Package eu.europa.esig.dss.xades.signature

Class XAdESSignatureBuilder

java.lang.Object

eu.europa.esig.dss.xades.signature.XAdESBuilder

eu.europa.esig.dss.xades.signature.XAdESSignatureBuilder

All Implemented Interfaces:

SignatureBuilder

Direct Known Subclasses:

XPathPlacementSignatureBuilder

public abstract class XAdESSignatureBuilder
extends XAdESBuilder
implements SignatureBuilder

This class implements all the necessary mechanisms to build each form of the XML signature.

Field Summary

Fields

Modifier and Type	Field	Description
protected boolean	built	Indicates if the signature was already built.
protected final String	deterministicId	The deterministic Id used for elements creation
protected DSSDocument	document	This is the reference to the original document to sign
protected static final String	KEYINFO_PREFIX	Id-prefix for KeyInfo element
protected String	keyInfoCanonicalizationMethod	The canonicalization method used for KeyInfo signing
protected Element	keyInfoDom	Cached KeyInfo element
protected Element	qualifyingPropertiesDom	Cached QualifyingProperties element
protected Element	signatureDom	This variable represents the current DOM signature object.
protected Element	signatureValueDom	Cached SignatureValue element
protected Element	signedDataObjectPropertiesDom	Cached SignedDataObjectProperties element
protected String	signedInfoCanonicalizationMethod	The canonicalization method used for SignedInfo signing
protected Element	signedInfoDom	Cached SignedInfo element
protected String	signedPropertiesCanonicalizationMethod	The canonicalization method used for SignedProperties signing
protected Element	signedPropertiesDom	Cached SignedProperties element
protected Element	signedSignaturePropertiesDom	Cached SignedSignatureProperties element
protected Element	unsignedSignaturePropertiesDom	Cached UnsignedSignatureProperties element
protected static final String	VALUE_PREFIX	Id-prefix for SignatureValue element
protected static final String	XADES_PREFIX	Id-prefix for Signature element

Fields inherited from class eu.europa.esig.dss.xades.signature.XAdESBuilder

certificateVerifier, documentDom, ENCAPSULATED_TIMESTAMP_PREFIX, ID_PREFIX, params, REFERENCED_DATA, TARGET, TIMESTAMP_PREFIX, URI, xadesPath

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	XAdESSignatureBuilder(XAdESSignatureParameters params, DSSDocument document, CertificateVerifier certificateVerifier)	The default constructor for SignatureBuilder.

Method Summary

Modifier and Type	Method	Description
protected void	addContentTimestamp(Element timestampElement, TimestampToken token)	Adds the content of a timestamp into a given timestamp element
protected void	alignNodes()	This method is used to align children indents
byte[]	build()	This is the main method which is called to build the XML signature
protected Document	buildRootDocumentDom()	Builds an empty Document
protected Node	getNodeToCanonicalize(Node node)	Returns a node to be canonicalized (applies indents if required)
protected Node	getParentNodeOfSignature()	Returns a parent node of the signature
static XAdESSignatureBuilder	getSignatureBuilder(XAdESSignatureParameters params, DSSDocument document, CertificateVerifier certificateVerifier)	Creates the signature according to the packaging
protected void	incorporateCustomObjects()	Incorporates a list of custom ds:Object elements within the ds:Signature element
protected void	incorporateFiles()	This method is used to incorporate the provided documents within the final file
protected void	incorporateKeyInfo()	Creates KeyInfo tag.
protected void	incorporateObject(DSSObject object)	Incorporates the given object within the ds:Signature
protected void	incorporateObjects()	This method incorporates the ds:Object tags
protected void	incorporateQualifyingProperties()	This method incorporates the ds:Object with xades:QualifyingProperties element
protected void	incorporateReferenceKeyInfo()	Method incorporates KeyInfo ds:References.
protected void	incorporateReferenceSignedProperties()	This method incorporates ds:References
void	incorporateSignatureDom()	This method creates a new instance of Signature element.
protected void	incorporateSignatureDom(Node parentNodeOfSignature)	Incorporates the signature element to the parent node
protected void	incorporateSignatureValue()	This method incorporates the signature value.
void	incorporateSignedInfo()	This method incorporates the SignedInfo tag
protected void	incorporateSignedObjects()	Incorporates the list of signed ds:Object elements (used for Enveloping packaging)
protected void	incorporateSignedProperties()	Creates the SignedProperties DOM object element.
protected void	incorporateSignedSignatureProperties()	Creates the SignedSignatureProperties DOM object element.
protected void	initRootDocumentDom()	This method is used to instantiate a root Document DOM, when needed
DSSDocument	signDocument(byte[] signatureValue)	Adds signature value to the signature and returns XML signature (InMemoryDocument)

