/** * This method returns the list of ds:Object elements for the current signature element. * * @return */ public NodeList getObjects() { return DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_OBJECT); }
public NodeList getSigAndRefsTimeStamp() { return DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_SIG_AND_REFS_TIMESTAMP); }
@Override public String[] getClaimedSignerRoles() { final NodeList nodeList = DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_CLAIMED_ROLE); if (nodeList.getLength() == 0) { return null; } final String[] roles = new String[nodeList.getLength()]; for (int ii = 0; ii < nodeList.getLength(); ii++) { roles[ii] = nodeList.item(ii).getTextContent(); } return roles; }
/** * // TODO (11/09/2014): to be deleted, eu.europa.ec.markt.dss.validation102853.xades.XAdESSignature#getReferences() to be used * * @return */ public List<Element> getSignatureReferences() { final NodeList list = DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_REFERENCE); List<Element> references = new ArrayList<Element>(list.getLength()); for (int ii = 0; ii < list.getLength(); ii++) { final Node node = list.item(ii); references.add((Element) node); } return references; }
private List<TimestampReference> getSigningCertificateTimestampReferences() { if (signingCertificateTimestampReferences == null) { signingCertificateTimestampReferences = new ArrayList<TimestampReference>(); final NodeList list = DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_CERT_DIGEST); for (int jj = 0; jj < list.getLength(); jj++) { final Element element = (Element) list.item(jj); final TimestampReference signingCertReference = createCertificateTimestampReference(element); signingCertificateTimestampReferences.add(signingCertReference); } } return signingCertificateTimestampReferences; }
private void addOCSP(final List<BasicOCSPResp> list, final String xPathQuery) { final NodeList nodeList = DSSXMLUtils.getNodeList(signatureElement, xPathQuery); for (int ii = 0; ii < nodeList.getLength(); ii++) { final Element certEl = (Element) nodeList.item(ii); final BasicOCSPResp basicOCSPResp = DSSUtils.loadOCSPBase64Encoded(certEl.getTextContent()); list.add(basicOCSPResp); } } }
private void addCRLs(Element signatureElement, final String xPathQuery) { final NodeList nodeList = DSSXMLUtils.getNodeList(signatureElement, xPathQuery); for (int ii = 0; ii < nodeList.getLength(); ii++) { final Element certEl = (Element) nodeList.item(ii); final String textContent = certEl.getTextContent(); final X509CRL x509CRL = DSSUtils.loadCRLBase64Encoded(textContent); if (!x509CRLList.contains(x509CRL)) { x509CRLList.add(x509CRL); } } } }
/** * Return the Node corresponding to the XPath query. * * @param xmlNode The node where the search should be performed. * @param xPathString XPath query string * @return */ public static Node getNode(final Node xmlNode, final String xPathString) { final NodeList list = getNodeList(xmlNode, xPathString); if (list.getLength() > 1) { throw new DSSException("More than one result for XPath: " + xPathString); } return list.item(0); }
/** * @return */ public List<Element> getSignatureObjects() { final NodeList list = DSSXMLUtils.getNodeList(signatureElement, XPathQueryHolder.XPATH_OBJECT); final List<Element> references = new ArrayList<Element>(list.getLength()); for (int ii = 0; ii < list.getLength(); ii++) { final Node node = list.item(ii); final Element element = (Element) node; if (DSSXMLUtils.getElement(element, xPathQueryHolder.XPATH__QUALIFYING_PROPERTIES_SIGNED_PROPERTIES) != null) { // ignore signed properties continue; } references.add(element); } return references; }
