1 /*
   2  * reserved comment block
   3  * DO NOT REMOVE OR ALTER!
   4  */
   5 /**
   6  * Licensed to the Apache Software Foundation (ASF) under one
   7  * or more contributor license agreements. See the NOTICE file
   8  * distributed with this work for additional information
   9  * regarding copyright ownership. The ASF licenses this file
  10  * to you under the Apache License, Version 2.0 (the
  11  * "License"); you may not use this file except in compliance
  12  * with the License. You may obtain a copy of the License at
  13  *
  14  * http://www.apache.org/licenses/LICENSE-2.0
  15  *
  16  * Unless required by applicable law or agreed to in writing,
  17  * software distributed under the License is distributed on an
  18  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  19  * KIND, either express or implied. See the License for the
  20  * specific language governing permissions and limitations
  21  * under the License.
  22  */
  23 /*
  24  * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
  25  */
  26 /*
  27  * $Id: DOMURIDereferencer.java 1231033 2012-01-13 12:12:12Z coheigea $
  28  */
  29 package org.jcp.xml.dsig.internal.dom;
  30 
  31 import org.w3c.dom.Attr;
  32 import org.w3c.dom.Element;
  33 import org.w3c.dom.Node;
  34 
  35 import com.sun.org.apache.xml.internal.security.Init;
  36 import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
  37 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
  38 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
  39 
  40 import javax.xml.crypto.*;
  41 import javax.xml.crypto.dom.*;
  42 
  43 /**
  44  * DOM-based implementation of URIDereferencer.
  45  *
  46  * @author Sean Mullan
  47  */
  48 public class DOMURIDereferencer implements URIDereferencer {
  49 
  50     static final URIDereferencer INSTANCE = new DOMURIDereferencer();
  51 
  52     private DOMURIDereferencer() {
  53         // need to call com.sun.org.apache.xml.internal.security.Init.init()
  54         // before calling any apache security code
  55         Init.init();
  56     }
  57 
  58     public Data dereference(URIReference uriRef, XMLCryptoContext context)
  59         throws URIReferenceException {
  60 
  61         if (uriRef == null) {
  62             throw new NullPointerException("uriRef cannot be null");
  63         }
  64         if (context == null) {
  65             throw new NullPointerException("context cannot be null");
  66         }
  67 
  68         DOMURIReference domRef = (DOMURIReference) uriRef;
  69         Attr uriAttr = (Attr) domRef.getHere();
  70         String uri = uriRef.getURI();
  71         DOMCryptoContext dcc = (DOMCryptoContext) context;
  72         String baseURI = context.getBaseURI();
  73 
  74         boolean secVal = Utils.secureValidation(context);
  75 
  76         // Check if same-document URI and already registered on the context
  77         if (uri != null && uri.length() != 0 && uri.charAt(0) == '#') {
  78             String id = uri.substring(1);
  79 
  80             if (id.startsWith("xpointer(id(")) {
  81                 int i1 = id.indexOf('\'');
  82                 int i2 = id.indexOf('\'', i1+1);
  83                 id = id.substring(i1+1, i2);
  84             }
  85 
  86             Node referencedElem = dcc.getElementById(id);
  87             if (referencedElem != null) {
  88                 if (secVal) {
  89                     Element start = referencedElem.getOwnerDocument().getDocumentElement();
  90                     if (!XMLUtils.protectAgainstWrappingAttack(start, (Element)referencedElem, id)) {
  91                         String error = "Multiple Elements with the same ID " + id + " were detected";
  92                         throw new URIReferenceException(error);
  93                     }
  94                 }
  95 
  96                 XMLSignatureInput result = new XMLSignatureInput(referencedElem);
  97                 if (!uri.substring(1).startsWith("xpointer(id(")) {
  98                     result.setExcludeComments(true);
  99                 }
 100 
 101                 result.setMIMEType("text/xml");
 102                 if (baseURI != null && baseURI.length() > 0) {
 103                     result.setSourceURI(baseURI.concat(uriAttr.getNodeValue()));
 104                 } else {
 105                     result.setSourceURI(uriAttr.getNodeValue());
 106                 }
 107                 return new ApacheNodeSetData(result);
 108             }
 109         }
 110 
 111         try {
 112             ResourceResolver apacheResolver =
 113                 ResourceResolver.getInstance(uriAttr, baseURI, secVal);
 114             XMLSignatureInput in = apacheResolver.resolve(uriAttr,
 115                                                           baseURI, secVal);
 116             if (in.isOctetStream()) {
 117                 return new ApacheOctetStreamData(in);
 118             } else {
 119                 return new ApacheNodeSetData(in);
 120             }
 121         } catch (Exception e) {
 122             throw new URIReferenceException(e);
 123         }
 124     }
 125 }