FileDocCategorySizeDatePackage
SignedInfo.javaAPI DocJava SE 6 API13414Tue Jun 10 00:23:04 BST 2008com.sun.org.apache.xml.internal.security.signature

SignedInfo

public class SignedInfo extends Manifest
Handles <ds:SignedInfo> elements This SignedInfo element includes the canonicalization algorithm, a signature algorithm, and one or more references
author
Christian Geuer-Pollmann

Fields Summary
private SignatureAlgorithm
_signatureAlgorithm
Field _signatureAlgorithm
private byte[]
_c14nizedBytes
Field _c14nizedBytes
Constructors Summary
public SignedInfo(Document doc)
Overwrites {@link Manifest#addDocument} because it creates another Element.

param
doc the {@link Document} in which XMLsignature will be placed
throws
XMLSecurityException


                            
        
      this(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA, Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
   
public SignedInfo(Document doc, String SignatureMethodURI, String CanonicalizationMethodURI)
Constructs {@link SignedInfo} using given Canoicaliztion algorithm and Signature algorithm

param
doc SignedInfo is placed in this document
param
CanonicalizationMethodURI URI representation of the Canonicalization method
param
SignatureMethodURI URI representation of the Digest and Signature algorithm
throws
XMLSecurityException

      this(doc, SignatureMethodURI, 0, CanonicalizationMethodURI);
   
public SignedInfo(Document doc, String SignatureMethodURI, int HMACOutputLength, String CanonicalizationMethodURI)
Constructor SignedInfo

param
doc
param
CanonicalizationMethodURI
param
SignatureMethodURI
param
HMACOutputLength
throws
XMLSecurityException


      super(doc);

      // XMLUtils.addReturnToElement(this._constructionElement);
      {
         Element canonElem = XMLUtils.createElementInSignatureSpace(this._doc,
                                Constants._TAG_CANONICALIZATIONMETHOD);

         canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM,
                                CanonicalizationMethodURI);
         this._constructionElement.appendChild(canonElem);
         XMLUtils.addReturnToElement(this._constructionElement);
      }
      {
         if (HMACOutputLength > 0) {
            this._signatureAlgorithm = new SignatureAlgorithm(this._doc,
                    SignatureMethodURI, HMACOutputLength);
         } else {
            this._signatureAlgorithm = new SignatureAlgorithm(this._doc,
                    SignatureMethodURI);
         }

         this._constructionElement
            .appendChild(this._signatureAlgorithm.getElement());
         XMLUtils.addReturnToElement(this._constructionElement);
      }
   
public SignedInfo(Document doc, Element SignatureMethodElem, Element CanonicalizationMethodElem)

param
doc
param
SignatureMethodElem
param
CanonicalizationMethodElem
throws
XMLSecurityException


      super(doc);

      this._constructionElement.appendChild(CanonicalizationMethodElem);
      XMLUtils.addReturnToElement(this._constructionElement);

      this._signatureAlgorithm = new SignatureAlgorithm(SignatureMethodElem, null);

      this._constructionElement
         .appendChild(this._signatureAlgorithm.getElement());
      XMLUtils.addReturnToElement(this._constructionElement);
   
public SignedInfo(Element element, String BaseURI)
Build a {@link SignedInfo} from an {@link Element}

param
element SignedInfo
param
BaseURI the URI of the resource where the XML instance was stored
throws
XMLSecurityException
see
Question
see
Answer


      // Parse the Reference children and Id attribute in the Manifest
      super(element, BaseURI);

      /* canonicalize ds:SignedInfo, reparse it into a new document
       * and replace the original not-canonicalized ds:SignedInfo by
       * the re-parsed canonicalized one.
       */
      String c14nMethodURI=this.getCanonicalizationMethodURI();
     if (!(c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315") ||
      		c14nMethodURI.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments") ||
			c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") ||
			c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) {
      	//The c14n is not a secure one and can rewrite the URIs or like that reparse the SignedInfo to be sure    
      try {
         Canonicalizer c14nizer =
            Canonicalizer.getInstance(this.getCanonicalizationMethodURI());

         this._c14nizedBytes =
            c14nizer.canonicalizeSubtree(this._constructionElement);
         javax.xml.parsers.DocumentBuilderFactory dbf =
            javax.xml.parsers.DocumentBuilderFactory.newInstance();

         dbf.setNamespaceAware(true);

         javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();        
         org.w3c.dom.Document newdoc =
            db.parse(new ByteArrayInputStream(this._c14nizedBytes));
         Node imported = this._doc.importNode(newdoc.getDocumentElement(),
                                              true);

         this._constructionElement.getParentNode().replaceChild(imported,
                 this._constructionElement);

         this._constructionElement = (Element) imported;
      } catch (ParserConfigurationException ex) {
         throw new XMLSecurityException("empty", ex);
      } catch (IOException ex) {
         throw new XMLSecurityException("empty", ex);
      } catch (SAXException ex) {
         throw new XMLSecurityException("empty", ex);
      }
      }
      this._signatureAlgorithm =
         new SignatureAlgorithm(this.getSignatureMethodElement(),
                                this.getBaseURI());
   