private List<String> getTransformationNames(final Element signatureReference) { final NodeList nodeList = DSSXMLUtils.getNodeList(signatureReference, "./ds:Transforms/ds:Transform"); final List<String> algorithms = new ArrayList<String>(nodeList.getLength()); for (int ii = 0; ii < nodeList.getLength(); ii++) { final Element transformation = (Element) nodeList.item(ii); final String algorithm = DSSXMLUtils.getValue(transformation, "@Algorithm"); if (transformationToIgnore.contains(algorithm)) { continue; } if (presentableTransformationNames.containsKey(algorithm)) { algorithms.add(presentableTransformationNames.get(algorithm)); } else { algorithms.add(algorithm); } } return algorithms; } }
@Override public List<TimestampReference> getTimestampedReferences() { final List<TimestampReference> references = new ArrayList<TimestampReference>(); final Node completeCertificateRefsNode = DSSXMLUtils.getElement(signatureElement, xPathQueryHolder.XPATH_COMPLETE_CERTIFICATE_REFS); if (completeCertificateRefsNode != null) { final NodeList nodes = DSSXMLUtils.getNodeList(completeCertificateRefsNode, xPathQueryHolder.XPATH__COMPLETE_CERTIFICATE_REFS__CERT_DIGEST); for (int ii = 0; ii < nodes.getLength(); ii++) { final Element certDigestElement = (Element) nodes.item(ii); final TimestampReference certificateReference = createCertificateTimestampReference(certDigestElement); references.add(certificateReference); } } final Node completeRevocationRefsNode = DSSXMLUtils.getElement(signatureElement, xPathQueryHolder.XPATH_COMPLETE_REVOCATION_REFS); if (completeRevocationRefsNode != null) { final NodeList nodes = DSSXMLUtils.getNodeList(completeRevocationRefsNode, "./*/*/xades:DigestAlgAndValue"); for (int ii = 0; ii < nodes.getLength(); ii++) { final Element element = (Element) nodes.item(ii); final TimestampReference revocationReference = createRevocationTimestampReference(element); references.add(revocationReference); } } return references; }
@Override public List<CertifiedRole> getCertifiedSignerRoles() { /** * <!-- Start EncapsulatedPKIDataType--> * <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/> * <xsd:complexType name="EncapsulatedPKIDataType"> * <xsd:simpleContent> * <xsd:extension base="xsd:base-64Binary"> * <xsd:attribute name="Id" type="xsd:ID" use="optional"/> * <xsd:attribute name="Encoding" type="xsd:anyURI" use="optional"/> * </xsd:extension> * </xsd:simpleContent> * </xsd:complexType> * <!-- End EncapsulatedPKIDataType --> */ final NodeList nodeList = DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_CERTIFIED_ROLE); if (nodeList.getLength() == 0) { return null; } final List<CertifiedRole> roles = new ArrayList<CertifiedRole>(); for (int ii = 0; ii < nodeList.getLength(); ii++) { final Element certEl = (Element) nodeList.item(ii); final String textContent = certEl.getTextContent(); final X509Certificate x509Certificate = DSSUtils.loadCertificateFromBase64EncodedString(textContent); if (!roles.contains(x509Certificate)) { roles.add(new CertifiedRole()); } } return roles; }
@Override public List<AdvancedSignature> getSignatures() { if (signatures != null) { return signatures; } signatures = new ArrayList<AdvancedSignature>(); final NodeList signatureNodeList = DSSXMLUtils.getNodeList(rootElement, "//ds:Signature[not(parent::xades:CounterSignature)]"); //final NodeList signatureNodeList = rootElement.getElementsByTagNameNS(XMLSignature.XMLNS, XPathQueryHolder.XMLE_SIGNATURE); for (int ii = 0; ii < signatureNodeList.getLength(); ii++) { final Element signatureEl = (Element) signatureNodeList.item(ii); final XAdESSignature xadesSignature = new XAdESSignature(signatureEl, xPathQueryHolders, validationCertPool); xadesSignature.setDetachedContents(detachedContents); xadesSignature.setProvidedSigningCertificateToken(providedSigningCertificateToken); signatures.add(xadesSignature); } return signatures; }
