|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object anon.crypto.XMLSignature
public final class XMLSignature
This class stores and creates signatures of XML nodes. The signing and verification processes and the underlying XML signature structure are completely transparent to the using code. Therefore, the XML_ELEMENT_NAME is not public. Just sign and verify what you want, you do not need to know how it works! It is not allowed to change the structure of an element`s signature node for other code than methods of this class. Otherwise, some methods could give false results. XMLSignature objects can only be created by signing or verifying XML nodes, or by getting an unverified signature from an XML node.
http://www.w3.org/TR/xmldsig-core/
Field Summary | |
---|---|
private static java.lang.String |
ATTR_ALGORITHM
|
private static java.lang.String |
ATTR_URI
|
private static java.lang.String |
DIGEST_METHOD_ALGORITHM
|
private static java.lang.String |
ELEM_CANONICALIZATION_METHOD
|
private static java.lang.String |
ELEM_DIGEST_METHOD
|
private static java.lang.String |
ELEM_DIGEST_VALUE
|
private static java.lang.String |
ELEM_KEY_INFO
|
private static java.lang.String |
ELEM_REFERENCE
|
private static java.lang.String |
ELEM_SIGNATURE_METHOD
|
private static java.lang.String |
ELEM_SIGNATURE_VALUE
|
private static java.lang.String |
ELEM_SIGNED_INFO
|
private java.util.Vector |
m_appendedCerts
Stores all appended certificates It is very important, that whenever this Vector is changed, we also have to change m_appendedCertXMLElements, because the values have to be at the same index of the Vectors |
private java.util.Vector |
m_appendedCertXMLElements
Stores the XML represenation of the appended certificates |
private boolean |
m_bVerified
Indicates if the Signature was verfied already |
private CertPath |
m_certPath
Stores the certification Path of this XMLSignature |
private java.lang.String |
m_digestMethod
|
private java.lang.String |
m_digestValue
|
private org.w3c.dom.Element |
m_elemSignature
|
private java.lang.String |
m_referenceURI
|
private java.lang.String |
m_signatureMethod
|
private java.lang.String |
m_signatureValue
|
private byte[] |
m_signedInfoCanonical
|
private static java.lang.String |
XML_ELEMENT_NAME
|
Fields inherited from interface anon.util.IXMLEncodable |
---|
FIELD_XML_ELEMENT_CONTAINER_NAME, FIELD_XML_ELEMENT_NAME, XML_ATTR_ID, XML_ATTR_VERSION |
Constructor Summary | |
---|---|
private |
XMLSignature()
Creates a new and empty signature. |
private |
XMLSignature(org.w3c.dom.Element a_element)
Creates a new signature from a signature element. |
Method Summary | |
---|---|
boolean |
addCertificate(JAPCertificate a_certificate)
Adds a certificate to the signature. |
boolean |
appendSignatureTo(org.w3c.dom.Node a_node)
Appends this XMLSignature to an XML node. |
private static boolean |
checkMessageDigest(org.w3c.dom.Node a_node,
XMLSignature a_signature)
|
private static boolean |
checkSignature(XMLSignature a_signature,
IMyPublicKey a_publicKey)
Checks if the signature of the XMLSignature`s SIGNED_INFO is valid. |
void |
clearCertificates()
Deletes all certificates from this signature. |
boolean |
containsCertificate(JAPCertificate a_certificate)
Returns if the specified certificate is already contained in this signature element. |
int |
countCertificates()
Returns the number of certificates appended to this signature. |
private static java.util.Hashtable |
findCertificates(org.w3c.dom.Element a_xmlSignature)
Returns all certificates that are appended to the given signature element. |
private static XMLSignature |
findXMLSignature(org.w3c.dom.Node a_node)
Finds the signature element of the given node if present. |