Methods inherited from class eu.europa.esig.dss.xades.signature.XAdESBuilder

createXmlDocument, getCurrentXAdESElements, getCurrentXAdESPath, getXades141Namespace, getXadesNamespace, getXmldsigNamespace, incorporateCert, incorporateCertDigest, incorporateDigestMethod, incorporateDigestValue, incorporateDigestValue, incorporateIssuerV1, incorporateIssuerV2, incorporateSPDocSpecification, toXmlIdentifier

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

built

protected boolean built

Indicates if the signature was already built. (Two steps building)

document

protected DSSDocument document

This is the reference to the original document to sign

keyInfoCanonicalizationMethod

protected String keyInfoCanonicalizationMethod

The canonicalization method used for KeyInfo signing

signedInfoCanonicalizationMethod

protected String signedInfoCanonicalizationMethod

The canonicalization method used for SignedInfo signing

signedPropertiesCanonicalizationMethod

protected String signedPropertiesCanonicalizationMethod

The canonicalization method used for SignedProperties signing

deterministicId

protected final String deterministicId

The deterministic Id used for elements creation

signatureDom

protected Element signatureDom

This variable represents the current DOM signature object.

keyInfoDom

protected Element keyInfoDom

Cached KeyInfo element

signedInfoDom

protected Element signedInfoDom

Cached SignedInfo element

signatureValueDom

protected Element signatureValueDom

Cached SignatureValue element

qualifyingPropertiesDom

protected Element qualifyingPropertiesDom

Cached QualifyingProperties element

signedPropertiesDom

protected Element signedPropertiesDom

Cached SignedProperties element

signedSignaturePropertiesDom

protected Element signedSignaturePropertiesDom

Cached SignedSignatureProperties element

signedDataObjectPropertiesDom

protected Element signedDataObjectPropertiesDom

Cached SignedDataObjectProperties element

unsignedSignaturePropertiesDom

protected Element unsignedSignaturePropertiesDom

Cached UnsignedSignatureProperties element

KEYINFO_PREFIX

protected static final String KEYINFO_PREFIX

Id-prefix for KeyInfo element

See Also:

• Constant Field Values

VALUE_PREFIX

protected static final String VALUE_PREFIX

Id-prefix for SignatureValue element

See Also:

• Constant Field Values

XADES_PREFIX

protected static final String XADES_PREFIX

Id-prefix for Signature element

See Also:

• Constant Field Values

Constructor Details

XAdESSignatureBuilder

protected XAdESSignatureBuilder(XAdESSignatureParameters params,
 DSSDocument document,
 CertificateVerifier certificateVerifier)

The default constructor for SignatureBuilder.

Parameters:

params - The set of parameters relating to the structure and process of the creation or extension of the electronic signature.

document - The original document to sign.

certificateVerifier - the certificate verifier with its OCSPSource,...

Method Details

getSignatureBuilder

public static XAdESSignatureBuilder getSignatureBuilder(XAdESSignatureParameters params,
 DSSDocument document,
 CertificateVerifier certificateVerifier)

Creates the signature according to the packaging

Parameters:

params - The set of parameters relating to the structure and process of the creation or extension of the electronic signature.

document - The original document to sign.

certificateVerifier - the certificate verifier with its OCSPSource,...

Returns:

the signature builder linked to the packaging

build

public byte[] build()
             throws DSSException

This is the main method which is called to build the XML signature

Returns:

A byte array is returned with XML that represents the canonicalized SignedInfo segment of signature. This data are used to define the SignatureValue element.

Throws:

DSSException - if an error occurred

incorporateFiles

protected void incorporateFiles()

This method is used to incorporate the provided documents within the final file

initRootDocumentDom

protected void initRootDocumentDom()

This method is used to instantiate a root Document DOM, when needed

buildRootDocumentDom

protected Document buildRootDocumentDom()

Builds an empty Document

Returns:

Document

incorporateSignatureDom

public void incorporateSignatureDom()

This method creates a new instance of Signature element.

getParentNodeOfSignature

protected Node getParentNodeOfSignature()

Returns a parent node of the signature

Returns:

Node

incorporateSignatureDom

protected void incorporateSignatureDom(Node parentNodeOfSignature)

Incorporates the signature element to the parent node

Parameters:

parentNodeOfSignature - Node the parent node

incorporateSignedInfo

public void incorporateSignedInfo()

This method incorporates the SignedInfo tag

  
   	<ds:SignedInfo>
 			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
   		<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
   		...
   	</ds:SignedInfo>
  
 

incorporateKeyInfo

protected void incorporateKeyInfo()
                           throws DSSException

Creates KeyInfo tag. NOTE: when trust anchor baseline profile policy is defined only the certificates previous to the trust anchor are included.