@Override public SignatureProductionPlace getSignatureProductionPlace() { final NodeList nodeList = DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_PRODUCTION_PLACE); if (nodeList.getLength() == 0 || nodeList.item(0) == null) { return null; } final SignatureProductionPlace signatureProductionPlace = new SignatureProductionPlace(); final NodeList list = nodeList.item(0).getChildNodes(); for (int ii = 0; ii < list.getLength(); ii++) { final Node item = list.item(ii); final String name = item.getLocalName(); final String nodeValue = item.getTextContent(); if (XPathQueryHolder.XMLE_CITY.equals(name)) { signatureProductionPlace.setCity(nodeValue); } else if (XPathQueryHolder.XMLE_STATE_OR_PROVINCE.equals(name)) { signatureProductionPlace.setStateOrProvince(nodeValue); } else if (XPathQueryHolder.XMLE_POSTAL_CODE.equals(name)) { signatureProductionPlace.setPostalCode(nodeValue); } else if (XPathQueryHolder.XMLE_COUNTRY_NAME.equals(name)) { signatureProductionPlace.setCountryName(nodeValue); } } return signatureProductionPlace; }
/** * @param xPathQuery XPath query * @return */ private List<CertificateToken> getCertificates(final String xPathQuery) { final List<CertificateToken> list = new ArrayList<CertificateToken>(); final NodeList nodeList = DSSXMLUtils.getNodeList(signatureElement, xPathQuery); for (int ii = 0; ii < nodeList.getLength(); ii++) { final Element certificateElement = (Element) nodeList.item(ii); final byte[] derEncoded = DSSUtils.base64Decode(certificateElement.getTextContent()); final X509Certificate cert = DSSUtils.loadCertificate(derEncoded); final CertificateToken certToken = addCertificate(cert); if (!list.contains(certToken)) { final String idIdentifier = DSSXMLUtils.getIDIdentifier(certificateElement); certToken.setXmlId(idIdentifier); list.add(certToken); } } return list; }
/** * Utility method to add content timestamps. * * @param timestampTokens * @param nodes * @param timestampType {@code TimestampType} */ public void addContentTimestamps(final List<TimestampToken> timestampTokens, final NodeList nodes, TimestampType timestampType) { for (int ii = 0; ii < nodes.getLength(); ii++) { final Node node = nodes.item(ii); if (node.getNodeType() != Node.ELEMENT_NODE) { continue; } final Element element = (Element) node; final TimestampToken timestampToken = makeTimestampToken(element, timestampType); if (timestampToken != null) { continue; } if (timestampToken.getTimestampIncludes() == null) { timestampToken.setTimestampIncludes(new ArrayList<TimestampInclude>()); } final NodeList timestampIncludes = DSSXMLUtils.getNodeList(element, xPathQueryHolder.XPATH__INCLUDE); for (int jj = 0; jj < timestampIncludes.getLength(); jj++) { final Element include = (Element) timestampIncludes.item(jj); final String uri = include.getAttribute("URI").substring(1); // '#' is removed timestampToken.getTimestampIncludes().add(new TimestampInclude(uri, include.getAttribute("referencedData"))); } timestampTokens.add(timestampToken); } }
@Override public byte[] getTimestampX1Data(final TimestampToken timestampToken, String canonicalizationMethod) { canonicalizationMethod = timestampToken != null ? timestampToken.getCanonicalizationMethod() : canonicalizationMethod; final ByteArrayOutputStream buffer = new ByteArrayOutputStream(); try { writeCanonicalizedValue(xPathQueryHolder.XPATH_SIGNATURE_VALUE, canonicalizationMethod, buffer); final NodeList signatureTimeStampNode = DSSXMLUtils.getNodeList(signatureElement, xPathQueryHolder.XPATH_SIGNATURE_TIMESTAMP); if (signatureTimeStampNode != null) { for (int ii = 0; ii < signatureTimeStampNode.getLength(); ii++) { final Node item = signatureTimeStampNode.item(ii); final byte[] canonicalizedValue = DSSXMLUtils.canonicalizeSubtree(canonicalizationMethod, item); buffer.write(canonicalizedValue); } } writeCanonicalizedValue(xPathQueryHolder.XPATH_COMPLETE_CERTIFICATE_REFS, canonicalizationMethod, buffer); writeCanonicalizedValue(xPathQueryHolder.XPATH_COMPLETE_REVOCATION_REFS, canonicalizationMethod, buffer); if (LOG.isTraceEnabled()) { LOG.trace("X1Timestamp (SigAndRefsTimeStamp) canonicalised string:\n" + buffer.toString()); } return buffer.toByteArray(); } catch (IOException e) { throw new DSSException("Error when computing the SigAndRefsTimeStamp (X1Timestamp)", e); } }
