iaik.xml.crypto.dsig

Class XMLSignatureImpl

java.lang.Object

javax.xml.crypto.dom.DOMStructure

iaik.xml.crypto.dom.DOMStructure

iaik.xml.crypto.dom.XmldsigDOMStructure

iaik.xml.crypto.dsig.XMLSignatureImpl

All Implemented Interfaces:

XMLSignature, XMLStructure

public class XMLSignatureImpl
extends XmldsigDOMStructure
implements XMLSignature

An implementation of the Signature element that supports the DOM XML representation and processing mechanism.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
protected class	XMLSignatureImpl.SignatureValueImpl An implementation of the SignatureValue element that supports the DOM XML representation and marshaling mechanism.

Nested classes/interfaces inherited from class iaik.xml.crypto.dom.DOMStructure

DOMStructure.NodeWrapper

Nested classes/interfaces inherited from interface javax.xml.crypto.dsig.XMLSignature

XMLSignature.SignatureValue

Field Summary

Fields

Modifier and Type	Field and Description
protected byte[]	calculatedSignatureValue_ The calculated and cached signature value.
protected String	id_ The Id attribute value.
protected KeyInfo	keyInfo_ The KeyInfo.
protected KeySelectorResult	keySelectorResult_ The result returned by the key selector.
protected List	objects_ The list of Objects.
static XMLSignatureProcessingHook	POST_SIGN_HOOK
static XMLSignatureProcessingHook	POST_VERIFY_HOOK
static XMLSignatureProcessingHook	PRE_SIGN_HOOK
static XMLSignatureProcessingHook	PRE_VERIFY_HOOK
protected XMLSignatureImpl.SignatureValueImpl	signatureValue_ The SignatureValue.
protected SignedInfoImpl	signedInfo_ The SignedInfo.
static int	STATE_SIGNED The state SIGNED.
protected boolean	valid_ Is this signature valid?
protected boolean	validated_ Has this signature been validated?

Fields inherited from class iaik.xml.crypto.dom.DOMStructure

implMap_, state_, STATE_CREATED, STATE_MARSHALED, STATE_UNINITIALIZED, STATE_UNMARSHALED

Fields inherited from interface javax.xml.crypto.dsig.XMLSignature

XMLNS

Constructor Summary

Constructors

Modifier	Constructor and Description
	XMLSignatureImpl(DOMCryptoContext context, Node node) Creates a new instance of this XMLSignatureImpl with the specified provider config, context and node to unmarshal from.
protected	XMLSignatureImpl(Node node) Creates a new instance of this XMLSignatureImpl with the specified provider config and node.
	XMLSignatureImpl(SignedInfoImpl signedInfo, KeyInfo keyInfo, List objects, String id, String signatureValueId) Creates a new instance of this XMLSignatureImpl with the specified provider config, SignedInfo, KeyInfo, list of XMLObjectImpls, id-attribute value and id-attribute value of the SignatureValue element.

