author | weijun |
Tue, 19 Jun 2018 08:06:35 +0800 | |
changeset 50614 | 3810c9a2efa1 |
parent 47216 | 71c04702a3d5 |
child 54731 | 81de17a33575 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
2 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
21 |
* under the License. |
2 | 22 |
*/ |
23 |
package com.sun.org.apache.xml.internal.security.signature; |
|
24 |
||
25 |
import java.io.IOException; |
|
26 |
import java.io.OutputStream; |
|
27 |
import java.security.Key; |
|
28 |
import java.security.PublicKey; |
|
29 |
import java.security.cert.X509Certificate; |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
30 |
import java.util.Base64; |
2 | 31 |
|
32 |
import javax.crypto.SecretKey; |
|
33 |
||
34 |
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm; |
|
35 |
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; |
|
36 |
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; |
|
37 |
import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException; |
|
38 |
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; |
|
39 |
import com.sun.org.apache.xml.internal.security.keys.KeyInfo; |
|
40 |
import com.sun.org.apache.xml.internal.security.keys.content.X509Data; |
|
41 |
import com.sun.org.apache.xml.internal.security.transforms.Transforms; |
|
42 |
import com.sun.org.apache.xml.internal.security.utils.Constants; |
|
43 |
import com.sun.org.apache.xml.internal.security.utils.I18n; |
|
44 |
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; |
|
45 |
import com.sun.org.apache.xml.internal.security.utils.SignerOutputStream; |
|
46 |
import com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream; |
|
47 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
|
48 |
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver; |
|
49 |
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi; |
|
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
50 |
import org.w3c.dom.Attr; |
2 | 51 |
import org.w3c.dom.Document; |
52 |
import org.w3c.dom.Element; |
|
53 |
import org.w3c.dom.Node; |
|
54 |
import org.w3c.dom.Text; |
|
55 |
||
56 |
/** |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
57 |
* Handles {@code <ds:Signature>} elements. |
2 | 58 |
* This is the main class that deals with creating and verifying signatures. |
59 |
* |
|
60 |
* <p>There are 2 types of constructors for this class. The ones that take a |
|
61 |
* document, baseURI and 1 or more Java Objects. This is mostly used for |
|
62 |
* signing purposes. |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
63 |
* The other constructor is the one that takes a DOM Element and a baseURI. |
2 | 64 |
* This is used mostly with for verifying, when you have a SignatureElement. |
65 |
* |
|
66 |
* There are a few different types of methods: |
|
67 |
* <ul><li>The addDocument* methods are used to add References with optional |
|
68 |
* transforms during signing. </li> |
|
69 |
* <li>addKeyInfo* methods are to add Certificates and Keys to the |
|
70 |
* KeyInfo tags during signing. </li> |
|
71 |
* <li>appendObject allows a user to add any XML Structure as an |
|
72 |
* ObjectContainer during signing.</li> |
|
73 |
* <li>sign and checkSignatureValue methods are used to sign and validate the |
|
74 |
* signature. </li></ul> |
|
75 |
*/ |
|
76 |
public final class XMLSignature extends SignatureElementProxy { |
|
77 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
78 |
/** MAC - Required HMAC-SHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
79 |
public static final String ALGO_ID_MAC_HMAC_SHA1 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
80 |
Constants.SignatureSpecNS + "hmac-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
81 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
82 |
/** Signature - Required DSAwithSHA1 (DSS) */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
83 |
public static final String ALGO_ID_SIGNATURE_DSA = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
84 |
Constants.SignatureSpecNS + "dsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
85 |
|
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
86 |
/** Signature - Optional DSAwithSHA256 */ |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
87 |
public static final String ALGO_ID_SIGNATURE_DSA_SHA256 = |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
88 |
Constants.SignatureSpec11NS + "dsa-sha256"; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
89 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
90 |
/** Signature - Recommended RSAwithSHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
91 |
public static final String ALGO_ID_SIGNATURE_RSA = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
92 |
Constants.SignatureSpecNS + "rsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
93 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
94 |
/** Signature - Recommended RSAwithSHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
95 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA1 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
96 |
Constants.SignatureSpecNS + "rsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
97 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
98 |
/** Signature - NOT Recommended RSAwithMD5 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
99 |
public static final String ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
100 |
Constants.MoreAlgorithmsSpecNS + "rsa-md5"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
101 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
102 |
/** Signature - Optional RSAwithRIPEMD160 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
103 |
public static final String ALGO_ID_SIGNATURE_RSA_RIPEMD160 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
104 |
Constants.MoreAlgorithmsSpecNS + "rsa-ripemd160"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
105 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
106 |
/** Signature - Optional RSAwithSHA224 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
107 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA224 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
108 |
Constants.MoreAlgorithmsSpecNS + "rsa-sha224"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
109 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
110 |
/** Signature - Optional RSAwithSHA256 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
111 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA256 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
112 |
Constants.MoreAlgorithmsSpecNS + "rsa-sha256"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
113 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
114 |
/** Signature - Optional RSAwithSHA384 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
115 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA384 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
116 |
Constants.MoreAlgorithmsSpecNS + "rsa-sha384"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
117 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
118 |
/** Signature - Optional RSAwithSHA512 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
119 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA512 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
120 |
Constants.MoreAlgorithmsSpecNS + "rsa-sha512"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
121 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
122 |
/** Signature - Optional RSAwithSHA1andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
123 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA1_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
124 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha1-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
125 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
126 |
/** Signature - Optional RSAwithSHA224andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
127 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA224_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
128 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha224-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
129 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
130 |
/** Signature - Optional RSAwithSHA256andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
131 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA256_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
132 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha256-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
133 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
134 |
/** Signature - Optional RSAwithSHA384andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
135 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA384_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