java.util.Vector |
getCertificates()
Returns all X509 certificates that are embedded in this XMLSignature. |
CertPath |
getCertPath()
|
java.lang.String |
getDigestMethod()
Returns the digest method that was used for creating this signature. |
private java.lang.String |
getDigestValue()
Returns the Base64 encoded digest value. |
java.lang.String |
getReferenceURI()
Returns the reference attribute URI. |
private org.w3c.dom.Element |
getSignatureElement()
Gets the signature element held by this XMLSignature. |
java.lang.String |
getSignatureMethod()
Returns the signature method that was used for creating this signature. |
private java.lang.String |
getSignatureValue()
Returns the signature value as Base64 encoded, (and r-s encoded) String. |
private byte[] |
getSignedInfoCanonical()
Returns the canonical representation of the SIGNED_INFO element. |
static XMLSignature |
getUnverified(org.w3c.dom.Node a_node)
Gets the signature from a node if present. |
static XMLSignature |
getVerified(org.w3c.dom.Node a_node,
java.util.Vector a_rootCertificates,
java.util.Vector a_directCertificatePaths,
boolean a_bCheckValidity)
New Implementation of the verify()-method. |
private static CertPath |
getVerifier(org.w3c.dom.Node a_node,
XMLSignature a_signature,
java.util.Vector a_verifyingCertificatePaths,
boolean a_bCheckValidity)
This method is used to verify a node with a previously created XMLSignature. |
boolean |
isVerified()
|
private static int |
makeCanonical(org.w3c.dom.Node node,
java.io.OutputStream o,
boolean bSiblings,
org.w3c.dom.Node excludeNode)
|
boolean |
removeCertificate(JAPCertificate a_certificate)
Removes a certificate from this signature. |
static boolean |
removeSignatureFrom(org.w3c.dom.Node a_node)
Removes the signature from an XML node if a signature exists. |
private static org.w3c.dom.Element |
removeSignatureFromInternal(org.w3c.dom.Node a_node)
Removes the signature from an XML node if a signature exists. |
private void |
setCertificates(org.w3c.dom.Element a_xmlSignature)
|
void |
setVerified(boolean a_bVerified)
|
static XMLSignature |
sign(org.w3c.dom.Node a_node,
IMyPrivateKey a_privateKey)
Signs an XML node and creates a new XMLSignature from the signature. |
static XMLSignature |
sign(org.w3c.dom.Node a_node,
PKCS12 a_certificate)
Signs an XML node and creates a new XMLSignature from the signature. |
private static XMLSignature |
signInternal(org.w3c.dom.Node a_node,
IMyPrivateKey a_privateKey)
Signs an XML node and creates a new XMLSignature from the signature. |
private static byte[] |
toCanonical(org.w3c.dom.Node inputNode)
Creates a byte array from an XML node tree. |
private static byte[] |
toCanonical(org.w3c.dom.Node a_inputNode,
org.w3c.dom.Node a_excludeNode)
|
private static byte[] |
toCanonicalDeprecated(org.w3c.dom.Node a_inputNode)
Is only used if no digest value is found. |
org.w3c.dom.Element |
toXmlElement(org.w3c.dom.Document a_doc)
Creates a new XML element from this signature. |
private org.w3c.dom.Element |
toXmlElementInternal(org.w3c.dom.Document a_doc)
Transforms this XMLSignature to an XML element. |
static XMLSignature |
verify(org.w3c.dom.Node a_node,
IMyPublicKey a_publicKey)
Verifies the signature of an XML node and creates a new XMLSignature from a valid signature. |
static XMLSignature |
verify(org.w3c.dom.Node a_node,
JAPCertificate a_certificate)
Verifies the signature of an XML node and creates a new XMLSignature from a valid signature. |
static XMLSignature |
verify(org.w3c.dom.Node a_node,
java.util.Vector a_certificateList)
Verifies the signature of an XML node and creates a new XMLSignature from a valid signature. |
private static boolean |
