Package org.apache.xml.security.utils
Class XMLUtils
java.lang.Object
org.apache.xml.security.utils.XMLUtils
DOM and XML accessibility and comfort functions.
-
Method Summary
Modifier and TypeMethodDescriptionstatic voidaddReturnBeforeChild(Element e, Node child) static voidaddReturnToElement(Document doc, HelperNodeList nl) static voidMethod addReturnToElementstatic voidThis method spreads all namespace attributes in a DOM document to their children.convertNodelistToSet(NodeList xpathNodeSet) Method convertNodelistToSetstatic DocumentBuildercreateDocumentBuilder(boolean validating) Deprecated.Use XMLUtils.read instead to directly read a document.static DocumentBuildercreateDocumentBuilder(boolean validating, boolean disAllowDocTypeDeclarations) Deprecated.Use XMLUtils.read instead to directly read a document.static ElementcreateDSctx(Document doc, String prefix, String namespace) Method createDSctxstatic ElementcreateElementInEncryption11Space(Document doc, String elementName) Creates an Element in the XML Encryption 1.1 specification namespace.static ElementcreateElementInEncryptionSpace(Document doc, String elementName) Creates an Element in the XML Encryption specification namespace.static ElementcreateElementInSignature11Space(Document doc, String elementName) Creates an Element in the XML Signature 1.1 specification namespace.static ElementcreateElementInSignatureSpace(Document doc, String elementName) Creates an Element in the XML Signature specification namespace.static byte[]decode(byte[] encodedBytes) static byte[]static booleanelementIsInEncryption11Space(Element element, String localName) Returns true if the element is in XML Encryption 1.1 namespace and the local name equals the supplied one.static booleanelementIsInEncryptionSpace(Element element, String localName) Returns true if the element is in XML Encryption namespace and the local name equals the supplied one.static booleanelementIsInSignature11Space(Element element, String localName) Returns true if the element is in XML Signature 1.1 namespace and the local name equals the supplied one.static booleanelementIsInSignatureSpace(Element element, String localName) Returns true if the element is in XML Signature namespace and the local name equals the supplied one.static StringencodeToString(byte[] bytes) excludeNodeFromSet(Node signatureElement, Set<Node> inputSet) static StringgetAttributeValue(Element elem, String name) Returns the attribute value for the attribute with the specified name.static byte[]getBytes(BigInteger big, int bitlen) Returns a byte-array representation of a.BigIntegerstatic StringgetFullTextChildrenFromElement(Element element) Deprecated.static StringMethod getFullTextChildrenFromNodestatic ElementgetNextElement(Node el) static DocumentgetOwnerDocument(Set<Node> xpathNodeSet) This method returns the first non-null owner document of the Nodes in this Set.static DocumentgetOwnerDocument(Node node) This method returns the owner document of a particular node.static voidstatic StringgetStrFromNode(Node xpathnode) Method getStrFromNodestatic booleanstatic booleanisDescendantOrSelf(Node ctx, Node descendantOrSelf) Returns true if the descendantOrSelf is on the descendant-or-self axis of the context node.static booleanstatic Documentstatic voidoutputDOM(Node contextNode, OutputStream os) Outputs a DOM tree to anOutputStream.static voidoutputDOM(Node contextNode, OutputStream os, boolean addPreamble) Outputs a DOM tree to anOutputStream.static voidoutputDOMc14nWithComments(Node contextNode, OutputStream os) Serializes thecontextNodeinto the OutputStream, but suppresses all Exceptions.static booleanprotectAgainstWrappingAttack(Node startNode, String value) This method is a tree-search to help prevent against wrapping attacks.static booleanprotectAgainstWrappingAttack(Node startNode, Element knownElement, String value) This method is a tree-search to help prevent against wrapping attacks.static Documentread(InputStream inputStream) static Documentread(InputStream inputStream, boolean disAllowDocTypeDeclarations) static Documentstatic Documentread(InputSource inputSource) static Documentread(InputSource inputSource, boolean disAllowDocTypeDeclarations) static booleanDeprecated.This method has no effect in Santuario 2.1.4static ElementselectDs11Node(Node sibling, String nodeName, int number) static Element[]selectDs11Nodes(Node sibling, String nodeName) static TextselectDs11NodeText(Node sibling, String nodeName, int number) static ElementselectDsNode(Node sibling, String nodeName, int number) static Element[]selectDsNodes(Node sibling, String nodeName) static TextselectDsNodeText(Node sibling, String nodeName, int number) static ElementselectNode(Node sibling, String uri, String nodeName, int number) static Element[]selectNodes(Node sibling, String uri, String nodeName) static TextselectNodeText(Node sibling, String uri, String nodeName, int number) static ElementselectXencNode(Node sibling, String nodeName, int number) static voidsetDs11Prefix(String prefix) Set the prefix for the digital signature 1.1 namespacestatic voidsetDsPrefix(String prefix) Set the prefix for the digital signature namespacestatic voidsetXenc11Prefix(String prefix) Set the prefix for the encryption namespace 1.1static voidsetXencPrefix(String prefix) Set the prefix for the encryption namespace