@Override public List<OCSPRef> getOCSPRefs() { final List<OCSPRef> certIds = new ArrayList<OCSPRef>(); final Element signingCertEl = DSSXMLUtils.getElement(signatureElement, xPathQueryHolder.XPATH_OCSP_REFS); if (signingCertEl != null) { final NodeList ocspRefNodes = DSSXMLUtils.getNodeList(signingCertEl, xPathQueryHolder.XPATH__OCSPREF); for (int i = 0; i < ocspRefNodes.getLength(); i++) { final Element certId = (Element) ocspRefNodes.item(i); final Element digestAlgorithmEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__DAAV_DIGEST_METHOD); final Element digestValueEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__DAAV_DIGEST_VALUE); if (digestAlgorithmEl == null || digestValueEl == null) { throw new DSSNotETSICompliantException(DSSNotETSICompliantException.MSG.XADES_DIGEST_ALG_AND_VALUE_ENCODING); } final String xmlName = digestAlgorithmEl.getAttribute(XMLE_ALGORITHM); final DigestAlgorithm digestAlgo = DigestAlgorithm.forXML(xmlName); final String digestValue = digestValueEl.getTextContent(); final byte[] base64EncodedDigestValue = DSSUtils.base64Decode(digestValue); final OCSPRef ocspRef = new OCSPRef(digestAlgo, base64EncodedDigestValue, false); certIds.add(ocspRef); } } return certIds; }
@Override public List<CRLRef> getCRLRefs() { final List<CRLRef> certIds = new ArrayList<CRLRef>(); final Element signingCertEl = DSSXMLUtils.getElement(signatureElement, xPathQueryHolder.XPATH_REVOCATION_CRL_REFS); if (signingCertEl != null) { final NodeList crlRefNodes = DSSXMLUtils.getNodeList(signingCertEl, xPathQueryHolder.XPATH__CRL_REF); for (int i = 0; i < crlRefNodes.getLength(); i++) { final Element certId = (Element) crlRefNodes.item(i); final Element digestAlgorithmEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__DAAV_DIGEST_METHOD); final Element digestValueEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__DAAV_DIGEST_VALUE); final String xmlName = digestAlgorithmEl.getAttribute(XMLE_ALGORITHM); final DigestAlgorithm digestAlgo = DigestAlgorithm.forXML(xmlName); final CRLRef ref = new CRLRef(); ref.setDigestAlgorithm(digestAlgo); ref.setDigestValue(DSSUtils.base64Decode(digestValueEl.getTextContent())); certIds.add(ref); } } return certIds; }
@Override public List<CertificateRef> getCertificateRefs() { Element signingCertEl = DSSXMLUtils.getElement(signatureElement, xPathQueryHolder.XPATH_CERT_REFS); if (signingCertEl == null) { return null; } List<CertificateRef> certIds = new ArrayList<CertificateRef>(); NodeList certIdnodes = DSSXMLUtils.getNodeList(signingCertEl, "./xades:Cert"); for (int i = 0; i < certIdnodes.getLength(); i++) { Element certId = (Element) certIdnodes.item(i); Element issuerNameEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__X509_ISSUER_NAME); Element issuerSerialEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__X509_SERIAL_NUMBER); Element digestAlgorithmEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__CERT_DIGEST_DIGEST_METHOD); Element digestValueEl = DSSXMLUtils.getElement(certId, xPathQueryHolder.XPATH__CERT_DIGEST_DIGEST_VALUE); CertificateRef genericCertId = new CertificateRef(); if (issuerNameEl != null && issuerSerialEl != null) { genericCertId.setIssuerName(issuerNameEl.getTextContent()); genericCertId.setIssuerSerial(issuerSerialEl.getTextContent()); } String xmlName = digestAlgorithmEl.getAttribute(XMLE_ALGORITHM); genericCertId.setDigestAlgorithm(DigestAlgorithm.forXML(xmlName).getName()); genericCertId.setDigestValue(DSSUtils.base64Decode(digestValueEl.getTextContent())); certIds.add(genericCertId); } return certIds; }