org.apache.xml.security.utils
Class XMLUtils

java.lang.Object
  extended by org.apache.xml.security.utils.XMLUtils

public class XMLUtils
extends java.lang.Object

DOM and XML accessibility and comfort functions.

Author:
Christian Geuer-Pollmann

Method Summary
static void addReturnBeforeChild(org.w3c.dom.Element e, org.w3c.dom.Node child)
           
static void addReturnToElement(org.w3c.dom.Document doc, HelperNodeList nl)
           
static void addReturnToElement(org.w3c.dom.Element e)
          Method addReturnToElement
static void circumventBug2650(org.w3c.dom.Document doc)
          This method spreads all namespace attributes in a DOM document to their children.
static java.util.Set<org.w3c.dom.Node> convertNodelistToSet(org.w3c.dom.NodeList xpathNodeSet)
          Method convertNodelistToSet
static org.w3c.dom.Element createDSctx(org.w3c.dom.Document doc, java.lang.String prefix, java.lang.String namespace)
          Method createDSctx
static org.w3c.dom.Element createElementInEncryption11Space(org.w3c.dom.Document doc, java.lang.String elementName)
          Creates an Element in the XML Encryption 1.1 specification namespace.
static org.w3c.dom.Element createElementInEncryptionSpace(org.w3c.dom.Document doc, java.lang.String elementName)
          Creates an Element in the XML Encryption specification namespace.
static org.w3c.dom.Element createElementInSignatureSpace(org.w3c.dom.Document doc, java.lang.String elementName)
          Creates an Element in the XML Signature specification namespace.
static boolean elementIsInEncryption11Space(org.w3c.dom.Element element, java.lang.String localName)
          Returns true if the element is in XML Encryption 1.1 namespace and the local name equals the supplied one.
static boolean elementIsInEncryptionSpace(org.w3c.dom.Element element, java.lang.String localName)
          Returns true if the element is in XML Encryption namespace and the local name equals the supplied one.
static boolean elementIsInSignatureSpace(org.w3c.dom.Element element, java.lang.String localName)
          Returns true if the element is in XML Signature namespace and the local name equals the supplied one.
static java.util.Set<org.w3c.dom.Node> excludeNodeFromSet(org.w3c.dom.Node signatureElement, java.util.Set<org.w3c.dom.Node> inputSet)
           
static java.lang.String getAttributeValue(org.w3c.dom.Element elem, java.lang.String name)
          Returns the attribute value for the attribute with the specified name.
static java.lang.String getFullTextChildrenFromElement(org.w3c.dom.Element element)
          Method getFullTextChildrenFromElement
static org.w3c.dom.Element getNextElement(org.w3c.dom.Node el)
           
static org.w3c.dom.Document getOwnerDocument(org.w3c.dom.Node node)
          This method returns the owner document of a particular node.
static org.w3c.dom.Document getOwnerDocument(java.util.Set<org.w3c.dom.Node> xpathNodeSet)
          This method returns the first non-null owner document of the Nodes in this Set.
static void getSet(org.w3c.dom.Node rootNode, java.util.Set<org.w3c.dom.Node> result, org.w3c.dom.Node exclude, boolean com)
           
static java.lang.String getStrFromNode(org.w3c.dom.Node xpathnode)
          Method getStrFromNode
static boolean ignoreLineBreaks()
           
static boolean isDescendantOrSelf(org.w3c.dom.Node ctx, org.w3c.dom.Node descendantOrSelf)
          Returns true if the descendantOrSelf is on the descendant-or-self axis of the context node.
static void outputDOM(org.w3c.dom.Node contextNode, java.io.OutputStream os)
          Outputs a DOM tree to an OutputStream.
static void outputDOM(org.w3c.dom.Node contextNode, java.io.OutputStream os, boolean addPreamble)
          Outputs a DOM tree to an OutputStream.
static void outputDOMc14nWithComments(org.w3c.dom.Node contextNode, java.io.OutputStream os)
          Serializes the contextNode into the OutputStream, but suppresses all Exceptions.
static boolean protectAgainstWrappingAttack(org.w3c.dom.Node startNode, org.w3c.dom.Element knownElement, java.lang.String value)
          This method is a tree-search to help prevent against wrapping attacks.
static boolean protectAgainstWrappingAttack(org.w3c.dom.Node startNode, java.lang.String value)
          This method is a tree-search to help prevent against wrapping attacks.
static org.w3c.dom.Element selectDsNode(org.w3c.dom.Node sibling, java.lang.String nodeName, int number)
           
