@Override public void postSign(Document document) throws MarshalException { // check for XAdES-BES NodeList nl = document.getElementsByTagNameNS(XADES_132_NS, "QualifyingProperties"); if (nl.getLength() != 1) { throw new MarshalException("no XAdES-BES extension present"); } QualifyingPropertiesType qualProps; try { qualProps = QualifyingPropertiesType.Factory.parse(nl.item(0), DEFAULT_XML_OPTIONS); } catch (XmlException e) { throw new MarshalException(e); } // create basic XML container structure UnsignedPropertiesType unsignedProps = qualProps.getUnsignedProperties(); if (unsignedProps == null) { unsignedProps = qualProps.addNewUnsignedProperties(); } UnsignedSignaturePropertiesType unsignedSigProps = unsignedProps.getUnsignedSignatureProperties(); if (unsignedSigProps == null) { /* unsignedSigProps = */ unsignedProps.addNewUnsignedSignatureProperties(); } Node n = document.importNode(qualProps.getDomNode().getFirstChild(), true); nl.item(0).getParentNode().replaceChild(n, nl.item(0)); } }
throw new MarshalException(e); os.close(); } catch (Exception e) { throw new MarshalException("Unable to write signature document", e);
qualDoc = QualifyingPropertiesDocument.Factory.parse(qualNl.item(0), DEFAULT_XML_OPTIONS); } catch (XmlException e) { throw new MarshalException(e); throw new MarshalException("no XAdES-BES extension present");
private static Element verifyElement(Element elem, String localName) throws MarshalException { if (elem == null) { throw new MarshalException("Missing " + localName + " element"); } String name = elem.getLocalName(); if (!name.equals(localName)) { throw new MarshalException("Invalid element name: " + name + ", expected " + localName); } return elem; }
private X509Certificate unmarshalX509Certificate(Element elem) throws MarshalException { try (ByteArrayInputStream bs = unmarshalBase64Binary(elem)) { return (X509Certificate)cf.generateCertificate(bs); } catch (CertificateException e) { throw new MarshalException("Cannot create X509Certificate", e); } catch (IOException e) { throw new MarshalException("Error closing stream", e); } }
private static Element verifyElement(Element elem, String localName, String namespaceURI) throws MarshalException { if (elem == null) { throw new MarshalException("Missing " + localName + " element"); } String name = elem.getLocalName(); String namespace = elem.getNamespaceURI(); if (!name.equals(localName) || namespace == null && namespaceURI != null || namespace != null && !namespace.equals(namespaceURI)) { throw new MarshalException("Invalid element name: " + namespace + ":" + name + ", expected " + namespaceURI + ":" + localName); } return elem; }
private X509CRL unmarshalX509CRL(Element elem) throws MarshalException { try (ByteArrayInputStream bs = unmarshalBase64Binary(elem)) { return (X509CRL)cf.generateCRL(bs); } catch (CRLException e) { throw new MarshalException("Cannot create X509CRL", e); } catch (IOException e) { throw new MarshalException("Error closing stream", e); } }
/** * Unmarshals <code>SignatureMethodParameterSpec</code> from the specified * <code>Element</code>. By default, this method throws an exception since * most SignatureMethod algorithms do not have parameters. Subclasses should * override it if they have parameters. * * @param paramsElem the <code>Element</code> holding the input params * @return the algorithm-specific <code>SignatureMethodParameterSpec</code> * @throws MarshalException if the parameters cannot be unmarshalled */ SignatureMethodParameterSpec unmarshalParams(Element paramsElem) throws MarshalException { throw new MarshalException("no parameters should " + "be specified for the " + getAlgorithm() + " SignatureMethod algorithm"); }
/** * Marshals the algorithm-specific parameters to an Element and * appends it to the specified parent element. By default, this method * throws an exception since most SignatureMethod algorithms do not have * parameters. Subclasses should override it if they have parameters. * * @param parent the parent element to append the parameters to * @param paramsPrefix the algorithm parameters prefix to use * @throws MarshalException if the parameters cannot be marshalled */ void marshalParams(XmlWriter xwriter, String paramsPrefix) throws MarshalException { throw new MarshalException("no parameters should " + "be specified for the " + getAlgorithm() + " SignatureMethod algorithm"); }
/** * Unmarshals <code>DigestMethodParameterSpec</code> from the specified * <code>Element</code>. By default, this method throws an exception since * most DigestMethod algorithms do not have parameters. Subclasses should * override it if they have parameters. * * @param paramsElem the <code>Element</code> holding the input params * @return the algorithm-specific <code>DigestMethodParameterSpec</code> * @throws MarshalException if the parameters cannot be unmarshalled */ DigestMethodParameterSpec unmarshalParams(Element paramsElem) throws MarshalException { throw new MarshalException("no parameters should " + "be specified for the " + getMessageDigestAlgorithm() + " DigestMethod algorithm"); }
