author | erikj |
Tue, 12 Sep 2017 19:03:39 +0200 | |
changeset 47216 | 71c04702a3d5 |
parent 26876 | jdk/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignature.java@21d3cc221213 |
child 50614 | 3810c9a2efa1 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
2 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
21 |
* under the License. |
2 | 22 |
*/ |
23 |
package com.sun.org.apache.xml.internal.security.signature; |
|
24 |
||
25 |
import java.io.IOException; |
|
26 |
import java.io.OutputStream; |
|
27 |
import java.security.Key; |
|
28 |
import java.security.PublicKey; |
|
29 |
import java.security.cert.X509Certificate; |
|
30 |
||
31 |
import javax.crypto.SecretKey; |
|
32 |
||
33 |
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm; |
|
34 |
import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; |
|
35 |
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; |
|
36 |
import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException; |
|
37 |
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; |
|
38 |
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; |
|
39 |
import com.sun.org.apache.xml.internal.security.keys.KeyInfo; |
|
40 |
import com.sun.org.apache.xml.internal.security.keys.content.X509Data; |
|
41 |
import com.sun.org.apache.xml.internal.security.transforms.Transforms; |
|
42 |
import com.sun.org.apache.xml.internal.security.utils.Base64; |
|
43 |
import com.sun.org.apache.xml.internal.security.utils.Constants; |
|
44 |
import com.sun.org.apache.xml.internal.security.utils.I18n; |
|
45 |
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; |
|
46 |
import com.sun.org.apache.xml.internal.security.utils.SignerOutputStream; |
|
47 |
import com.sun.org.apache.xml.internal.security.utils.UnsyncBufferedOutputStream; |
|
48 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
|
49 |
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver; |
|
50 |
import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi; |
|
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
51 |
import org.w3c.dom.Attr; |
2 | 52 |
import org.w3c.dom.Document; |
53 |
import org.w3c.dom.Element; |
|
54 |
import org.w3c.dom.Node; |
|
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
55 |
import org.w3c.dom.NodeList; |
2 | 56 |
import org.w3c.dom.Text; |
57 |
||
58 |
/** |
|
59 |
* Handles <code><ds:Signature></code> elements. |
|
60 |
* This is the main class that deals with creating and verifying signatures. |
|
61 |
* |
|
62 |
* <p>There are 2 types of constructors for this class. The ones that take a |
|
63 |
* document, baseURI and 1 or more Java Objects. This is mostly used for |
|
64 |
* signing purposes. |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
65 |
* The other constructor is the one that takes a DOM Element and a baseURI. |
2 | 66 |
* This is used mostly with for verifying, when you have a SignatureElement. |
67 |
* |
|
68 |
* There are a few different types of methods: |
|
69 |
* <ul><li>The addDocument* methods are used to add References with optional |
|
70 |
* transforms during signing. </li> |
|
71 |
* <li>addKeyInfo* methods are to add Certificates and Keys to the |
|
72 |
* KeyInfo tags during signing. </li> |
|
73 |
* <li>appendObject allows a user to add any XML Structure as an |
|
74 |
* ObjectContainer during signing.</li> |
|
75 |
* <li>sign and checkSignatureValue methods are used to sign and validate the |
|
76 |
* signature. </li></ul> |
|
77 |
*/ |
|
78 |
public final class XMLSignature extends SignatureElementProxy { |
|
79 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
80 |
/** MAC - Required HMAC-SHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
81 |
public static final String ALGO_ID_MAC_HMAC_SHA1 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
82 |
Constants.SignatureSpecNS + "hmac-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
83 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
84 |
/** Signature - Required DSAwithSHA1 (DSS) */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
85 |
public static final String ALGO_ID_SIGNATURE_DSA = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
86 |
Constants.SignatureSpecNS + "dsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
87 |
|
24251
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
88 |
/** Signature - Optional DSAwithSHA256 */ |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
89 |
public static final String ALGO_ID_SIGNATURE_DSA_SHA256 = |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
90 |
Constants.SignatureSpec11NS + "dsa-sha256"; |
da7dc40edb67
8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
mullan
parents:
21278
diff
changeset
|
91 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
92 |
/** Signature - Recommended RSAwithSHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
93 |
public static final String ALGO_ID_SIGNATURE_RSA = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
94 |
Constants.SignatureSpecNS + "rsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
95 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
96 |
/** Signature - Recommended RSAwithSHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
97 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA1 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
98 |
Constants.SignatureSpecNS + "rsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
99 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
100 |
/** Signature - NOT Recommended RSAwithMD5 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
101 |
public static final String ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
102 |
Constants.MoreAlgorithmsSpecNS + "rsa-md5"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
103 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
104 |
/** Signature - Optional RSAwithRIPEMD160 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
105 |
public static final String ALGO_ID_SIGNATURE_RSA_RIPEMD160 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
106 |
Constants.MoreAlgorithmsSpecNS + "rsa-ripemd160"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
107 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
108 |
/** Signature - Optional RSAwithSHA256 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
109 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA256 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
110 |
Constants.MoreAlgorithmsSpecNS + "rsa-sha256"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
111 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
112 |
/** Signature - Optional RSAwithSHA384 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
113 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA384 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
114 |
Constants.MoreAlgorithmsSpecNS + "rsa-sha384"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
115 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
116 |
/** Signature - Optional RSAwithSHA512 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
117 |
public static final String ALGO_ID_SIGNATURE_RSA_SHA512 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
118 |
Constants.MoreAlgorithmsSpecNS + "rsa-sha512"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
119 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
120 |
/** HMAC - NOT Recommended HMAC-MD5 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
121 |
public static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
122 |
Constants.MoreAlgorithmsSpecNS + "hmac-md5"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
123 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
124 |
/** HMAC - Optional HMAC-RIPEMD160 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
125 |
public static final String ALGO_ID_MAC_HMAC_RIPEMD160 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
126 |
Constants.MoreAlgorithmsSpecNS + "hmac-ripemd160"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
127 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
128 |
/** HMAC - Optional HMAC-SHA256 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
129 |
public static final String ALGO_ID_MAC_HMAC_SHA256 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
130 |
Constants.MoreAlgorithmsSpecNS + "hmac-sha256"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
131 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
132 |
/** HMAC - Optional HMAC-SHA284 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
133 |
public static final String ALGO_ID_MAC_HMAC_SHA384 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
134 |
