/**
* String constructor should only be used for easy writing JUnit testes.
*
* @param xpath
* @param signedElement
* @param payloadElement
* @param schemaAnalyser
*/
public XPathAnalyser(
String xpath,
SignedElement signedElement,
PayloadElement payloadElement,
SchemaAnalyzer schemaAnalyser) {
this.xpath = new AbsoluteLocationPath(xpath);
this.weaknesses =
xpathWeaknessFactory.generate(this.xpath, signedElement, payloadElement, schemaAnalyser);
// calculate number of possibilities
maxPossibilites = 0;
for (XPathWeaknessInterface w : weaknesses) {
maxPossibilites += w.getNumberOfPossibilities();
}
}
/**
* Applies an XPath weakness. Both Elements are part of the same Document, which will be modified.
*
* @param possibility : Index of the weakness to abuse.
* @param signedElement : the signed element
* @param payloadElement : the payload element (must be in the same Document as the signed
* element)
* @throws InvalidWeaknessException
*/
public void abuseWeakness(
int possibility, SignedElement signedElement, PayloadElement payloadElement)
throws InvalidWeaknessException {
if (possibility >= maxPossibilites) {
return; // invalid possibility
}
for (int i = 0; i < weaknesses.size(); ++i) {
XPathWeaknessInterface w = weaknesses.get(i);
int num = w.getNumberOfPossibilities();
if (possibility < num) {
w.abuseWeakness(possibility, signedElement, payloadElement);
return;
}
possibility -= num;
}
}