verify(org.w3c.dom.Node a_node,
XMLSignature a_signature,
IMyPublicKey a_publicKey)
This method is used to verify a node with a previously created XMLSignature. |
static boolean |
verifyFast(org.w3c.dom.Node a_node,
IMyPublicKey a_publicKey)
Only verifies the signature of an XML node. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private static final java.lang.String XML_ELEMENT_NAME
private static final java.lang.String ELEM_CANONICALIZATION_METHOD
private static final java.lang.String ELEM_SIGNATURE_METHOD
private static final java.lang.String ELEM_SIGNATURE_VALUE
private static final java.lang.String ELEM_KEY_INFO
private static final java.lang.String ELEM_SIGNED_INFO
private static final java.lang.String ELEM_REFERENCE
private static final java.lang.String ELEM_DIGEST_VALUE
private static final java.lang.String ELEM_DIGEST_METHOD
private static final java.lang.String ATTR_URI
private static final java.lang.String ATTR_ALGORITHM
private static final java.lang.String DIGEST_METHOD_ALGORITHM
private org.w3c.dom.Element m_elemSignature
private java.lang.String m_signatureMethod
private java.lang.String m_signatureValue
private java.lang.String m_referenceURI
private java.lang.String m_digestMethod
private java.lang.String m_digestValue
private byte[] m_signedInfoCanonical
private java.util.Vector m_appendedCerts
private java.util.Vector m_appendedCertXMLElements
private CertPath m_certPath
private boolean m_bVerified
Constructor Detail |
---|
private XMLSignature()
private XMLSignature(org.w3c.dom.Element a_element) throws XMLParseException
a_element
- an XML Element
XMLParseException
- if the element is no valid signature elementMethod Detail |
---|
public static XMLSignature sign(org.w3c.dom.Node a_node, PKCS12 a_certificate) throws XMLParseException
a_node
- an XML nodea_certificate
- a certificate to sign the signature
XMLParseException
- if the node could not be signed because it could not be
properly transformed into bytespublic static XMLSignature sign(org.w3c.dom.Node a_node, IMyPrivateKey a_privateKey) throws XMLParseException
a_node
- an XML nodea_privateKey
- a private key to sign the signature
XMLParseException
- if the node could not be signed because it could not be
properly transformed into bytesprivate static XMLSignature signInternal(org.w3c.dom.Node a_node, IMyPrivateKey a_privateKey) throws XMLParseException
a_node
- an XML nodea_privateKey
- a private key to sign the signature
XMLParseException
- if the node could not be signed because it could not be
properly transformed into bytespublic static XMLSignature verify(org.w3c.dom.Node a_node, JAPCertificate a_certificate) throws XMLParseException
a_node
- an XML nodea_certificate
- a certificate to verify the signature
XMLParseException
- if a signature element exists, but the element
has an invalid structurepublic static XMLSignature verify(org.w3c.dom.Node a_node, java.util.Vector a_certificateList) throws XMLParseException
a_node
- an XML nodea_certificateList
- certificates to verify the signature
XMLParseException
- if a signature element exists, but the element
has an invalid structurepublic static XMLSignature getVerified(org.w3c.dom.Node a_node, java.util.Vector a_rootCertificates, java.util.Vector a_directCertificatePaths, boolean a_bCheckValidity) throws XMLParseException
a_node
- Node A signed XML node.a_rootCertificates
- Vector A Vector of trusted root certificates which is used to verify
the last(or only) certificate appended at the signaturea_directCertificates
- A Vector of CertPaths to verify the signature, if there are no
appended certificatesa_bCheckValidity
- If this is true, the validity of the certs is checked and expired
certs are treated as invalid.