136 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha384-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
137 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
138 |
/** Signature - Optional RSAwithSHA512andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
139 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA512_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
140 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha512-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
141 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
142 |
/** Signature - Optional RSAwithSHA3_224andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
143 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
144 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-224-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
145 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
146 |
/** Signature - Optional RSAwithSHA3_256andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
147 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
148 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-256-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
149 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
150 |
/** Signature - Optional RSAwithSHA3_384andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
151 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
152 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-384-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
153 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
154 |
/** Signature - Optional RSAwithSHA3_512andMGF1 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
155 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
156 |
Constants.XML_DSIG_NS_MORE_07_05 + "sha3-512-rsa-MGF1"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
157 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
158 |
/** HMAC - NOT Recommended HMAC-MD5 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
159 |
public static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
160 |
Constants.MoreAlgorithmsSpecNS + "hmac-md5"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
161 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
162 |
/** HMAC - Optional HMAC-RIPEMD160 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
163 |
public static final String ALGO_ID_MAC_HMAC_RIPEMD160 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
164 |
Constants.MoreAlgorithmsSpecNS + "hmac-ripemd160"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
165 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
166 |
/** HMAC - Optional HMAC-SHA2224 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
167 |
public static final String ALGO_ID_MAC_HMAC_SHA224 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
168 |
Constants.MoreAlgorithmsSpecNS + "hmac-sha224"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
169 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
170 |
/** HMAC - Optional HMAC-SHA256 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
171 |
public static final String ALGO_ID_MAC_HMAC_SHA256 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
172 |
Constants.MoreAlgorithmsSpecNS + "hmac-sha256"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
173 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
174 |
/** HMAC - Optional HMAC-SHA284 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
175 |
public static final String ALGO_ID_MAC_HMAC_SHA384 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
176 |
Constants.MoreAlgorithmsSpecNS + "hmac-sha384"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
177 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
178 |
/** HMAC - Optional HMAC-SHA512 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
179 |
public static final String ALGO_ID_MAC_HMAC_SHA512 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
180 |
Constants.MoreAlgorithmsSpecNS + "hmac-sha512"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
181 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
182 |
/**Signature - Optional ECDSAwithSHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
183 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
184 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
185 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
186 |
/**Signature - Optional ECDSAwithSHA224 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
187 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA224 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
188 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
189 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
190 |
/**Signature - Optional ECDSAwithSHA256 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
191 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA256 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
192 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
193 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
194 |
/**Signature - Optional ECDSAwithSHA384 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
195 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA384 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
196 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
197 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
198 |
/**Signature - Optional ECDSAwithSHA512 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
199 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA512 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
200 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
201 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
202 |
/**Signature - Optional ECDSAwithRIPEMD160 */ |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
203 |
public static final String ALGO_ID_SIGNATURE_ECDSA_RIPEMD160 = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
204 |
"http://www.w3.org/2007/05/xmldsig-more#ecdsa-ripemd160"; |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
205 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
206 |
private static final com.sun.org.slf4j.internal.Logger LOG = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
207 |
com.sun.org.slf4j.internal.LoggerFactory.getLogger(XMLSignature.class); |
2 | 208 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
209 |
/** ds:Signature.ds:SignedInfo element */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
210 |
private SignedInfo signedInfo; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
211 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
212 |
/** ds:Signature.ds:KeyInfo */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
213 |
private KeyInfo keyInfo; |
2 | 214 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
215 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
216 |
* Checking the digests in References in a Signature are mandatory, but for |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
217 |
* References inside a Manifest it is application specific. This boolean is |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
218 |
* to indicate that the References inside Manifests should be validated. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
219 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
220 |
private boolean followManifestsDuringValidation = false; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
221 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
222 |
private Element signatureValueElement; |
2 | 223 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
224 |
private static final int MODE_SIGN = 0; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
225 |
private static final int MODE_VERIFY = 1; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
226 |
private int state = MODE_SIGN; |
2 | 227 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
228 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
229 |
* This creates a new {@code ds:Signature} Element and adds an empty |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
230 |
* {@code ds:SignedInfo}. |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
231 |
* The {@code ds:SignedInfo} is initialized with the specified Signature |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
232 |
* algorithm and Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS which is REQUIRED |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
233 |
* by the spec. This method's main use is for creating a new signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
234 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
235 |
* @param doc Document in which the signature will be appended after creation. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
236 |
* @param baseURI URI to be used as context for all relative URIs. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
237 |