Method Summary

Modifier and Type	Method and Description
protected void	assureDefaults(XMLCryptoContext context) This method assures, that the default values of certain properties have been set in the context.
protected void	calculateAndMarshalSignatureValue(DOMCryptoContext context, Key key) Calculates the signature value of this Signature and appends a SignatureValue element with the calculated signature value.
protected void	generateCore(DOMCryptoContext context) Generates the Signature according to the Core Generation rules defined in XML-Signature Syntax and Processing section 3.1 Core Generation.
protected List	getChildStructures() Returns the list of child structures of this DOMStructure.
String	getId() Returns the optional Id of this XMLSignature.
KeyInfo	getKeyInfo() Returns the key info of this XMLSignature.
KeySelectorResult	getKeySelectorResult() Returns the result of the KeySelector, if specified, after this XMLSignature has been signed or validated.
String	getLocalName() Returns the local name of the represented XML element.
List	getObjects() Returns an unmodifiable list of XMLObjects contained in this XMLSignature.
XMLSignature.SignatureValue	getSignatureValue() Returns the signature value of this XMLSignature.
SignedInfo	getSignedInfo() Returns the signed info of this XMLSignature.
Node	marshal(DOMCryptoContext context, Node parent, Node nextSibling) Marshal the DOM node representation of this DOMStructure and all its child DOMStructures.
protected void	marshalAttributes(DOMCryptoContext context, Element parent) Marshals the XML representation of all Attributes represented by this DOMStrucuture.
protected Attr	marshalIDAttribute(DOMCryptoContext context, Element parent) Marshals the XML representation of an optional Id-attribute represented by this DOMStructure.
protected void	putChildStructure(DOMStructure childStructure) Put an unmarshalled child structure.
protected void	selectKey(XMLCryptoContext context, KeySelector.Purpose purpose) Select the appropriate key for signing or validating the signature.
protected void	selectKeyAndGenerateSignature(DOMCryptoContext context) Selects a signing key and generates the Signature according to the Signature Generation rules defined in XML-Signature Syntax and Processing section 3.1.2 Signature Generation by calling calculateAndMarshalSignatureValue(javax.xml.crypto.dom.DOMCryptoContext, Key)
protected boolean	selectKeyAndValidateSignature(XMLValidateContext validateContext) Selects a verifying key and validates the Signature according to the Signature Validation rules defined in XML-Signature Syntax and Processing section 3.2.2 Signature Validation by calling validateSignatureValue(XMLValidateContext, Key)
void	sign(XMLSignContext signContext) Signs this XMLSignature.
void	unmarshal(DOMCryptoContext context) Unmarshals this DOMStructure from its XML representation.
protected void	unmarshalAttributes(NamedNodeMap attributes, DOMCryptoContext context) Unmarshal the given attributes.
protected void	unmarshalStructures(NodeList nodes, DOMCryptoContext context) Unmarshals DOMStructures from the given nodes.
boolean	validate(XMLValidateContext validateContext) Validates the signature according to the core validation processing rules .
protected boolean	validateCore(XMLValidateContext validateContext) Validates the Signature according to the Core Validation rules defined in XML-Signature Syntax and Processing section 3.2 Core Validation.
protected boolean	validateSignatureValue(XMLValidateContext validateContext, Key key) Validates the Signature according to the Signature Validation rules defined in XML-Signature Syntax and Processing section 3.2.2 Signature Validation by calling validateSignatureValue(XMLValidateContext, Key)

Methods inherited from class iaik.xml.crypto.dom.XmldsigDOMStructure

getNamespace, init

Methods inherited from class iaik.xml.crypto.dom.DOMStructure

addBytesToElement, addBytesToElement, clearMarshalling, clearMarshalling, getBytesFromElement, getBytesFromElementStream, getChildStructureVersion, getHere, getImplClass, getInstance, getInstance, getNode, getParentStructure, getParentStructureOf, getQualifiedName, getQualifiedName, hasNSDeclAttrInScope, isFeatureSupported, isNSDeclInScope, marshalElement, newIDforLookUp, putImplClass, setBackToCompatibilityPrior1_14, setNode, setParentStructure, toString, unmarshalElement, unmarshalIDAttribute, wrapNode

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface javax.xml.crypto.XMLStructure

isFeatureSupported

Field Detail

STATE_SIGNED

public static final int STATE_SIGNED

The state SIGNED.