Constants.MoreAlgorithmsSpecNS + "hmac-sha384"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
135 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
136 |
/** HMAC - Optional HMAC-SHA512 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
137 |
public static final String ALGO_ID_MAC_HMAC_SHA512 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
138 |
Constants.MoreAlgorithmsSpecNS + "hmac-sha512"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
139 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
140 |
/**Signature - Optional ECDSAwithSHA1 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
141 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
142 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
143 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
144 |
/**Signature - Optional ECDSAwithSHA256 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
145 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA256 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
146 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
147 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
148 |
/**Signature - Optional ECDSAwithSHA384 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
149 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA384 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
150 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
151 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
152 |
/**Signature - Optional ECDSAwithSHA512 */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
153 |
public static final String ALGO_ID_SIGNATURE_ECDSA_SHA512 = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
154 |
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
155 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
156 |
/** {@link org.apache.commons.logging} logging facility */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
157 |
private static java.util.logging.Logger log = |
2 | 158 |
java.util.logging.Logger.getLogger(XMLSignature.class.getName()); |
159 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
160 |
/** ds:Signature.ds:SignedInfo element */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
161 |
private SignedInfo signedInfo; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
162 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
163 |
/** ds:Signature.ds:KeyInfo */ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
164 |
private KeyInfo keyInfo; |
2 | 165 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
166 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
167 |
* Checking the digests in References in a Signature are mandatory, but for |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
168 |
* References inside a Manifest it is application specific. This boolean is |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
169 |
* to indicate that the References inside Manifests should be validated. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
170 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
171 |
private boolean followManifestsDuringValidation = false; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
172 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
173 |
private Element signatureValueElement; |
2 | 174 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
175 |
private static final int MODE_SIGN = 0; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
176 |
private static final int MODE_VERIFY = 1; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
177 |
private int state = MODE_SIGN; |
2 | 178 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
179 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
180 |
* This creates a new <CODE>ds:Signature</CODE> Element and adds an empty |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
181 |
* <CODE>ds:SignedInfo</CODE>. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
182 |
* The <code>ds:SignedInfo</code> is initialized with the specified Signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
183 |
* algorithm and Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS which is REQUIRED |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
184 |
* by the spec. This method's main use is for creating a new signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
185 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
186 |
* @param doc Document in which the signature will be appended after creation. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
187 |
* @param baseURI URI to be used as context for all relative URIs. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
188 |
* @param signatureMethodURI signature algorithm to use. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
189 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
190 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
191 |
public XMLSignature(Document doc, String baseURI, String signatureMethodURI) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
192 |
throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
193 |
this(doc, baseURI, signatureMethodURI, 0, Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
194 |
} |
1337 | 195 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
196 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
197 |
* Constructor XMLSignature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
198 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
199 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
200 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
201 |
* @param signatureMethodURI the Signature method to be used. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
202 |
* @param hmacOutputLength |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
203 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
204 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
205 |
public XMLSignature(Document doc, String baseURI, String signatureMethodURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
206 |
int hmacOutputLength) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
207 |
this( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
208 |
doc, baseURI, signatureMethodURI, hmacOutputLength, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
209 |
Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
210 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
211 |
} |
1337 | 212 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
213 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
214 |
* Constructor XMLSignature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
215 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
216 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
217 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
218 |
* @param signatureMethodURI the Signature method to be used. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
219 |
* @param canonicalizationMethodURI the canonicalization algorithm to be |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
220 |
* used to c14nize the SignedInfo element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
221 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
222 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
223 |
public XMLSignature( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
224 |
Document doc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
225 |
String baseURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
226 |
String signatureMethodURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
227 |
String canonicalizationMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
228 |
) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
229 |
this(doc, baseURI, signatureMethodURI, 0, canonicalizationMethodURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
230 |
} |
2 | 231 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
232 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
233 |
* Constructor XMLSignature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
234 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
235 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
236 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
237 |
* @param signatureMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
238 |
* @param hmacOutputLength |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
239 |
* @param canonicalizationMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
240 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
241 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
242 |