* @param signatureMethodURI signature algorithm to use. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
238 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
239 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
240 |
public XMLSignature(Document doc, String baseURI, String signatureMethodURI) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
241 |
throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
242 |
this(doc, baseURI, signatureMethodURI, 0, Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
243 |
} |
1337 | 244 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
245 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
246 |
* Constructor XMLSignature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
247 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
248 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
249 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
250 |
* @param signatureMethodURI the Signature method to be used. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
251 |
* @param hmacOutputLength |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
252 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
253 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
254 |
public XMLSignature(Document doc, String baseURI, String signatureMethodURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
255 |
int hmacOutputLength) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
256 |
this( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
257 |
doc, baseURI, signatureMethodURI, hmacOutputLength, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
258 |
Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
259 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
260 |
} |
1337 | 261 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
262 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
263 |
* Constructor XMLSignature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
264 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
265 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
266 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
267 |
* @param signatureMethodURI the Signature method to be used. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
268 |
* @param canonicalizationMethodURI the canonicalization algorithm to be |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
269 |
* used to c14nize the SignedInfo element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
270 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
271 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
272 |
public XMLSignature( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
273 |
Document doc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
274 |
String baseURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
275 |
String signatureMethodURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
276 |
String canonicalizationMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
277 |
) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
278 |
this(doc, baseURI, signatureMethodURI, 0, canonicalizationMethodURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
279 |
} |
2 | 280 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
281 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
282 |
* Constructor XMLSignature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
283 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
284 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
285 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
286 |
* @param signatureMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
287 |
* @param hmacOutputLength |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
288 |
* @param canonicalizationMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
289 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
290 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
291 |
public XMLSignature( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
292 |
Document doc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
293 |
String baseURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
294 |
String signatureMethodURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
295 |
int hmacOutputLength, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
296 |
String canonicalizationMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
297 |
) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
298 |
super(doc); |
2 | 299 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
300 |
String xmlnsDsPrefix = getDefaultPrefix(Constants.SignatureSpecNS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
301 |
if (xmlnsDsPrefix == null || xmlnsDsPrefix.length() == 0) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
302 |
getElement().setAttributeNS( |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
303 |
Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
304 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
305 |
} else { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
306 |
getElement().setAttributeNS( |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
307 |
Constants.NamespaceSpecNS, "xmlns:" + xmlnsDsPrefix, Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
308 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
309 |
} |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
310 |
addReturnToSelf(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
311 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
312 |
this.baseURI = baseURI; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
313 |
this.signedInfo = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
314 |
new SignedInfo( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
315 |
getDocument(), signatureMethodURI, hmacOutputLength, canonicalizationMethodURI |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
316 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
317 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
318 |
appendSelf(this.signedInfo); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
319 |
addReturnToSelf(); |
2 | 320 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
321 |
// create an empty SignatureValue; this is filled by setSignatureValueElement |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
322 |
signatureValueElement = |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
323 |
XMLUtils.createElementInSignatureSpace(getDocument(), Constants._TAG_SIGNATUREVALUE); |
2 | 324 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
325 |
appendSelf(signatureValueElement); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
326 |
addReturnToSelf(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
327 |
} |
2 | 328 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
329 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
330 |
* Creates a XMLSignature in a Document |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
331 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
332 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
333 |
* @param SignatureMethodElem |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
334 |
* @param CanonicalizationMethodElem |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
335 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
336 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
337 |
public XMLSignature( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
338 |
Document doc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
339 |
String baseURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
340 |
Element SignatureMethodElem, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
341 |
Element CanonicalizationMethodElem |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
342 |
) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
343 |
super(doc); |
2 | 344 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
345 |
String xmlnsDsPrefix = getDefaultPrefix(Constants.SignatureSpecNS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
346 |
if (xmlnsDsPrefix == null || xmlnsDsPrefix.length() == 0) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
347 |
getElement().setAttributeNS( |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
348 |
Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
349 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
350 |
} else { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
351 |
getElement().setAttributeNS( |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
352 |
Constants.NamespaceSpecNS, "xmlns:" + xmlnsDsPrefix, Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
353 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
354 |
} |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
355 |
addReturnToSelf(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