XMLParseException
- if a signature element exists, but the element
has an invalid structurepublic static boolean verifyFast(org.w3c.dom.Node a_node, IMyPublicKey a_publicKey)
a_node
- an XML nodea_publicKey
- a public key to verify the signature
public static XMLSignature verify(org.w3c.dom.Node a_node, IMyPublicKey a_publicKey) throws XMLParseException
a_node
- an XML nodea_publicKey
- a public key to verify the signature
XMLParseException
- if a signature element exists, but the element
has an invalid structurepublic static XMLSignature getUnverified(org.w3c.dom.Node a_node) throws XMLParseException
a_node
- an XML node
XMLParseException
- if the signature is present but has an invalid XML structurepublic static boolean removeSignatureFrom(org.w3c.dom.Node a_node)
a_node
- an XML Node
public java.util.Vector getCertificates()
public boolean containsCertificate(JAPCertificate a_certificate)
a_certificate
- an X509 certificate
public int countCertificates()
public void clearCertificates()
public boolean removeCertificate(JAPCertificate a_certificate)
a_certificate
- an X509 certificate
public boolean addCertificate(JAPCertificate a_certificate)
a_certificate
- JAPCertificate
public boolean appendSignatureTo(org.w3c.dom.Node a_node)
a_node
- an XML node
public org.w3c.dom.Element toXmlElement(org.w3c.dom.Document a_doc)
toXmlElement
in interface IXMLEncodable
a_doc
- an XML document
public java.lang.String getSignatureMethod()
public java.lang.String getDigestMethod()
public java.lang.String getReferenceURI()
private org.w3c.dom.Element toXmlElementInternal(org.w3c.dom.Document a_doc)
a_doc
- an XML document
private static org.w3c.dom.Element removeSignatureFromInternal(org.w3c.dom.Node a_node)
a_node
- an XML Node
private org.w3c.dom.Element getSignatureElement()
private byte[] getSignedInfoCanonical()
private java.lang.String getDigestValue()
private java.lang.String getSignatureValue()
public boolean isVerified()
public void setVerified(boolean a_bVerified)
public CertPath getCertPath()
private static XMLSignature findXMLSignature(org.w3c.dom.Node a_node) throws XMLParseException
a_node
- an XML Node
XMLParseException
- if the node has an invalid valid XML signature element structureprivate void setCertificates(org.w3c.dom.Element a_xmlSignature)
private static java.util.Hashtable findCertificates(org.w3c.dom.Element a_xmlSignature)
a_xmlSignature
- an XML signature Element
private static byte[] toCanonical(org.w3c.dom.Node a_inputNode, org.w3c.dom.Node a_excludeNode) throws XMLParseException
XMLParseException
private static byte[] toCanonicalDeprecated(org.w3c.dom.Node a_inputNode)
a_inputNode
- Node
private static byte[] toCanonical(org.w3c.dom.Node inputNode) throws XMLParseException
inputNode
- The node (incl. the whole tree) which is flattened to a byte array.
XMLParseException
- if the node could not be properly transformed into bytesprivate static int makeCanonical(org.w3c.dom.Node node, java.io.OutputStream o, boolean bSiblings, org.w3c.dom.Node excludeNode)
node
- Nodeo
- OutputStreambSiblings
- booleanexcludeNode
- Node
http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod
,
http://www.w3.org/TR/xml-c14n
private static CertPath getVerifier(org.w3c.dom.Node a_node, XMLSignature a_signature, java.util.Vector a_verifyingCertificatePaths, boolean a_bCheckValidity) throws XMLParseException
a_node
- an XML nodea_signature
- an XMLSignaturea_verifyingCertificatePaths
- a Vector of CertPaths to verify the signature
XMLParseException
- if a signature element exists, but the element
has an invalid structureprivate static boolean verify(org.w3c.dom.Node a_node, XMLSignature a_signature, IMyPublicKey a_publicKey) throws XMLParseException
a_node
- an XML nodea_signature
- an XMLSignaturea_publicKey
- a public key
XMLParseException
- if a signature element exists, but the element
has an invalid structureprivate static boolean checkSignature(XMLSignature a_signature, IMyPublicKey a_publicKey)
a_signature
- an XMLSignaturea_publicKey
- a public key
private static boolean checkMessageDigest(org.w3c.dom.Node a_node, XMLSignature a_signature) throws XMLParseException
XMLParseException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |