public class XSReference extends ObjectReference
The following URI attribute values are supported:
java.net.URLStreamHandlerFactory
is installed.""
and "#foo"
."#xpointer(/)"
and "#xpointer(id('foo'))"
.The Reference's DigestMethod specifies the message digest algorithm to be used during signature and verification processing. Standard digest algorithm URI constants can be found in XMLURI
, including:
XMLURI.alg_sha1
XMLURI.alg_sha256
XMLURI.alg_sha384
XMLURI.alg_sha512
XMLURI.alg_md5
An optional Type URI may be used to indicate the type of the referenced data object. This URI should always be used if the Reference points to a Manifest object (see XMLURI.obj_Manifest
). Standard object type URI constants can be found in XMLURI
, including:
XMLURI.obj_Manifest
XMLURI.obj_Object
XMLURI.obj_SignatureProperties
XMLURI.obj_EncryptionProperties
XMLURI.obj_DHKeyValue
XMLURI.obj_DSAKeyValue
XMLURI.obj_EncryptedKey
XMLURI.obj_KeyName
XMLURI.obj_MgmtData
XMLURI.obj_PGPData
XMLURI.obj_rawX509Certificate
XMLURI.obj_RetrievalMethod
XMLURI.obj_RSAKeyValue
XMLURI.obj_SPKIData
XMLURI.obj_X509Data
XSSignature.createReference()
ObjectReference.CIDResolver
Constructor and Description |
---|
XSReference(org.w3c.dom.Document owner)
Creates a new
XSReference instance. |
XSReference(org.w3c.dom.Document owner, java.lang.String id)
Creates a new
XSReference instance. |
XSReference(org.w3c.dom.Document owner, java.lang.String id, java.lang.String uri, java.lang.String type)
Creates a new
XSReference instance. |
XSReference(org.w3c.dom.Element element)
Creates a new
XSReference instance from the given Element node. |
XSReference(org.w3c.dom.Element element, java.lang.String systemId)
Creates a new
XSReference instance from the given Element node. |
Modifier and Type | Method and Description |
---|---|
void |
addTransform(XSAlgorithmIdentifier trans)
Adds a Transform algorithm to the list of Transforms to be applied to the referenced data object.
|
void |
computeDigest()
Computes the bytes of the DigestValue for this Reference, after dereferencing and applying any specified transforms and/or canonicalization, and puts the resulting digest in this Reference's DigestValue element.
|
void |
computeDigest(byte[] dataObject)
Computes the bytes of the DigestValue for the given data, after applying any specified transforms and/or canonicalization, and puts the resulting digest in this Reference's DigestValue element.
|
void |
computeDigest(org.w3c.dom.Element dataObject)
Computes the bytes of the DigestValue for the given data, after applying any specified transforms and/or canonicalization, and puts the resulting digest in this Reference's DigestValue element.
|
void |
computeDigest(java.io.InputStream dataObject)
Computes the bytes of the DigestValue for the given data, after applying any specified transforms and/or canonicalization, and puts the resulting digest in this Reference's DigestValue element.
|
void |
computeDigest(org.w3c.dom.NodeList dataObject)
Computes the bytes of the DigestValue for the given data, after applying any specified transforms and/or canonicalization, and puts the resulting digest in this Reference's DigestValue element.
|
void |
computeDigest(java.util.Set dataObject)
Computes the bytes of the DigestValue for the given data, after applying any specified transforms and/or canonicalization, and puts the resulting digest in this Reference's DigestValue element.
|
byte[] |
getDigestedData()
Returns the pre digested data (after any Transforms have been applied) that was obtained as a result of calling one of the
computeDigest or validate methods. |
XSAlgorithmIdentifier |
getDigestMethod()
Returns the digest method for this Reference.
|
byte[] |
getDigestValue()
Returns the bytes of the digest of this Reference.
|
java.lang.String |
getId()
Returns the value of the Id attribute of this Reference.
|
XSManifest |
getManifest()
Returns the Manifest pointed to by this Reference that was obtained as a result of calling one of the
validate methods. |
java.lang.String |
getObjectType()
Returns the value of the Type attribute identifying the type of the referenced object.
|
java.lang.StringBuilder |
getSignatureDetails()
Return the digested data for signature and references.
|
java.lang.StringBuilder |
getValidationErrorMessage()
Return the digested data and related details for failed reference.
|
static boolean |
isAscii(byte[] data) |
void |
setDigestMethod(java.lang.String digestMethod)
Sets the DigestMethod element for this Reference, replacing any existing DigestMethod.