356 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
357 |
this.baseURI = baseURI; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
358 |
this.signedInfo = |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
359 |
new SignedInfo(getDocument(), SignatureMethodElem, CanonicalizationMethodElem); |
2 | 360 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
361 |
appendSelf(this.signedInfo); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
362 |
addReturnToSelf(); |
2 | 363 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
364 |
// create an empty SignatureValue; this is filled by setSignatureValueElement |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
365 |
signatureValueElement = |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
366 |
XMLUtils.createElementInSignatureSpace(getDocument(), Constants._TAG_SIGNATUREVALUE); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
367 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
368 |
appendSelf(signatureValueElement); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
369 |
addReturnToSelf(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
370 |
} |
2 | 371 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
372 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
373 |
* This will parse the element and construct the Java Objects. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
374 |
* That will allow a user to validate the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
375 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
376 |
* @param element ds:Signature element that contains the whole signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
377 |
* @param baseURI URI to be prepended to all relative URIs |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
378 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
379 |
* @throws XMLSignatureException if the signature is badly formatted |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
380 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
381 |
public XMLSignature(Element element, String baseURI) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
382 |
throws XMLSignatureException, XMLSecurityException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
383 |
this(element, baseURI, true); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
384 |
} |
2 | 385 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
386 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
387 |
* This will parse the element and construct the Java Objects. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
388 |
* That will allow a user to validate the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
389 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
390 |
* @param element ds:Signature element that contains the whole signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
391 |
* @param baseURI URI to be prepended to all relative URIs |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
392 |
* @param secureValidation whether secure secureValidation is enabled or not |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
393 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
394 |
* @throws XMLSignatureException if the signature is badly formatted |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
395 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
396 |
public XMLSignature(Element element, String baseURI, boolean secureValidation) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
397 |
throws XMLSignatureException, XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
398 |
super(element, baseURI); |
2 | 399 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
400 |
// check out SignedInfo child |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
401 |
Element signedInfoElem = XMLUtils.getNextElement(element.getFirstChild()); |
2 | 402 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
403 |
// check to see if it is there |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
404 |
if (signedInfoElem == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
405 |
Object exArgs[] = { Constants._TAG_SIGNEDINFO, Constants._TAG_SIGNATURE }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
406 |
throw new XMLSignatureException("xml.WrongContent", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
407 |
} |
2 | 408 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
409 |
// create a SignedInfo object from that element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
410 |
this.signedInfo = new SignedInfo(signedInfoElem, baseURI, secureValidation); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
411 |
// get signedInfoElem again in case it has changed |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
412 |
signedInfoElem = XMLUtils.getNextElement(element.getFirstChild()); |
2 | 413 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
414 |
// check out SignatureValue child |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
415 |
this.signatureValueElement = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
416 |
XMLUtils.getNextElement(signedInfoElem.getNextSibling()); |
2 | 417 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
418 |
// check to see if it exists |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
419 |
if (signatureValueElement == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
420 |
Object exArgs[] = { Constants._TAG_SIGNATUREVALUE, Constants._TAG_SIGNATURE }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
421 |
throw new XMLSignatureException("xml.WrongContent", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
422 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
423 |
Attr signatureValueAttr = signatureValueElement.getAttributeNodeNS(null, "Id"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
424 |
if (signatureValueAttr != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
425 |
signatureValueElement.setIdAttributeNode(signatureValueAttr, true); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
426 |
} |
2 | 427 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
428 |
// <element ref="ds:KeyInfo" minOccurs="0"/> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
429 |
Element keyInfoElem = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
430 |
XMLUtils.getNextElement(signatureValueElement.getNextSibling()); |
2 | 431 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
432 |
// If it exists use it, but it's not mandatory |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
433 |
if (keyInfoElem != null |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
434 |
&& Constants.SignatureSpecNS.equals(keyInfoElem.getNamespaceURI()) |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
435 |
&& Constants._TAG_KEYINFO.equals(keyInfoElem.getLocalName())) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
436 |
this.keyInfo = new KeyInfo(keyInfoElem, baseURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
437 |
this.keyInfo.setSecureValidation(secureValidation); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
438 |
} |
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
439 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
440 |
// <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
441 |
Element objectElem = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
442 |
XMLUtils.getNextElement(signatureValueElement.getNextSibling()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
443 |
while (objectElem != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
444 |
Attr objectAttr = objectElem.getAttributeNodeNS(null, "Id"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
445 |
if (objectAttr != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
446 |
objectElem.setIdAttributeNode(objectAttr, true); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
447 |
} |
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
448 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
449 |
Node firstChild = objectElem.getFirstChild(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
450 |
// Register Ids of the Object child elements |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
451 |
while (firstChild != null) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
452 |
if (firstChild.getNodeType() == Node.ELEMENT_NODE) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
453 |
Element childElem = (Element)firstChild; |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
454 |
String tag = childElem.getLocalName(); |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
455 |
if ("Manifest".equals(tag)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
456 |
new Manifest(childElem, baseURI); |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
457 |
