org.apache.xml.security.signature.Reference Java Examples

/**
 * Validate the Signature's SignedInfo Reference.
 * 
 * The SignedInfo must contain exactly 1 Reference.
 * 
 * @param apacheSig the Apache XML Signature instance
 * @return the valid Reference contained within the SignedInfo
 * @throws ValidationException thrown if the Signature does not contain exactly 1 Reference, or if there is an error
 *             obtaining the Reference instance
 */
protected Reference validateReference(XMLSignature apacheSig) throws ValidationException {
    int numReferences = apacheSig.getSignedInfo().getLength();
    if (numReferences != 1) {
        log.error("Signature SignedInfo had invalid number of References: " + numReferences);
        throw new ValidationException("Signature SignedInfo must have exactly 1 Reference element");
    }

    Reference ref = null;
    try {
        ref = apacheSig.getSignedInfo().item(0);
    } catch (XMLSecurityException e) {
        log.error("Apache XML Security exception obtaining Reference", e);
        throw new ValidationException("Could not obtain Reference from Signature/SignedInfo", e);
    }
    if (ref == null) {
        log.error("Signature Reference was null");
        throw new ValidationException("Signature Reference was null");
    }
    return ref;
}
 

@Override
public void addReference(Reference r) throws CannotAddDataToDigestInputException
{
    if (null == r)
    {
        throw new NullPointerException();
    }

    try
    {
        XMLSignatureInput refData = r.getContentsAfterTransformation();
        addToDigestInput(refData, r.getDocument());

    } catch (XMLSignatureException ex)
    {
        throw new CannotAddDataToDigestInputException(ex);
    }
}
 

/**
 * Validate an instance of {@link SignatureImpl}, which is in turn based on underlying Apache XML Security
 * <code>XMLSignature</code> instance.
 * 
 * @param sigImpl the signature implementation object to validate
 * @throws ValidationException thrown if the signature is not valid with respect to the profile
 */
protected void validateSignatureImpl(SignatureImpl sigImpl) throws ValidationException {

    if (sigImpl.getXMLSignature() == null) {
        log.error("SignatureImpl did not contain the an Apache XMLSignature child");
        throw new ValidationException("Apache XMLSignature does not exist on SignatureImpl");
    }
    XMLSignature apacheSig = sigImpl.getXMLSignature();

    if (!(sigImpl.getParent() instanceof SignableSAMLObject)) {
        log.error("Signature is not an immedidate child of a SignableSAMLObject");
        throw new ValidationException("Signature is not an immediate child of a SignableSAMLObject.");
    }
    SignableSAMLObject signableObject = (SignableSAMLObject) sigImpl.getParent();

    Reference ref = validateReference(apacheSig);

    String uri = ref.getURI();
    
    validateReferenceURI(uri, signableObject);

    validateTransforms(ref);
    
    validateObjectChildren(apacheSig);
}
 

/**
 * Checks if all the transforms in a ds:Reference are canonicalization transforms.
 * @param r the reference
 * @return true if all transforms are c14n, false otherwise.
 * @throws XMLSecurityException
 */
public static boolean allTransformsAreC14N(Reference r) throws XMLSecurityException
{
    Transforms transforms = r.getTransforms();
    try
    {
        for (int i = 0; i < transforms.getLength(); ++i)
        {
            Canonicalizer.getInstance(transforms.item(i).getURI());
        }
        return true;
    }
    catch (InvalidCanonicalizerException ex)
    {
        return false;
    }
}
 

@Override
protected BaseXAdESTimeStampData createPropDataObj(
        IndividualDataObjsTimeStampProperty prop,
        Algorithm c14n,
        TimeStampTokenRes tsTknRes,
        PropertiesDataGenerationContext ctx)
{
    Collection<DataObjectDesc> targetDataObjs = prop.getTargetDataObjects();
    Map<DataObjectDesc, Reference> refsMaps = ctx.getReferencesMappings();

    List<String> includes = new ArrayList<String>(targetDataObjs.size());
    for (DataObjectDesc dataObj : targetDataObjs)
    {
        Reference r = refsMaps.get(dataObj);
        includes.add('#' + r.getId());
    }

    prop.setTime(tsTknRes.timeStampTime);
    return new IndividualDataObjsTimeStampData(c14n, includes, tsTknRes.encodedTimeStampToken);
}
 

private List<DSSReference> buildReferences(DSSDocument document, List<DSSTransform> transforms) {