See Also:

Constant Field Values

PRE_SIGN_HOOK

public static XMLSignatureProcessingHook PRE_SIGN_HOOK

POST_SIGN_HOOK

public static XMLSignatureProcessingHook POST_SIGN_HOOK

PRE_VERIFY_HOOK

public static XMLSignatureProcessingHook PRE_VERIFY_HOOK

POST_VERIFY_HOOK

public static XMLSignatureProcessingHook POST_VERIFY_HOOK

id_

protected String id_

The Id attribute value.

signedInfo_

protected SignedInfoImpl signedInfo_

The SignedInfo. (may not be null)

signatureValue_

protected XMLSignatureImpl.SignatureValueImpl signatureValue_

The SignatureValue. (may not be null)

keyInfo_

protected KeyInfo keyInfo_

The KeyInfo.

objects_

protected List objects_

The list of Objects. (may not be null)

keySelectorResult_

protected KeySelectorResult keySelectorResult_

The result returned by the key selector.

calculatedSignatureValue_

protected byte[] calculatedSignatureValue_

The calculated and cached signature value.

valid_

protected boolean valid_

Is this signature valid?

validated_

protected boolean validated_

Has this signature been validated?

Constructor Detail

XMLSignatureImpl

protected XMLSignatureImpl(Node node)
                    throws MarshalException

Creates a new instance of this XMLSignatureImpl with the specified provider config and node.

Parameters:

node - the node

Throws:

MarshalException - if an exception occurs during unmarshaling

XMLSignatureImpl

public XMLSignatureImpl(DOMCryptoContext context,
                        Node node)
                 throws MarshalException

Creates a new instance of this XMLSignatureImpl with the specified provider config, context and node to unmarshal from.

Parameters:

context - the context

node - the node to unmarshal from

Throws:

MarshalException - if an exception occurs during unmarshaling

XMLSignatureImpl

public XMLSignatureImpl(SignedInfoImpl signedInfo,
                        KeyInfo keyInfo,
                        List objects,
                        String id,
                        String signatureValueId)

Creates a new instance of this XMLSignatureImpl with the specified provider config, SignedInfo, KeyInfo, list of XMLObjectImpls, id-attribute value and id-attribute value of the SignatureValue element.

Parameters:

signedInfo - the SignedInfo

keyInfo - the KeyInfo (may be null)

objects - a list of XMLObjectImpls (may be null or empty)

id - the id-attribute value (may be null)

signatureValueId - the id-attribute value of the SignatureValue element (may be null)

Throws:

NullPointerException - if config or signedInfo is null

ClassCastException - if any of the objects is not of type XMLObjectImpl

Method Detail

getLocalName

public String getLocalName()

Description copied from class: DOMStructure

Returns the local name of the represented XML element.

Specified by:

getLocalName in class DOMStructure

Returns:

the local name of the represented XML element

See Also:

DOMStructure.getLocalName()

getKeyInfo

public KeyInfo getKeyInfo()

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Returns the key info of this XMLSignature.

Specified by:

getKeyInfo in interface XMLSignature

Returns:

the key info (may be null if not specified)

See Also:

XMLSignature.getKeyInfo()

getSignedInfo

public SignedInfo getSignedInfo()

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Returns the signed info of this XMLSignature.

Specified by:

getSignedInfo in interface XMLSignature

Returns:

the signed info (never null)

See Also:

XMLSignature.getSignedInfo()

getObjects

public List getObjects()

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Returns an unmodifiable list of XMLObjects contained in this XMLSignature.

Specified by:

getObjects in interface XMLSignature

Returns:

an unmodifiable list of XMLObject s (may be empty but never null)

See Also:

XMLSignature.getObjects()

getId

public String getId()

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Returns the optional Id of this XMLSignature.

Specified by:

getId in interface XMLSignature

Returns:

the Id (may be null if not specified)

See Also:

XMLSignature.getId()

getSignatureValue

public XMLSignature.SignatureValue getSignatureValue()

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Returns the signature value of this XMLSignature.

Specified by:

getSignatureValue in interface XMLSignature

Returns:

the signature value

See Also:

XMLSignature.getSignatureValue()

selectKey

protected void selectKey(XMLCryptoContext context,
                         KeySelector.Purpose purpose)
                  throws XMLSignatureException,
                         KeySelectorException

Select the appropriate key for signing or validating the signature.