Methods Summary
public javax.crypto.SecretKeycreateSecretKey(byte[] secretKeyBytes)
Creates a SecretKey for the appropriate Mac algorithm based on a byte[] array password.

param
secretKeyBytes
return
the secret key for the SignedInfo element.


      return new SecretKeySpec(secretKeyBytes,
                               this._signatureAlgorithm
                                  .getJCEAlgorithmString());
   
public java.lang.StringgetBaseLocalName()
Method getBaseLocalName

inheritDoc

      return Constants._TAG_SIGNEDINFO;
   
public java.lang.StringgetCanonicalizationMethodURI()
Returns the Canonicalization method URI

return
the Canonicalization method URI


    Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
     Constants._TAG_CANONICALIZATIONMETHOD,0);
     if (el==null) {
     	return null;
     }
     return el.getAttributeNS(null, Constants._ATT_ALGORITHM);    
   
public byte[]getCanonicalizedOctetStream()
Returns getCanonicalizedOctetStream

return
the canonicalization result octedt stream of SignedInfo element
throws
CanonicalizationException
throws
InvalidCanonicalizerException
throws
XMLSecurityException


      if ((this._c14nizedBytes == null)
              /*&& (this._state == ElementProxy.MODE_SIGN)*/) {
         Canonicalizer c14nizer =
            Canonicalizer.getInstance(this.getCanonicalizationMethodURI());

         this._c14nizedBytes =
            c14nizer.canonicalizeSubtree(this._constructionElement);
      }

      // make defensive copy
      byte[] output = new byte[this._c14nizedBytes.length];

      System.arraycopy(this._c14nizedBytes, 0, output, 0, output.length);

      return output;
   
public java.lang.StringgetInclusiveNamespaces()


    Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
     Constants._TAG_CANONICALIZATIONMETHOD,0);
     if (el==null) {
     	return null;
     }

     String c14nMethodURI = el.getAttributeNS(null, Constants._ATT_ALGORITHM);
     if(!(c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") ||
			c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) {
                return null;
            }

     Element inclusiveElement = XMLUtils.selectNode(
             el.getFirstChild(),InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
        InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);

     if(inclusiveElement != null)
     {
         try
         {
             String inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement,
                         InclusiveNamespaces.ExclusiveCanonicalizationNamespace).getInclusiveNamespaces();
             return inclusiveNamespaces;
         }
         catch (XMLSecurityException e)
         {
             return null;
         }
     }
     return null;
    
public org.w3c.dom.ElementgetSignatureMethodElement()
Method getSignatureMethodElement

return
gets The SignatureMethod Node.

      return XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
        Constants._TAG_SIGNATUREMETHOD,0);
   
public java.lang.StringgetSignatureMethodURI()
Returns the Signature method URI

return
the Signature method URI


      Element signatureElement = this.getSignatureMethodElement();

      if (signatureElement != null) {
         return signatureElement.getAttributeNS(null, Constants._ATT_ALGORITHM);
      }

      return null;
   
public voidsignInOctectStream(java.io.OutputStream os)
Output the C14n stream to the give outputstream.

param
os
throws
CanonicalizationException
throws
InvalidCanonicalizerException
throws
XMLSecurityException


   	if ((this._c14nizedBytes == null)) {
       Canonicalizer c14nizer =
          Canonicalizer.getInstance(this.getCanonicalizationMethodURI());
       c14nizer.setWriter(os);
       String inclusiveNamespaces = this.getInclusiveNamespaces();

       if(inclusiveNamespaces == null)
        c14nizer.canonicalizeSubtree(this._constructionElement);
       else
        c14nizer.canonicalizeSubtree(this._constructionElement, inclusiveNamespaces);
    } else {
        try {
			os.write(this._c14nizedBytes);
		} catch (IOException e) {
			throw new RuntimeException(""+e);
		}  
    }    
   
public booleanverify()
Tests core validation process

return
true if verification was successful
throws
MissingResourceFailureException
throws
XMLSecurityException

      return super.verifyReferences(false);
   
public booleanverify(boolean followManifests)
Tests core validation process

param
followManifests defines whether the verification process has to verify referenced ds:Manifests, too
return
true if verification was successful
throws
MissingResourceFailureException
throws
XMLSecurityException

      return super.verifyReferences(followManifests);