I don't know the answer off the top of my head, and I have to leave for the day. I can say this, though: the "XSecMem" parameter in MemBufInputSource() is just a string. The appropriate place for your question is indeed on the Xerces list; I subscribe to both and didn't notice which one you'd posted to. Someone over there can probably help you out.
> -----Original Message----- > From: Cullum, Steve [mailto:[EMAIL PROTECTED] > Sent: Friday, August 19, 2005 2:46 PM > To: security-dev@xml.apache.org > Subject: RE: How do I avoid creating buffers just to pass > data to MemBufInputSource() > > Thanks for the insight Jesse. > > Do you know of any references or examples I can use as a > start point. > > I apologise if I should be asking these questions in the Apache Xml > mailing list. I thought it was relevant to this list because > of the last > param of "XSecMem" in MemBufInputSource(). > > Thanks again > > > -----Original Message----- > From: Jesse Pelton [mailto:[EMAIL PROTECTED] > Sent: 19 August 2005 14:47 > To: security-dev@xml.apache.org > Subject: RE: How do I avoid creating buffers just to pass data to > MemBufInputSource() > > You can prevent MemBufInputSource from cloning the buffer with > MemBufInputSource::setCopyBufToStream(false). > > I think you can avoid the need for any buffers by > implementing your own > InputSource and BinInputStream. It looks to me like you only need to > implement InputSource::makeStream(), BinInputStream::curPos(), and > BinInputStream::readBytes(). > > > -----Original Message----- > > From: Cullum, Steve [mailto:[EMAIL PROTECTED] > > Sent: Friday, August 19, 2005 8:36 AM > > To: security-dev@xml.apache.org > > Subject: How do I avoid creating buffers just to pass data to > > MemBufInputSource() > > > > I am using Apache sec lib inside an ISAPI filter to > validate digital > > sigs as they flow through our network. > > > > I store the raw packets as they are streamed over the > network inside a > > > linked list and want to avoid excessive buffer copying. > > Currently I walk > > my list of packets, accumulate the packets into a buffer > and pass this > > > buffer into MemBufInputSource(); which internally creates > another copy > > > (I now have 2 temporary copies of the orignal stream). Is there > > anyway I can override this behaviour to pass my custom > packet linked > > list into > > MemBufInputSource() thus avoiding the buffer creation/copy? > > > > // super simple List of nodes > > struct Node > > { > > void *data; > > int len; > > struct Node *next; > > }; > > Node *LList; > > > > Ideally I want to do...something akin to the following.. > can this be > > done? > > > > MemMyLinkedListInputSource *memIS = new > MemMyLinkedListInputSource > > ((const XMLByte *)llist, "XSECMem"); > > parser.parse(*memIS); > > Or > > parser.parse(LList); // this is gonna be a no-no > > > > To explain my current situation, rough pseudo code is > probably easier > > to understand. > > > > > > > > > > ValidateSoapXML(struct Node *rawPacketBuffer /* filled > linked list of > > SOAP packets */) { > > > > Char *buffer = > BuildBufferFromAllThePacketsInList(rawPacketBuffer); > > Int bufferLen = > > GetBufferLenFromAllThePacketsInList(rawPacketBuffer); > > > > // > > // parse the XML document, load in the signature field > and attempt > > to validate it using a copy of the > > // X509 public key we create earlier from the certificate store. > > // > > HRESULT hr = S_FALSE; > > > > XercesDOMParser *parser; > > > > try > > { > > XercesDOMParser parser; // NOT new'ed .. Don't > > think this is an issue > > parser.setDoNamespaces(true); > > parser.setCreateEntityReferenceNodes(true); > > parser.setDoSchema(true); > > > > MemBufInputSource *memIS = new MemBufInputSource((const XMLByte > > *)buffer, bufferLen, "XSECMem"); > > > > parser.parse(*memIS); > > delete memIS; // destroy as soon as possible > > > > if(parser.getErrorCount() > 0) > > { > > OutputDebugStringF(_T("Error parsing input document\n")); > > return hr; > > } > > > > // Now create a signature object to validate the document > > XSECProvider prov; > > DSIGSignature *sig = > > prov.newSignatureFromDOM(parser.getDocument()); > > > > sig->registerIdAttributeName(config.idAttributeName); > > sig->registerIdAttributeNameNS(config.idAttributeNS, > > config.idAttributeName); > > > > sig->load(); > > sig->setSigningKey(X509->clonePublicKey()); > > > > if(sig->verify()) > > { > > OutputDebugStringW(_T("Signature Valid")); > > hr = S_OK; // the only way to set this is if this fn() is > > successfull > > } > > else > > { > > // sig->getErrMsgs() is WIDE > > OutputDebugStringF(_T("Error parsing & validating document > > %s\n"), > > sig->getErrMsgs()); > > } > > } > > catch(XSECException &e) // signature related errors) > > { > > // e.getMsg() is WIDE > > OutputDebugStringW(_T("EURESWEBFILTER:An error occured during a > > signature load %s\n"), e.getMsg()); > > } > > catch(const XMLException &e) // xml related parsing errors) > > { > > // e.getMessage() is WIDE > > OutputDebugStringW(_T("An error occured during a xerces parsing > > and loading of xml %s\n"), > > } > > return hr; > > } > > > > > > > > > > Thanks > > > > Steve > > > > >