static org.w3c.dom.Element[] selectDsNodes(org.w3c.dom.Node sibling, java.lang.String nodeName)
           
static org.w3c.dom.Text selectDsNodeText(org.w3c.dom.Node sibling, java.lang.String nodeName, int number)
           
static org.w3c.dom.Element selectNode(org.w3c.dom.Node sibling, java.lang.String uri, java.lang.String nodeName, int number)
           
static org.w3c.dom.Element[] selectNodes(org.w3c.dom.Node sibling, java.lang.String uri, java.lang.String nodeName)
           
static org.w3c.dom.Text selectNodeText(org.w3c.dom.Node sibling, java.lang.String uri, java.lang.String nodeName, int number)
           
static org.w3c.dom.Element selectXencNode(org.w3c.dom.Node sibling, java.lang.String nodeName, int number)
           
static void setDsPrefix(java.lang.String prefix)
          Set the prefix for the digital signature namespace
static void setXenc11Prefix(java.lang.String prefix)
          Set the prefix for the encryption namespace 1.1
static void setXencPrefix(java.lang.String prefix)
          Set the prefix for the encryption namespace
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

setDsPrefix

public static void setDsPrefix(java.lang.String prefix)
Set the prefix for the digital signature namespace

Parameters:
prefix - the new prefix for the digital signature namespace

setXencPrefix

public static void setXencPrefix(java.lang.String prefix)
Set the prefix for the encryption namespace

Parameters:
prefix - the new prefix for the encryption namespace

setXenc11Prefix

public static void setXenc11Prefix(java.lang.String prefix)
Set the prefix for the encryption namespace 1.1

Parameters:
prefix - the new prefix for the encryption namespace 1.1

getNextElement

public static org.w3c.dom.Element getNextElement(org.w3c.dom.Node el)

getSet

public static void getSet(org.w3c.dom.Node rootNode,
                          java.util.Set<org.w3c.dom.Node> result,
                          org.w3c.dom.Node exclude,
                          boolean com)
Parameters:
rootNode -
result -
exclude -
com - whether comments or not

outputDOM

public static void outputDOM(org.w3c.dom.Node contextNode,
                             java.io.OutputStream os)
Outputs a DOM tree to an OutputStream.

Parameters:
contextNode - root node of the DOM tree
os - the OutputStream

outputDOM

public static void outputDOM(org.w3c.dom.Node contextNode,
                             java.io.OutputStream os,
                             boolean addPreamble)
Outputs a DOM tree to an OutputStream. If an Exception is thrown during execution, it's StackTrace is output to System.out, but the Exception is not re-thrown.

Parameters:
contextNode - root node of the DOM tree
os - the OutputStream
addPreamble -

outputDOMc14nWithComments

public static void outputDOMc14nWithComments(org.w3c.dom.Node contextNode,
                                             java.io.OutputStream os)
Serializes the contextNode into the OutputStream, but suppresses all Exceptions.
NOTE: This should only be used for debugging purposes, NOT in a production environment; this method ignores all exceptions, so you won't notice if something goes wrong. If you're asking what is to be used in a production environment, simply use the code inside the try{} statement, but handle the Exceptions appropriately.

Parameters:
contextNode -
os -

getFullTextChildrenFromElement

public static java.lang.String getFullTextChildrenFromElement(org.w3c.dom.Element element)
Method getFullTextChildrenFromElement

Parameters:
element -
Returns:
the string of children

createElementInSignatureSpace

public static org.w3c.dom.Element createElementInSignatureSpace(org.w3c.dom.Document doc,
                                                                java.lang.String elementName)
Creates an Element in the XML Signature specification namespace.