        
 		<ds:KeyInfo>
 			<ds:X509Data>
  			<ds:X509Certificate>
 					MIIB....
 				</ds:X509Certificate>
 				<ds:X509Certificate>
 					MIIB+...
 				</ds:X509Certificate>
 			</ds:X509Data>
 		</ds:KeyInfo>
 
 

        
 		<ds:KeyInfo>
 			<ds:X509Data>
  			<ds:X509Certificate>
 					MIIB....
 				</ds:X509Certificate>
 				<ds:X509Certificate>
 					MIIB+...
 				</ds:X509Certificate>
 			</ds:X509Data>
 		</ds:KeyInfo>
 
 

Throws:

DSSException - if an error occurred

incorporateObjects

protected void incorporateObjects()

This method incorporates the ds:Object tags

        
 		<ds:Object>
 			...
 		</ds:Object>
 		<ds:Object>
 			...
 		</ds:Object>
 
 

incorporateQualifyingProperties

protected void incorporateQualifyingProperties()

This method incorporates the ds:Object with xades:QualifyingProperties element

        
 		<ds:Object>
 			<xades:QualifyingProperties>
 				<xades:SignedProperties>
 					...
 				</xades:SignedProperties>
 			</xades:QualifyingProperties>
 		</ds:Object>
 
 

incorporateSignedObjects

protected void incorporateSignedObjects()

Incorporates the list of signed ds:Object elements (used for Enveloping packaging)

incorporateCustomObjects

protected void incorporateCustomObjects()

Incorporates a list of custom ds:Object elements within the ds:Signature element

incorporateObject

protected void incorporateObject(DSSObject object)

Incorporates the given object within the ds:Signature

Parameters:

object - DSSObject to incorporate

incorporateReferenceSignedProperties

protected void incorporateReferenceSignedProperties()

This method incorporates ds:References

        
 		<ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI=
	"#xades-id-A43023AFEB149830C242377CC941360F">
			<ds:Transforms>
				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
			</ds:Transforms>
			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
			<ds:DigestValue>uijX/nvuu8g10ZVEklEnYatvFe8=</ds:DigestValue>
		</ds:Reference>
 
 

incorporateReferenceKeyInfo

protected void incorporateReferenceKeyInfo()

Method incorporates KeyInfo ds:References.

        
 		<ds:Reference URI="#keyInfo-id-A43023AFEB149830C242377CC941360F">
			<ds:Transforms>
				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
			</ds:Transforms>
			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
			<ds:DigestValue>uijX/nvuu2g10ZVEklEnYatvFe4=</ds:DigestValue>
		</ds:Reference>
 
 

incorporateSignatureValue

protected void incorporateSignatureValue()

This method incorporates the signature value.

incorporateSignedProperties

protected void incorporateSignedProperties()

Creates the SignedProperties DOM object element.

 
 		<SignedProperties Id="xades-ide5c549340079fe19f3f90f03354a5965">
 
 

incorporateSignedSignatureProperties

protected void incorporateSignedSignatureProperties()

Creates the SignedSignatureProperties DOM object element.

 
 		<SignedSignatureProperties>
 		...
 		</SignedSignatureProperties>
 
 

signDocument

public DSSDocument signDocument(byte[] signatureValue)

Adds signature value to the signature and returns XML signature (InMemoryDocument)

Specified by:

signDocument in interface SignatureBuilder

Parameters:

signatureValue - byte array

Returns:

DSSDocument representing the signature

addContentTimestamp

protected void addContentTimestamp(Element timestampElement,
 TimestampToken token)

Adds the content of a timestamp into a given timestamp element

Parameters:

timestampElement - Element

token - TimestampToken

getNodeToCanonicalize

protected Node getNodeToCanonicalize(Node node)

Returns a node to be canonicalized (applies indents if required)

Parameters:

node - Node

Returns:

Node

alignNodes

protected void alignNodes()

Description copied from class: XAdESBuilder

This method is used to align children indents

Specified by:

alignNodes in class XAdESBuilder