public XMLSignature( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
243 |
Document doc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
244 |
String baseURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
245 |
String signatureMethodURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
246 |
int hmacOutputLength, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
247 |
String canonicalizationMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
248 |
) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
249 |
super(doc); |
2 | 250 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
251 |
String xmlnsDsPrefix = getDefaultPrefix(Constants.SignatureSpecNS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
252 |
if (xmlnsDsPrefix == null || xmlnsDsPrefix.length() == 0) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
253 |
this.constructionElement.setAttributeNS( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
254 |
Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
255 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
256 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
257 |
this.constructionElement.setAttributeNS( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
258 |
Constants.NamespaceSpecNS, "xmlns:" + xmlnsDsPrefix, Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
259 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
260 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
261 |
XMLUtils.addReturnToElement(this.constructionElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
262 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
263 |
this.baseURI = baseURI; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
264 |
this.signedInfo = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
265 |
new SignedInfo( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
266 |
this.doc, signatureMethodURI, hmacOutputLength, canonicalizationMethodURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
267 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
268 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
269 |
this.constructionElement.appendChild(this.signedInfo.getElement()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
270 |
XMLUtils.addReturnToElement(this.constructionElement); |
2 | 271 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
272 |
// create an empty SignatureValue; this is filled by setSignatureValueElement |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
273 |
signatureValueElement = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
274 |
XMLUtils.createElementInSignatureSpace(this.doc, Constants._TAG_SIGNATUREVALUE); |
2 | 275 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
276 |
this.constructionElement.appendChild(signatureValueElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
277 |
XMLUtils.addReturnToElement(this.constructionElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
278 |
} |
2 | 279 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
280 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
281 |
* Creates a XMLSignature in a Document |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
282 |
* @param doc |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
283 |
* @param baseURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
284 |
* @param SignatureMethodElem |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
285 |
* @param CanonicalizationMethodElem |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
286 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
287 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
288 |
public XMLSignature( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
289 |
Document doc, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
290 |
String baseURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
291 |
Element SignatureMethodElem, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
292 |
Element CanonicalizationMethodElem |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
293 |
) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
294 |
super(doc); |
2 | 295 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
296 |
String xmlnsDsPrefix = getDefaultPrefix(Constants.SignatureSpecNS); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
297 |
if (xmlnsDsPrefix == null || xmlnsDsPrefix.length() == 0) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
298 |
this.constructionElement.setAttributeNS( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
299 |
Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
300 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
301 |
} else { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
302 |
this.constructionElement.setAttributeNS( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
303 |
Constants.NamespaceSpecNS, "xmlns:" + xmlnsDsPrefix, Constants.SignatureSpecNS |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
304 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
305 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
306 |
XMLUtils.addReturnToElement(this.constructionElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
307 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
308 |
this.baseURI = baseURI; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
309 |
this.signedInfo = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
310 |
new SignedInfo(this.doc, SignatureMethodElem, CanonicalizationMethodElem); |
2 | 311 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
312 |
this.constructionElement.appendChild(this.signedInfo.getElement()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
313 |
XMLUtils.addReturnToElement(this.constructionElement); |
2 | 314 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
315 |
// create an empty SignatureValue; this is filled by setSignatureValueElement |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
316 |
signatureValueElement = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
317 |
XMLUtils.createElementInSignatureSpace(this.doc, Constants._TAG_SIGNATUREVALUE); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
318 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
319 |
this.constructionElement.appendChild(signatureValueElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
320 |
XMLUtils.addReturnToElement(this.constructionElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
321 |
} |
2 | 322 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
323 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
324 |
* This will parse the element and construct the Java Objects. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
325 |
* That will allow a user to validate the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
326 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
327 |
* @param element ds:Signature element that contains the whole signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
328 |
* @param baseURI URI to be prepended to all relative URIs |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
329 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
330 |
* @throws XMLSignatureException if the signature is badly formatted |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
331 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
332 |
public XMLSignature(Element element, String baseURI) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
333 |
throws XMLSignatureException, XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
334 |
this(element, baseURI, false); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
335 |
} |
2 | 336 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
337 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
338 |
* This will parse the element and construct the Java Objects. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
339 |
* That will allow a user to validate the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
340 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
341 |
* @param element ds:Signature element that contains the whole signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
342 |
* @param baseURI URI to be prepended to all relative URIs |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
343 |
* @param secureValidation whether secure secureValidation is enabled or not |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
344 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
345 |
* @throws XMLSignatureException if the signature is badly formatted |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
346 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
