Upgrade Apache Santuario to version 4.0.0 - resolves #277

pom.xml

@@ -74,7 +74,7 @@
         <dependency>
             <groupId>org.apache.santuario</groupId>
             <artifactId>xmlsec</artifactId>
-            <version>3.0.3</version>
+            <version>4.0.0</version>
         </dependency>
         <dependency>
             <groupId>org.bouncycastle</groupId>

src/main/java/xades4j/utils/ResolverAnonymous.java

@@ -16,12 +16,12 @@
  */
 package xades4j.utils;
 
+import java.io.InputStream;
 import org.apache.xml.security.signature.XMLSignatureInput;
+import org.apache.xml.security.signature.XMLSignatureStreamInput;
 import org.apache.xml.security.utils.resolver.ResourceResolverContext;
 import org.apache.xml.security.utils.resolver.ResourceResolverSpi;
 
-import java.io.InputStream;
-
 /**
  * Resource resolver for References without a URI attribute.
  * 
@@ -40,7 +40,7 @@ public ResolverAnonymous(InputStream data)
     @Override
     public XMLSignatureInput engineResolveURI(ResourceResolverContext context)
     {
-        return new XMLSignatureInput(this.data);
+        return new XMLSignatureStreamInput(this.data);
     }
 
     @Override

src/main/java/xades4j/utils/TimeStampDigestInputImpl.java

@@ -20,6 +20,7 @@
 import org.apache.xml.security.signature.Reference;
 import org.apache.xml.security.signature.XMLSignatureException;
 import org.apache.xml.security.signature.XMLSignatureInput;
+import org.apache.xml.security.signature.XMLSignatureNodeInput;
 import org.apache.xml.security.transforms.Transform;
 import org.w3c.dom.Document;
 import org.w3c.dom.Node;
@@ -39,7 +40,7 @@ class TimeStampDigestInputImpl implements TimeStampDigestInput
 
     TimeStampDigestInputImpl(Algorithm c14n, AlgorithmsParametersMarshallingProvider parametersMarshallingProvider)
     {
-        // It would be better to have a Canonicalizer passed on the constructor
+        // It would be better to have a Canonicalizer passed on the constructor,
         // but it doesn't have a method that receives a XMlSignatureInput. Apache's
         // C14N transforms have some bug circumvent checks when mapping XMLSignatureInput
         // to the Canonicalizer methods, so it's better to keep using C14N via Transform.
@@ -76,7 +77,7 @@ public void addNode(Node n) throws CannotAddDataToDigestInputException
             throw new NullPointerException();
         }
 
-        addToDigestInput(new XMLSignatureInput(n), n.getOwnerDocument());
+        addToDigestInput(new XMLSignatureNodeInput(n), n.getOwnerDocument());
     }
 
     private void addToDigestInput(XMLSignatureInput refData, Document doc) throws CannotAddDataToDigestInputException
@@ -89,14 +90,7 @@ private void addToDigestInput(XMLSignatureInput refData, Document doc) throws Ca
                 refData = c14nTransform.performTransform(refData, true);
                 // Fall through to add the bytes resulting from the canonicalization.
             }
-
-            if (refData.isByteArray())
-            {
-                digestInput.write(refData.getBytes());
-            } else if (refData.isOctetStream())
-            {
-                StreamUtils.readWrite(refData.getOctetStream(), digestInput);
-            }
+            refData.write(digestInput);
         }
         catch (Exception ex)
         {

src/test/java/xades4j/production/OtherSignerTests.java

@@ -16,6 +16,21 @@
  */
 package xades4j.production;
 
+import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256;
+import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512;
+import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
+import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
+import static org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
+import static org.apache.xml.security.utils.Constants.SignatureSpecNS;
+import static org.apache.xml.security.utils.Constants._TAG_SIGNATURE;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import java.util.Iterator;
+import javax.xml.namespace.NamespaceContext;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathFactory;
+import org.apache.xml.security.signature.XMLSignatureByteInput;
 import org.apache.xml.security.signature.XMLSignatureInput;
 import org.apache.xml.security.utils.resolver.ResourceResolverContext;
 import org.apache.xml.security.utils.resolver.ResourceResolverException;
@@ -32,21 +47,6 @@
 import xades4j.providers.impl.ValidationDataFromCertValidationProvider;
 import xades4j.verification.VerifierTestBase;
 
-import javax.xml.namespace.NamespaceContext;
-import javax.xml.xpath.XPath;
-import javax.xml.xpath.XPathConstants;
-import javax.xml.xpath.XPathFactory;
-import java.util.Iterator;
-
-import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256;
-import static org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512;
-import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
-import static org.apache.xml.security.c14n.Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
-import static org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512;
-import static org.apache.xml.security.utils.Constants.SignatureSpecNS;
-import static org.apache.xml.security.utils.Constants._TAG_SIGNATURE;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-
 /**
  * @author Luís
  */
@@ -108,7 +108,7 @@ static class MyResolverSpi extends ResourceResolverSpi
         @Override
         public XMLSignatureInput engineResolveURI(ResourceResolverContext context) throws ResourceResolverException
         {
-            XMLSignatureInput input = new XMLSignatureInput(context.attr.getValue().getBytes());
+            XMLSignatureByteInput input = new XMLSignatureByteInput(context.attr.getValue().getBytes());
             resolveCount++;
             return input;
         }

src/test/java/xades4j/production/SignedDataObjectsProcessorTest.java

@@ -16,10 +16,17 @@
  */
 package xades4j.production;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 import org.apache.xml.security.signature.Manifest;
 import org.apache.xml.security.signature.ObjectContainer;
 import org.apache.xml.security.signature.Reference;
 import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.signature.XMLSignatureByteInput;
 import org.apache.xml.security.signature.XMLSignatureInput;
 import org.apache.xml.security.utils.Constants;
 import org.apache.xml.security.utils.resolver.ResourceResolverContext;
@@ -32,12 +39,6 @@
 import xades4j.utils.SignatureServicesTestBase;
 import xades4j.utils.StringUtils;
 
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertNotEquals;
-import static org.junit.jupiter.api.Assertions.assertNull;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.junit.jupiter.api.Assertions.assertTrue;
-
 /**
  * @author Luís
  */
@@ -117,7 +118,7 @@ void testAddManifest() throws Exception
                     @Override
                     public XMLSignatureInput engineResolveURI(ResourceResolverContext context)
                     {
-                        return new XMLSignatureInput(context.uriToResolve.getBytes());
+                        return new XMLSignatureByteInput(context.uriToResolve.getBytes());
                     }
 
                     @Override