Signature

public abstract class Signature extends HeaderElement

An ebXML Signature is a HeaderElement in HeaderContainer [ebMSS 4.1.1 and 4.1.3].

This class is a partial implementation of the XML-Signature Syntax and Processing / RFC 3275. Please refer to these documents for details.

Author:cyng

See also: ` XML-Signature Syntax and Processing <http://www.w3.org/TR/xmldsig-core/>`_

Fields

ATTRIBUTE_ALGORITHM

public static final String ATTRIBUTE_ALGORITHM

Name of the Algorithm attribute.

ATTRIBUTE_ID

public static final String ATTRIBUTE_ID

Name of the Id attribute.

ATTRIBUTE_URI

public static final String ATTRIBUTE_URI

Name of the URI attribute.

CANONICALIZATION_METHOD

public static final String CANONICALIZATION_METHOD

Namespace URI of the canonicalization method as specified in Exclusive XML Canonicalization Version 1.0.

CHARACTER_ENCODING

public static final String CHARACTER_ENCODING

Default character coding.

DIGEST_ALGORITHM

public static final String DIGEST_ALGORITHM

Name of the message digest algorithm.

DIGEST_METHOD

public static final String DIGEST_METHOD

Name of the Digest method required, qualified by namespace [XMLDSIG 6.1].

ELEMENT_CANONICALIZATION_METHOD

public static final String ELEMENT_CANONICALIZATION_METHOD

Name of the Canonicalization Method element [ebMSS 4.1.3, XMLDSIG 4.3.1] used in signature generation.

ELEMENT_DIGEST_METHOD

public static final String ELEMENT_DIGEST_METHOD

Name of the DigestMethod element which specifies the digest algorithm to be applied to the signed object [XMLDSIG 4.3.3.5].

ELEMENT_DIGEST_VALUE

public static final String ELEMENT_DIGEST_VALUE

Name of the DigestValue element which contains the encoded value of the digest [XMLDSIG 4.3.3.6].

ELEMENT_KEY_INFO

public static final String ELEMENT_KEY_INFO

Name of the KeyInfo element which enables the recipient(s) to obtain the key needed to validate the signature [XMLDSIG 4.4].

ELEMENT_OBJECT

public static final String ELEMENT_OBJECT

Name of the Object element [XMLDSIG 4.5].

ELEMENT_REFERENCE

public static final String ELEMENT_REFERENCE

Name of the Reference element which specifies a digest algorithm and digest value and other optional information [ebMSS 4.1.3, XMLDSIG 4.3.3].

ELEMENT_SIGNATURE

public static final String ELEMENT_SIGNATURE

Name of the Signature element [ebMSS 4.1.1, XMLDSIG 4.1].

ELEMENT_SIGNATURE_METHOD

public static final String ELEMENT_SIGNATURE_METHOD

Name of the Signature Method element [ebMSS 4.1.3, XMLDSIG 4.3.2].

ELEMENT_SIGNATURE_VALUE

public static final String ELEMENT_SIGNATURE_VALUE

Name of the Signature Value element [ebMSS 4.1.3, XMLDSIG 4.2].

ELEMENT_SIGNED_INFO

public static final String ELEMENT_SIGNED_INFO

Name of the SignedInfo element [ebMSS 4.1.3, XMLDSIG 4.3] containing information about the signature. They include:

  • Canonicalization method
  • Signature method
  • References made during signature generation

ELEMENT_TRANSFORM

public static final String ELEMENT_TRANSFORM

Name of the Transform element which describes the transformation applied on the data object [XMLDSIG 4.3.3.4]. Transformation algorithms are described in XMLDSIG 6.6: Transform Algorithms.

ELEMENT_TRANSFORMS

public static final String ELEMENT_TRANSFORMS

Name of the Transforms element which is an ordered list of transformations applied to obtain the data object to be signed [XMLDSIG 4.3.3.4].

ELEMENT_X509_CERTIFICATE

public static final String ELEMENT_X509_CERTIFICATE

Name of the X509Certificate element which contains a binary (ASN.1 DER) X.509 Certificate [XMLDSIG 4.4].

ELEMENT_X509_DATA

public static final String ELEMENT_X509_DATA

Name of the X509Data element which contains identifier(s) of keys or X509 certificates [XMLDSIG 4.4.4].

ELEMENT_XPATH

public static final String ELEMENT_XPATH

Name of the XPath element [XMLDSIG 6.6.3].

NAMESPACE_PREFIX_DS

public static final String NAMESPACE_PREFIX_DS

Namespace prefix of Signature.

NAMESPACE_URI_DS

public static final String NAMESPACE_URI_DS

Namespace URI of Signature.

SIGNATURE_ALGORITHM

public static final String SIGNATURE_ALGORITHM

Name of the digital signature algorithm.

SIGNATURE_METHOD

public static final String SIGNATURE_METHOD

Name of the digital signature method required, qualified by the digital signature namespace [XMLDSIG 6.1].