|
void |
setDigestMethod(XSAlgorithmIdentifier digestMethod)
Sets the DigestMethod element for this Reference, replacing any existing DigestMethod.
|
void |
setDigestValue(byte[] digestValue)
Sets the bytes of the digest of this Reference in the DigestValue element.
|
void |
setId(java.lang.String id)
Sets the Id attribute of this Reference.
|
void |
setObjectType(java.lang.String type)
Sets the Type attribute identifying the type of the referenced object.
|
boolean |
validate(boolean validateManifests)
Validates the digest for this Reference.
|
boolean |
validate(boolean validateManifests, byte[] dataObject)
Validates the digest for this Reference, using the given data object's bytes to re-calculate the digest.
|
boolean |
validate(boolean validateManifests, org.w3c.dom.Element dataObject)
Validates the digest for this Reference, using the given subtree to re-calculate the digest.
|
boolean |
validate(boolean validateManifests, java.io.InputStream dataObject)
Validates the digest for this Reference, using the given data object's bytes to re-calculate the digest.
|
boolean |
validate(boolean validateManifests, org.w3c.dom.NodeList dataObject)
Validates the digest for this Reference, using the given data object's node-set to re-calculate the digest.
|
boolean |
validate(boolean validateManifests, java.util.Set dataObject)
Validates the digest for this Reference, using the given data object's node-set to re-calculate the digest.
|
dereference, dereference, getTransforms, getURI, setCIDResolver, setURI
addNSPrefixAttr, addNSPrefixAttr, addNSPrefixAttrDefault, addNSPrefixAttrDefault, getAttribute, getAttributeNode, getAttributeNodeNS, getAttributeNS, getChildElementsByTagName, getChildElementsByTagName, getChildElementsByTagNameNS, getChildElementsByTagNameNS, getDefaultNSPrefix, getElement, getElementsByTagName, getElementsByTagNameNS, getTagName, hasAttribute, hasAttributeNS, removeAttribute, removeAttributeNode, removeAttributeNS, setAttribute, setAttributeNode, setAttributeNodeNS, setAttributeNS, setDefaultNSPrefix
appendChild, appendChild, appendTo, cloneNode, getAttributes, getChildNodes, getFirstChild, getLastChild, getLocalName, getNamespaceURI, getNextSibling, getNode, getNodeName, getNodeType, getNodeValue, getOwnerDocument, getParentNode, getPrefix, getPreviousSibling, getSystemId, hasAttributes, hasChildNodes, insertBefore, insertBefore, isSupported, normalize, removeChild, removeChild, replaceChild, replaceChild, setNodeValue, setPrefix, setSystemId, toBytesXML, toStringXML
public XSReference(org.w3c.dom.Element element) throws org.w3c.dom.DOMException
XSReference
instance from the given Element node.element
- An Element node in the XML document that conforms to the XML-DSIG Reference schema.org.w3c.dom.DOMException
public XSReference(org.w3c.dom.Element element, java.lang.String systemId) throws org.w3c.dom.DOMException
XSReference
instance from the given Element node.element
- An Element node in the XML document that conforms to the XML-DSIG Reference schema.systemId
- The URI string system ID for this element.org.w3c.dom.DOMException
XMLNode.setSystemId(java.lang.String)
public XSReference(org.w3c.dom.Document owner) throws org.w3c.dom.DOMException
XSReference
instance.owner
- The owner document of the new XSReference
.org.w3c.dom.DOMException
public XSReference(org.w3c.dom.Document owner, java.lang.String id) throws org.w3c.dom.DOMException
XSReference
instance.owner
- The owner document of the new XSReference
.id
- An optional string ID name for this Reference structure.org.w3c.dom.DOMException
public XSReference(org.w3c.dom.Document owner, java.lang.String id, java.lang.String uri, java.lang.String type) throws org.w3c.dom.DOMException
XSReference
instance.owner
- The owner document of the new XSReference
.id
- An optional string ID name for this Reference structure.uri
- A URI identifying the data object being referenced.type
- An optional URI identifying the type of the referenced data object.org.w3c.dom.DOMException
public void setId(java.lang.String id) throws org.w3c.dom.DOMException
id
- The ID name of this Reference.org.w3c.dom.DOMException
public java.lang.String getId()
null
if the attribute is missing.public void setObjectType(java.lang.String type) throws org.w3c.dom.DOMException
type
- A URI identifying the type of the referenced object.org.w3c.dom.DOMException
public java.lang.String getObjectType()
null
if the attribute is missing.public void addTransform(XSAlgorithmIdentifier trans) throws org.w3c.dom.DOMException
