Thanks for the insight Jesse. Do you know of any references or examples I can use as a start point.
I apologise if I should be asking these questions in the Apache Xml mailing list. I thought it was relevant to this list because of the last param of "XSecMem" in MemBufInputSource(). Thanks again -----Original Message----- From: Jesse Pelton [mailto:[EMAIL PROTECTED] Sent: 19 August 2005 14:47 To: security-dev@xml.apache.org Subject: RE: How do I avoid creating buffers just to pass data to MemBufInputSource() You can prevent MemBufInputSource from cloning the buffer with MemBufInputSource::setCopyBufToStream(false). I think you can avoid the need for any buffers by implementing your own InputSource and BinInputStream. It looks to me like you only need to implement InputSource::makeStream(), BinInputStream::curPos(), and BinInputStream::readBytes(). > -----Original Message----- > From: Cullum, Steve [mailto:[EMAIL PROTECTED] > Sent: Friday, August 19, 2005 8:36 AM > To: security-dev@xml.apache.org > Subject: How do I avoid creating buffers just to pass data to > MemBufInputSource() > > I am using Apache sec lib inside an ISAPI filter to validate digital > sigs as they flow through our network. > > I store the raw packets as they are streamed over the network inside a > linked list and want to avoid excessive buffer copying. > Currently I walk > my list of packets, accumulate the packets into a buffer and pass this > buffer into MemBufInputSource(); which internally creates another copy > (I now have 2 temporary copies of the orignal stream). Is there > anyway I can override this behaviour to pass my custom packet linked > list into > MemBufInputSource() thus avoiding the buffer creation/copy? > > // super simple List of nodes > struct Node > { > void *data; > int len; > struct Node *next; > }; > Node *LList; > > Ideally I want to do...something akin to the following.. can this be > done? > > MemMyLinkedListInputSource *memIS = new MemMyLinkedListInputSource > ((const XMLByte *)llist, "XSECMem"); > parser.parse(*memIS); > Or > parser.parse(LList); // this is gonna be a no-no > > To explain my current situation, rough pseudo code is probably easier > to understand. > > > > > ValidateSoapXML(struct Node *rawPacketBuffer /* filled linked list of > SOAP packets */) { > > Char *buffer = BuildBufferFromAllThePacketsInList(rawPacketBuffer); > Int bufferLen = > GetBufferLenFromAllThePacketsInList(rawPacketBuffer); > > // > // parse the XML document, load in the signature field and attempt > to validate it using a copy of the > // X509 public key we create earlier from the certificate store. > // > HRESULT hr = S_FALSE; > > XercesDOMParser *parser; > > try > { > XercesDOMParser parser; // NOT new'ed .. Don't > think this is an issue > parser.setDoNamespaces(true); > parser.setCreateEntityReferenceNodes(true); > parser.setDoSchema(true); > > MemBufInputSource *memIS = new MemBufInputSource((const XMLByte > *)buffer, bufferLen, "XSECMem"); > > parser.parse(*memIS); > delete memIS; // destroy as soon as possible > > if(parser.getErrorCount() > 0) > { > OutputDebugStringF(_T("Error parsing input document\n")); > return hr; > } > > // Now create a signature object to validate the document > XSECProvider prov; > DSIGSignature *sig = > prov.newSignatureFromDOM(parser.getDocument()); > > sig->registerIdAttributeName(config.idAttributeName); > sig->registerIdAttributeNameNS(config.idAttributeNS, > config.idAttributeName); > > sig->load(); > sig->setSigningKey(X509->clonePublicKey()); > > if(sig->verify()) > { > OutputDebugStringW(_T("Signature Valid")); > hr = S_OK; // the only way to set this is if this fn() is > successfull > } > else > { > // sig->getErrMsgs() is WIDE > OutputDebugStringF(_T("Error parsing & validating document > %s\n"), > sig->getErrMsgs()); > } > } > catch(XSECException &e) // signature related errors) > { > // e.getMsg() is WIDE > OutputDebugStringW(_T("EURESWEBFILTER:An error occured during a > signature load %s\n"), e.getMsg()); > } > catch(const XMLException &e) // xml related parsing errors) > { > // e.getMessage() is WIDE > OutputDebugStringW(_T("An error occured during a xerces parsing > and loading of xml %s\n"), > } > return hr; > } > > > > > Thanks > > Steve > >