		DSSReference ref1 = new DSSReference();
		ref1.setContents(document);
		ref1.setId("r-" + document.getName());
		ref1.setTransforms(transforms);
		ref1.setType(Reference.OBJECT_URI);
		ref1.setUri('#' + document.getName());
		ref1.setDigestMethodAlgorithm(DigestAlgorithm.SHA256);
		
		List<DSSReference> refs = new ArrayList<>();
		refs.add(ref1);
		
		return refs;
		
	}
 

@Test
public void testAddNullReference() throws Exception
{
    System.out.println("addNullReference");

    Document doc = SignatureServicesTestBase.getNewDocument();

    SignedDataObjects dataObjsDescs = new SignedDataObjects()
        .withSignedDataObject(new AnonymousDataObjectReference("data".getBytes()));

    XMLSignature xmlSignature = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
    xmlSignature.setId("sigId");

    SignedDataObjectsProcessor processor = new SignedDataObjectsProcessor(new TestAlgorithmsProvider(), new AllwaysNullAlgsParamsMarshaller());
    Map<DataObjectDesc, Reference> result = processor.process(dataObjsDescs, xmlSignature);

    assertEquals(1, result.size());
    assertEquals(0, xmlSignature.getObjectLength());
    assertEquals(1, xmlSignature.getSignedInfo().getLength());

    Reference r = xmlSignature.getSignedInfo().item(0);
    assertNull(r.getElement().getAttributeNodeNS(Constants.SignatureSpecNS, "URI"));
}
 

/**
 * A simple constructor to be used when only unsigned signature properties
 * will be processed.
 * @param targetXmlSignature the target signature
 * @param algorithmsProvider algorithms in use
 */
PropertiesDataGenerationContext(XMLSignature targetXmlSignature) throws XAdES4jXMLSigException
{
    this.targetXmlSignature = targetXmlSignature;
    this.sigDocument = targetXmlSignature.getDocument();
    this.referencesMappings = null;

    SignedInfo signedInfo = targetXmlSignature.getSignedInfo();
    List<Reference> refs = new ArrayList<Reference>(signedInfo.getLength());
    for (int i = 0; i < signedInfo.getLength(); i++)
    {
        try
        {
            refs.add(signedInfo.item(i));
        } catch (XMLSecurityException ex)
        {
            throw new XAdES4jXMLSigException(String.format("Cannot process the %dth reference", i), ex);
        }
    }
    this.references = Collections.unmodifiableList(refs);
}
 

/**
 * @param orderedDataObjs
 * @param referencesMappings should be unmodifiable
 * @param elemInSigDoc
 * @param algorithmsProvider
 */
PropertiesDataGenerationContext(
        Collection<DataObjectDesc> orderedDataObjs,
        Map<DataObjectDesc, Reference> referencesMappings,
        Document sigDocument)
{
    this.referencesMappings = referencesMappings;
    this.sigDocument = sigDocument;

    List<Reference> orderedRefs = new ArrayList<Reference>(orderedDataObjs.size());
    for (DataObjectDesc dataObjDesc : orderedDataObjs)
    {
        orderedRefs.add(referencesMappings.get(dataObjDesc));
    }

    this.references = Collections.unmodifiableList(orderedRefs);
}
 

/**
 * Checks if the given {@value reference} is an occurrence of signed object
 * @param reference - Reference to check
 * @param signature - Signature, containing the given {@value reference}
 * @return - TRUE if the given {@value reference} is a signed object, FALSE otherwise
 */
private static boolean isReferenceLinkedToDocument(Reference reference, XAdESSignature signature) {
	String referenceType = reference.getType();
	// if type is not declared
	if (Utils.isStringEmpty(referenceType)) {
		String referenceUri = reference.getURI();
		referenceUri = DomUtils.getId(referenceUri);
		Element element = DomUtils.getElement(signature.getSignatureElement(), "./*" + DomUtils.getXPathByIdAttribute(referenceUri));
		if (element == null) { // if element is out of the signature node, it is a document
			return true;
		} else { // otherwise not a document
			return false;
		}
	// if type refers to object or manifest - it is a document
	} else if (DSSXMLUtils.isObjectReferenceType(referenceType) || DSSXMLUtils.isManifestReferenceType(referenceType) ||
			DSSXMLUtils.isCounterSignatureReferenceType(referenceType)) {
		return true;
	// otherwise not a document
	} else {
		return false;
	}
}
 

@Override
protected List<TimestampedReference> getIndividualContentTimestampedReferences(XAdESAttribute signedAttribute) {
	List<TimestampInclude> includes = signedAttribute.getTimestampIncludedReferences();
	List<TimestampedReference> timestampReferences = new ArrayList<>();
	for (Reference reference : references) {
		if (isContentTimestampedReference(reference, includes)) {
			for (SignatureScope signatureScope : signatureScopes) {
				if (Utils.endsWithIgnoreCase(reference.getURI(), signatureScope.getName())) {
					addReference(timestampReferences, new TimestampedReference(signatureScope.getDSSIdAsString(), TimestampedObjectType.SIGNED_DATA));
				}
			}
		}
	}
	return timestampReferences;
}
 

@Override
public DSSDocument getContentTimestampData(final TimestampToken timestampToken) {
	final TimestampType timeStampType = timestampToken.getTimeStampType();
	if (!timeStampType.isContentTimestamp()) {
		return null;
	}

	if (!checkTimestampTokenIncludes(timestampToken)) {
		throw new DSSException("The Included referencedData attribute is either not present or set to false!");
	}
	if (references.isEmpty()) {
		throw new DSSException("The method 'checkSignatureIntegrity' must be invoked first!");
	}

	final String canonicalizationMethod = timestampToken.getCanonicalizationMethod();
	final List<TimestampInclude> includes = timestampToken.getTimestampIncludes();

	try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
		for (final Reference reference : references) {
			if (isContentTimestampedReference(reference, timeStampType, includes)) {
				byte[] referenceBytes = getReferenceBytes(reference, canonicalizationMethod);
				outputStream.write(referenceBytes);
			}
		}
		byte[] byteArray = outputStream.toByteArray();
		if (LOG.isTraceEnabled()) {
			LOG.trace("IndividualDataObjectsTimestampData/AllDataObjectsTimestampData bytes: {}", new String(byteArray));
		}
		return new InMemoryDocument(byteArray);
	} catch (IOException | XMLSecurityException e) {
		if (LOG.isDebugEnabled()) {
			LOG.warn("Unable to extract IndividualDataObjectsTimestampData/AllDataObjectsTimestampData. Reason : {}", e.getMessage(), e);
		} else {
			LOG.warn("Unable to extract IndividualDataObjectsTimestampData/AllDataObjectsTimestampData. Reason : {}", e.getMessage());
		}
	}
	return null;

}
 

private void initDetachedSignatureResolvers(List<DSSDocument> detachedContents) {
	List<Reference> currentReferences = getReferences();
	for (Reference reference : currentReferences) {
		try {
			DigestAlgorithm digestAlgorithm = DigestAlgorithm.forXML(reference.getMessageDigestAlgorithm().getAlgorithmURI());
			santuarioSignature
					.addResourceResolver(new DetachedSignatureResolver(detachedContents, digestAlgorithm));
		} catch (XMLSignatureException e) {
			LOG.warn("Unable to retrieve reference digest algorithm {}", reference.getId(), e);
		}
	}
}
 

private void extractReferences() {
	references = new ArrayList<>();
	final XMLSignature currentSantuarioSignature = getSantuarioSignature();
	final SignedInfo signedInfo = currentSantuarioSignature.getSignedInfo();
	final int numberOfReferences = signedInfo.getLength();
	for (int ii = 0; ii < numberOfReferences; ii++) {
		try {
			final Reference reference = signedInfo.item(ii);
			references.add(reference);
		} catch (XMLSecurityException e) {
			LOG.warn("Unable to retrieve reference #{} : {}", ii, e.getMessage());
		}
	}
}
 

private void writeReferenceBytes(final Reference reference, ByteArrayOutputStream buffer) throws IOException {
	try {
		final byte[] referencedBytes = reference.getReferencedBytes();
		if (referencedBytes != null) {
			buffer.write(referencedBytes);
		} else {
			throw new DSSException(String.format("No binaries found for URI '%s'", reference.getURI()));
		}
	} catch (XMLSecurityException e) {
		throw new DSSException(String.format("Unable to retrieve content for URI '%s' : %s", reference.getURI(), e.getMessage()), e);
	}
}
 