addTransform
in class ObjectReference
trans
- A XSAlgorithmIdentifier
instance.org.w3c.dom.DOMException
public void setDigestMethod(java.lang.String digestMethod) throws org.w3c.dom.DOMException
digestMethod
- A URI identifying this Reference's digest algorithm.org.w3c.dom.DOMException
public void setDigestMethod(XSAlgorithmIdentifier digestMethod) throws org.w3c.dom.DOMException
digestMethod
- A XSAlgorithmIdentifier
identifying this Reference's digest algorithm.org.w3c.dom.DOMException
public XSAlgorithmIdentifier getDigestMethod()
XSAlgorithmIdentifier
identifying this Reference's digest algorithm.public void setDigestValue(byte[] digestValue) throws org.w3c.dom.DOMException
digestValue
- A byte array containing this Reference's digest.org.w3c.dom.DOMException
public byte[] getDigestValue() throws org.w3c.dom.DOMException
org.w3c.dom.DOMException
public void computeDigest() throws ReferenceException, oracle.security.crypto.core.AlgorithmIdentifierException, org.w3c.dom.DOMException
If the data object is not to be obtained by dereferencing this Reference's URI (e.g., if the URI attribute is absent), use the computeDigest(byte[] input)
method.
oracle.security.crypto.core.AlgorithmIdentifierException
- If an error occurs using this Reference's digest method algorithm.ReferenceException
- If an error occurs retrieving the referenced data object or applying the transforms.org.w3c.dom.DOMException
- If an error occurs adding the DigestValue to the Reference.public void computeDigest(byte[] dataObject) throws ReferenceException, oracle.security.crypto.core.AlgorithmIdentifierException, org.w3c.dom.DOMException
Use this method if the data object is not to be obtained by dereferencing this Reference's URI. Otherwise, use the computeDigest()
method.
dataObject
- The bytes of the data object to be digested.oracle.security.crypto.core.AlgorithmIdentifierException
- If an error occurs using this Reference's digest method algorithm.ReferenceException
- If an error occurs retrieving the referenced data object or applying the transforms.org.w3c.dom.DOMException
- If an error occurs adding the DigestValue to the Reference.public void computeDigest(java.io.InputStream dataObject) throws ReferenceException, oracle.security.crypto.core.AlgorithmIdentifierException, org.w3c.dom.DOMException
Use this method if the data object is not to be obtained by dereferencing this Reference's URI. Otherwise, use the computeDigest()
method.
dataObject
- The bytes of the data object to be digested.oracle.security.crypto.core.AlgorithmIdentifierException
- If an error occurs using this Reference's digest method algorithm.ReferenceException
- If an error occurs retrieving the referenced data object or applying the transforms.org.w3c.dom.DOMException
- If an error occurs adding the DigestValue to the Reference.public void computeDigest(org.w3c.dom.NodeList dataObject) throws ReferenceException, oracle.security.crypto.core.AlgorithmIdentifierException, org.w3c.dom.DOMException
Use this method if the data object is not to be obtained by dereferencing this Reference's URI. Otherwise, use the computeDigest()
method.
dataObject
- The node-set of the data object to be digested.oracle.security.crypto.core.AlgorithmIdentifierException
- If an error occurs using this Reference's digest method algorithm.ReferenceException
- If an error occurs retrieving the referenced data object or applying the transforms.org.w3c.dom.DOMException
- If an error occurs adding the DigestValue to the Reference.public void computeDigest(java.util.Set dataObject) throws ReferenceException, oracle.security.crypto.core.AlgorithmIdentifierException, org.w3c.dom.DOMException
Use this method if the data object is not to be obtained by dereferencing this Reference's URI. Otherwise, use the computeDigest()
method.
dataObject
- The node-set of the data object to be digested.oracle.security.crypto.core.AlgorithmIdentifierException
- If an error occurs using this Reference's digest method algorithm.ReferenceException
- If an error occurs retrieving the referenced data object or applying the transforms.org.w3c.dom.DOMException
- If an error occurs adding the DigestValue to the Reference.public void computeDigest(org.w3c.dom.Element dataObject) throws ReferenceException, oracle.security.crypto.core.AlgorithmIdentifierException, org.w3c.dom.DOMException
Use this method if the data object is not to be obtained by dereferencing this Reference's URI. Otherwise, use the computeDigest()
method.