347 |
public XMLSignature(Element element, String baseURI, boolean secureValidation) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
348 |
throws XMLSignatureException, XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
349 |
super(element, baseURI); |
2 | 350 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
351 |
// check out SignedInfo child |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
352 |
Element signedInfoElem = XMLUtils.getNextElement(element.getFirstChild()); |
2 | 353 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
354 |
// check to see if it is there |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
355 |
if (signedInfoElem == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
356 |
Object exArgs[] = { Constants._TAG_SIGNEDINFO, Constants._TAG_SIGNATURE }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
357 |
throw new XMLSignatureException("xml.WrongContent", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
358 |
} |
2 | 359 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
360 |
// create a SignedInfo object from that element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
361 |
this.signedInfo = new SignedInfo(signedInfoElem, baseURI, secureValidation); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
362 |
// get signedInfoElem again in case it has changed |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
363 |
signedInfoElem = XMLUtils.getNextElement(element.getFirstChild()); |
2 | 364 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
365 |
// check out SignatureValue child |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
366 |
this.signatureValueElement = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
367 |
XMLUtils.getNextElement(signedInfoElem.getNextSibling()); |
2 | 368 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
369 |
// check to see if it exists |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
370 |
if (signatureValueElement == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
371 |
Object exArgs[] = { Constants._TAG_SIGNATUREVALUE, Constants._TAG_SIGNATURE }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
372 |
throw new XMLSignatureException("xml.WrongContent", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
373 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
374 |
Attr signatureValueAttr = signatureValueElement.getAttributeNodeNS(null, "Id"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
375 |
if (signatureValueAttr != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
376 |
signatureValueElement.setIdAttributeNode(signatureValueAttr, true); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
377 |
} |
2 | 378 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
379 |
// <element ref="ds:KeyInfo" minOccurs="0"/> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
380 |
Element keyInfoElem = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
381 |
XMLUtils.getNextElement(signatureValueElement.getNextSibling()); |
2 | 382 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
383 |
// If it exists use it, but it's not mandatory |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
384 |
if (keyInfoElem != null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
385 |
&& keyInfoElem.getNamespaceURI().equals(Constants.SignatureSpecNS) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
386 |
&& keyInfoElem.getLocalName().equals(Constants._TAG_KEYINFO)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
387 |
this.keyInfo = new KeyInfo(keyInfoElem, baseURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
388 |
this.keyInfo.setSecureValidation(secureValidation); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
389 |
} |
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
390 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
391 |
// <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
392 |
Element objectElem = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
393 |
XMLUtils.getNextElement(signatureValueElement.getNextSibling()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
394 |
while (objectElem != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
395 |
Attr objectAttr = objectElem.getAttributeNodeNS(null, "Id"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
396 |
if (objectAttr != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
397 |
objectElem.setIdAttributeNode(objectAttr, true); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
398 |
} |
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
399 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
400 |
NodeList nodes = objectElem.getChildNodes(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
401 |
int length = nodes.getLength(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
402 |
// Register Ids of the Object child elements |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
403 |
for (int i = 0; i < length; i++) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
404 |
Node child = nodes.item(i); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
405 |
if (child.getNodeType() == Node.ELEMENT_NODE) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
406 |
Element childElem = (Element)child; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
407 |
String tag = childElem.getLocalName(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
408 |
if (tag.equals("Manifest")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
409 |
new Manifest(childElem, baseURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
410 |
} else if (tag.equals("SignatureProperties")) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
411 |
new SignatureProperties(childElem, baseURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
412 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
413 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
414 |
} |
18266
26e69da689b9
8010714: XML DSig API allows a RetrievalMethod to reference another RetrievalMethod
mullan
parents:
18240
diff
changeset
|
415 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
416 |
objectElem = XMLUtils.getNextElement(objectElem.getNextSibling()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
417 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
418 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
419 |
this.state = MODE_VERIFY; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
420 |
} |
2 | 421 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
422 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
423 |
* Sets the <code>Id</code> attribute |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
424 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
425 |
* @param id Id value for the id attribute on the Signature Element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
426 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
427 |
public void setId(String id) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
428 |
if (id != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
429 |
this.constructionElement.setAttributeNS(null, Constants._ATT_ID, id); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
430 |
this.constructionElement.setIdAttributeNS(null, Constants._ATT_ID, true); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
431 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
432 |
} |
2 | 433 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
434 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
435 |
* Returns the <code>Id</code> attribute |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
436 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
437 |
* @return the <code>Id</code> attribute |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
438 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
439 |
public String getId() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
440 |
return this.constructionElement.getAttributeNS(null, Constants._ATT_ID); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
441 |
} |
2 | 442 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
443 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
444 |
* Returns the completely parsed <code>SignedInfo</code> object. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
445 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
446 |
* @return the completely parsed <code>SignedInfo</code> object. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
447 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
448 |
public SignedInfo getSignedInfo() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
