Package org.cyclonedx.parsers

Class XmlParser

  • All Implemented Interfaces:
    Parser
    public class XmlParser
extends CycloneDxSchema
implements Parser
    XmlParser is responsible for validating and parsing CycloneDX bill-of-material XML documents and returning a Bom object.
    Since:
    3.0.0

    • Constructor Summary

      Constructors 
      Constructor Description
      XmlParser()  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private org.w3c.dom.Document createSecureDocument​(org.xml.sax.InputSource in)  
      private java.util.List<java.lang.String> extractAllNamespaceDeclarations​(org.xml.sax.InputSource in)  
      private void extractNamespaces​(org.w3c.dom.Node node, java.util.List<java.lang.String> namespaces)  
      private java.lang.String identifySchemaVersion​(org.xml.sax.InputSource in)  
      private Bom injectSchemaVersion​(Bom bom, java.lang.String schemaVersion)
      Uses reflection to set the schemaVersion field inside a Bom instance.
      boolean isValid​(byte[] bomBytes)
      Verifies a CycloneDX BOM conforms to the latest version of the specification.
      boolean isValid​(byte[] bomBytes, Version schemaVersion)
      Verifies a CycloneDX BOM conforms to the specified specification version.
      boolean isValid​(java.io.File file)
      Verifies a CycloneDX BOM conforms to the latest version of the specification.
      boolean isValid​(java.io.File file, Version schemaVersion)
      Verifies a CycloneDX BOM conforms to the specified specification version.
      boolean isValid​(java.io.InputStream inputStream)
      Verifies a CycloneDX BOM conforms to the latest version of the specification.
      boolean isValid​(java.io.InputStream inputStream, Version schemaVersion)
      Verifies a CycloneDX BOM conforms to the specified specification version.
      boolean isValid​(java.io.Reader reader)
      Verifies a CycloneDX BOM conforms to the latest version of the specification.
      boolean isValid​(java.io.Reader reader, Version schemaVersion)
      Verifies a CycloneDX BOM conforms to the specified specification version.
      Bom parse​(byte[] bomBytes)
      Parses a CycloneDX BOM.
      Bom parse​(java.io.File file)
      Parses a CycloneDX BOM.
      Bom parse​(java.io.InputStream inputStream)
      Parses a CycloneDX BOM.
      Bom parse​(java.io.Reader reader)
      Parses a CycloneDX BOM.
      java.util.List<ParseException> validate​(byte[] bomBytes)
      Validates a CycloneDX BOM.
      java.util.List<ParseException> validate​(byte[] bomBytes, Version schemaVersion)
      Validates a CycloneDX BOM conforms to a specific specification version.
      java.util.List<ParseException> validate​(java.io.File file)
      Validates a CycloneDX BOM.
      java.util.List<ParseException> validate​(java.io.File file, Version schemaVersion)
      Validates a CycloneDX BOM conforms to a specific specification version.
      java.util.List<ParseException> validate​(java.io.InputStream inputStream)
      Validates a CycloneDX BOM.
      java.util.List<ParseException> validate​(java.io.InputStream inputStream, Version schemaVersion)
      Validates a CycloneDX BOM conforms to a specific specification version.
      java.util.List<ParseException> validate​(java.io.Reader reader)
      Validates a CycloneDX BOM.
      java.util.List<ParseException> validate​(java.io.Reader reader, Version schemaVersion)
      Validates a CycloneDX BOM conforms to a specific specification version.
      java.util.List<ParseException> validate​(javax.xml.transform.Source source, Version schemaVersion)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • mapper

        private final com.fasterxml.jackson.databind.ObjectMapper mapper

      • NAMESPACE_TO_VERSION_MAP

        private static final java.util.Map<java.lang.String,​java.lang.String> NAMESPACE_TO_VERSION_MAP

    • Constructor Detail

      • XmlParser

        public XmlParser()

    • Method Detail

      • parse

        public Bom parse​(java.io.File file)
          throws ParseException
        Parses a CycloneDX BOM.
        Specified by:
        parse in interface Parser
        Parameters:
        file - a File to parse
        Returns:
        a Bom object
        Throws:
        ParseException - when errors are encountered

      • parse

        public Bom parse​(byte[] bomBytes)
          throws ParseException
        Parses a CycloneDX BOM.
        Specified by:
        parse in interface Parser
        Parameters:
        bomBytes - the byte array to parse
        Returns:
        a Bom object
        Throws:
        ParseException - when errors are encountered

      • parse

        public Bom parse​(java.io.InputStream inputStream)
          throws ParseException
        Parses a CycloneDX BOM.
        Specified by:
        parse in interface Parser
        Parameters:
        inputStream - the InputStream from which to parse
        Returns:
        a Bom object
        Throws:
        ParseException - when errors are encountered

      • parse

        public Bom parse​(java.io.Reader reader)
          throws ParseException
        Parses a CycloneDX BOM.
        Specified by:
        parse in interface Parser
        Parameters:
        reader - the Reader from which to parse
        Returns:
        a Bom object
        Throws:
        ParseException - when errors are encountered

      • injectSchemaVersion

        private Bom injectSchemaVersion​(Bom bom,
                                java.lang.String schemaVersion)
        Uses reflection to set the schemaVersion field inside a Bom instance. The schemaVersion is 'not user serviceable' so no methods for setting it are provided, other than the constructor, which xstream does not use.
        Parameters:
        bom - the Bom to set the schemaVersion for
        schemaVersion - the value of the schema version
        Returns:
        the updated Bom
        Since:
        3.0.0