} else if ("SignatureProperties".equals(tag)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
458 |
new SignatureProperties(childElem, baseURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
459 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
460 |
} |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
461 |
firstChild = firstChild.getNextSibling(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
462 |
} |
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
463 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
464 |
objectElem = XMLUtils.getNextElement(objectElem.getNextSibling()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
465 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
466 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
467 |
this.state = MODE_VERIFY; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
468 |
} |
2 | 469 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
470 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
471 |
* Sets the {@code Id} attribute |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
472 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
473 |
* @param id Id value for the id attribute on the Signature Element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
474 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
475 |
public void setId(String id) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
476 |
if (id != null) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
477 |
setLocalIdAttribute(Constants._ATT_ID, id); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
478 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
479 |
} |
2 | 480 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
481 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
482 |
* Returns the {@code Id} attribute |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
483 |
* |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
484 |
* @return the {@code Id} attribute |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
485 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
486 |
public String getId() { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
487 |
return getLocalAttribute(Constants._ATT_ID); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
488 |
} |
2 | 489 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
490 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
491 |
* Returns the completely parsed {@code SignedInfo} object. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
492 |
* |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
493 |
* @return the completely parsed {@code SignedInfo} object. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
494 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
495 |
public SignedInfo getSignedInfo() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
496 |
return this.signedInfo; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
497 |
} |
2 | 498 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
499 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
500 |
* Returns the octet value of the SignatureValue element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
501 |
* Throws an XMLSignatureException if it has no or wrong content. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
502 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
503 |
* @return the value of the SignatureValue element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
504 |
* @throws XMLSignatureException If there is no content |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
505 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
506 |
public byte[] getSignatureValue() throws XMLSignatureException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
507 |
String content = XMLUtils.getFullTextChildrenFromElement(signatureValueElement); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
508 |
return Base64.getMimeDecoder().decode(content); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
509 |
} |
2 | 510 |
|
1337 | 511 |
/** |
512 |
* Base64 encodes and sets the bytes as the content of the SignatureValue |
|
513 |
* Node. |
|
514 |
* |
|
515 |
* @param bytes bytes to be used by SignatureValue before Base64 encoding |
|
516 |
*/ |
|
517 |
private void setSignatureValueElement(byte[] bytes) { |
|
2 | 518 |
|
1337 | 519 |
while (signatureValueElement.hasChildNodes()) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
520 |
signatureValueElement.removeChild(signatureValueElement.getFirstChild()); |
1337 | 521 |
} |
2 | 522 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
523 |
String base64codedValue = Base64.getMimeEncoder().encodeToString(bytes); |
2 | 524 |
|
1337 | 525 |
if (base64codedValue.length() > 76 && !XMLUtils.ignoreLineBreaks()) { |
2 | 526 |
base64codedValue = "\n" + base64codedValue + "\n"; |
1337 | 527 |
} |
2 | 528 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
529 |
Text t = createText(base64codedValue); |
1337 | 530 |
signatureValueElement.appendChild(t); |
531 |
} |
|
2 | 532 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
533 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
534 |
* Returns the KeyInfo child. If we are in signing mode and the KeyInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
535 |
* does not exist yet, it is created on demand and added to the Signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
536 |
* <br> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
537 |
* This allows to add arbitrary content to the KeyInfo during signing. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
538 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
539 |
* @return the KeyInfo object |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
540 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
541 |
public KeyInfo getKeyInfo() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
542 |
// check to see if we are signing and if we have to create a keyinfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
543 |
if (this.state == MODE_SIGN && this.keyInfo == null) { |
2 | 544 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
545 |
// create the KeyInfo |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
546 |
this.keyInfo = new KeyInfo(getDocument()); |
2 | 547 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
548 |
// get the Element from KeyInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
549 |
Element keyInfoElement = this.keyInfo.getElement(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
550 |
Element firstObject = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
551 |
XMLUtils.selectDsNode( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
552 |
getElement().getFirstChild(), Constants._TAG_OBJECT, 0 |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
553 |
); |
2 | 554 |
|
555 |
if (firstObject != null) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
556 |
// add it before the object |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
557 |
getElement().insertBefore(keyInfoElement, firstObject); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
558 |
XMLUtils.addReturnBeforeChild(getElement(), firstObject); |
2 | 559 |
} else { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
560 |
// add it as the last element to the signature |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
561 |
appendSelf(keyInfoElement); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
562 |
addReturnToSelf(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
563 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
564 |
} |
2 | 565 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
566 |
return this.keyInfo; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
567 |
} |
2 | 568 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
569 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
570 |
* Appends an Object (not a {@code java.lang.Object} but an Object |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
571 |
* element) to the Signature. Please note that this is only possible |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
572 |
* when signing. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
573 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
574 |
* @param object ds:Object to be appended. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
575 |
* @throws XMLSignatureException When this object is used to verify. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
576 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
577 |
public void appendObject(ObjectContainer object) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
578 |
//try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
579 |
//if (this.state != MODE_SIGN) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
580 |
// throw new XMLSignatureException( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
