Conversation
|
How about also removing org.apache.xml.security.utils.Base64? Is it needed anymore? |
seanjmullan
left a comment
seanjmullan
left a comment
There was a problem hiding this comment.
Some comments on a first pass.
| * DOM and XML accessibility and comfort functions. | ||
| * | ||
| * @implNote | ||
| * Following system properties affect XML formatting: |
| import java.util.Iterator; | ||
| import java.util.List; | ||
| import java.util.Map; | ||
| import java.util.*; |
There was a problem hiding this comment.
Can you revert this change? I think it is better not to wildcard imports.
| return ignoreLineBreaks; | ||
| } | ||
|
|
||
| public void setIgnoreLineBreaks(boolean ignoreLineBreaks) { |
There was a problem hiding this comment.
Instead of set methods, why not add a constructor that takes the options and also checks for illegal syntax?
There was a problem hiding this comment.
Since we would like to retain meaningful log messages for invalid property values, I couldn't find a better way than to move all properties reading together with validation logic to the constructor of Base64FormattingOptions.
Added warnings in case a property is set, but ignored.
Added handling of NumberFormatException as suggested in the comment below.
Example log:
testIgnoreLineBreaksTakesPrecedence:
... org.apache.xml.security.ignoreLineBreaks property takes precedence over org.apache.xml.security.base64.ignoreLineBreaks, line breaks will be ignored
... Property org.apache.xml.security.base64.lineSeparator has no effect since line breaks are ignored
... Property org.apache.xml.security.base64.lineLength has no effect since line breaks are ignored
testIllegalPropertiesAreIgnored:
... Illegal value of org.apache.xml.security.base64.lineSeparator property is ignored: illegal
... Illegal value of org.apache.xml.security.base64.lineLength property is ignored: illegal
| (PrivilegedAction<Boolean>) () -> Boolean.getBoolean("org.apache.xml.security.ignoreLineBreaks")); | ||
| (PrivilegedAction<Boolean>) () -> Boolean.getBoolean(IGNORE_LINE_BREAKS_PROP)); | ||
|
|
||
| private static Base64FormattingOptions base64Formatting = |
There was a problem hiding this comment.
if org.apache.xml.security.ignoreLineBreaks is true, none of these options matter, so did you consider skipping the getting of the other properties?
There was a problem hiding this comment.
Also should log a warning if the other properties are set, since they have no impact if org.apache.xml.security.ignoreLineBreaks is true.
There was a problem hiding this comment.
Were these comments addressed?
There was a problem hiding this comment.
The warnings were added in c8f4e25.
In my opinion, it would be good to read the properties anyway for the sake of consistency. In the end, we still need to check them to produce warnings.
| } | ||
|
|
||
| private static final Logger LOG = System.getLogger(XMLUtils.class.getName()); | ||
| Integer lineLength = Integer.getInteger(BASE64_LINE_LENGTH_PROP); |
There was a problem hiding this comment.
I think it would be better to use System.getProperty and then Integer.valueOf(String) because Integer.getInteger does not distinguish between the property not being set and an invalid value for the integer.
| /** | ||
| * Creates new formatting options by reading system properties. | ||
| */ | ||
| public Base64FormattingOptions() { |
There was a problem hiding this comment.
The constructors and methods of this class should be package-private since the class is package-private.
| this.bytes = bytes; | ||
| } | ||
|
|
||
| public byte[] getBytes() { |
| import static org.hamcrest.MatcherAssert.assertThat; | ||
| import static org.hamcrest.Matchers.*; | ||
| import static org.junit.jupiter.api.Assertions.*; | ||
|
|
There was a problem hiding this comment.
Add a comment describing what this test does.
|
I think we are good to remove Base64, as OpenSAML stopped using it here https://shibboleth.atlassian.net/browse/OSJ-287 |
Thank you for clearing it up. There are also two duplicating getters Please let me know if you would like me to do this cleanup as a separate change. |
|
If they're not used then let's deprecated both of them, thanks. |
Probably best to do this as a separate change just in case we have to later restore them for some reason. |
.../java/org/apache/xml/security/stax/impl/processor/output/AbstractEncryptOutputProcessor.java
Show resolved
Hide resolved
| * Output of the first two methods is checked using an appropriate {@link FormattingChecker} implementation. | ||
| * The result of stream encoding is compared to the output of {@code encodeToString} method. | ||
| * | ||
| * There are also tests, which check that the corresponding decoding methods can process Base64-encoded data with any |
|
|
||
| @Test | ||
| public void testEncodeToString() { | ||
| byte[] data = new byte[60]; // long enough for a line break in MIME encoding |
There was a problem hiding this comment.
nit, extra space after '='. Same comment on other lines.
No problem, I had some tough weeks, so couldn't finish it earlier anyway. Please check if StAX-based API is used correctly. I'm not quite sure how to verify the signature value and get decrypted data, but perhaps we don't need to do the verification, as the focus of the test is just to check that different formatting variants are consumed correctly. |
I'm not familiar with the StAX-based API, so maybe @coheigea can check. |
|
@kuzjka Can you rebase the branch off the latest code please? There's a conflict. |
kuzjka
force-pushed
the
dev/base64_formatting
branch
from
969eb8d to
5917ca9
Compare
* added FormattingTest annotation (JUnit tagging) * added FormattingChecker interface, various implementations for different formatting configurations and a factory to get appropriate implementation * added formatting options properties sets and multiple executions for Surefire plugin * refactored XMLUtilsTest: made it a @FormattingTest, removed hacks with classloader
kuzjka
force-pushed
the
dev/base64_formatting
branch
from
5917ca9 to
4e2b189
Compare
Done. |
|
Note the PMD violations in the build: |
3 participants
New feature
This PR continues the mailing list thread and suggests system properties to control base64Binary values formatting:
org.apache.xml.security.base64.lineSeparator,org.apache.xml.security.base64.lineLength- allows to override default MIME encoding settingsorg.apache.xml.security.base64.ignoreLineBreaks- disables line wrapping for base64 value, but allows to keep the whole XML pretty-printed. Takes precedence over line wrapping settings above.org.apache.xml.security.ignoreLineBreakstakes precedence over all new options.Default values result to CRLF line breaks with 76 chars in the line, making the whole thing fully compatible with previous implementation.
Other changes
Some of the logic is included to XMLUtils to provide better encapsulation:
XMLUtils.encodeElementValueBase64OutputStreamfrom Commons, used in XML encryption, is replaced with ajava.utilimplementation and provided byXMLUtils, making it consistent with configured Base64 encoder.Base64.Encoder/Decoderinstances are thread-safe, so sharing a single instance should give us a little performance gain.Test coverage
As the base64 configuration takes place during class load, unit-tests leverage from custom
ClassLoaderand Reflection API to reinitialize the class in each test.Motivation
https://www.w3.org/TR/xmlschema-2/#base64Binary -
base64Binarydefinition has note, that original RFC2045 line-length limitation must not be enforced. In current implementation it is only possible to remove all line breaks in the document usingorg.apache.xml.security.ignoreLineBreaks, sacrificing human readability.Also, using LF instead of CRLF may be desired in systems where verifying side does not expect escape sequences in base64Binary values.
I would be thankful for your comments and suggestions.