Class Reference
- java.lang.Object
-
- org.apache.xml.security.utils.ElementProxy
-
- org.apache.xml.security.utils.SignatureElementProxy
-
- org.apache.xml.security.signature.Reference
-
public class Reference extends SignatureElementProxy
Handles<ds:Reference>
elements. This includes: Construct ads:Reference
from anElement
.Create a new reference
Document doc; MessageDigestAlgorithm sha1 = MessageDigestAlgorithm.getInstance("http://#sha1"); Reference ref = new Reference(new XMLSignatureInput(new FileInputStream("1.gif"), "http://localhost/1.gif", (Transforms) null, sha1); Element refElem = ref.toElement(doc);
Verify a reference
Element refElem = doc.getElement("Reference"); // PSEUDO Reference ref = new Reference(refElem); String url = ref.getURI(); ref.setData(new XMLSignatureInput(new FileInputStream(url))); if (ref.verify()) { System.out.println("verified"); }
<element name="Reference" type="ds:ReferenceType"/> <complexType name="ReferenceType"> <sequence> <element ref="ds:Transforms" minOccurs="0"/> <element ref="ds:DigestMethod"/> <element ref="ds:DigestValue"/> </sequence> <attribute name="Id" type="ID" use="optional"/> <attribute name="URI" type="anyURI" use="optional"/> <attribute name="Type" type="anyURI" use="optional"/> </complexType>
- See Also:
ObjectContainer
,Manifest
-
-
Field Summary
Fields Modifier and Type Field Description private org.w3c.dom.Element
digestMethodElem
private org.w3c.dom.Element
digestValueElement
private static org.slf4j.Logger
LOG
private Manifest
manifest
static java.lang.String
MANIFEST_URI
Field MANIFEST_URIstatic int
MAXIMUM_TRANSFORM_COUNT
The maximum number of transforms per reference, if secure validation is enabled.static java.lang.String
OBJECT_URI
Field OBJECT_URIprivate ReferenceData
referenceData
private boolean
secureValidation
private Transforms
transforms
private XMLSignatureInput
transformsOutput
private static boolean
useC14N11
Look up useC14N11 system property.-
Fields inherited from class org.apache.xml.security.utils.ElementProxy
baseURI
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
Reference(org.w3c.dom.Document doc, java.lang.String baseURI, java.lang.String referenceURI, Manifest manifest, Transforms transforms, java.lang.String messageDigestAlgorithm)
Constructor Referenceprotected
Reference(org.w3c.dom.Element element, java.lang.String baseURI, Manifest manifest)
Build aReference
from anElement
protected
Reference(org.w3c.dom.Element element, java.lang.String baseURI, Manifest manifest, boolean secureValidation)
Build aReference
from anElement
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private void
cacheDereferencedElement(XMLSignatureInput input)
Store the dereferenced Element(s) so that it/they can be retrieved later.private byte[]
calculateDigest(boolean validating)
Method calculateDigestprotected XMLSignatureInput
dereferenceURIandPerformTransforms(java.io.OutputStream os)
This method returns theXMLSignatureInput
which is referenced by theURI
Attribute.void
generateDigestValue()
Method generateDigestValuejava.lang.String
getBaseLocalName()
Method getBaseLocalName Returns the localname of the Elements of the sub-class.XMLSignatureInput
getContentsAfterTransformation()
Returns the XMLSignatureInput which is the result of the Transforms.private XMLSignatureInput
getContentsAfterTransformation(XMLSignatureInput input, java.io.OutputStream os)
XMLSignatureInput
getContentsBeforeTransformation()
