xml-crypto - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

example/example.js

@@ -0,0 +0,0 @@ var select = require('xml-crypto').xpath

index.js

 module.exports = require('./lib/signed-xml')
 module.exports.xpath = require('xpath.js')

lib/c14n-canonicalization.js

@@ -0,0 +0,0 @@ /* jshint laxcomma: true */

lib/enveloped-signature.js

@@ -0,0 +0,0 @@ var xpath = require('xpath.js');

lib/exclusive-canonicalization.js

@@ -81,3 +81,10 @@ /* jshint laxcomma: true */
  */
-ExclusiveCanonicalization.prototype.renderNs = function(node, prefixesInScope, defaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList) {
+ExclusiveCanonicalization.prototype.renderNs = function(node,
+                                                        prefixesInScope,
+                                                        defaultNs,
+                                                        defaultNsForPrefix,
+                                                        inclusiveNamespacesPrefixList,
+                                                        ancestorNamespaces,
+                                                        topNode
+                                                        ) {
   var a, i, p, attr
@@ -88,3 +95,2 @@ , res = []
     , currNs = node.namespaceURI || "";
-
   //handle the namespaceof the node itself
@@ -103,2 +109,15 @@ if (node.prefix) {
 
+  if(topNode) {
+    for(var j = 0; j < ancestorNamespaces.length; j++) {
+      var ancestorNs = ancestorNamespaces[j];
+      for(var k = 0; k < inclusiveNamespacesPrefixList.length; k++) {
+        var inclusiveNs = inclusiveNamespacesPrefixList[k];
+        if(ancestorNs.prefix === inclusiveNs && !isPrefixInScope(prefixesInScope, ancestorNs.prefix, ancestorNs.namespaceURI)) {
+          nsListToRender.push({"prefix": ancestorNs.prefix, "namespaceURI": ancestorNs.namespaceURI});
+          prefixesInScope.push({"prefix": ancestorNs.prefix, "namespaceURI": ancestorNs.namespaceURI});
+        }
+      }
+    }
+  }
+
   //handle the attributes namespace
@@ -109,5 +128,8 @@ if (node.attributes) {
 
+
       //handle all prefixed attributes that are included in the prefix list and where
       //the prefix is not defined already
-      if (attr.prefix && !isPrefixInScope(prefixesInScope, attr.localName, attr.value) && inclusiveNamespacesPrefixList.indexOf(attr.localName) >= 0) {
+      if (attr.prefix &&
+        !isPrefixInScope(prefixesInScope, attr.localName, attr.value) &&
+        (inclusiveNamespacesPrefixList.indexOf(attr.localName) >= 0)) {
         nsListToRender.push({"prefix": attr.localName, "namespaceURI": attr.value});
@@ -119,5 +141,23 @@ prefixesInScope.push({"prefix": attr.localName, "namespaceURI": attr.value});
       //the prefix is not defined already
-      if (attr.prefix && !isPrefixInScope(prefixesInScope, attr.prefix, attr.namespaceURI) && attr.prefix!="xmlns" && attr.prefix!="xml") {
-        nsListToRender.push({"prefix": attr.prefix, "namespaceURI": attr.namespaceURI});
-        prefixesInScope.push({"prefix": attr.prefix, "namespaceURI": attr.namespaceURI});
+      if (attr.prefix && attr.prefix!=="xmlns" && attr.prefix!=="xml") {
+        var artificiallyIntroduced = false;
+        if(attr.namespaceURI === undefined) {
+          //This could mean that the namespace Uri has been reset to "", or it could mean we have artificially
+          //introduced it because it was in inclusiveNamespacePrefixList
+          if(inclusiveNamespacesPrefixList.indexOf(attr.prefix) >= 0) {
+            for(var j = 0; j < ancestorNamespaces.length; j++) {
+              var ancestorNs = ancestorNamespaces[j];
+              if(ancestorNs.prefix === attr.prefix) {
+                artificiallyIntroduced = true;
+                break;
+              }
+            }
+          }
+        }
+        if(!artificiallyIntroduced) {
+          if(!isPrefixInScope(prefixesInScope, attr.prefix, attr.namespaceURI)) {
+            nsListToRender.push({"prefix": attr.prefix, "namespaceURI": attr.namespaceURI|| defaultNsForPrefix[attr.prefix]});
+            prefixesInScope.push({"prefix": attr.prefix, "namespaceURI": attr.namespaceURI|| defaultNsForPrefix[attr.prefix]});
+          }
+        }
       }
@@ -140,4 +180,9 @@ }
 