Parameters:

context - the XMLCryptoContext to get the KeySelector from

purpose - the KeySelector.Purpose (may be KeySelector.Purpose.SIGN or KeySelector.Purpose.VERIFY)

Throws:

XMLSignatureException - if no signature method has been specified

KeySelectorException - if selecting the key fails for any reason

getKeySelectorResult

public KeySelectorResult getKeySelectorResult()

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Returns the result of the KeySelector, if specified, after this XMLSignature has been signed or validated.

Specified by:

getKeySelectorResult in interface XMLSignature

Returns:

the key selector result, or null if a key selector has not been specified or this XMLSignature has not been signed or validated

See Also:

XMLSignature.getKeySelectorResult()

getChildStructures

protected List getChildStructures()

Description copied from class: DOMStructure

Returns the list of child structures of this DOMStructure.

This method is called by DOMStructure.marshal(DOMCryptoContext, Node, Node).

A subclass has to overwrite this method to return a list of DOMStrucutres represented by this subclass.

Overrides:

getChildStructures in class DOMStructure

Returns:

a list of DOMStructures (may be empty, but never null)

See Also:

DOMStructure.getChildStructures()

putChildStructure

protected void putChildStructure(DOMStructure childStructure)
                          throws MarshalException

Description copied from class: DOMStructure

Put an unmarshalled child structure.

This method is called by DOMStructure.unmarshalStructures(NodeList, DOMCryptoContext) for every unmarshalled child structure.

A subclass has to overwrite this method to store the given child structure in its the corresponding field.

Overrides:

putChildStructure in class DOMStructure

Parameters:

childStructure - the unmarshalled child structure

Throws:

MarshalException

See Also:

DOMStructure.putChildStructure(iaik.xml.crypto.dom.DOMStructure)

marshalAttributes

protected void marshalAttributes(DOMCryptoContext context,
                                 Element parent)
                          throws MarshalException

Description copied from class: DOMStructure

Marshals the XML representation of all Attributes represented by this DOMStrucuture.

This method is called by DOMStructure.marshal(DOMCryptoContext, Node, Node).

If no namespace prefix is set in the context for the namespace of the Element represented by this DOMStructure an namespace declaration is marshaled and returned. Otherwise, an empty list is returned.

A subclass has to overwrite this method in order to marshal any additional attributes.

Overrides:

marshalAttributes in class DOMStructure

Parameters:

context - the marshal context

parent - the element is the parent of the attribute node created however, an the attribute node is not a child of it's parent element. see XPath.

Throws:

MarshalException - if an exception occurs during marshaling

See Also:

DOMStructure.marshalAttributes(DOMCryptoContext, Element)

marshalIDAttribute

protected Attr marshalIDAttribute(DOMCryptoContext context,
                                  Element parent)

Description copied from class: DOMStructure

Marshals the XML representation of an optional Id-attribute represented by this DOMStructure.

This method is called by DOMStructure.marshal(DOMCryptoContext, Node, Node).

A subclass has to overwrite this method in order to marshal an Id-attribute.

Overrides:

marshalIDAttribute in class DOMStructure

Parameters:

context - the marshal context

parent - the element is the parent of the attribute node created however, an the attribute node is not a child of it's parent element. see XPath.

Returns:

the marshaled Id-attribute if any, otherwise null

See Also:

DOMStructure.marshalIDAttribute(javax.xml.crypto.dom.DOMCryptoContext, Element)

unmarshalAttributes

protected void unmarshalAttributes(NamedNodeMap attributes,
                                   DOMCryptoContext context)
                            throws MarshalException

Description copied from class: DOMStructure

Unmarshal the given attributes.

This method is called by DOMStructure.unmarshal(DOMCryptoContext).

A subclass has to overwrite this method to perform any special unmarshaling required.