private boolean isContentTimestampedReference(Reference reference, TimestampType timeStampType, List<TimestampInclude> includes) {
	if (TimestampType.ALL_DATA_OBJECTS_TIMESTAMP.equals(timeStampType)) {
		// All references are covered except the one referencing the SignedProperties
		return !DSSXMLUtils.isSignedProperties(reference, xadesPaths);
	} else {
		for (TimestampInclude timestampInclude : includes) {
			String id = timestampInclude.getURI();
			if (reference.getId().equals(id)) {
				return true;
			}
		}
		return false;
	}
}
 

private byte[] getReferenceBytes(final Reference reference, final String canonicalizationMethod) throws XMLSecurityException {
	byte[] referencedBytes = reference.getReferencedBytes();
	if (DomUtils.isDOM(referencedBytes)) {
		referencedBytes = DSSXMLUtils.canonicalize(canonicalizationMethod, referencedBytes);
	}
	if (LOG.isTraceEnabled()) {
		LOG.trace("ReferencedBytes : {}", new String(referencedBytes));
	}
	return referencedBytes;
}
 

private Element getSignedElement(Element root, Reference ref) {
    String rootId = root.getAttribute("ID");
    String expectedID = ref.getURI().substring(1);

    if (!expectedID.equals(rootId)) {
        return XMLUtils.findElementById(root, expectedID, true);
    }
    return root;
}
 

private boolean isContentTimestampedReference(Reference reference, List<TimestampInclude> includes) {
	for (TimestampInclude timestampInclude : includes) {
		if (reference.getId().equals(timestampInclude.getURI())) {
			return true;
		}
	}
	return false;
}
 

/**
 * Returns list of original signed documents
 * @param signature [{@link XAdESSignature} to find signed documents for
 * @return list of {@link DSSDocument}s
 */
public static List<DSSDocument> getSignerDocuments(XAdESSignature signature) {
	List<DSSDocument> result = new ArrayList<>();

	SignatureCryptographicVerification signatureCryptographicVerification = signature.getSignatureCryptographicVerification();
	if (!signatureCryptographicVerification.isSignatureValid()) {
		return result;
	}
	List<Reference> references = signature.getReferences();
	if (Utils.isCollectionNotEmpty(references)) {
		for (Reference reference : references) {
			try {
				if (isReferenceLinkedToDocument(reference, signature)) {
					DSSDocument referenceDocument = getReferenceDocument(reference, signature);
					if (referenceDocument != null) {
						result.add(referenceDocument);
					}
				}
			} catch (DSSException e) {
				LOG.warn("Not able to extract an original content for a reference with name '{}' and URI '{}'. "
						+ "Reason : {}", reference.getId(), reference.getURI(), e.getMessage());
			}
		}
		
	}
	return result;
}
 

private static DSSDocument getReferenceDocument(Reference reference, XAdESSignature signature) {
	if (reference.typeIsReferenceToObject()) {
		List<Element> signatureObjects = signature.getSignatureObjects();
		for (Element sigObject : signatureObjects) {
			Node referencedObject = sigObject;
			String objectId = sigObject.getAttribute("Id");
			if (Utils.endsWithIgnoreCase(reference.getURI(), objectId)) {
				if (reference.typeIsReferenceToObject() && sigObject.hasChildNodes()) {
					referencedObject = sigObject.getFirstChild();
				}
				byte[] bytes = DSSXMLUtils.getNodeBytes(referencedObject);
				if (bytes != null) {
					return new InMemoryDocument(bytes, objectId);
				}
			}
		}
	}
	
	// if not an object or object has not been found
	try {
		byte[] referencedBytes = reference.getReferencedBytes();
		if (referencedBytes != null) {
			return new InMemoryDocument(referencedBytes, reference.getURI());
		}
		LOG.warn("Reference bytes returned null value : {}", reference.getId());
	} catch (Exception e) {
		LOG.warn("Unable to retrieve reference {}. Reason : {}", reference.getId(), e.getMessage(), e);
	}
	
	if (LOG.isDebugEnabled()) {
		LOG.debug("A referenced document not found for a reference with Id : [{}]", reference.getId());
	}
	return null;
}
 

