/** * Validate the Element referred to by the KeyInfoReference. * * @param referentElement * * @throws XMLSecurityException */ private void validateReference(Element referentElement) throws XMLSecurityException { if (!XMLUtils.elementIsInSignatureSpace(referentElement, Constants._TAG_KEYINFO)) { Object exArgs[] = { new QName(referentElement.getNamespaceURI(), referentElement.getLocalName()) }; throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.WrongType", exArgs); } KeyInfo referent = new KeyInfo(referentElement, ""); if (referent.containsKeyInfoReference()) { if (secureValidation) { throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.ReferenceWithSecure"); } else { // Don't support chains of references at this time. If do support in the future, this is where the code // would go to validate that don't have a cycle, resulting in an infinite loop. This may be unrealistic // to implement, and/or very expensive given remote URI references. throw new XMLSecurityException("KeyInfoReferenceResolver.InvalidReferentElement.ReferenceWithoutSecure"); } } }