Overrides:

unmarshalAttributes in class DOMStructure

Parameters:

attributes - the Attributes to unmarshal

context - the marshal context

Throws:

MarshalException - if an exception occurs during unmarshaling

See Also:

DOMStructure.unmarshalAttributes(org.w3c.dom.NamedNodeMap, javax.xml.crypto.dom.DOMCryptoContext)

marshal

public Node marshal(DOMCryptoContext context,
                    Node parent,
                    Node nextSibling)
             throws MarshalException

Description copied from class: DOMStructure

Marshal the DOM node representation of this DOMStructure and all its child DOMStructures.
This method calls

• DOMStructure.marshalElement(DOMCryptoContext, Node, Node)
• DOMStructure.marshalAttributes(DOMCryptoContext, Element)
• DOMStructure.marshalIDAttribute(DOMCryptoContext, Element)
• and DOMStructure.marshal(DOMCryptoContext, Node, Node) for every DOMStructure returned by DOMStructure.getChildStructures().

Overrides:

marshal in class DOMStructure

Parameters:

context - the DOMMarshalContext holding context information about the marshaling of this DOMStructure

parent - where to place the marshalled node

nextSibling - before wich to place the marshalled node

Returns:

the DOM node representation of this DOMStrucuture and all its child DOMStructurues

Throws:

MarshalException - if the marshaling fails for any reason

See Also:

DOMStructure.marshal(DOMCryptoContext, Node, Node)

unmarshal

public void unmarshal(DOMCryptoContext context)
               throws MarshalException

Description copied from class: DOMStructure

Unmarshals this DOMStructure from its XML representation.
This method calls

• DOMStructure.unmarshalElement(DOMCryptoContext, Element)
• DOMStructure.unmarshalAttributes(NamedNodeMap, DOMCryptoContext)
• DOMStructure.unmarshalStructures(NodeList, DOMCryptoContext).

Overrides:

unmarshal in class DOMStructure

Parameters:

context - the marshaling context

Throws:

MarshalException - if an exception occurs during marshaling

See Also:

DOMStructure.unmarshal(javax.xml.crypto.dom.DOMCryptoContext)

unmarshalStructures

protected void unmarshalStructures(NodeList nodes,
                                   DOMCryptoContext context)
                            throws MarshalException

Description copied from class: DOMStructure

Unmarshals DOMStructures from the given nodes.

This method is called by DOMStructure.unmarshal(DOMCryptoContext).

This method calls DOMStructure.getInstance(Node, DOMCryptoContext) for every Element in the list of nodes. If DOMStructure.getInstance(Node, DOMCryptoContext) returns a DOMStructure DOMStructure.putChildStructure(DOMStructure) is called with the returned DOMStructure as parameter.

Overrides:

unmarshalStructures in class DOMStructure

Parameters:

nodes - the nodes to unmarshal from

context - the marshal context

Throws:

MarshalException - if an exception occurs during marshaling

See Also:

DOMStructure.unmarshalStructures(org.w3c.dom.NodeList, javax.xml.crypto.dom.DOMCryptoContext)

sign

public void sign(XMLSignContext signContext)
          throws MarshalException,
                 XMLSignatureException

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Signs this XMLSignature.

If this method throws an exception, this XMLSignature and the signContext parameter will be left in the state that it was in prior to the invocation.

Specified by:

sign in interface XMLSignature

Parameters:

signContext - the signing context

Throws:

MarshalException - if an exception occurs while marshalling

XMLSignatureException - if an unexpected exception occurs while generating the signature

See Also:

XMLSignature.sign(javax.xml.crypto.dsig.XMLSignContext)

generateCore

protected void generateCore(DOMCryptoContext context)
                     throws XMLSignatureException,
                            MarshalException

Generates the Signature according to the Core Generation rules defined in XML-Signature Syntax and Processing section 3.1 Core Generation.

NOTE: THIS METHOD ASSUMES THAT THE TREE MODEL WORKAROUND HAS ALREADY BEEN APPLIED!