-
Method Details
-
setDsPrefix
Set the prefix for the digital signature namespace- Parameters:
prefix- the new prefix for the digital signature namespace- Throws:
SecurityException- if a security manager is installed and the caller does not have permission to set the prefix
-
setDs11Prefix
Set the prefix for the digital signature 1.1 namespace- Parameters:
prefix- the new prefix for the digital signature 1.1 namespace- Throws:
SecurityException- if a security manager is installed and the caller does not have permission to set the prefix
-
setXencPrefix
Set the prefix for the encryption namespace- Parameters:
prefix- the new prefix for the encryption namespace- Throws:
SecurityException- if a security manager is installed and the caller does not have permission to set the prefix
-
setXenc11Prefix
Set the prefix for the encryption namespace 1.1- Parameters:
prefix- the new prefix for the encryption namespace 1.1- Throws:
SecurityException- if a security manager is installed and the caller does not have permission to set the prefix
-
getNextElement
-
getSet
- Parameters:
rootNode-result-exclude-com- whether comments or not
-
outputDOM
Outputs a DOM tree to anOutputStream.- Parameters:
contextNode- root node of the DOM treeos- theOutputStream
-
outputDOM
Outputs a DOM tree to anOutputStream. If an Exception is thrown during execution, it's StackTrace is output to System.out, but the Exception is not re-thrown.- Parameters:
contextNode- root node of the DOM treeos- theOutputStreamaddPreamble-
-
outputDOMc14nWithComments
Serializes thecontextNodeinto the OutputStream, but suppresses all Exceptions. NOTE: This should only be used for debugging purposes, NOT in a production environment; this method ignores all exceptions, so you won't notice if something goes wrong. If you're asking what is to be used in a production environment, simply use the code inside thetry{}statement, but handle the Exceptions appropriately.- Parameters:
contextNode-os-
-
getFullTextChildrenFromElement
Deprecated. -
getFullTextChildrenFromNode
Method getFullTextChildrenFromNode- Parameters:
node-- Returns:
- the string of children
-
createElementInSignatureSpace
Creates an Element in the XML Signature specification namespace.- Parameters:
doc- the factory DocumentelementName- the local name of the Element- Returns:
- the Element
-
createElementInSignature11Space
Creates an Element in the XML Signature 1.1 specification namespace.- Parameters:
doc- the factory DocumentelementName- the local name of the Element- Returns:
- the Element
-
createElementInEncryptionSpace
Creates an Element in the XML Encryption specification namespace.- Parameters:
doc- the factory DocumentelementName- the local name of the Element- Returns:
- the Element
-
createElementInEncryption11Space
Creates an Element in the XML Encryption 1.1 specification namespace.- Parameters:
doc- the factory DocumentelementName- the local name of the Element- Returns:
- the Element
-
elementIsInSignatureSpace
Returns true if the element is in XML Signature namespace and the local name equals the supplied one.- Parameters:
element-localName-- Returns:
- true if the element is in XML Signature namespace and the local name equals the supplied one
-
elementIsInSignature11Space
Returns true if the element is in XML Signature 1.1 namespace and the local name equals the supplied one.- Parameters:
element-localName-- Returns:
- true if the element is in XML Signature namespace and the local name equals the supplied one
-
elementIsInEncryptionSpace
Returns true if the element is in XML Encryption namespace and the local name equals the supplied one.- Parameters:
element-localName-- Returns:
- true if the element is in XML Encryption namespace and the local name equals the supplied one
-
elementIsInEncryption11Space
Returns true if the element is in XML Encryption 1.1 namespace and the local name equals the supplied one.- Parameters:
element-localName-- Returns:
- true if the element is in XML Encryption 1.1 namespace and the local name equals the supplied one
-
getOwnerDocument
This method returns the owner document of a particular node. This method is necessary because it always returns aDocument.Node.getOwnerDocument()returnsnullif theNodeis aDocument.- Parameters:
node-- Returns:
- the owner document of the node
-
getOwnerDocument
This method returns the first non-null owner document of the Nodes in this Set. This method is necessary because it always returns aDocument.Node.getOwnerDocument()returnsnullif theNodeis aDocument.- Parameters:
xpathNodeSet-- Returns:
- the owner document
-
createDSctx
Method createDSctx- Parameters:
doc-prefix-namespace-- Returns:
- the element.
