 65 throw new NullPointerException("context cannot be null"); 66 } 67 68 DOMURIReference domRef = (DOMURIReference) uriRef; 69 Attr uriAttr = (Attr) domRef.getHere(); 70 String uri = uriRef.getURI(); 71 DOMCryptoContext dcc = (DOMCryptoContext) context; 72 String baseURI = context.getBaseURI(); 73 74 boolean secVal = Utils.secureValidation(context); 75 76 // Check if same-document URI and already registered on the context 77 if (uri != null && uri.length() != 0 && uri.charAt(0) == '#') { 78 String id = uri.substring(1); 79 80 if (id.startsWith("xpointer(id(")) { 81 int i1 = id.indexOf('\''); 82 int i2 = id.indexOf('\'', i1+1); 83 id = id.substring(i1+1, i2); 84 } 85 86 Node referencedElem = dcc.getElementById(id); 87 if (referencedElem != null) { 88 if (secVal) { 89 Element start = referencedElem.getOwnerDocument().getDocumentElement(); 90 if (!XMLUtils.protectAgainstWrappingAttack(start, (Element)referencedElem, id)) { 91 String error = "Multiple Elements with the same ID " + id + " were detected"; 92 throw new URIReferenceException(error); 93 } 94 } 95 96 XMLSignatureInput result = new XMLSignatureInput(referencedElem); 97 if (!uri.substring(1).startsWith("xpointer(id(")) { 98 result.setExcludeComments(true); 99 } 100 101 result.setMIMEType("text/xml"); 102 if (baseURI != null && baseURI.length() > 0) { 103 result.setSourceURI(baseURI.concat(uriAttr.getNodeValue())); 104 } else { 105 result.setSourceURI(uriAttr.getNodeValue()); 106 } 107 return new ApacheNodeSetData(result); 108 } 109 } 110 111 try { 112 ResourceResolver apacheResolver = 113 ResourceResolver.getInstance(uriAttr, baseURI, secVal); 114 XMLSignatureInput in = apacheResolver.resolve(uriAttr, baseURI); 115 if (in.isOctetStream()) { 116 return new ApacheOctetStreamData(in); 117 } else { 118 return new ApacheNodeSetData(in); 119 } 120 } catch (Exception e) { 121 throw new URIReferenceException(e); 122 } 123 } 124 }