Parameters:

context -

Throws:

XMLSignatureException

MarshalException

selectKeyAndGenerateSignature

protected void selectKeyAndGenerateSignature(DOMCryptoContext context)
                                      throws XMLSignatureException,
                                             MarshalException

Selects a signing key and generates the Signature according to the Signature Generation rules defined in XML-Signature Syntax and Processing section 3.1.2 Signature Generation by calling calculateAndMarshalSignatureValue(javax.xml.crypto.dom.DOMCryptoContext, Key)

Parameters:

context -

Throws:

XMLSignatureException

MarshalException

calculateAndMarshalSignatureValue

protected void calculateAndMarshalSignatureValue(DOMCryptoContext context,
                                                 Key key)
                                          throws XMLSignatureException,
                                                 MarshalException

Calculates the signature value of this Signature and appends a SignatureValue element with the calculated signature value.

Parameters:

context - the DOMMarshalContext for the signature value calculation and element marshaling

key - the Key for the signature value calculation

Throws:

XMLSignatureException - if calculating the signature value fails for any reason

MarshalException - if marshaling the SingnatureValue element fails for any reason

validate

public boolean validate(XMLValidateContext validateContext)
                 throws XMLSignatureException

Description copied from interface: javax.xml.crypto.dsig.XMLSignature

Validates the signature according to the core validation processing rules . This method validates the signature using the existing state, it does not unmarshal and reinitialize the contents of the XMLSignature using the location information specified in the context.

This method only validates the signature the first time it is invoked. On subsequent invocations, it returns a cached result.

Specified by:

validate in interface XMLSignature

Parameters:

validateContext - the validating context

Returns:

true if the signature passed core validation, otherwise false

Throws:

XMLSignatureException - if an unexpected error occurs during validation that prevented the validation operation from completing

See Also:

XMLSignature.validate(javax.xml.crypto.dsig.XMLValidateContext)

assureDefaults

protected void assureDefaults(XMLCryptoContext context)

This method assures, that the default values of certain properties have been set in the context.

Parameters:

context - the context to set the properties.

See Also:

DOMCryptoContext.setDefaultsIfNotSet(XMLCryptoContext), DOMCryptoContext.DOMCryptoContext()

validateCore

protected boolean validateCore(XMLValidateContext validateContext)
                        throws XMLSignatureException

Validates the Signature according to the Core Validation rules defined in XML-Signature Syntax and Processing section 3.2 Core Validation.

NOTE: THIS METHOD ASSUMES THAT THE TREE MODEL WORKAROUND HAS ALREADY BEEN APPLIED!

Parameters:

validateContext -

Returns:

true if this signature is core-valid, otherwise false

Throws:

XMLSignatureException

selectKeyAndValidateSignature

protected boolean selectKeyAndValidateSignature(XMLValidateContext validateContext)
                                         throws XMLSignatureException

Selects a verifying key and validates the Signature according to the Signature Validation rules defined in XML-Signature Syntax and Processing section 3.2.2 Signature Validation by calling validateSignatureValue(XMLValidateContext, Key)

NOTE: THIS METHOD ASSUMES THAT THE TREE MODEL WORKAROUND HAS ALREADY BEEN APPLIED!

Parameters:

validateContext -

Returns:

@throws XMLSignatureException

Throws:

XMLSignatureException

validateSignatureValue

protected boolean validateSignatureValue(XMLValidateContext validateContext,
                                         Key key)
                                  throws XMLSignatureException

Validates the Signature according to the Signature Validation rules defined in XML-Signature Syntax and Processing section 3.2.2 Signature Validation by calling validateSignatureValue(XMLValidateContext, Key)

NOTE: THIS METHOD ASSUMES THAT THE TREE MODEL WORKAROUND HAS ALREADY BEEN APPLIED!

Parameters:

validateContext -

Returns:

@throws XMLSignatureException

Throws:

XMLSignatureException