Parameters:
doc - the factory Document
elementName - the local name of the Element
Returns:
the Element

createElementInEncryptionSpace

public static org.w3c.dom.Element createElementInEncryptionSpace(org.w3c.dom.Document doc,
                                                                 java.lang.String elementName)
Creates an Element in the XML Encryption specification namespace.

Parameters:
doc - the factory Document
elementName - the local name of the Element
Returns:
the Element

createElementInEncryption11Space

public static org.w3c.dom.Element createElementInEncryption11Space(org.w3c.dom.Document doc,
                                                                   java.lang.String elementName)
Creates an Element in the XML Encryption 1.1 specification namespace.

Parameters:
doc - the factory Document
elementName - the local name of the Element
Returns:
the Element

elementIsInSignatureSpace

public static boolean elementIsInSignatureSpace(org.w3c.dom.Element element,
                                                java.lang.String localName)
Returns true if the element is in XML Signature namespace and the local name equals the supplied one.

Parameters:
element -
localName -
Returns:
true if the element is in XML Signature namespace and the local name equals the supplied one

elementIsInEncryptionSpace

public static boolean elementIsInEncryptionSpace(org.w3c.dom.Element element,
                                                 java.lang.String localName)
Returns true if the element is in XML Encryption namespace and the local name equals the supplied one.

Parameters:
element -
localName -
Returns:
true if the element is in XML Encryption namespace and the local name equals the supplied one

elementIsInEncryption11Space

public static boolean elementIsInEncryption11Space(org.w3c.dom.Element element,
                                                   java.lang.String localName)
Returns true if the element is in XML Encryption 1.1 namespace and the local name equals the supplied one.

Parameters:
element -
localName -
Returns:
true if the element is in XML Encryption 1.1 namespace and the local name equals the supplied one

getOwnerDocument

public static org.w3c.dom.Document getOwnerDocument(org.w3c.dom.Node node)
This method returns the owner document of a particular node. This method is necessary because it always returns a Document. Node.getOwnerDocument() returns null if the Node is a Document.

Parameters:
node -
Returns:
the owner document of the node

getOwnerDocument

public static org.w3c.dom.Document getOwnerDocument(java.util.Set<org.w3c.dom.Node> xpathNodeSet)
This method returns the first non-null owner document of the Nodes in this Set. This method is necessary because it always returns a Document. Node.getOwnerDocument() returns null if the Node is a Document.

Parameters:
xpathNodeSet -
Returns:
the owner document

createDSctx

public static org.w3c.dom.Element createDSctx(org.w3c.dom.Document doc,
                                              java.lang.String prefix,
                                              java.lang.String namespace)
Method createDSctx

Parameters:
doc -
prefix -
namespace -
Returns:
the element.

addReturnToElement

public static void addReturnToElement(org.w3c.dom.Element e)
Method addReturnToElement

Parameters:
e -

addReturnToElement

public static void addReturnToElement(org.w3c.dom.Document doc,
                                      HelperNodeList nl)

addReturnBeforeChild

public static void addReturnBeforeChild(org.w3c.dom.Element e,
                                        org.w3c.dom.Node child)

convertNodelistToSet

public static java.util.Set<org.w3c.dom.Node> convertNodelistToSet(org.w3c.dom.NodeList xpathNodeSet)
Method convertNodelistToSet

Parameters:
xpathNodeSet -
Returns:
the set with the nodelist

circumventBug2650

public static void circumventBug2650(org.w3c.dom.Document doc)
This method spreads all namespace attributes in a DOM document to their children. This is needed because the XML Signature XPath transform must evaluate the XPath against all nodes in the input, even against XPath namespace nodes. Through a bug in XalanJ2, the namespace nodes are not fully visible in the Xalan XPath model, so we have to do this by hand in DOM spaces so that the nodes become visible in XPath space.

