| Methods Summary |
|---|
| public void | addDocument(java.lang.String BaseURI, java.lang.String referenceURI, com.sun.org.apache.xml.internal.security.transforms.Transforms transforms, java.lang.String digestURI, java.lang.String ReferenceId, java.lang.String ReferenceType)This addDocument method is used to add a new resource to the
signed info. A {@link com.sun.org.apache.xml.internal.security.signature.Reference} is built
from the supplied values.
if (this._state == MODE_SIGN) {
// the this._doc is handed implicitly by the this.getOwnerDocument()
Reference ref = new Reference(this._doc, BaseURI, referenceURI, this,
transforms, digestURI);
if (ReferenceId != null) {
ref.setId(ReferenceId);
}
if (ReferenceType != null) {
ref.setType(ReferenceType);
}
// add Reference object to our cache vector
this._references.add(ref);
// add the Element of the Reference object to the Manifest/SignedInfo
this._constructionElement.appendChild(ref.getElement());
XMLUtils.addReturnToElement(this._constructionElement);
}
|
| public void | addResourceResolver(com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver resolver)Adds Resource Resolver for retrieving resources at specified URI attribute in reference element
if (resolver != null) {
this._perManifestResolvers.add(resolver);
}
|
| public void | addResourceResolver(com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverSpi resolverSpi)Adds Resource Resolver for retrieving resources at specified URI attribute in reference element
if (resolverSpi != null) {
this._perManifestResolvers.add(new ResourceResolver(resolverSpi));
}
|
| public void | generateDigestValues()The calculation of the DigestValues in the References must be after the
References are already added to the document and during the signing
process. This ensures that all neccesary data is in place.
if (this._state == MODE_SIGN) {
for (int i = 0; i < this.getLength(); i++) {
// update the cached Reference object, the Element content is automatically updated
Reference currentRef = (Reference) this._references.get(i);
currentRef.generateDigestValue();
}
}
|
| public java.lang.String | getBaseLocalName()Method getBaseLocalName
return Constants._TAG_MANIFEST;
|
| public java.lang.String | getId()Returns the Id attribute
return this._constructionElement.getAttributeNS(null, Constants._ATT_ID);
|
| public int | getLength()Return the nonnegative number of added references.
return this._references.size();
|
| public com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput | getReferencedContentAfterTransformsItem(int i)Method getReferencedContentAfterTransformsItem
return this.item(i).getContentsAfterTransformation();
|
| public com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput | getReferencedContentBeforeTransformsItem(int i)Method getReferencedContentPriorTransformsItem
return this.item(i).getContentsBeforeTransformation();
|
| public java.lang.String | getResolverProperty(java.lang.String key)Returns the value at specified key
return (String) this._resolverProperties.get(key);
|
| public byte[] | getSignedContentItem(int i)Method getSignedContentItem
try {
return this.getReferencedContentAfterTransformsItem(i).getBytes();
} catch (IOException ex) {
throw new XMLSignatureException("empty", ex);
} catch (CanonicalizationException ex) {
throw new XMLSignatureException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
throw new XMLSignatureException("empty", ex);
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}
|
| public int | getSignedContentLength()Method getSignedContentLength
return this.getLength();
|
| public boolean | getVerificationResult(int index)After verifying a {@link Manifest} or a {@link SignedInfo} using the
{@link Manifest#verifyReferences()} or {@link SignedInfo#verify()} methods,
the individual results can be retrieved with this method.
if ((index < 0) || (index > this.getLength() - 1)) {
Object exArgs[] = { Integer.toString(index),
Integer.toString(this.getLength()) };
Exception e =
new IndexOutOfBoundsException(I18n
.translate("signature.Verification.IndexOutOfBounds", exArgs));
throw new XMLSecurityException("generic.EmptyMessage", e);
}
if (this.verificationResults == null) {
try {
this.verifyReferences();
} catch (Exception ex) {
throw new XMLSecurityException("generic.EmptyMessage", ex);
}
}
return this.verificationResults[index];
|
| public com.sun.org.apache.xml.internal.security.signature.Reference | item(int i)Return the ith reference. Valid i
values are 0 to {link@ getSize}-1.