dataObject
- The subtree of the data object to be digested.oracle.security.crypto.core.AlgorithmIdentifierException
- If an error occurs using this Reference's digest method algorithm.ReferenceException
- If an error occurs retrieving the referenced data object or applying the transforms.org.w3c.dom.DOMException
- If an error occurs adding the DigestValue to the Reference.public boolean validate(boolean validateManifests) throws ReferenceException
validateManifests
- If true
, nested Manifests pointed to by References will have their enclosed References validated as well.true
if the digest is valid. Returns false
if the digest is invalid, or if it cannot be validated because the URI attribute is absent.ReferenceException
- If an error occurs retrieving the referenced data object, applying the transforms or computing the digest value.public boolean validate(boolean validateManifests, byte[] dataObject) throws ReferenceException
validateManifests
- If true
, nested Manifests pointed to by References will have their enclosed References validated as well.dataObject
- The bytes of the data object to be digested, if the data is not to be obtained by dereferencing this Reference's URI (e.g., the URI attribute is absent).true
if the digest is valid. Returns false
if the digest is invalid, or if it cannot be validated because the URI attribute is absent and the data object's bytes are not provided.ReferenceException
- If an error occurs retrieving the referenced data object, applying the transforms or computing the digest value.public boolean validate(boolean validateManifests, java.io.InputStream dataObject) throws ReferenceException
validateManifests
- If true
, nested Manifests pointed to by References will have their enclosed References validated as well.dataObject
- The bytes of the data object to be digested, if the data is not to be obtained by dereferencing this Reference's URI (e.g., the URI attribute is absent).true
if the digest is valid. Returns false
if the digest is invalid, or if it cannot be validated because the URI attribute is absent and the data object's bytes are not provided.ReferenceException
- If an error occurs retrieving the referenced data object, applying the transforms or computing the digest value.public boolean validate(boolean validateManifests, org.w3c.dom.NodeList dataObject) throws ReferenceException
validateManifests
- If true
, nested Manifests pointed to by References will have their enclosed References validated as well.dataObject
- The node-set of the data object to be digested, if the data is not to be obtained by dereferencing this Reference's URI (e.g., the URI attribute is absent).true
if the digest is valid. Returns false
if the digest is invalid, or if it cannot be validated because the URI attribute is absent and the data object's nodes-set is not provided.ReferenceException
- If an error occurs retrieving the referenced data object, applying the transforms or computing the digest value.public boolean validate(boolean validateManifests, java.util.Set dataObject) throws ReferenceException
validateManifests
- If true
, nested Manifests pointed to by References will have their enclosed References validated as well.dataObject
- The node-set of the data object to be digested, if the data is not to be obtained by dereferencing this Reference's URI (e.g., the URI attribute is absent).true
if the digest is valid. Returns false
if the digest is invalid, or if it cannot be validated because the URI attribute is absent and the data object's nodes-set is not provided.ReferenceException
- If an error occurs retrieving the referenced data object, applying the transforms or computing the digest value.public boolean validate(boolean validateManifests, org.w3c.dom.Element dataObject) throws ReferenceException
validateManifests
- If true
, nested Manifests pointed to by References will have their enclosed References validated as well.dataObject
- The subtree which is obtained by resolving the URI. If null, the URI will be dereferenced and transforms applies on that, otherwise the URI dereferencing step will be skipped, and transforms will be applied to the passed in subtreetrue
if the digest is valid. Returns false
if the digest is invalid, or if it cannot be validated because the URI attribute is absent and the data object's subtree is not provided.ReferenceException
- If an error occurs retrieving the referenced data object, applying the transforms or computing the digest value.public byte[] getDigestedData()
computeDigest
or validate
methods. Unless you set xml.debug.digest or xml.debug.verify this will return nullnull
if computeDigest()
or validate
has not yet been invoked for this XSReference
.computeDigest()
, computeDigest(byte[] dataObject)
, validate(boolean validateManifests)
, validate(boolean validateManifests, byte[] dataObject)
public XSManifest getManifest()
validate
methods.XSManifest
object, or null
if this Reference does not deference to a Manifest, or if validate
has not yet been invoked for this XSReference
.validate(boolean validateManifests)
, validate(boolean validateManifests, byte[] dataObject)
public static boolean isAscii(byte[] data)
public java.lang.StringBuilder getValidationErrorMessage()
public java.lang.StringBuilder getSignatureDetails()