/** * Marshals the algorithm-specific parameters to an Element and * appends it to the specified parent element. By default, this method * throws an exception since most DigestMethod algorithms do not have * parameters. Subclasses should override it if they have parameters. * * @param parent the parent element to append the parameters to * @param the namespace prefix to use * @throws MarshalException if the parameters cannot be marshalled */ void marshalParams(XmlWriter xwriter, String prefix) throws MarshalException { throw new MarshalException("no parameters should " + "be specified for the " + getMessageDigestAlgorithm() + " DigestMethod algorithm"); }
private ByteArrayInputStream unmarshalBase64Binary(Element elem) throws MarshalException { try { if (cf == null) { cf = CertificateFactory.getInstance("X.509"); } String content = XMLUtils.getFullTextChildrenFromElement(elem); return new ByteArrayInputStream(XMLUtils.decode(content)); } catch (CertificateException e) { throw new MarshalException("Cannot create CertificateFactory", e); } }
public static BigInteger decode(Element elem) throws MarshalException { try { String base64str = BaseStructure.textOfNode(elem); return new BigInteger(1, XMLUtils.decode(base64str)); } catch (Exception ex) { throw new MarshalException(ex); } }
private static void marshalCert(XmlWriter xwriter, X509Certificate cert, String dsPrefix) throws MarshalException { try { byte[] encoded = cert.getEncoded(); xwriter.writeTextElement(dsPrefix, "X509Certificate", XMLSignature.XMLNS, XMLUtils.encodeToString(encoded)); } catch (CertificateEncodingException e) { throw new MarshalException("Error encoding X509Certificate", e); } }
static KeyValue unmarshal(Element kvElem) throws MarshalException { Element kvtElem = DOMUtils.getFirstChildElement(kvElem); if (kvtElem == null) { throw new MarshalException("KeyValue must contain at least one type"); } String namespace = kvtElem.getNamespaceURI(); if (kvtElem.getLocalName().equals("DSAKeyValue") && XMLSignature.XMLNS.equals(namespace)) { return new DSA(kvtElem); } else if (kvtElem.getLocalName().equals("RSAKeyValue") && XMLSignature.XMLNS.equals(namespace)) { return new RSA(kvtElem); } else if (kvtElem.getLocalName().equals("ECKeyValue") && XMLDSIG_11_XMLNS.equals(namespace)) { return new EC(kvtElem); } else { return new Unknown(kvtElem); } }
/** * Creates a <code>DOMCanonicalizationMethod</code> from an element. It unmarshals any * algorithm-specific input parameters. * * @param cmElem a CanonicalizationMethod element */ public DOMCanonicalizationMethod(Element cmElem, XMLCryptoContext context, Provider provider) throws MarshalException { super(cmElem, context, provider); if (!(spi instanceof ApacheCanonicalizer) && !isC14Nalg(spi.getAlgorithm())) { throw new MarshalException("Illegal CanonicalizationMethod"); } }
private static void marshalCRL(XmlWriter xwriter, X509CRL crl, String dsPrefix) throws MarshalException { try { byte[] encoded = crl.getEncoded(); xwriter.writeTextElement(dsPrefix, "X509CRL", XMLSignature.XMLNS, XMLUtils.encodeToString(encoded)); } catch (CRLException e) { throw new MarshalException("Error encoding X509CRL", e); } }
/** * Creates a <code>DOMHMACSignatureMethod</code> from an element. * * @param smElem a SignatureMethod element */ DOMHMACSignatureMethod(Element smElem) throws MarshalException { Element paramsElem = DOMUtils.getFirstChildElement(smElem); if (paramsElem != null) { params = unmarshalParams(paramsElem); } try { checkParams(params); } catch (InvalidAlgorithmParameterException iape) { throw new MarshalException(iape); } }
/** * Creates a <code>DOMDigestMethod</code> from an element. This constructor * invokes the abstract {@link #unmarshalParams unmarshalParams} method to * unmarshal any algorithm-specific input parameters. * * @param dmElem a DigestMethod element */ DOMDigestMethod(Element dmElem) throws MarshalException { Element paramsElem = DOMUtils.getFirstChildElement(dmElem); if (paramsElem != null) { params = unmarshalParams(paramsElem); } try { checkParams(params); } catch (InvalidAlgorithmParameterException iape) { throw new MarshalException(iape); } }
/** * Creates a <code>DOMSignatureMethod</code> from an element. This ctor * invokes the {@link #unmarshalParams unmarshalParams} method to * unmarshal any algorithm-specific input parameters. * * @param smElem a SignatureMethod element */ DOMSignatureMethod(Element smElem) throws MarshalException { Element paramsElem = DOMUtils.getFirstChildElement(smElem); if (paramsElem != null) { params = unmarshalParams(paramsElem); } try { checkParams(params); } catch (InvalidAlgorithmParameterException iape) { throw new MarshalException(iape); } }