if (this._state == MODE_SIGN) {
// we already have real objects
return (Reference) this._references.get(i);
}
if (this._references.get(i) == null) {
// not yet constructed, so _we_ have to
Reference ref = new Reference(_referencesEl[i], this._baseURI, this);
this._references.set(i, ref);
}
return (Reference) this._references.get(i);
|
| public void | setId(java.lang.String Id)Sets the Id attribute
if ((this._state == MODE_SIGN) && (Id != null)) {
this._constructionElement.setAttributeNS(null, Constants._ATT_ID, Id);
IdResolver.registerElementById(this._constructionElement, Id);
}
|
| public void | setResolverProperty(java.lang.String key, java.lang.String value)Used to pass parameters like proxy servers etc to the ResourceResolver
implementation.
this._resolverProperties.put(key, value);
|
| private void | setVerificationResult(int index, boolean verify)Method setVerificationResult
if (this.verificationResults == null) {
this.verificationResults = new boolean[this.getLength()];
}
this.verificationResults[index] = verify;
|
| public boolean | verifyReferences(boolean followManifests)Used to do a reference
validation of all enclosed references using the {@link Reference#verify} method.
This step loops through all {@link Reference}s and does verify the hash
values. If one or more verifications fail, the method returns
false. If all verifications are successful,
it returns true. The results of the individual reference
validations are available by using the {@link #getVerificationResult(int)} method
if (_referencesEl==null) {
this._referencesEl =
XMLUtils.selectDsNodes(this._constructionElement.getFirstChild(),
Constants._TAG_REFERENCE);
}
if (true) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "verify " +_referencesEl.length + " References");
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "I am " + (followManifests
? ""
: "not") + " requested to follow nested Manifests");
}
boolean verify = true;
if (_referencesEl.length==0) {
throw new XMLSecurityException("empty");
}
this.verificationResults =
new boolean[_referencesEl.length];
for (int i =
0; i < this._referencesEl.length; i++) {
Reference currentRef =
new Reference(_referencesEl[i], this._baseURI, this);
this._references.set(i, currentRef);
/* if only one item does not verify, the whole verification fails */
try {
boolean currentRefVerified = currentRef.verify();
this.setVerificationResult(i, currentRefVerified);
if (!currentRefVerified) {
verify = false;
}
if (true)
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The Reference has Type " + currentRef.getType());
// was verification successful till now and do we want to verify the Manifest?
if (verify && followManifests
&& currentRef.typeIsReferenceToManifest()) {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have to follow a nested Manifest");
try {
XMLSignatureInput signedManifestNodes =
currentRef.dereferenceURIandPerformTransforms(null);
Set nl = signedManifestNodes.getNodeSet();
Manifest referencedManifest = null;
Iterator nlIterator = nl.iterator();
findManifest: while (nlIterator.hasNext()) {
Node n = (Node) nlIterator.next();
if ((n.getNodeType() == Node.ELEMENT_NODE) && ((Element) n)
.getNamespaceURI()
.equals(Constants.SignatureSpecNS) && ((Element) n)
.getLocalName().equals(Constants._TAG_MANIFEST)) {
try {
referencedManifest =
new Manifest((Element) n,
signedManifestNodes.getSourceURI());
break findManifest;
} catch (XMLSecurityException ex) {
// Hm, seems not to be a ds:Manifest
}
}
}
if (referencedManifest == null) {
// The Reference stated that it points to a ds:Manifest
// but we did not find a ds:Manifest in the signed area
throw new MissingResourceFailureException("empty",
currentRef);
}
referencedManifest._perManifestResolvers =
this._perManifestResolvers;
referencedManifest._resolverProperties =
this._resolverProperties;
boolean referencedManifestValid =
referencedManifest.verifyReferences(followManifests);
if (!referencedManifestValid) {
verify = false;
log.log(java.util.logging.Level.WARNING, "The nested Manifest was invalid (bad)");
} else {
if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "The nested Manifest was valid (good)");
}
} catch (IOException ex) {
throw new ReferenceNotInitializedException("empty", ex);
} catch (ParserConfigurationException ex) {
throw new ReferenceNotInitializedException("empty", ex);
} catch (SAXException ex) {
throw new ReferenceNotInitializedException("empty", ex);
}
}
} catch (ReferenceNotInitializedException ex) {
Object exArgs[] = { currentRef.getURI() };
throw new MissingResourceFailureException(
"signature.Verification.Reference.NoInput", exArgs, ex,
currentRef);
}
}
return verify;
|
| public boolean | verifyReferences()Used to do a reference
validation of all enclosed references using the {@link Reference#verify} method.
This step loops through all {@link Reference}s and does verify the hash
values. If one or more verifications fail, the method returns
false. If all verifications are successful,
it returns true. The results of the individual reference
validations are available by using the {@link #getVerificationResult(int)} method
return this.verifyReferences(false);
|
