1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223
/* * Portions copyright 2006 Sun Microsystems, Inc. All rights reserved. */ /* * =========================================================================== * * (C) Copyright IBM Corp. 2003 All Rights Reserved. * * =========================================================================== */ /* * $Id: XMLSignature.java,v 1.10 2005/05/10 16:03:48 mullan Exp $ */ package javax.xml.crypto.dsig; import javax.xml.crypto.KeySelector; import javax.xml.crypto.KeySelectorResult; import javax.xml.crypto.MarshalException; import javax.xml.crypto.XMLStructure; import javax.xml.crypto.dsig.keyinfo.KeyInfo; import java.security.Signature; import java.util.List; /** * A representation of the XML <code>Signature</code> element as * defined in the <a href="http://www.w3.org/TR/xmldsig-core/"> * W3C Recommendation for XML-Signature Syntax and Processing</a>. * This class contains methods for signing and validating XML signatures * with behavior as defined by the W3C specification. The XML Schema Definition * is defined as: * <pre><code> * <element name="Signature" type="ds:SignatureType"/> * <complexType name="SignatureType"> * <sequence> * <element ref="ds:SignedInfo"/> * <element ref="ds:SignatureValue"/> * <element ref="ds:KeyInfo" minOccurs="0"/> * <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> * </sequence> * <attribute name="Id" type="ID" use="optional"/> * </complexType> * </code></pre> * <p> * An <code>XMLSignature</code> instance may be created by invoking one of the * {@link XMLSignatureFactory#newXMLSignature newXMLSignature} methods of the * {@link XMLSignatureFactory} class. * * <p>If the contents of the underlying document containing the * <code>XMLSignature</code> are subsequently modified, the behavior is * undefined. * * <p>Note that this class is named <code>XMLSignature</code> rather than * <code>Signature</code> to avoid naming clashes with the existing * {@link Signature java.security.Signature} class. * * @see XMLSignatureFactory#newXMLSignature(SignedInfo, KeyInfo) * @see XMLSignatureFactory#newXMLSignature(SignedInfo, KeyInfo, List, String, String) * @author Joyce L. Leung * @author Sean Mullan * @author Erwin van der Koogh * @author JSR 105 Expert Group * @since 1.6 */ public interface XMLSignature extends XMLStructure { /** * The XML Namespace URI of the W3C Recommendation for XML-Signature * Syntax and Processing. */ final static String XMLNS = "http://www.w3.org/2000/09/xmldsig#"; /** * Validates the signature according to the * <a href="http://www.w3.org/TR/xmldsig-core/#sec-CoreValidation"> * core validation processing rules</a>. This method validates the * signature using the existing state, it does not unmarshal and * reinitialize the contents of the <code>XMLSignature</code> using the * location information specified in the context. * * <p>This method only validates the signature the first time it is * invoked. On subsequent invocations, it returns a cached result. * * @param validateContext the validating context * @return <code>true</code> if the signature passed core validation, * otherwise <code>false</code> * @throws ClassCastException if the type of <code>validateContext</code> * is not compatible with this <code>XMLSignature</code> * @throws NullPointerException if <code>validateContext</code> is * <code>null</code> * @throws XMLSignatureException if an unexpected error occurs during * validation that prevented the validation operation from completing */ boolean validate(XMLValidateContext validateContext) throws XMLSignatureException; /** * Returns the key info of this <code>XMLSignature</code>. * * @return the key info (may be <code>null</code> if not specified) */ KeyInfo getKeyInfo(); /** * Returns the signed info of this <code>XMLSignature</code>. * * @return the signed info (never <code>null</code>) */ SignedInfo getSignedInfo(); /** * Returns an {@link java.util.Collections#unmodifiableList unmodifiable * list} of {@link XMLObject}s contained in this <code>XMLSignature</code>. * * @return an unmodifiable list of <code>XMLObject</code>s (may be empty * but never <code>null</code>) */ List getObjects(); /** * Returns the optional Id of this <code>XMLSignature</code>. * * @return the Id (may be <code>null</code> if not specified) */ String getId(); /** * Returns the signature value of this <code>XMLSignature</code>. * * @return the signature value */ SignatureValue getSignatureValue(); /** * Signs this <code>XMLSignature</code>. * * <p>If this method throws an exception, this <code>XMLSignature</code> and * the <code>signContext</code> parameter will be left in the state that * it was in prior to the invocation. * * @param signContext the signing context * @throws ClassCastException if the type of <code>signContext</code> is * not compatible with this <code>XMLSignature</code> * @throws NullPointerException if <code>signContext</code> is * <code>null</code> * @throws MarshalException if an exception occurs while marshalling * @throws XMLSignatureException if an unexpected exception occurs while * generating the signature */ void sign(XMLSignContext signContext) throws MarshalException, XMLSignatureException; /** * Returns the result of the {@link KeySelector}, if specified, after * this <code>XMLSignature</code> has been signed or validated. * * @return the key selector result, or <code>null</code> if a key * selector has not been specified or this <code>XMLSignature</code> * has not been signed or validated */ KeySelectorResult getKeySelectorResult(); /** * A representation of the XML <code>SignatureValue</code> element as * defined in the <a href="http://www.w3.org/TR/xmldsig-core/"> * W3C Recommendation for XML-Signature Syntax and Processing</a>. * The XML Schema Definition is defined as: * <p> * <pre> * <element name="SignatureValue" type="ds:SignatureValueType"/> * <complexType name="SignatureValueType"> * <simpleContent> * <extension base="base64Binary"> * <attribute name="Id" type="ID" use="optional"/> * </extension> * </simpleContent> * </complexType> * </pre> * * @author Sean Mullan * @author JSR 105 Expert Group */ public interface SignatureValue extends XMLStructure { /** * Returns the optional <code>Id</code> attribute of this * <code>SignatureValue</code>, which permits this element to be * referenced from elsewhere. * * @return the <code>Id</code> attribute (may be <code>null</code> if * not specified) */ String getId(); /** * Returns the signature value of this <code>SignatureValue</code>. * * @return the signature value (may be <code>null</code> if the * <code>XMLSignature</code> has not been signed yet). Each * invocation of this method returns a new clone of the array to * prevent subsequent modification. */ byte[] getValue(); /** * Validates the signature value. This method performs a * cryptographic validation of the signature calculated over the * <code>SignedInfo</code> of the <code>XMLSignature</code>. * * <p>This method only validates the signature the first * time it is invoked. On subsequent invocations, it returns a cached * result. * * @return <code>true</code> if the signature was * validated successfully; <code>false</code> otherwise * @param validateContext the validating context * @throws NullPointerException if <code>validateContext</code> is * <code>null</code> * @throws XMLSignatureException if an unexpected exception occurs while * validating the signature */ boolean validate(XMLValidateContext validateContext) throws XMLSignatureException; } }