Java Code Examples for org.apache.xml.security.signature.Reference#getURI()

The following examples show how to use org.apache.xml.security.signature.Reference#getURI() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SAMLSignatureProfileValidator.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
/**
 * Validate an instance of {@link SignatureImpl}, which is in turn based on underlying Apache XML Security
 * <code>XMLSignature</code> instance.
 * 
 * @param sigImpl the signature implementation object to validate
 * @throws ValidationException thrown if the signature is not valid with respect to the profile
 */
protected void validateSignatureImpl(SignatureImpl sigImpl) throws ValidationException {

    if (sigImpl.getXMLSignature() == null) {
        log.error("SignatureImpl did not contain the an Apache XMLSignature child");
        throw new ValidationException("Apache XMLSignature does not exist on SignatureImpl");
    }
    XMLSignature apacheSig = sigImpl.getXMLSignature();

    if (!(sigImpl.getParent() instanceof SignableSAMLObject)) {
        log.error("Signature is not an immedidate child of a SignableSAMLObject");
        throw new ValidationException("Signature is not an immediate child of a SignableSAMLObject.");
    }
    SignableSAMLObject signableObject = (SignableSAMLObject) sigImpl.getParent();

    Reference ref = validateReference(apacheSig);

    String uri = ref.getURI();
    
    validateReferenceURI(uri, signableObject);

    validateTransforms(ref);
    
    validateObjectChildren(apacheSig);
}
Example 2
Source File: XAdESSignatureUtils.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up 
/**
 * Checks if the given {@value reference} is an occurrence of signed object
 * @param reference - Reference to check
 * @param signature - Signature, containing the given {@value reference}
 * @return - TRUE if the given {@value reference} is a signed object, FALSE otherwise
 */
private static boolean isReferenceLinkedToDocument(Reference reference, XAdESSignature signature) {
	String referenceType = reference.getType();
	// if type is not declared
	if (Utils.isStringEmpty(referenceType)) {
		String referenceUri = reference.getURI();
		referenceUri = DomUtils.getId(referenceUri);
		Element element = DomUtils.getElement(signature.getSignatureElement(), "./*" + DomUtils.getXPathByIdAttribute(referenceUri));
		if (element == null) { // if element is out of the signature node, it is a document
			return true;
		} else { // otherwise not a document
			return false;
		}
	// if type refers to object or manifest - it is a document
	} else if (DSSXMLUtils.isObjectReferenceType(referenceType) || DSSXMLUtils.isManifestReferenceType(referenceType) ||
			DSSXMLUtils.isCounterSignatureReferenceType(referenceType)) {
		return true;
	// otherwise not a document
	} else {
		return false;
	}
}
Example 3
Source File: XAdESSignatureUtils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up 
private static DSSDocument getReferenceDocument(Reference reference, XAdESSignature signature) {
	if (reference.typeIsReferenceToObject()) {
		List<Element> signatureObjects = signature.getSignatureObjects();
		for (Element sigObject : signatureObjects) {
			Node referencedObject = sigObject;
			String objectId = sigObject.getAttribute("Id");
			if (Utils.endsWithIgnoreCase(reference.getURI(), objectId)) {
				if (reference.typeIsReferenceToObject() && sigObject.hasChildNodes()) {
					referencedObject = sigObject.getFirstChild();
				}
				byte[] bytes = DSSXMLUtils.getNodeBytes(referencedObject);
				if (bytes != null) {
					return new InMemoryDocument(bytes, objectId);
				}
			}
		}
	}
	
	// if not an object or object has not been found
	try {
		byte[] referencedBytes = reference.getReferencedBytes();
		if (referencedBytes != null) {
			return new InMemoryDocument(referencedBytes, reference.getURI());
		}
		LOG.warn("Reference bytes returned null value : {}", reference.getId());
	} catch (Exception e) {
		LOG.warn("Unable to retrieve reference {}. Reason : {}", reference.getId(), e.getMessage(), e);
	}
	
	if (LOG.isDebugEnabled()) {
		LOG.debug("A referenced document not found for a reference with Id : [{}]", reference.getId());
	}
	return null;
}
Example 4
Source File: DSSXMLUtils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up 
/**
 * Checks if the given reference is linked to a KeyInfo element
 * 
 * @param reference
 *                  the {@link Reference} to check
 * @param signature
 *                  the {@link Element} signature the given reference belongs to
 * @return TRUE if the reference is a KeyInfo reference, FALSE otherwise
 */
public static boolean isKeyInfoReference(final Reference reference, final Element signature) {
	String uri = reference.getURI();
	uri = DomUtils.getId(uri);
	Element element = DomUtils.getElement(signature, XMLDSigPaths.KEY_INFO_PATH + DomUtils.getXPathByIdAttribute(uri));
	if (element != null) {
		return true;
	}
	return false;
}
Example 5
Source File: DataObjFormatVerifier.java    From xades4j with GNU Lesser General Public License v3.0 4 votes vote down vote up 
@Override
public QualifyingProperty verify(
        DataObjectFormatData propData,
        QualifyingPropertyVerificationContext ctx) throws DataObjectFormatVerificationException
{
    QualifyingPropertyVerificationContext.SignedObjectsData signedObjsData = ctx.getSignedObjectsData();
    String encoding = propData.getEncoding(), mimeType = propData.getMimeType();

    // XAdES G.2.2.8: "The verifier should check that the ObjectReference element
    // actually references one ds:Reference element from the signature."
    RawDataObjectDesc signedObj = signedObjsData.findSignedDataObject(propData.getObjectRef());
    if (null == signedObj)
        throw new DataObjectFormatReferenceException(propData.getObjectRef());

    // "In addition, should this property refer to a ds:Reference that in turn
    // refers to a ds:Object, the verifier should check the values of attributes
    // MimeType and Encoding (...)."
    Reference signedObjRef = signedObj.getReference();
    if (Reference.OBJECT_URI.equals(signedObjRef.getType()))
    {
        // Get the referenced Object.
        ObjectContainer signedObjObj = signedObjsData.findXMLObject(signedObjRef.getURI());
        if (null == signedObjObj)
            throw new DataObjectFormatReferenceException(signedObjRef.getURI());

        String objEncoding = signedObjObj.getEncoding(),
                objMimeType = signedObjObj.getMimeType();
        // Compare 'encoding' and 'mimeType', if present on both.
        if (StringUtils.differentStringsIfNotNullNorEmpty(objEncoding, encoding) ||
                StringUtils.differentStringsIfNotNullNorEmpty(objMimeType, mimeType))
            throw new DataObjectFormatMismatchException(mimeType, encoding, signedObjRef, signedObjObj);
    }

    // Create the property.
    DataObjectFormatProperty formatProp = new DataObjectFormatProperty(mimeType, encoding);
    formatProp.withDescription(propData.getDescription());

    Collection<String> docsUris = propData.getDocumentationUris();
    if (docsUris != null)
        formatProp.withDocumentationUris(docsUris);

    formatProp.withIdentifier(propData.getIdentifier());

    // Associate the property to the data object.
    signedObj.withDataObjectFormat(formatProp);
    return formatProp;
}