449 |
return this.signedInfo; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
450 |
} |
2 | 451 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
452 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
453 |
* Returns the octet value of the SignatureValue element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
454 |
* Throws an XMLSignatureException if it has no or wrong content. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
455 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
456 |
* @return the value of the SignatureValue element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
457 |
* @throws XMLSignatureException If there is no content |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
458 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
459 |
public byte[] getSignatureValue() throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
460 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
461 |
return Base64.decode(signatureValueElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
462 |
} catch (Base64DecodingException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
463 |
throw new XMLSignatureException("empty", ex); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
464 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
465 |
} |
2 | 466 |
|
1337 | 467 |
/** |
468 |
* Base64 encodes and sets the bytes as the content of the SignatureValue |
|
469 |
* Node. |
|
470 |
* |
|
471 |
* @param bytes bytes to be used by SignatureValue before Base64 encoding |
|
472 |
*/ |
|
473 |
private void setSignatureValueElement(byte[] bytes) { |
|
2 | 474 |
|
1337 | 475 |
while (signatureValueElement.hasChildNodes()) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
476 |
signatureValueElement.removeChild(signatureValueElement.getFirstChild()); |
1337 | 477 |
} |
2 | 478 |
|
1337 | 479 |
String base64codedValue = Base64.encode(bytes); |
2 | 480 |
|
1337 | 481 |
if (base64codedValue.length() > 76 && !XMLUtils.ignoreLineBreaks()) { |
2 | 482 |
base64codedValue = "\n" + base64codedValue + "\n"; |
1337 | 483 |
} |
2 | 484 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
485 |
Text t = this.doc.createTextNode(base64codedValue); |
1337 | 486 |
signatureValueElement.appendChild(t); |
487 |
} |
|
2 | 488 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
489 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
490 |
* Returns the KeyInfo child. If we are in signing mode and the KeyInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
491 |
* does not exist yet, it is created on demand and added to the Signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
492 |
* <br> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
493 |
* This allows to add arbitrary content to the KeyInfo during signing. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
494 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
495 |
* @return the KeyInfo object |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
496 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
497 |
public KeyInfo getKeyInfo() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
498 |
// check to see if we are signing and if we have to create a keyinfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
499 |
if (this.state == MODE_SIGN && this.keyInfo == null) { |
2 | 500 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
501 |
// create the KeyInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
502 |
this.keyInfo = new KeyInfo(this.doc); |
2 | 503 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
504 |
// get the Element from KeyInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
505 |
Element keyInfoElement = this.keyInfo.getElement(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
506 |
Element firstObject = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
507 |
XMLUtils.selectDsNode( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
508 |
this.constructionElement.getFirstChild(), Constants._TAG_OBJECT, 0 |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
509 |
); |
2 | 510 |
|
511 |
if (firstObject != null) { |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
512 |
// add it before the object |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
513 |
this.constructionElement.insertBefore(keyInfoElement, firstObject); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
514 |
XMLUtils.addReturnBeforeChild(this.constructionElement, firstObject); |
2 | 515 |
} else { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
516 |
// add it as the last element to the signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
517 |
this.constructionElement.appendChild(keyInfoElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
518 |
XMLUtils.addReturnToElement(this.constructionElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
519 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
520 |
} |
2 | 521 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
522 |
return this.keyInfo; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
523 |
} |
2 | 524 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
525 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
526 |
* Appends an Object (not a <code>java.lang.Object</code> but an Object |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
527 |
* element) to the Signature. Please note that this is only possible |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
528 |
* when signing. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
529 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
530 |
* @param object ds:Object to be appended. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
531 |
* @throws XMLSignatureException When this object is used to verify. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
532 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
533 |
public void appendObject(ObjectContainer object) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
534 |
//try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
535 |
//if (this.state != MODE_SIGN) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
536 |
// throw new XMLSignatureException( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
537 |
// "signature.operationOnlyBeforeSign"); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
538 |
//} |
2 | 539 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
540 |
this.constructionElement.appendChild(object.getElement()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
541 |
XMLUtils.addReturnToElement(this.constructionElement); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
542 |
//} catch (XMLSecurityException ex) { |
1337 | 543 |
// throw new XMLSignatureException("empty", ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
544 |
//} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
545 |
} |
2 | 546 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
547 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
548 |
* Returns the <code>i<code>th <code>ds:Object</code> child of the signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
549 |
* or null if no such <code>ds:Object</code> element exists. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
550 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
551 |
* @param i |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
552 |
* @return the <code>i<code>th <code>ds:Object</code> child of the signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
553 |
* or null if no such <code>ds:Object</code> element exists. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
554 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
555 |
public ObjectContainer getObjectItem(int i) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
556 |
Element objElem = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
557 |
XMLUtils.selectDsNode( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
558 |
this.constructionElement.getFirstChild(), Constants._TAG_OBJECT, i |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
559 |
); |
2 | 560 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
561 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
562 |
return new ObjectContainer(objElem, this.baseURI); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
563 |
} catch (XMLSecurityException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
564 |
return null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
565 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
566 |
} |
2 | 567 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