-ExclusiveCanonicalization.prototype.processInner = function(node, prefixesInScope, defaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList) {
-
+ExclusiveCanonicalization.prototype.processInner = function(node,
+                                                            prefixesInScope,
+                                                            defaultNs,
+                                                            defaultNsForPrefix,
+                                                            inclusiveNamespacesPrefixList,
+                                                            ancestorNamespaces,
+                                                            topNode) {
   if (node.nodeType === 8) { return this.renderComment(node); }
@@ -147,3 +192,3 @@ if (node.data) { return utils.encodeSpecialCharactersInText(node.data); }
   var i, pfxCopy
-    , ns = this.renderNs(node, prefixesInScope, defaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList)
+    , ns = this.renderNs(node, prefixesInScope, defaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList, ancestorNamespaces, topNode)
     , res = ["<", node.tagName, ns.rendered, this.renderAttrs(node, ns.newDefaultNs), ">"];
@@ -153,3 +198,3 @@
     pfxCopy = prefixesInScope.slice(0);
-    res.push(this.processInner(node.childNodes[i], pfxCopy, ns.newDefaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList));
+    res.push(this.processInner(node.childNodes[i], pfxCopy, ns.newDefaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList, ancestorNamespaces, false));
   }
@@ -208,5 +253,6 @@
   var defaultNsForPrefix = options.defaultNsForPrefix || {};
+  var ancestorNamespaces = options.ancestorNamespaces || [];
   if (!(inclusiveNamespacesPrefixList instanceof Array)) { inclusiveNamespacesPrefixList = inclusiveNamespacesPrefixList.split(' '); }
 
-  var res = this.processInner(node, [], defaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList);
+  var res = this.processInner(node, [], defaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList, ancestorNamespaces, true);
   return res;
@@ -213,0 +259,0 @@ };

lib/signed-xml.js

@@ -377,5 +377,5 @@ var select = require('xpath.js')
     
-    ancestorNamespaces = findAncestorNs(doc, "//*[local-name()='SignedInfo']");
   }
-  
+  ancestorNamespaces = findAncestorNs(doc, "//*[local-name()='SignedInfo']");
+
   var c14nOptions = {
@@ -454,21 +454,8 @@ ancestorNamespaces: ancestorNamespaces
     /**
-     * When canonicalization algorithm is non-exclusive, search for ancestor namespaces
-     * before validating references.
+     * Search for ancestor namespaces before validating references. Ancestor namespaces are needed
+     * even for exclusive canonicalization because they may be needed for namespaces that are on the
+     * inclusive namespace prefix list.
      */
     if(Array.isArray(ref.transforms)){
-      var hasNonExcC14nTransform = false;
-      for(var t in ref.transforms){
-        if(!ref.transforms.hasOwnProperty(t)) continue;
-        
-        if(ref.transforms[t] === "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
-        || ref.transforms[t] === "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments")
-        {
-          hasNonExcC14nTransform = true;
-          break;
-        }
-      }
-    
-      if(hasNonExcC14nTransform){
-        ref.ancestorNamespaces = findAncestorNs(doc, elemXpath);
-      }
+      ref.ancestorNamespaces = findAncestorNs(doc, elemXpath);
     }
@@ -475,0 +462,0 @@

lib/utils.js

@@ -0,0 +0,0 @@ var select = require('xpath.js');

package.json

 {
   "name": "xml-crypto",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Xml digital signature and encryption library for Node.js",
@@ -9,2 +9,5 @@ "engines": {
   "author": "Yaron Naveh <yaronn01@gmail.com> (http://webservices20.blogspot.com/)",
+  "contributors": [
+    "LoneRifle <LoneRifle@users.noreply.github.com>"
+  ],
   "dependencies": {
@@ -11,0 +14,0 @@ "xmldom": "0.1.27",

README.md

@@ -0,0 +0,0 @@ ## xml-crypto

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

74660

increased by5.96%

Lines of code

1279

increased by2.81%

No dependency changes