From 9da1bf3be41eaa81dbfec4a749bc06076fddd8b4 Mon Sep 17 00:00:00 2001
From: Mirko <79272490+mjechow@users.noreply.github.com>
Date: Tue, 21 Nov 2023 15:33:13 +0100
Subject: [PATCH] Upgrade Apache Santuario to version 4.0.0 - resolves #277
---
pom.xml | 2 +-
.../java/xades4j/utils/ResolverAnonymous.java | 6 ++--
.../utils/TimeStampDigestInputImpl.java | 14 +++-----
.../xades4j/production/OtherSignerTests.java | 32 +++++++++----------
.../SignedDataObjectsProcessorTest.java | 15 +++++----
5 files changed, 32 insertions(+), 37 deletions(-)
diff --git a/pom.xml b/pom.xml
index b8bac75c..66a3c467 100644
--- a/pom.xml
+++ b/pom.xml
@@ -74,7 +74,7 @@
org.apache.santuario
xmlsec
- 3.0.3
+ 4.0.0
org.bouncycastle
diff --git a/src/main/java/xades4j/utils/ResolverAnonymous.java b/src/main/java/xades4j/utils/ResolverAnonymous.java
index 5115a0cd..3e480ca5 100644
--- a/src/main/java/xades4j/utils/ResolverAnonymous.java
+++ b/src/main/java/xades4j/utils/ResolverAnonymous.java
@@ -16,12 +16,12 @@
*/
package xades4j.utils;
+import java.io.InputStream;
import org.apache.xml.security.signature.XMLSignatureInput;
+import org.apache.xml.security.signature.XMLSignatureStreamInput;
import org.apache.xml.security.utils.resolver.ResourceResolverContext;
import org.apache.xml.security.utils.resolver.ResourceResolverSpi;
-import java.io.InputStream;
-
/**
* Resource resolver for References without a URI attribute.
*
@@ -40,7 +40,7 @@ public ResolverAnonymous(InputStream data)
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context)
{
- return new XMLSignatureInput(this.data);
+ return new XMLSignatureStreamInput(this.data);
}
@Override
diff --git a/src/main/java/xades4j/utils/TimeStampDigestInputImpl.java b/src/main/java/xades4j/utils/TimeStampDigestInputImpl.java
index fc35eedb..529c6047 100644
--- a/src/main/java/xades4j/utils/TimeStampDigestInputImpl.java
+++ b/src/main/java/xades4j/utils/TimeStampDigestInputImpl.java
@@ -20,6 +20,7 @@
import org.apache.xml.security.signature.Reference;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.signature.XMLSignatureInput;
+import org.apache.xml.security.signature.XMLSignatureNodeInput;
import org.apache.xml.security.transforms.Transform;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
@@ -39,7 +40,7 @@ class TimeStampDigestInputImpl implements TimeStampDigestInput
TimeStampDigestInputImpl(Algorithm c14n, AlgorithmsParametersMarshallingProvider parametersMarshallingProvider)
{
- // It would be better to have a Canonicalizer passed on the constructor
+ // It would be better to have a Canonicalizer passed on the constructor,
// but it doesn't have a method that receives a XMlSignatureInput. Apache's
// C14N transforms have some bug circumvent checks when mapping XMLSignatureInput
// to the Canonicalizer methods, so it's better to keep using C14N via Transform.
@@ -76,7 +77,7 @@ public void addNode(Node n) throws CannotAddDataToDigestInputException
throw new NullPointerException();
}
- addToDigestInput(new XMLSignatureInput(n), n.getOwnerDocument());
+ addToDigestInput(new XMLSignatureNodeInput(n), n.getOwnerDocument());
}
private void addToDigestInput(XMLSignatureInput refData, Document doc) throws CannotAddDataToDigestInputException
@@ -89,14 +90,7 @@ private void addToDigestInput(XMLSignatureInput refData, Document doc) throws Ca
refData = c14nTransform.performTransform(refData, true);
// Fall through to add the bytes resulting from the canonicalization.
}
-
- if (refData.isByteArray())
- {
- digestInput.write(refData.getBytes());
- } else if (refData.isOctetStream())
- {
- StreamUtils.readWrite(refData.getOctetStream(), digestInput);
- }
+ refData.write(digestInput);
}
catch (Exception ex)
{
diff --git a/src/test/java/xades4j/production/OtherSignerTests.java b/src/test/java/xades4j/production/OtherSignerTests.java
index 4231bd92..69e655ac 100644
--- a/src/test/java/xades4j/production/OtherSignerTests.java
+++ b/src/test/java/xades4j/production/OtherSignerTests.java
@@ -16,6 +16,21 @@
*/
package xades4j.production;
+import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256;
+import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512;
+import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
+import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
+import static org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
+import static org.apache.xml.security.utils.Constants.SignatureSpecNS;
+import static org.apache.xml.security.utils.Constants._TAG_SIGNATURE;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import java.util.Iterator;
+import javax.xml.namespace.NamespaceContext;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathFactory;
+import org.apache.xml.security.signature.XMLSignatureByteInput;
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.utils.resolver.ResourceResolverContext;
import org.apache.xml.security.utils.resolver.ResourceResolverException;
@@ -32,21 +47,6 @@
import xades4j.providers.impl.ValidationDataFromCertValidationProvider;
import xades4j.verification.VerifierTestBase;
-import javax.xml.namespace.NamespaceContext;
-import javax.xml.xpath.XPath;
-import javax.xml.xpath.XPathConstants;
-import javax.xml.xpath.XPathFactory;
-import java.util.Iterator;
-
-import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256;
-import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512;
-import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
-import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
-import static org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
-import static org.apache.xml.security.utils.Constants.SignatureSpecNS;
-import static org.apache.xml.security.utils.Constants._TAG_SIGNATURE;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-
/**
* @author Luís
*/
@@ -108,7 +108,7 @@ static class MyResolverSpi extends ResourceResolverSpi
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException
{
- XMLSignatureInput input = new XMLSignatureInput(context.attr.getValue().getBytes());
+ XMLSignatureByteInput input = new XMLSignatureByteInput(context.attr.getValue().getBytes());
resolveCount++;
return input;
}
diff --git a/src/test/java/xades4j/production/SignedDataObjectsProcessorTest.java b/src/test/java/xades4j/production/SignedDataObjectsProcessorTest.java
index 35fad8c4..8fd39a87 100644
--- a/src/test/java/xades4j/production/SignedDataObjectsProcessorTest.java
+++ b/src/test/java/xades4j/production/SignedDataObjectsProcessorTest.java
@@ -16,10 +16,17 @@
*/
package xades4j.production;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
import org.apache.xml.security.signature.Manifest;
import org.apache.xml.security.signature.ObjectContainer;
import org.apache.xml.security.signature.Reference;
import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.signature.XMLSignatureByteInput;
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.utils.Constants;
import org.apache.xml.security.utils.resolver.ResourceResolverContext;
@@ -32,12 +39,6 @@
import xades4j.utils.SignatureServicesTestBase;
import xades4j.utils.StringUtils;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertNotEquals;
-import static org.junit.jupiter.api.Assertions.assertNull;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.junit.jupiter.api.Assertions.assertTrue;
-
/**
* @author Luís
*/
@@ -117,7 +118,7 @@ void testAddManifest() throws Exception
@Override
public XMLSignatureInput engineResolveURI(ResourceResolverContext context)
{
- return new XMLSignatureInput(context.uriToResolve.getBytes());
+ return new XMLSignatureByteInput(context.uriToResolve.getBytes());
}
@Override