/**
 * Returns bytes of the original referenced data
 * @param reference {@link Reference} to get bytes from
 * @return byte array containing original data
 */
public static byte[] getReferenceOriginalContentBytes(Reference reference) {
	
	try {
		// returns bytes after transformation in case of enveloped signature
		Transforms transforms = reference.getTransforms();
		if (transforms != null) {
			Element transformsElement = transforms.getElement();
			NodeList transformChildNodes = transformsElement.getChildNodes();
			if (transformChildNodes != null && transformChildNodes.getLength() > 0) {
				for (int i = 0; i < transformChildNodes.getLength(); i++) {
					Node transformation = transformChildNodes.item(i);
					if (isEnvelopedTransform(transformation)) {
						return reference.getReferencedBytes();
					}
				    // if enveloped transformations are not applied to the signature go further and 
					// return bytes before transformation
				}
			}
		}
		
	} catch (XMLSecurityException | XMLSecurityRuntimeException e) {
		// if exception occurs during the transformations
		LOG.warn("Signature reference with id [{}] is corrupted or has an invalid format. "
				+ "Original data cannot be obtained. Reason: [{}]", reference.getId(), e.getMessage());
		
	}
	// otherwise bytes before transformation
	return getBytesBeforeTransformation(reference);
}
 

/**
 * Checks if the given reference is linked to a KeyInfo element
 * 
 * @param reference
 *                  the {@link Reference} to check
 * @param signature
 *                  the {@link Element} signature the given reference belongs to
 * @return TRUE if the reference is a KeyInfo reference, FALSE otherwise
 */
public static boolean isKeyInfoReference(final Reference reference, final Element signature) {
	String uri = reference.getURI();
	uri = DomUtils.getId(uri);
	Element element = DomUtils.getElement(signature, XMLDSigPaths.KEY_INFO_PATH + DomUtils.getXPathByIdAttribute(uri));
	if (element != null) {
		return true;
	}
	return false;
}
 

private String extractUri(Reference reference) {
	if (reference != null) {
		Element element = reference.getElement();
		if (element != null) {
			return DSSXMLUtils.getAttribute(element, XMLDSigAttribute.URI.getAttributeName());
		}
	}
	return null;
}
 

@BeforeEach
public void init() throws Exception {
	documentToSign = new FileDocument(new File("src/test/resources/sample.xml"));

	String referenceId = "TOTO";

	// Canonicalization is optional
	String canonicalizationAlgo = CanonicalizationMethod.EXCLUSIVE;

	List<DSSTransform> transforms = new ArrayList<>();
	Base64Transform dssTransform = new Base64Transform();
	transforms.add(dssTransform);

	List<DSSReference> references = new ArrayList<>();
	DSSReference dssReference = new DSSReference();
	dssReference.setContents(documentToSign);
	dssReference.setId(referenceId);
	dssReference.setUri("#" + documentToSign.getName());
	dssReference.setDigestMethodAlgorithm(DigestAlgorithm.SHA1);
	dssReference.setTransforms(transforms);
	dssReference.setType(Reference.OBJECT_URI);
	references.add(dssReference);

	signatureParameters = new XAdESSignatureParameters();
	signatureParameters.setSigningCertificate(getSigningCert());
	signatureParameters.setCertificateChain(getCertificateChain());
	signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING);
	signatureParameters.setSignatureLevel(SignatureLevel.XAdES_BASELINE_B);
	signatureParameters.setDigestAlgorithm(DigestAlgorithm.SHA1);
	signatureParameters.setReferences(references);

	byte[] digest = DSSUtils.digest(DigestAlgorithm.SHA1, DSSXMLUtils.canonicalize(canonicalizationAlgo, DSSUtils.toByteArray(documentToSign)));
	TimestampBinary timeStampResponse = getAlternateGoodTsa().getTimeStampResponse(DigestAlgorithm.SHA1, digest);
	TimestampToken timestampToken = new TimestampToken(timeStampResponse.getBytes(), TimestampType.INDIVIDUAL_DATA_OBJECTS_TIMESTAMP);
	timestampToken.setTimestampIncludes(Arrays.asList(new TimestampInclude(referenceId, true)));
	timestampToken.setCanonicalizationMethod(canonicalizationAlgo);
	signatureParameters.setContentTimestamps(Arrays.asList(timestampToken));

	service = new XAdESService(getOfflineCertificateVerifier());
}
 

private List<DSSReference> getReferences() {
	List<DSSReference> refs = new ArrayList<>();
	