Parameters:
doc -
See Also:
Namespace axis resolution is not XPath compliant

selectDsNode

public static org.w3c.dom.Element selectDsNode(org.w3c.dom.Node sibling,
                                               java.lang.String nodeName,
                                               int number)
Parameters:
sibling -
nodeName -
number -
Returns:
nodes with the constraint

selectXencNode

public static org.w3c.dom.Element selectXencNode(org.w3c.dom.Node sibling,
                                                 java.lang.String nodeName,
                                                 int number)
Parameters:
sibling -
nodeName -
number -
Returns:
nodes with the constrain

selectDsNodeText

public static org.w3c.dom.Text selectDsNodeText(org.w3c.dom.Node sibling,
                                                java.lang.String nodeName,
                                                int number)
Parameters:
sibling -
nodeName -
number -
Returns:
nodes with the constrain

selectNodeText

public static org.w3c.dom.Text selectNodeText(org.w3c.dom.Node sibling,
                                              java.lang.String uri,
                                              java.lang.String nodeName,
                                              int number)
Parameters:
sibling -
uri -
nodeName -
number -
Returns:
nodes with the constrain

selectNode

public static org.w3c.dom.Element selectNode(org.w3c.dom.Node sibling,
                                             java.lang.String uri,
                                             java.lang.String nodeName,
                                             int number)
Parameters:
sibling -
uri -
nodeName -
number -
Returns:
nodes with the constrain

selectDsNodes

public static org.w3c.dom.Element[] selectDsNodes(org.w3c.dom.Node sibling,
                                                  java.lang.String nodeName)
Parameters:
sibling -
nodeName -
Returns:
nodes with the constrain

selectNodes

public static org.w3c.dom.Element[] selectNodes(org.w3c.dom.Node sibling,
                                                java.lang.String uri,
                                                java.lang.String nodeName)
Parameters:
sibling -
uri -
nodeName -
Returns:
nodes with the constraint

excludeNodeFromSet

public static java.util.Set<org.w3c.dom.Node> excludeNodeFromSet(org.w3c.dom.Node signatureElement,
                                                                 java.util.Set<org.w3c.dom.Node> inputSet)
Parameters:
signatureElement -
inputSet -
Returns:
nodes with the constrain

getStrFromNode

public static java.lang.String getStrFromNode(org.w3c.dom.Node xpathnode)
Method getStrFromNode

Parameters:
xpathnode -
Returns:
the string for the node.

isDescendantOrSelf

public static boolean isDescendantOrSelf(org.w3c.dom.Node ctx,
                                         org.w3c.dom.Node descendantOrSelf)
Returns true if the descendantOrSelf is on the descendant-or-self axis of the context node.

Parameters:
ctx -
descendantOrSelf -
Returns:
true if the node is descendant

ignoreLineBreaks

public static boolean ignoreLineBreaks()

getAttributeValue

public static java.lang.String getAttributeValue(org.w3c.dom.Element elem,
                                                 java.lang.String name)
Returns the attribute value for the attribute with the specified name. Returns null if there is no such attribute, or the empty string if the attribute value is empty.

This works around a limitation of the DOM Element.getAttributeNode method, which does not distinguish between an unspecified attribute and an attribute with a value of "" (it returns "" for both cases).

Parameters:
elem - the element containing the attribute
name - the name of the attribute
Returns:
the attribute value (may be null if unspecified)

protectAgainstWrappingAttack

public static boolean protectAgainstWrappingAttack(org.w3c.dom.Node startNode,
                                                   java.lang.String value)
This method is a tree-search to help prevent against wrapping attacks. It checks that no two Elements have ID Attributes that match the "value" argument, if this is the case then "false" is returned. Note that a return value of "true" does not necessarily mean that a matching Element has been found, just that no wrapping attack has been detected.


protectAgainstWrappingAttack

public static boolean protectAgainstWrappingAttack(org.w3c.dom.Node startNode,
                                                   org.w3c.dom.Element knownElement,
                                                   java.lang.String value)
This method is a tree-search to help prevent against wrapping attacks. It checks that no other Element than the given "knownElement" argument has an ID attribute that matches the "value" argument, which is the ID value of "knownElement". If this is the case then "false" is returned.