Package Hierarchy
The six packages in the XML Digital Signature API are:
The
javax.xml.crypto
package contains common classes that are used to perform XML cryptographic operations, such as generating an XML signature or encrypting XML data. Two notable classes in this package are theKeySelector
class, which allows developers to supply implementations that locate and optionally validate keys using the information contained in aKeyInfo
object, and theURIDereferencer
class, which allows developers to create and specify their own URI dereferencing implementations.The
javax.xml.crypto.dsig
package includes interfaces that represent the core elements defined in the W3C XML digital signature specification. Of primary significance is theXMLSignature
class, which allows you to sign and validate an XML digital signature. Most of the XML signature structures or elements are represented by a corresponding interface (except for theKeyInfo
structures, which are included in their own package and are discussed in the next paragraph). These interfaces include:SignedInfo
,CanonicalizationMethod
,SignatureMethod
,Reference
,Transform
,DigestMethod
,XMLObject
,Manifest
,SignatureProperty
, andSignatureProperties
. TheXMLSignatureFactory
class is an abstract factory that is used to create objects that implement these interfaces.The
javax.xml.crypto.dsig.keyinfo
package contains interfaces that represent most of theKeyInfo
structures defined in the W3C XML digital signature recommendation, includingKeyInfo
,KeyName
,KeyValue
,X509Data
,X509IssuerSerial
,RetrievalMethod
, andPGPData
. TheKeyInfoFactory
class is an abstract factory that is used to create objects that implement these interfaces.The
javax.xml.crypto.dsig.spec
package contains interfaces and classes representing input parameters for the digest, signature, transform, or canonicalization algorithms used in the processing of XML signatures.Finally, the
javax.xml.crypto.dom
andjavax.xml.crypto.dsig.dom
packages contains DOM-specific classes for thejavax.xml.crypto
andjavax.xml.crypto.dsig
packages, respectively. Only developers and users who are creating or using a DOM-basedXMLSignatureFactory
orKeyInfoFactory
implementation should need to make direct use of these packages.