in src/main/java/org/apache/xml/security/stax/impl/processor/output/AbstractSignatureEndingOutputProcessor.java [268:363]
protected abstract SignedInfoProcessor newSignedInfoProcessor(
SignatureAlgorithm signatureAlgorithm, String signatureId,
XMLSecStartElement xmlSecStartElement, OutputProcessorChain outputProcessorChain)
throws XMLSecurityException;
protected abstract void createTransformsStructureForSignature(
OutputProcessorChain subOutputProcessorChain,
SignaturePartDef signaturePartDef) throws XMLStreamException, XMLSecurityException;
protected abstract void createKeyInfoStructureForSignature(
OutputProcessorChain outputProcessorChain,
OutboundSecurityToken securityToken,
boolean useSingleCertificate) throws XMLStreamException, XMLSecurityException;
protected static class SignedInfoProcessor extends AbstractOutputProcessor {
private SignerOutputStream signerOutputStream;
private OutputStream bufferedSignerOutputStream;
private Transformer transformer;
private byte[] signatureValue;
private String inclusiveNamespacePrefixes;
private SignatureAlgorithm signatureAlgorithm;
private XMLSecStartElement xmlSecStartElement;
private String signatureId;
public SignedInfoProcessor(SignatureAlgorithm signatureAlgorithm, String signatureId, XMLSecStartElement xmlSecStartElement)
throws XMLSecurityException {
super();
this.signatureAlgorithm = signatureAlgorithm;
this.xmlSecStartElement = xmlSecStartElement;
this.signatureId = signatureId;
}
@Override
public void init(OutputProcessorChain outputProcessorChain) throws XMLSecurityException {
this.signerOutputStream = new SignerOutputStream(this.signatureAlgorithm);
this.bufferedSignerOutputStream = new UnsyncBufferedOutputStream(this.signerOutputStream);
final String canonicalizationAlgorithm = getSecurityProperties().getSignatureCanonicalizationAlgorithm();
Map<String, Object> transformerProperties = null;
if (getSecurityProperties().isAddExcC14NInclusivePrefixes() &&
XMLSecurityConstants.NS_C14N_EXCL.equals(canonicalizationAlgorithm)) {
Set<String> prefixSet = XMLSecurityUtils.getExcC14NInclusiveNamespacePrefixes(xmlSecStartElement, false);
StringBuilder prefixes = new StringBuilder();
for (String prefix : prefixSet) {
if (prefixes.length() != 0) {
prefixes.append(' ');
}
prefixes.append(prefix);
}
this.inclusiveNamespacePrefixes = prefixes.toString();
transformerProperties = new HashMap<>(2);
transformerProperties.put(
Canonicalizer20010315_Excl.INCLUSIVE_NAMESPACES_PREFIX_LIST, new ArrayList<>(prefixSet));
}
this.transformer = XMLSecurityUtils.getTransformer(null, this.bufferedSignerOutputStream,
transformerProperties, canonicalizationAlgorithm, XMLSecurityConstants.DIRECTION.OUT);
super.init(outputProcessorChain);
}
public byte[] getSignatureValue() throws XMLSecurityException {
if (signatureValue != null) {
return signatureValue;
}
try {
transformer.doFinal();
bufferedSignerOutputStream.close();
signatureValue = signerOutputStream.sign();
return signatureValue;
} catch (IOException | XMLStreamException e) {
throw new XMLSecurityException(e);
}
}
public String getSignatureId() {
return signatureId;
}
public String getInclusiveNamespacePrefixes() {
return inclusiveNamespacePrefixes;
}
@Override
public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
throws XMLStreamException, XMLSecurityException {
transformer.transform(xmlSecEvent);
outputProcessorChain.processEvent(xmlSecEvent);
}
}