581 |
// "signature.operationOnlyBeforeSign"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
582 |
//} |
2 | 583 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
584 |
appendSelf(object); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
585 |
addReturnToSelf(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
586 |
//} catch (XMLSecurityException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
587 |
// throw new XMLSignatureException(ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
588 |
//} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
589 |
} |
2 | 590 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
591 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
592 |
* Returns the {@code i}th {@code ds:Object} child of the signature |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
593 |
* or null if no such {@code ds:Object} element exists. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
594 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
595 |
* @param i |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
596 |
* @return the {@code i}th {@code ds:Object} child of the signature |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
597 |
* or null if no such {@code ds:Object} element exists. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
598 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
599 |
public ObjectContainer getObjectItem(int i) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
600 |
Element objElem = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
601 |
XMLUtils.selectDsNode( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
602 |
getFirstChild(), Constants._TAG_OBJECT, i |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
603 |
); |
2 | 604 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
605 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
606 |
return new ObjectContainer(objElem, this.baseURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
607 |
} catch (XMLSecurityException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
608 |
return null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
609 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
610 |
} |
2 | 611 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
612 |
/** |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
613 |
* Returns the number of all {@code ds:Object} elements. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
614 |
* |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
615 |
* @return the number of all {@code ds:Object} elements. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
616 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
617 |
public int getObjectLength() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
618 |
return this.length(Constants.SignatureSpecNS, Constants._TAG_OBJECT); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
619 |
} |
2 | 620 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
621 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
622 |
* Digests all References in the SignedInfo, calculates the signature value |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
623 |
* and sets it in the SignatureValue Element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
624 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
625 |
* @param signingKey the {@link java.security.PrivateKey} or |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
626 |
* {@link javax.crypto.SecretKey} that is used to sign. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
627 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
628 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
629 |
public void sign(Key signingKey) throws XMLSignatureException { |
2 | 630 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
631 |
if (signingKey instanceof PublicKey) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
632 |
throw new IllegalArgumentException( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
633 |
I18n.translate("algorithms.operationOnlyVerification") |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
634 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
635 |
} |
2 | 636 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
637 |
//Create a SignatureAlgorithm object |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
638 |
SignedInfo si = this.getSignedInfo(); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
639 |
SignatureAlgorithm sa = si.getSignatureAlgorithm(); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
640 |
try (SignerOutputStream output = new SignerOutputStream(sa); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
641 |
OutputStream so = new UnsyncBufferedOutputStream(output)) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
642 |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
643 |
// generate digest values for all References in this SignedInfo |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
644 |
si.generateDigestValues(); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
645 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
646 |
// initialize SignatureAlgorithm for signing |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
647 |
sa.initSign(signingKey); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
648 |
|
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
649 |
// get the canonicalized bytes from SignedInfo |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
650 |
si.signInOctetStream(so); |
2 | 651 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
652 |
// set them on the SignatureValue element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
653 |
this.setSignatureValueElement(sa.sign()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
654 |
} catch (XMLSignatureException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
655 |
throw ex; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
656 |
} catch (CanonicalizationException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
657 |
throw new XMLSignatureException(ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
658 |
} catch (InvalidCanonicalizerException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
659 |
throw new XMLSignatureException(ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
660 |
} catch (XMLSecurityException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
661 |
throw new XMLSignatureException(ex); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
662 |
} catch (IOException ex) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
663 |
throw new XMLSignatureException(ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
664 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
665 |
} |
2 | 666 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
667 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
668 |
* Adds a {@link ResourceResolver} to enable the retrieval of resources. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
669 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
670 |
* @param resolver |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
671 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
672 |
public void addResourceResolver(ResourceResolver resolver) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
673 |
this.getSignedInfo().addResourceResolver(resolver); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
674 |
} |
2 | 675 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
676 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
677 |
* Adds a {@link ResourceResolverSpi} to enable the retrieval of resources. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
678 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
679 |
* @param resolver |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
680 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
681 |
public void addResourceResolver(ResourceResolverSpi resolver) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
682 |
this.getSignedInfo().addResourceResolver(resolver); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
683 |
} |
2 | 684 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
685 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
686 |
* Extracts the public key from the certificate and verifies if the signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
687 |
* is valid by re-digesting all References, comparing those against the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
688 |
* stored DigestValues and then checking to see if the Signatures match on |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
689 |
* the SignedInfo. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
690 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
691 |
* @param cert Certificate that contains the public key part of the keypair |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