      • validate

        public java.util.List<ParseException> validate​(java.io.File file)
                                        throws java.io.IOException
        Validates a CycloneDX BOM.
        Specified by:
        validate in interface Parser
        Parameters:
        file - the CycloneDX BOM file to validate
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(java.io.File file,
                                               Version schemaVersion)
                                        throws java.io.IOException
        Validates a CycloneDX BOM conforms to a specific specification version.
        Specified by:
        validate in interface Parser
        Parameters:
        file - the CycloneDX BOM file to validate
        schemaVersion - the schema version to validate against
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(byte[] bomBytes)
                                        throws java.io.IOException
        Validates a CycloneDX BOM.
        Specified by:
        validate in interface Parser
        Parameters:
        bomBytes - the byte array to validate
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(byte[] bomBytes,
                                               Version schemaVersion)
                                        throws java.io.IOException
        Validates a CycloneDX BOM conforms to a specific specification version.
        Specified by:
        validate in interface Parser
        Parameters:
        bomBytes - the byte array to validate
        schemaVersion - the schema version to validate against
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(java.io.Reader reader)
                                        throws java.io.IOException
        Validates a CycloneDX BOM.
        Specified by:
        validate in interface Parser
        Parameters:
        reader - the Reader from which to parse
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(java.io.Reader reader,
                                               Version schemaVersion)
                                        throws java.io.IOException
        Validates a CycloneDX BOM conforms to a specific specification version.
        Specified by:
        validate in interface Parser
        Parameters:
        reader - the Reader from which to parse
        schemaVersion - the schema version to validate against
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(java.io.InputStream inputStream)
                                        throws java.io.IOException
        Validates a CycloneDX BOM.
        Specified by:
        validate in interface Parser
        Parameters:
        inputStream - the InputStream from which to validate
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(java.io.InputStream inputStream,
                                               Version schemaVersion)
                                        throws java.io.IOException
        Validates a CycloneDX BOM conforms to a specific specification version.
        Specified by:
        validate in interface Parser
        Parameters:
        inputStream - the InputStream from which to validate
        schemaVersion - the schema version to validate against
        Returns:
        a List of ParseException. If the size of the list is 0, validation was successful
        Throws:
        java.io.IOException - when errors are encountered

      • validate

        public java.util.List<ParseException> validate​(javax.xml.transform.Source source,
                                               Version schemaVersion)
                                        throws java.io.IOException
        Throws:
        java.io.IOException

      • isValid

        public boolean isValid​(java.io.File file)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the latest version of the specification.
        Specified by:
        isValid in interface Parser
        Parameters:
        file - the CycloneDX BOM file to validate
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • isValid

        public boolean isValid​(java.io.File file,
                       Version schemaVersion)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the specified specification version.
        Specified by:
        isValid in interface Parser
        Parameters:
        file - the CycloneDX BOM file to validate
        schemaVersion - the schema version to validate against
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • isValid

        public boolean isValid​(byte[] bomBytes)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the latest version of the specification.
        Specified by:
        isValid in interface Parser
        Parameters:
        bomBytes - the byte array to validate
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • isValid

        public boolean isValid​(byte[] bomBytes,
                       Version schemaVersion)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the specified specification version.
        Specified by:
        isValid in interface Parser
        Parameters:
        bomBytes - the byte array to validate
        schemaVersion - the schema version to validate against
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • isValid

        public boolean isValid​(java.io.Reader reader)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the latest version of the specification.
        Specified by:
        isValid in interface Parser
        Parameters:
        reader - the Reader from which to validate
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • isValid

        public boolean isValid​(java.io.Reader reader,
                       Version schemaVersion)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the specified specification version.
        Specified by:
        isValid in interface Parser
        Parameters:
        reader - the Reader from which to validate
        schemaVersion - the schema version to validate against
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • isValid

        public boolean isValid​(java.io.InputStream inputStream)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the latest version of the specification.
        Specified by:
        isValid in interface Parser
        Parameters:
        inputStream - the InputStream from which to validate
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • isValid

        public boolean isValid​(java.io.InputStream inputStream,
                       Version schemaVersion)
                throws java.io.IOException
        Verifies a CycloneDX BOM conforms to the specified specification version.
        Specified by:
        isValid in interface Parser
        Parameters:
        inputStream - the InputStream from which to validate
        schemaVersion - the schema version to validate against
        Returns:
        true if the file is a valid BOM, false if not
        Throws:
        java.io.IOException - when errors are encountered

      • identifySchemaVersion

        private java.lang.String identifySchemaVersion​(org.xml.sax.InputSource in)
                                        throws javax.xml.parsers.ParserConfigurationException,
                                               java.io.IOException,
                                               org.xml.sax.SAXException
        Throws:
        javax.xml.parsers.ParserConfigurationException
        java.io.IOException
        org.xml.sax.SAXException

      • extractAllNamespaceDeclarations

        private java.util.List<java.lang.String> extractAllNamespaceDeclarations​(org.xml.sax.InputSource in)
                                                                  throws javax.xml.parsers.ParserConfigurationException,
                                                                         java.io.IOException,
                                                                         org.xml.sax.SAXException
        Throws:
        javax.xml.parsers.ParserConfigurationException
        java.io.IOException
        org.xml.sax.SAXException

      • extractNamespaces

        private void extractNamespaces​(org.w3c.dom.Node node,
                               java.util.List<java.lang.String> namespaces)

      • createSecureDocument

        private org.w3c.dom.Document createSecureDocument​(org.xml.sax.InputSource in)
                                           throws javax.xml.parsers.ParserConfigurationException,
                                                  java.io.IOException,
                                                  org.xml.sax.SAXException
        Throws:
        javax.xml.parsers.ParserConfigurationException
        java.io.IOException
        org.xml.sax.SAXException