SANTUARIO-522 - Make Serializer final in XMLCipher

git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-java/trunk@1873251 13f79535-47bb-0310-9956-ffa450edef68

Author: coheigea

src/main/java/org/apache/xml/security/encryption/AbstractSerializer.java

@@ -27,6 +27,7 @@
 import java.util.Map;
 
 import org.apache.xml.security.c14n.Canonicalizer;
+import org.apache.xml.security.c14n.InvalidCanonicalizerException;
 import org.w3c.dom.Element;
 import org.w3c.dom.NamedNodeMap;
 import org.w3c.dom.Node;
@@ -39,10 +40,12 @@
  */
 public abstract class AbstractSerializer implements Serializer {
 
-    private Canonicalizer canon;
+    private final Canonicalizer canon;
+    protected final boolean secureValidation;
 
-    public void setCanonicalizer(Canonicalizer canon) {
-        this.canon = canon;
+    protected AbstractSerializer(String canonAlg, boolean secureValidation) throws InvalidCanonicalizerException {
+        this.canon = Canonicalizer.getInstance(canonAlg);
+        this.secureValidation = secureValidation;
     }
 
     /**

src/main/java/org/apache/xml/security/encryption/DocumentSerializer.java

@@ -24,6 +24,8 @@
 
 import javax.xml.parsers.ParserConfigurationException;
 
+import org.apache.xml.security.c14n.Canonicalizer;
+import org.apache.xml.security.c14n.InvalidCanonicalizerException;
 import org.apache.xml.security.utils.XMLUtils;
 import org.w3c.dom.Document;
 import org.w3c.dom.DocumentFragment;
@@ -36,28 +38,34 @@
  */
 public class DocumentSerializer extends AbstractSerializer {
 
+    public DocumentSerializer(boolean secureValidation) throws InvalidCanonicalizerException {
+        this(Canonicalizer.ALGO_ID_C14N_PHYSICAL, secureValidation);
+    }
+
+    public DocumentSerializer(String canonAlg, boolean secureValidation) throws InvalidCanonicalizerException {
+        super(canonAlg, secureValidation);
+    }
+
     /**
      * @param source
      * @param ctx
-     * @param secureValidation
      * @return the Node resulting from the parse of the source
      * @throws XMLEncryptionException
      */
-    public Node deserialize(byte[] source, Node ctx, boolean secureValidation) throws XMLEncryptionException, IOException {
+    public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException {
         byte[] fragment = createContext(source, ctx);
         try (InputStream is = new ByteArrayInputStream(fragment)) {
-            return deserialize(ctx, is, secureValidation);
+            return deserialize(ctx, is);
         }
     }
 
     /**
      * @param ctx
      * @param inputStream
-     * @param secureValidation
      * @return the Node resulting from the parse of the source
      * @throws XMLEncryptionException
      */
-    private Node deserialize(Node ctx, InputStream inputStream, boolean secureValidation) throws XMLEncryptionException {
+    private Node deserialize(Node ctx, InputStream inputStream) throws XMLEncryptionException {
         try {
             Document d = XMLUtils.read(inputStream, secureValidation);
 

src/main/java/org/apache/xml/security/encryption/Serializer.java

@@ -20,7 +20,6 @@
 
 import java.io.IOException;
 
-import org.apache.xml.security.c14n.Canonicalizer;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
@@ -30,11 +29,6 @@
  */
 public interface Serializer {
 
-    /**
-     * Set the Canonicalizer object to use.
-     */
-    void setCanonicalizer(Canonicalizer canon);
-
     /**
      * Returns a <code>byte[]</code> representation of the specified
      * <code>Element</code>.
@@ -60,9 +54,8 @@ public interface Serializer {
     /**
      * @param source
      * @param ctx
-     * @param secureValidation
      * @return the Node resulting from the parse of the source
      * @throws XMLEncryptionException
      */
-    Node deserialize(byte[] source, Node ctx, boolean secureValidation) throws XMLEncryptionException, IOException;
+    Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException;
 }

src/main/java/org/apache/xml/security/encryption/TransformSerializer.java

@@ -25,10 +25,13 @@
 import javax.xml.XMLConstants;
 import javax.xml.transform.Source;
 import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
 import javax.xml.transform.TransformerFactory;
 import javax.xml.transform.dom.DOMResult;
 import javax.xml.transform.stream.StreamSource;
 
+import org.apache.xml.security.c14n.Canonicalizer;
+import org.apache.xml.security.c14n.InvalidCanonicalizerException;
 import org.w3c.dom.Document;
 import org.w3c.dom.DocumentFragment;
 import org.w3c.dom.Node;
@@ -39,30 +42,47 @@
  */
 public class TransformSerializer extends AbstractSerializer {
 
-    private TransformerFactory transformerFactory;
+    private final TransformerFactory transformerFactory;
+
+    public TransformSerializer(boolean secureValidation) throws InvalidCanonicalizerException, TransformerConfigurationException {
+        this(Canonicalizer.ALGO_ID_C14N_PHYSICAL, secureValidation);
+    }
+
+    public TransformSerializer(String canonAlg, boolean secureValidation) throws TransformerConfigurationException, InvalidCanonicalizerException {
+        super(canonAlg, secureValidation);
+
+        transformerFactory = TransformerFactory.newInstance();
+        transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
+        if (secureValidation) {
+            try {
+                transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
+                transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
+            } catch (IllegalArgumentException ex) {
+                // ignore
+            }
+        }
+    }
 
     /**
      * @param source
      * @param ctx
-     * @param secureValidation
      * @return the Node resulting from the parse of the source
      * @throws XMLEncryptionException
      */
-    public Node deserialize(byte[] source, Node ctx, boolean secureValidation) throws XMLEncryptionException, IOException {
+    public Node deserialize(byte[] source, Node ctx) throws XMLEncryptionException, IOException {
         byte[] fragment = createContext(source, ctx);
         try (InputStream is = new ByteArrayInputStream(fragment)) {
-            return deserialize(ctx, new StreamSource(is), secureValidation);
+            return deserialize(ctx, new StreamSource(is));
         }
     }
 
     /**
      * @param ctx
      * @param source
-     * @param secureValidation
      * @return the Node resulting from the parse of the source
      * @throws XMLEncryptionException
      */
-    private Node deserialize(Node ctx, Source source, boolean secureValidation) throws XMLEncryptionException {
+    private Node deserialize(Node ctx, Source source) throws XMLEncryptionException {
         try {
             Document contextDocument = null;
             if (Node.DOCUMENT_NODE == ctx.getNodeType()) {
@@ -71,18 +91,6 @@ private Node deserialize(Node ctx, Source source, boolean secureValidation) thro
                 contextDocument = ctx.getOwnerDocument();
             }
 
-            if (transformerFactory == null) {
-                transformerFactory = TransformerFactory.newInstance();
-                transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
-                if (secureValidation) {
-                    try {
-                        transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
-                        transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
-                    } catch (IllegalArgumentException ex) {
-                        // ignore
-                    }
-                }
-            }
             Transformer transformer = transformerFactory.newTransformer();
 
             DOMResult res = new DOMResult();