692 |
* that was used to sign. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
693 |
* @return true if the signature is valid, false otherwise |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
694 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
695 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
696 |
public boolean checkSignatureValue(X509Certificate cert) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
697 |
throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
698 |
// see if cert is null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
699 |
if (cert != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
700 |
// check the values with the public key from the cert |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
701 |
return this.checkSignatureValue(cert.getPublicKey()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
702 |
} |
2 | 703 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
704 |
Object exArgs[] = { "Didn't get a certificate" }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
705 |
throw new XMLSignatureException("empty", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
706 |
} |
2 | 707 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
708 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
709 |
* Verifies if the signature is valid by redigesting all References, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
710 |
* comparing those against the stored DigestValues and then checking to see |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
711 |
* if the Signatures match on the SignedInfo. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
712 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
713 |
* @param pk {@link java.security.PublicKey} part of the keypair or |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
714 |
* {@link javax.crypto.SecretKey} that was used to sign |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
715 |
* @return true if the signature is valid, false otherwise |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
716 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
717 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
718 |
public boolean checkSignatureValue(Key pk) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
719 |
//COMMENT: pk suggests it can only be a public key? |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
720 |
//check to see if the key is not null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
721 |
if (pk == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
722 |
Object exArgs[] = { "Didn't get a key" }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
723 |
throw new XMLSignatureException("empty", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
724 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
725 |
// all references inside the signedinfo need to be dereferenced and |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
726 |
// digested again to see if the outcome matches the stored value in the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
727 |
// SignedInfo. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
728 |
// If followManifestsDuringValidation is true it will do the same for |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
729 |
// References inside a Manifest. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
730 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
731 |
SignedInfo si = this.getSignedInfo(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
732 |
//create a SignatureAlgorithms from the SignatureMethod inside |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
733 |
//SignedInfo. This is used to validate the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
734 |
SignatureAlgorithm sa = si.getSignatureAlgorithm(); |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
735 |
LOG.debug("signatureMethodURI = {}", sa.getAlgorithmURI()); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
736 |
LOG.debug("jceSigAlgorithm = {}", sa.getJCEAlgorithmString()); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
737 |
LOG.debug("jceSigProvider = {}", sa.getJCEProviderName()); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
738 |
LOG.debug("PublicKey = {}", pk); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
739 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
740 |
byte sigBytes[] = null; |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
741 |
try (SignerOutputStream so = new SignerOutputStream(sa); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
742 |
OutputStream bos = new UnsyncBufferedOutputStream(so)) { |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
743 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
744 |
sa.initVerify(pk); |
2 | 745 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
746 |
// Get the canonicalized (normalized) SignedInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
747 |
si.signInOctetStream(bos); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
748 |
// retrieve the byte[] from the stored signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
749 |
sigBytes = this.getSignatureValue(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
750 |
} catch (IOException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
751 |
LOG.debug(ex.getMessage(), ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
752 |
// Impossible... |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
753 |
} catch (XMLSecurityException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
754 |
throw ex; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
755 |
} |
2 | 756 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
757 |
// have SignatureAlgorithm sign the input bytes and compare them to |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
758 |
// the bytes that were stored in the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
759 |
if (!sa.verify(sigBytes)) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
760 |
LOG.warn("Signature verification failed."); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
761 |
return false; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
762 |
} |
2 | 763 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
764 |
return si.verify(this.followManifestsDuringValidation); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
765 |
} catch (XMLSignatureException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
766 |
throw ex; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
767 |
} catch (XMLSecurityException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
768 |
throw new XMLSignatureException(ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
769 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
770 |
} |
2 | 771 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
772 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
773 |
* Add a Reference with full parameters to this Signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
774 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
775 |
* @param referenceURI URI of the resource to be signed. Can be null in |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
776 |
* which case the dereferencing is application specific. Can be "" in which |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
777 |
* it's the parent node (or parent document?). There can only be one "" in |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
778 |
* each signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
779 |
* @param trans Optional list of transformations to be done before digesting |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
780 |
* @param digestURI Mandatory URI of the digesting algorithm to use. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
781 |
* @param referenceId Optional id attribute for this Reference |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
782 |
* @param referenceType Optional mimetype for the URI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
783 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
784 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
785 |
public void addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
786 |
String referenceURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
787 |
Transforms trans, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
788 |
String digestURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
789 |
String referenceId, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
790 |
String referenceType |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
791 |
) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
792 |
this.signedInfo.addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
793 |