TRANSFORM_ALGORITHM_ENVELOPED_SIGNATURE

public static final String TRANSFORM_ALGORITHM_ENVELOPED_SIGNATURE

Name of the enveloped signature required, qualified by the digital signature namespace [XMLDSIG 6.1].

TRANSFORM_ALGORITHM_XPATH

public static final String TRANSFORM_ALGORITHM_XPATH

Name of the XPath transform algorithm recommended [XMLDSIG 6.1].

TRANSFORM_XPATH

public static final String TRANSFORM_XPATH

XPath transform string used in the implementation.

references

final ArrayList references

signatureValue

String signatureValue

Constructors

Signature

Signature(SOAPEnvelope soapEnvelope, String localName, String prefix, String uri)

Initializes the Signature object using the given SOAPEnvelope, local name, namespace prefix and namespace URI.

Parameters:
  • soapEnvelopeSOAPEnvelope on which digital signature will be applied.
  • localName – Local name of the signature element.
  • prefix – Namespace prefix of the signature element.
  • uri – Namespace URI of the signature element.
Throws:
  • SOAPException

Signature

Signature(SOAPEnvelope soapEnvelope, SOAPElement soapElement)

Methods

addReference

abstract void addReference(String uri)

Add a reference URI to this Signature.

Parameters:
  • uri – Reference URI to be added.
Throws:

getReferences

public Iterator getReferences()

getSignatureValue

String getSignatureValue()

newInstance

static Signature newInstance(EbxmlMessage ebxmlMessage)

Get a new instance of Signature which will be used to sign or verify the given EbxmlMessage

newInstance

static Signature newInstance(SOAPEnvelope soapEnvelope, SOAPElement soapElement)

newInstance

static Signature newInstance(EbxmlMessage ebxmlMessage, SOAPEnvelope soapEnvelope, SOAPElement soapElement)

sign

abstract void sign(String username, char[] password)

Sign the EbxmlMessage with the username and password used to retrieve private key from the keystore.

Parameters:
  • username – User name required to open the private key.
  • password – Password required to open the private key.
Throws:

sign

abstract void sign(String username, char[] password, String keyStoreLocation, String algorithm)

Sign the EbxmlMessage with the username and password used to retrieve private key from the keystore

Parameters:
  • username – User name required to open the private key.
  • password – Password required to open the private key.
  • keyStoreLocation – File location of the keystore.
  • algorithm – Name of the algorithm used to sign the message.
Throws:

sign

abstract void sign(String username, char[] password, String keyStoreLocation, String algorithm, String digestAlgo, boolean signEnvelopeOnly)

Sign the EbxmlMessage with the username and password used to retrieve private key from the keystore

Parameters:
  • username – User name required to open the private key.
  • password – Password required to open the private key.
  • keyStoreLocation – File location of the keystore.
  • algorithm – Name of the algorithm used to sign the message.
  • digestAlgo – Name of the algorithm used to make the digest.
  • signEnvelopeOnly – whether sign the envelope only.,
Throws:

sign

abstract void sign(String username, char[] password, String keyStoreLocation)

Sign the EbxmlMessage with the username and password used to retrieve private key from the keystore

Parameters:
  • username – User name required to open the private key.
  • password – Password required to open the private key.
  • keyStoreLocation – File location of the keystore.
Throws:

sign

abstract void sign(String username, char[] password, String keyStoreLocation, String type, String provider)

Sign the EbxmlMessage with the username and password used to retrieve private key from the keystore.

Parameters:
  • username – User name required to open the private key.
  • password – Password required to open the private key.
  • keyStoreLocation – File location of the keystore
  • type
  • provider
Throws:

sign

abstract void sign(java.security.PrivateKey privateKey, java.security.cert.X509Certificate[] certificates)

Sign the EbxmlMessage using the private key supplied and attach X.509 certificates to the signature.

Parameters:
  • privateKey – Private key used to sign the message.
  • certificates – List of certificates to be included in the signature.
Throws:

verify

abstract boolean verify(char[] password, String keyStoreLocation, CertResolver certResolver, DataSource datasource)

Verify the message using trusted keystore.

Parameters:
  • password – Password to open the keystore.
  • keyStoreLocation – File location of the key store.
  • certResolver – Resolve a certificate chain in order to verify the message. If it is null, the certificate chain is extracted directly from the element in the message.
Throws:
Returns:

true if the digital signature is valid; false otherwise.

verify

abstract boolean verify(org.w3c.dom.Element documentElement, java.security.PublicKey publicKey)

Verify the XML signature of the EbxmlMessage

Parameters:
  • documentElement – Document fragment which contains the digital signature.
  • publicKey – Public key used to verify the digitall signature.
Throws:
Returns:

true if digital signature is valid; false otherwise.

verify

abstract boolean verify(java.security.PublicKey publicKey)

Verify the XML signature of the EbxmlMessage

Parameters:
  • publicKey – Public key used to verify the digitall signature.
Throws:
Returns:

true if digital signature is valid; false otherwise.