568 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
569 |
* Returns the number of all <code>ds:Object</code> elements. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
570 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
571 |
* @return the number of all <code>ds:Object</code> elements. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
572 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
573 |
public int getObjectLength() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
574 |
return this.length(Constants.SignatureSpecNS, Constants._TAG_OBJECT); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
575 |
} |
2 | 576 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
577 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
578 |
* Digests all References in the SignedInfo, calculates the signature value |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
579 |
* and sets it in the SignatureValue Element. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
580 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
581 |
* @param signingKey the {@link java.security.PrivateKey} or |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
582 |
* {@link javax.crypto.SecretKey} that is used to sign. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
583 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
584 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
585 |
public void sign(Key signingKey) throws XMLSignatureException { |
2 | 586 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
587 |
if (signingKey instanceof PublicKey) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
588 |
throw new IllegalArgumentException( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
589 |
I18n.translate("algorithms.operationOnlyVerification") |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
590 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
591 |
} |
2 | 592 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
593 |
try { |
2 | 594 |
//Create a SignatureAlgorithm object |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
595 |
SignedInfo si = this.getSignedInfo(); |
1337 | 596 |
SignatureAlgorithm sa = si.getSignatureAlgorithm(); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
597 |
OutputStream so = null; |
2 | 598 |
try { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
599 |
// initialize SignatureAlgorithm for signing |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
600 |
sa.initSign(signingKey); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
601 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
602 |
// generate digest values for all References in this SignedInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
603 |
si.generateDigestValues(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
604 |
so = new UnsyncBufferedOutputStream(new SignerOutputStream(sa)); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
605 |
// get the canonicalized bytes from SignedInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
606 |
si.signInOctetStream(so); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
607 |
} catch (XMLSecurityException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
608 |
throw ex; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
609 |
} finally { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
610 |
if (so != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
611 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
612 |
so.close(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
613 |
} catch (IOException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
614 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
615 |
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
616 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
617 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
618 |
} |
2 | 619 |
} |
620 |
||
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
621 |
// set them on the SignatureValue element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
622 |
this.setSignatureValueElement(sa.sign()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
623 |
} catch (XMLSignatureException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
624 |
throw ex; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
625 |
} catch (CanonicalizationException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
626 |
throw new XMLSignatureException("empty", ex); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
627 |
} catch (InvalidCanonicalizerException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
628 |
throw new XMLSignatureException("empty", ex); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
629 |
} catch (XMLSecurityException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
630 |
throw new XMLSignatureException("empty", ex); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
631 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
632 |
} |
2 | 633 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
634 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
635 |
* Adds a {@link ResourceResolver} to enable the retrieval of resources. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
636 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
637 |
* @param resolver |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
638 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
639 |
public void addResourceResolver(ResourceResolver resolver) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
640 |
this.getSignedInfo().addResourceResolver(resolver); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
641 |
} |
2 | 642 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
643 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
644 |
* Adds a {@link ResourceResolverSpi} to enable the retrieval of resources. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
645 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
646 |
* @param resolver |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
647 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
648 |
public void addResourceResolver(ResourceResolverSpi resolver) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
649 |
this.getSignedInfo().addResourceResolver(resolver); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
650 |
} |
2 | 651 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
652 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
653 |
* Extracts the public key from the certificate and verifies if the signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
654 |
* is valid by re-digesting all References, comparing those against the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
655 |
* stored DigestValues and then checking to see if the Signatures match on |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
656 |
* the SignedInfo. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
657 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
658 |
* @param cert Certificate that contains the public key part of the keypair |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
659 |
* that was used to sign. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
660 |
* @return true if the signature is valid, false otherwise |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
661 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
662 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
663 |
public boolean checkSignatureValue(X509Certificate cert) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
664 |
throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
665 |
// see if cert is null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
666 |
if (cert != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
667 |
// check the values with the public key from the cert |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
668 |
return this.checkSignatureValue(cert.getPublicKey()); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
669 |
} |
2 | 670 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
671 |
Object exArgs[] = { "Didn't get a certificate" }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
672 |
throw new XMLSignatureException("empty", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
673 |
} |
2 | 674 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
675 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
676 |
* Verifies if the signature is valid by redigesting all References, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
677 |