	List<DSSTransform> transforms = new ArrayList<>();
	Base64Transform dssTransform = new Base64Transform();
	transforms.add(dssTransform);

	DSSReference ref1 = new DSSReference();
	ref1.setContents(doc1);
	ref1.setId("r-" + doc1.getName());
	ref1.setTransforms(transforms);
	ref1.setType(Reference.OBJECT_URI);
	ref1.setUri('#' + doc1.getName());
	ref1.setDigestMethodAlgorithm(DigestAlgorithm.SHA256);

	DSSReference ref2 = new DSSReference();
	ref2.setContents(doc2);
	ref2.setId("r-" + doc2.getName());
	ref2.setTransforms(transforms);
	ref2.setType(Reference.OBJECT_URI);
	ref2.setUri('#' + doc2.getName());
	ref2.setDigestMethodAlgorithm(DigestAlgorithm.SHA256);

	refs.add(ref1);
	refs.add(ref2);
	
	return refs;
}
 

protected Reference getReference(XMLSignature sig) {
    int count = sig.getSignedInfo().getLength();
    if (count != 1) {
        throwFault("Multiple Signature References are not currently supported", null);
    }
    try {
        return sig.getSignedInfo().item(0);
    } catch (XMLSecurityException ex) {
        throwFault("Signature Reference is not available", ex);
    }
    return null;
}
 

@Test
public void testProcess() throws Exception
{
    System.out.println("process");

    Document doc = getNewDocument();

    SignedDataObjects dataObjsDescs = new SignedDataObjects()
        .withSignedDataObject(new DataObjectReference("uri").withTransform(new EnvelopedSignatureTransform()))
        .withSignedDataObject(new EnvelopedXmlObject(doc.createElement("test1")))
        .withSignedDataObject(new EnvelopedXmlObject(doc.createElement("test2"), "text/xml", null));

    XMLSignature xmlSignature = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
    xmlSignature.setId("sigId");

    AllwaysNullAlgsParamsMarshaller algsParamsMarshaller = new AllwaysNullAlgsParamsMarshaller();

    SignedDataObjectsProcessor processor = new SignedDataObjectsProcessor(new TestAlgorithmsProvider(), algsParamsMarshaller);
    Map<DataObjectDesc, Reference> result = processor.process(dataObjsDescs, xmlSignature);

    assertEquals(dataObjsDescs.getDataObjectsDescs().size(), result.size());
    assertEquals(2, xmlSignature.getObjectLength());
    assertEquals(xmlSignature.getSignedInfo().getLength(), dataObjsDescs.getDataObjectsDescs().size());

    assertEquals(1, algsParamsMarshaller.getInvokeCount());
    Reference ref = xmlSignature.getSignedInfo().item(0);
    assertEquals(1, ref.getTransforms().getLength());

    ObjectContainer obj = xmlSignature.getObjectItem(1);
    assertEquals("text/xml", obj.getMimeType());
    assertTrue(StringUtils.isNullOrEmptyString(obj.getEncoding()));

}
 

@Override
protected void addPropSpecificTimeStampInput(
        IndividualDataObjsTimeStampProperty prop,
        TimeStampDigestInput digestInput,
        PropertiesDataGenerationContext ctx) throws CannotAddDataToDigestInputException
{
    Collection<DataObjectDesc> targetDataObjs = prop.getTargetDataObjects();
    Map<DataObjectDesc, Reference> refsMaps = ctx.getReferencesMappings();

    for (DataObjectDesc dataObj : targetDataObjs)
    {
        Reference r = refsMaps.get(dataObj);
        digestInput.addReference(r);
    }
}
 

@Override
protected void addPropSpecificTimeStampInput(
        AllDataObjsTimeStampProperty prop,
        TimeStampDigestInput digestInput,
        PropertiesDataGenerationContext ctx) throws CannotAddDataToDigestInputException
{
    List<Reference> refs = ctx.getReferences();
    for (Reference r : refs)
    {
        digestInput.addReference(r);
    }
}