Returns the XMLSignatureInput which is created by de-referencing the URI attribute.byte[]
getDigestValue()
Returns the digest value.java.lang.String
getHTMLRepresentation()
Method getHTMLRepresentationjava.lang.String
getId()
Returns theId
attribute of thisReference
elementMessageDigestAlgorithm
getMessageDigestAlgorithm()
ReturnsMessageDigestAlgorithm
XMLSignatureInput
getNodesetBeforeFirstCanonicalization()
This method returns the XMLSignatureInput which represents the node set before some kind of canonicalization is applied for the first time.private byte[]
getPreCalculatedDigest(XMLSignatureInput input)
Get the pre-calculated digest value from the XMLSignatureInput.ReferenceData
getReferenceData()
Get the ReferenceData that corresponds to the cached representation of the dereferenced object before transformation.byte[]
getReferencedBytes()
Method getReferencedBytesTransforms
getTransforms()
Method getTransformsXMLSignatureInput
getTransformsOutput()
This method only works after a call to verify.java.lang.String
getType()
Return thetype
atttibute of the Reference indicate whether ands:Object
,ds:SignatureProperty
, ords:Manifest
elementjava.lang.String
getURI()
Returns theURI
of thisReference
elementprivate void
setDigestValueElement(byte[] digestValue)
Method setDigestValueElementvoid
setId(java.lang.String id)
Sets theId
attribute of thisReference
elementvoid
setType(java.lang.String type)
Sets thetype
atttibute of the Reference indicate whether ands:Object
,ds:SignatureProperty
, ords:Manifest
element.void
setURI(java.lang.String uri)
Sets theURI
of thisReference
elementboolean
typeIsReferenceToManifest()
Method isReferenceToManifest This returns true if theType
attribute of theReference
element points to a#Manifest
elementboolean
typeIsReferenceToObject()
Method isReferenceToObject This returns true if theType
attribute of theReference
element points to a#Object
elementboolean
verify()
Tests reference validation is success or false-
Methods inherited from class org.apache.xml.security.utils.SignatureElementProxy
getBaseNamespace
-
Methods inherited from class org.apache.xml.security.utils.ElementProxy
addBase64Element, addBase64Text, addBigIntegerElement, addReturnToSelf, addText, addTextElement, appendOther, appendSelf, appendSelf, createElementForFamily, createElementForFamilyLocal, createText, getBaseURI, getBigIntegerFromChildElement, getBytesFromTextChild, getDefaultPrefix, getDocument, getElement, getElementPlusReturns, getFirstChild, getLocalAttribute, getTextFromChildElement, getTextFromTextChild, length, registerDefaultPrefixes, setDefaultPrefix, setDocument, setElement, setElement, setLocalAttribute, setLocalIdAttribute, setXPathNamespaceContext
-
-
-
-
Field Detail
-
OBJECT_URI
public static final java.lang.String OBJECT_URI
Field OBJECT_URI- See Also:
- Constant Field Values
-
MANIFEST_URI
public static final java.lang.String MANIFEST_URI
Field MANIFEST_URI- See Also:
- Constant Field Values
-
MAXIMUM_TRANSFORM_COUNT
public static final int MAXIMUM_TRANSFORM_COUNT
The maximum number of transforms per reference, if secure validation is enabled.- See Also:
- Constant Field Values
-
secureValidation
private boolean secureValidation
-
useC14N11
private static boolean useC14N11
Look up useC14N11 system property. If true, an explicit C14N11 transform will be added if necessary when generating the signature. See section 3.1.1 of http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ for more info.