* comparing those against the stored DigestValues and then checking to see |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
678 |
* if the Signatures match on the SignedInfo. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
679 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
680 |
* @param pk {@link java.security.PublicKey} part of the keypair or |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
681 |
* {@link javax.crypto.SecretKey} that was used to sign |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
682 |
* @return true if the signature is valid, false otherwise |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
683 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
684 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
685 |
public boolean checkSignatureValue(Key pk) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
686 |
//COMMENT: pk suggests it can only be a public key? |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
687 |
//check to see if the key is not null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
688 |
if (pk == null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
689 |
Object exArgs[] = { "Didn't get a key" }; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
690 |
throw new XMLSignatureException("empty", exArgs); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
691 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
692 |
// all references inside the signedinfo need to be dereferenced and |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
693 |
// digested again to see if the outcome matches the stored value in the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
694 |
// SignedInfo. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
695 |
// If followManifestsDuringValidation is true it will do the same for |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
696 |
// References inside a Manifest. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
697 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
698 |
SignedInfo si = this.getSignedInfo(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
699 |
//create a SignatureAlgorithms from the SignatureMethod inside |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
700 |
//SignedInfo. This is used to validate the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
701 |
SignatureAlgorithm sa = si.getSignatureAlgorithm(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
702 |
byte sigBytes[] = null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
703 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
704 |
sa.initVerify(pk); |
26876
21d3cc221213
8031191: Warning exception when XMLSignature logging is enabled
coffeys
parents:
25859
diff
changeset
|
705 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
21d3cc221213
8031191: Warning exception when XMLSignature logging is enabled
coffeys
parents:
25859
diff
changeset
|
706 |
log.log(java.util.logging.Level.FINE, "signatureMethodURI = " + sa.getAlgorithmURI()); |
21d3cc221213
8031191: Warning exception when XMLSignature logging is enabled
coffeys
parents:
25859
diff
changeset
|
707 |
log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString()); |
21d3cc221213
8031191: Warning exception when XMLSignature logging is enabled
coffeys
parents:
25859
diff
changeset
|
708 |
log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName()); |
21d3cc221213
8031191: Warning exception when XMLSignature logging is enabled
coffeys
parents:
25859
diff
changeset
|
709 |
log.log(java.util.logging.Level.FINE, "PublicKey = " + pk); |
21d3cc221213
8031191: Warning exception when XMLSignature logging is enabled
coffeys
parents:
25859
diff
changeset
|
710 |
} |
2 | 711 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
712 |
// Get the canonicalized (normalized) SignedInfo |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
713 |
SignerOutputStream so = new SignerOutputStream(sa); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
714 |
OutputStream bos = new UnsyncBufferedOutputStream(so); |
2 | 715 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
716 |
si.signInOctetStream(bos); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
717 |
bos.close(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
718 |
// retrieve the byte[] from the stored signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
719 |
sigBytes = this.getSignatureValue(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
720 |
} catch (IOException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
721 |
if (log.isLoggable(java.util.logging.Level.FINE)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
722 |
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
723 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
724 |
// Impossible... |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
725 |
} catch (XMLSecurityException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
726 |
throw ex; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
727 |
} |
2 | 728 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
729 |
// have SignatureAlgorithm sign the input bytes and compare them to |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
730 |
// the bytes that were stored in the signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
731 |
if (!sa.verify(sigBytes)) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
732 |
log.log(java.util.logging.Level.WARNING, "Signature verification failed."); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
733 |
return false; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
734 |
} |
2 | 735 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
736 |
return si.verify(this.followManifestsDuringValidation); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
737 |
} catch (XMLSignatureException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
738 |
throw ex; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
739 |
} catch (XMLSecurityException ex) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
740 |
throw new XMLSignatureException("empty", ex); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
741 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
742 |
} |
2 | 743 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
744 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
745 |
* Add a Reference with full parameters to this Signature |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
746 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
747 |
* @param referenceURI URI of the resource to be signed. Can be null in |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
748 |
* which case the dereferencing is application specific. Can be "" in which |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
749 |
* it's the parent node (or parent document?). There can only be one "" in |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
750 |
* each signature. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
751 |
* @param trans Optional list of transformations to be done before digesting |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
752 |
* @param digestURI Mandatory URI of the digesting algorithm to use. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
753 |
* @param referenceId Optional id attribute for this Reference |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
754 |
* @param referenceType Optional mimetype for the URI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
755 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
756 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
757 |
public void addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
758 |
String referenceURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
759 |
Transforms trans, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
760 |
String digestURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
761 |
String referenceId, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
762 |
String referenceType |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
763 |
) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
764 |
this.signedInfo.addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
765 |
this.baseURI, referenceURI, trans, digestURI, referenceId, referenceType |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
766 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
767 |
} |
2 | 768 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
769 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
770 |
* This method is a proxy method for the {@link Manifest#addDocument} method. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