this.baseURI, referenceURI, trans, digestURI, referenceId, referenceType |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
794 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
795 |
} |
2 | 796 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
797 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
798 |
* This method is a proxy method for the {@link Manifest#addDocument} method. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
799 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
800 |
* @param referenceURI URI according to the XML Signature specification. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
801 |
* @param trans List of transformations to be applied. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
802 |
* @param digestURI URI of the digest algorithm to be used. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
803 |
* @see Manifest#addDocument |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
804 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
805 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
806 |
public void addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
807 |
String referenceURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
808 |
Transforms trans, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
809 |
String digestURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
810 |
) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
811 |
this.signedInfo.addDocument(this.baseURI, referenceURI, trans, digestURI, null, null); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
812 |
} |
2 | 813 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
814 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
815 |
* Adds a Reference with just the URI and the transforms. This used the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
816 |
* SHA1 algorithm as a default digest algorithm. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
817 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
818 |
* @param referenceURI URI according to the XML Signature specification. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
819 |
* @param trans List of transformations to be applied. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
820 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
821 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
822 |
public void addDocument(String referenceURI, Transforms trans) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
823 |
throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
824 |
this.signedInfo.addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
825 |
this.baseURI, referenceURI, trans, Constants.ALGO_ID_DIGEST_SHA1, null, null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
826 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
827 |
} |
2 | 828 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
829 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
830 |
* Add a Reference with just this URI. It uses SHA1 by default as the digest |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
831 |
* algorithm |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
832 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
833 |
* @param referenceURI URI according to the XML Signature specification. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
834 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
835 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
836 |
public void addDocument(String referenceURI) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
837 |
this.signedInfo.addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
838 |
this.baseURI, referenceURI, null, Constants.ALGO_ID_DIGEST_SHA1, null, null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
839 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
840 |
} |
2 | 841 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
842 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
843 |
* Add an X509 Certificate to the KeyInfo. This will include the whole cert |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
844 |
* inside X509Data/X509Certificate tags. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
845 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
846 |
* @param cert Certificate to be included. This should be the certificate of |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
847 |
* the key that was used to sign. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
848 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
849 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
850 |
public void addKeyInfo(X509Certificate cert) throws XMLSecurityException { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
851 |
X509Data x509data = new X509Data(getDocument()); |
2 | 852 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
853 |
x509data.addCertificate(cert); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
854 |
this.getKeyInfo().add(x509data); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
855 |
} |
2 | 856 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
857 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
858 |
* Add this public key to the KeyInfo. This will include the complete key in |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
859 |
* the KeyInfo structure. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
860 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
861 |
* @param pk |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
862 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
863 |
public void addKeyInfo(PublicKey pk) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
864 |
this.getKeyInfo().add(pk); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
865 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
866 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
867 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
868 |
* Proxy method for {@link SignedInfo#createSecretKey(byte[])}. If you want |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
869 |
* to create a MAC, this method helps you to obtain the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
870 |
* {@link javax.crypto.SecretKey} from octets. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
871 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
872 |
* @param secretKeyBytes |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
873 |
* @return the secret key created. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
874 |
* @see SignedInfo#createSecretKey(byte[]) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
875 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
876 |
public SecretKey createSecretKey(byte[] secretKeyBytes) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
877 |
return this.getSignedInfo().createSecretKey(secretKeyBytes); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
878 |
} |
2 | 879 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
880 |
/** |
21278 | 881 |
* Signal whether Manifest should be automatically validated. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
882 |
* Checking the digests in References in a Signature are mandatory, but for |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
883 |
* References inside a Manifest it is application specific. This boolean is |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
884 |
* to indicate that the References inside Manifests should be validated. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
885 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
886 |
* @param followManifests |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
887 |
* @see <a href="http://www.w3.org/TR/xmldsig-core/#sec-CoreValidation"> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
888 |
* Core validation section in the XML Signature Rec.</a> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
889 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
890 |
public void setFollowNestedManifests(boolean followManifests) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
891 |
this.followManifestsDuringValidation = followManifests; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
892 |
} |
2 | 893 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
894 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
895 |
* Get the local name of this element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
896 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
897 |
* @return Constants._TAG_SIGNATURE |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
898 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
899 |
public String getBaseLocalName() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
900 |
return Constants._TAG_SIGNATURE; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
901 |
} |
2 | 902 |
} |