-
LOG
private static final org.slf4j.Logger LOG
-
manifest
private Manifest manifest
-
transformsOutput
private XMLSignatureInput transformsOutput
-
transforms
private Transforms transforms
-
digestMethodElem
private org.w3c.dom.Element digestMethodElem
-
digestValueElement
private org.w3c.dom.Element digestValueElement
-
referenceData
private ReferenceData referenceData
-
-
Constructor Detail
-
Reference
protected Reference(org.w3c.dom.Document doc, java.lang.String baseURI, java.lang.String referenceURI, Manifest manifest, Transforms transforms, java.lang.String messageDigestAlgorithm) throws XMLSignatureException
Constructor Reference- Parameters:
doc
- theDocument
in whichXMLsignature
is placedbaseURI
- the URI of the resource where the XML instance will be storedreferenceURI
- URI indicate where is data which will digestedmanifest
-transforms
-Transforms
applied to datamessageDigestAlgorithm
-Digest algorithm
which is applied to the data TODO should we throw XMLSignatureException if MessageDigestAlgoURI is wrong?- Throws:
XMLSignatureException
-
Reference
protected Reference(org.w3c.dom.Element element, java.lang.String baseURI, Manifest manifest) throws XMLSecurityException
Build aReference
from anElement
- Parameters:
element
-Reference
elementbaseURI
- the URI of the resource where the XML instance was storedmanifest
- is theManifest
ofSignedInfo
in which the Reference occurs. We need this because the Manifest has the individualResourceResolver
s which have been set by the user- Throws:
XMLSecurityException
-
Reference
protected Reference(org.w3c.dom.Element element, java.lang.String baseURI, Manifest manifest, boolean secureValidation) throws XMLSecurityException
Build aReference
from anElement
- Parameters:
element
-Reference
elementbaseURI
- the URI of the resource where the XML instance was storedmanifest
- is theManifest
ofSignedInfo
in which the Reference occurs.secureValidation
- whether secure validation is enabled or not We need this because the Manifest has the individualResourceResolver
s which have been set by the user- Throws:
XMLSecurityException
-
-
Method Detail
-
getMessageDigestAlgorithm
public MessageDigestAlgorithm getMessageDigestAlgorithm() throws XMLSignatureException
ReturnsMessageDigestAlgorithm
- Returns:
MessageDigestAlgorithm
- Throws:
XMLSignatureException
-
setURI
public void setURI(java.lang.String uri)
Sets theURI
of thisReference
element- Parameters:
uri
- theURI
of thisReference
element
-
getURI
public java.lang.String getURI()
Returns theURI
of thisReference
element- Returns:
- URI the
URI
of thisReference
element
-
setId
public void setId(java.lang.String id)
Sets theId
attribute of thisReference
element- Parameters:
id
- theId
attribute of thisReference
element
-
getId
public java.lang.String getId()
Returns theId
attribute of thisReference
element- Returns:
- Id the
Id
attribute of thisReference
element
-
setType
public void setType(java.lang.String type)
Sets thetype
atttibute of the Reference indicate whether ands:Object
,ds:SignatureProperty
, ords:Manifest
element.- Parameters:
type
- thetype
attribute of the Reference
-
getType
public java.lang.String getType()
Return thetype
atttibute of the Reference indicate whether ands:Object
,ds:SignatureProperty
, ords:Manifest
element- Returns:
- the
type
attribute of the Reference
-
typeIsReferenceToObject
public boolean typeIsReferenceToObject()
Method isReferenceToObject This returns true if theType
attribute of theReference
element points to a#Object
element- Returns:
- true if the Reference type indicates that this Reference points to an
Object
-
typeIsReferenceToManifest
public boolean typeIsReferenceToManifest()
Method isReferenceToManifest This returns true if theType
attribute of theReference
element points to a#Manifest
element- Returns:
- true if the Reference type indicates that this Reference points to a
Manifest
-
setDigestValueElement
private void setDigestValueElement(byte[] digestValue)
Method setDigestValueElement- Parameters:
digestValue
-
-
generateDigestValue
public void generateDigestValue() throws XMLSignatureException, ReferenceNotInitializedException
Method generateDigestValue
-
getContentsBeforeTransformation
public XMLSignatureInput getContentsBeforeTransformation() throws ReferenceNotInitializedException
Returns the XMLSignatureInput which is created by de-referencing the URI attribute.- Returns:
- the XMLSignatureInput of the source of this reference
- Throws:
ReferenceNotInitializedException
- If the resolver found any problem resolving the reference
-
getContentsAfterTransformation
private XMLSignatureInput getContentsAfterTransformation(XMLSignatureInput input, java.io.OutputStream os) throws XMLSignatureException
- Throws:
XMLSignatureException
-
getContentsAfterTransformation
public XMLSignatureInput getContentsAfterTransformation() throws XMLSignatureException
Returns the XMLSignatureInput which is the result of the Transforms.- Returns:
- a XMLSignatureInput with all transformations applied.