771 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
772 |
* @param referenceURI URI according to the XML Signature specification. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
773 |
* @param trans List of transformations to be applied. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
774 |
* @param digestURI URI of the digest algorithm to be used. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
775 |
* @see Manifest#addDocument |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
776 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
777 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
778 |
public void addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
779 |
String referenceURI, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
780 |
Transforms trans, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
781 |
String digestURI |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
782 |
) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
783 |
this.signedInfo.addDocument(this.baseURI, referenceURI, trans, digestURI, null, null); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
784 |
} |
2 | 785 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
786 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
787 |
* Adds a Reference with just the URI and the transforms. This used the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
788 |
* SHA1 algorithm as a default digest algorithm. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
789 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
790 |
* @param referenceURI URI according to the XML Signature specification. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
791 |
* @param trans List of transformations to be applied. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
792 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
793 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
794 |
public void addDocument(String referenceURI, Transforms trans) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
795 |
throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
796 |
this.signedInfo.addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
797 |
this.baseURI, referenceURI, trans, Constants.ALGO_ID_DIGEST_SHA1, null, null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
798 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
799 |
} |
2 | 800 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
801 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
802 |
* Add a Reference with just this URI. It uses SHA1 by default as the digest |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
803 |
* algorithm |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
804 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
805 |
* @param referenceURI URI according to the XML Signature specification. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
806 |
* @throws XMLSignatureException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
807 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
808 |
public void addDocument(String referenceURI) throws XMLSignatureException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
809 |
this.signedInfo.addDocument( |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
810 |
this.baseURI, referenceURI, null, Constants.ALGO_ID_DIGEST_SHA1, null, null |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
811 |
); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
812 |
} |
2 | 813 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
814 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
815 |
* Add an X509 Certificate to the KeyInfo. This will include the whole cert |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
816 |
* inside X509Data/X509Certificate tags. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
817 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
818 |
* @param cert Certificate to be included. This should be the certificate of |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
819 |
* the key that was used to sign. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
820 |
* @throws XMLSecurityException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
821 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
822 |
public void addKeyInfo(X509Certificate cert) throws XMLSecurityException { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
823 |
X509Data x509data = new X509Data(this.doc); |
2 | 824 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
825 |
x509data.addCertificate(cert); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
826 |
this.getKeyInfo().add(x509data); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
827 |
} |
2 | 828 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
829 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
830 |
* Add this public key to the KeyInfo. This will include the complete key in |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
831 |
* the KeyInfo structure. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
832 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
833 |
* @param pk |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
834 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
835 |
public void addKeyInfo(PublicKey pk) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
836 |
this.getKeyInfo().add(pk); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
837 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
838 |
|
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
839 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
840 |
* Proxy method for {@link SignedInfo#createSecretKey(byte[])}. If you want |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
841 |
* to create a MAC, this method helps you to obtain the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
842 |
* {@link javax.crypto.SecretKey} from octets. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
843 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
844 |
* @param secretKeyBytes |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
845 |
* @return the secret key created. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
846 |
* @see SignedInfo#createSecretKey(byte[]) |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
847 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
848 |
public SecretKey createSecretKey(byte[] secretKeyBytes) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
849 |
return this.getSignedInfo().createSecretKey(secretKeyBytes); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
850 |
} |
2 | 851 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
852 |
/** |
21278 | 853 |
* Signal whether Manifest should be automatically validated. |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
854 |
* Checking the digests in References in a Signature are mandatory, but for |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
855 |
* References inside a Manifest it is application specific. This boolean is |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
856 |
* to indicate that the References inside Manifests should be validated. |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
857 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
858 |
* @param followManifests |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
859 |
* @see <a href="http://www.w3.org/TR/xmldsig-core/#sec-CoreValidation"> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
860 |
* Core validation section in the XML Signature Rec.</a> |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
861 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
862 |
public void setFollowNestedManifests(boolean followManifests) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
863 |
this.followManifestsDuringValidation = followManifests; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
864 |
} |
2 | 865 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
866 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
867 |
* Get the local name of this element |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
868 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
869 |
* @return Constants._TAG_SIGNATURE |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
870 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
871 |
public String getBaseLocalName() { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
872 |
return Constants._TAG_SIGNATURE; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
18266
diff
changeset
|
873 |
} |
2 | 874 |
} |