-
addReturnToElement
Method addReturnToElement- Parameters:
e-
-
addReturnToElement
-
addReturnBeforeChild
-
encodeToString
-
decode
-
decode
public static byte[] decode(byte[] encodedBytes) -
isIgnoreLineBreaks
public static boolean isIgnoreLineBreaks() -
convertNodelistToSet
Method convertNodelistToSet- Parameters:
xpathNodeSet-- Returns:
- the set with the nodelist
-
circumventBug2650
This method spreads all namespace attributes in a DOM document to their children. This is needed because the XML Signature XPath transform must evaluate the XPath against all nodes in the input, even against XPath namespace nodes. Through a bug in XalanJ2, the namespace nodes are not fully visible in the Xalan XPath model, so we have to do this by hand in DOM spaces so that the nodes become visible in XPath space.- Parameters:
doc-- See Also:
-
selectDsNode
- Parameters:
sibling-nodeName-number-- Returns:
- nodes with the constraint
-
selectDs11Node
- Parameters:
sibling-nodeName-number-- Returns:
- nodes with the constraint
-
selectXencNode
- Parameters:
sibling-nodeName-number-- Returns:
- nodes with the constrain
-
selectDsNodeText
- Parameters:
sibling-nodeName-number-- Returns:
- nodes with the constrain
-
selectDs11NodeText
- Parameters:
sibling-nodeName-number-- Returns:
- nodes with the constrain
-
selectNodeText
- Parameters:
sibling-uri-nodeName-number-- Returns:
- nodes with the constrain
-
selectNode
- Parameters:
sibling-uri-nodeName-number-- Returns:
- nodes with the constrain
-
selectDsNodes
- Parameters:
sibling-nodeName-- Returns:
- nodes with the constrain
-
selectDs11Nodes
- Parameters:
sibling-nodeName-- Returns:
- nodes with the constrain
-
selectNodes
- Parameters:
sibling-uri-nodeName-- Returns:
- nodes with the constraint
-
excludeNodeFromSet
- Parameters:
signatureElement-inputSet-- Returns:
- nodes with the constrain
-
getStrFromNode
Method getStrFromNode- Parameters:
xpathnode-- Returns:
- the string for the node.
-
isDescendantOrSelf
Returns true if the descendantOrSelf is on the descendant-or-self axis of the context node.- Parameters:
ctx-descendantOrSelf-- Returns:
- true if the node is descendant
-
ignoreLineBreaks
public static boolean ignoreLineBreaks() -
getAttributeValue
Returns the attribute value for the attribute with the specified name. Returns null if there is no such attribute, or the empty string if the attribute value is empty.This works around a limitation of the DOM
Element.getAttributeNodemethod, which does not distinguish between an unspecified attribute and an attribute with a value of "" (it returns "" for both cases).- Parameters:
elem- the element containing the attributename- the name of the attribute- Returns:
- the attribute value (may be null if unspecified)
-
protectAgainstWrappingAttack
This method is a tree-search to help prevent against wrapping attacks. It checks that no two Elements have ID Attributes that match the "value" argument, if this is the case then "false" is returned. Note that a return value of "true" does not necessarily mean that a matching Element has been found, just that no wrapping attack has been detected. -
protectAgainstWrappingAttack
public static boolean protectAgainstWrappingAttack(Node startNode, Element knownElement, String value) This method is a tree-search to help prevent against wrapping attacks. It checks that no other Element than the given "knownElement" argument has an ID attribute that matches the "value" argument, which is the ID value of "knownElement". If this is the case then "false" is returned. -
newDocument
- Throws:
ParserConfigurationException
-
read
public static Document read(InputStream inputStream) throws ParserConfigurationException, SAXException, IOException -
read
public static Document read(InputStream inputStream, boolean disAllowDocTypeDeclarations) throws ParserConfigurationException, SAXException, IOException -
read
public static Document read(String uri, boolean disAllowDocTypeDeclarations) throws ParserConfigurationException, SAXException, IOException -
read
public static Document read(InputSource inputSource) throws ParserConfigurationException, SAXException, IOException -
read
public static Document read(InputSource inputSource, boolean disAllowDocTypeDeclarations) throws ParserConfigurationException, SAXException, IOException -
createDocumentBuilder
@Deprecated public static DocumentBuilder createDocumentBuilder(boolean validating) throws ParserConfigurationException Deprecated.Use XMLUtils.read instead to directly read a document.- Throws:
ParserConfigurationException
-
createDocumentBuilder
@Deprecated public static DocumentBuilder createDocumentBuilder(boolean validating, boolean disAllowDocTypeDeclarations) throws ParserConfigurationException Deprecated.Use XMLUtils.read instead to directly read a document.- Throws:
ParserConfigurationException
-
repoolDocumentBuilder
Deprecated.This method has no effect in Santuario 2.1.4 -
getBytes
Returns a byte-array representation of a. No sign-bit is output. N.B.:BigInteger's toByteArray returns eventually longer arrays because of the leading sign-bit.BigInteger- Parameters:
big-BigIntegerto be convertedbitlen-intthe desired length in bits of the representation- Returns:
- a byte array with
bitlenbits ofbig
-