- Throws:
XMLSignatureException
-
getNodesetBeforeFirstCanonicalization
public XMLSignatureInput getNodesetBeforeFirstCanonicalization() throws XMLSignatureException
This method returns the XMLSignatureInput which represents the node set before some kind of canonicalization is applied for the first time.- Returns:
- Gets a the node doing everything till the first c14n is needed
- Throws:
XMLSignatureException
-
getHTMLRepresentation
public java.lang.String getHTMLRepresentation() throws XMLSignatureException
Method getHTMLRepresentation- Returns:
- The HTML of the transformation
- Throws:
XMLSignatureException
-
getTransformsOutput
public XMLSignatureInput getTransformsOutput()
This method only works after a call to verify.- Returns:
- the transformed output(i.e. what is going to be digested).
-
getReferenceData
public ReferenceData getReferenceData()
Get the ReferenceData that corresponds to the cached representation of the dereferenced object before transformation.
-
dereferenceURIandPerformTransforms
protected XMLSignatureInput dereferenceURIandPerformTransforms(java.io.OutputStream os) throws XMLSignatureException
This method returns theXMLSignatureInput
which is referenced by theURI
Attribute.- Parameters:
os
- where to write the transformation can be null.- Returns:
- the element to digest
- Throws:
XMLSignatureException
- See Also:
Manifest.verifyReferences()
-
cacheDereferencedElement
private void cacheDereferencedElement(XMLSignatureInput input)
Store the dereferenced Element(s) so that it/they can be retrieved later.
-
getTransforms
public Transforms getTransforms() throws XMLSignatureException, InvalidTransformException, TransformationException, XMLSecurityException
Method getTransforms- Returns:
- The transforms that applied this reference.
- Throws:
InvalidTransformException
TransformationException
XMLSecurityException
XMLSignatureException
-
getReferencedBytes
public byte[] getReferencedBytes() throws ReferenceNotInitializedException, XMLSignatureException
Method getReferencedBytes- Returns:
- the bytes that will be used to generated digest.
- Throws:
ReferenceNotInitializedException
XMLSignatureException
-
calculateDigest
private byte[] calculateDigest(boolean validating) throws ReferenceNotInitializedException, XMLSignatureException
Method calculateDigest- Parameters:
validating
- true if validating the reference- Returns:
- reference Calculate the digest of this reference.
- Throws:
ReferenceNotInitializedException
XMLSignatureException
-
getPreCalculatedDigest
private byte[] getPreCalculatedDigest(XMLSignatureInput input) throws ReferenceNotInitializedException
Get the pre-calculated digest value from the XMLSignatureInput.- Parameters:
input
- XMLSignature- Returns:
- a pre-calculated digest value.
- Throws:
ReferenceNotInitializedException
- if there is an error decoding digest value in Base64. Properly encoded pre-calculated digest value must be set.
-
getDigestValue
public byte[] getDigestValue() throws XMLSecurityException
Returns the digest value.- Returns:
- the digest value.
- Throws:
XMLSecurityException
- if the Reference does not contain a DigestValue element
-
verify
public boolean verify() throws ReferenceNotInitializedException, XMLSecurityException
Tests reference validation is success or false- Returns:
- true if reference validation is success, otherwise false
- Throws:
ReferenceNotInitializedException
XMLSecurityException
-
getBaseLocalName
public java.lang.String getBaseLocalName()
Method getBaseLocalName Returns the localname of the Elements of the sub-class.- Specified by:
getBaseLocalName
in classElementProxy
- Returns:
- the localname of the Elements of the sub-class.
-
-