Santuario
  1. Santuario
  2. SANTUARIO-292

Add the ability to access the dereferenced Elements after signature validation in the non-JSR-105 API

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Java 1.5
    • Component/s: None
    • Security Level: Public (Public issues, viewable by everyone)
    • Labels:
      None

      Description

      This task is to allow access to the dereferenced Elements after signature validation in the non-JSR-105 API. Access is already available in the JSR-105 API by setting the "javax.xml.crypto.dsig.cacheReference" property to true.

        Activity

        Hide
        Colm O hEigeartaigh added a comment -

        Commit log:

        Author: coheigea
        Date: Tue Jan 10 16:36:36 2012
        New Revision: 1229629

        URL: http://svn.apache.org/viewvc?rev=1229629&view=rev
        Log:
        SANTUARIO-192 - Add the ability to access the dereferenced Elements after signature validation in the non-JSR-105 API

        Added:
        santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/
        santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceData.java
        santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceNodeSetData.java
        santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceOctetStreamData.java
        santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceSubTreeData.java
        santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/signature/SignatureReferenceTest.java
        Modified:
        santuario/xml-security-java/trunk/CHANGELOG.txt
        santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/Reference.java
        santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/XMLSignatureInput.java
        santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/interop/InteropTestBase.java

        Show
        Colm O hEigeartaigh added a comment - Commit log: Author: coheigea Date: Tue Jan 10 16:36:36 2012 New Revision: 1229629 URL: http://svn.apache.org/viewvc?rev=1229629&view=rev Log: SANTUARIO-192 - Add the ability to access the dereferenced Elements after signature validation in the non-JSR-105 API Added: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceData.java santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceNodeSetData.java santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceOctetStreamData.java santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceSubTreeData.java santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/signature/SignatureReferenceTest.java Modified: santuario/xml-security-java/trunk/CHANGELOG.txt santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/Reference.java santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/XMLSignatureInput.java santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/interop/InteropTestBase.java
        Hide
        Colm O hEigeartaigh added a comment -

        I duplicated the way JSR-105 returns dereferenced data by adding an interface:

        http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceData.java?view=markup&pathrev=1229629

        and three implementation that get populated depending on whether it's a node-set, Element or Octet-Stream:

        http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceNodeSetData.java?view=markup&pathrev=1229629
        http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceSubTreeData.java?view=markup&pathrev=1229629
        http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceOctetStreamData.java?view=markup&pathrev=1229629

        After signature validation, you can access the getReferenceData() method of org.apache.xml.security.signature.Reference to get the dereferenced Element. See the following test for an example of how this is done:

        http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/signature/SignatureReferenceTest.java?view=markup&pathrev=1229629

        e.g.:

        XMLSignature signature = ...
        SignedInfo signedInfo = signature.getSignedInfo();
        for (int i = 0; i < signedInfo.getLength(); i++)

        { Reference reference = signedInfo.item(i); ReferenceData refData = reference.getReferenceData(); .... }
        Show
        Colm O hEigeartaigh added a comment - I duplicated the way JSR-105 returns dereferenced data by adding an interface: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceData.java?view=markup&pathrev=1229629 and three implementation that get populated depending on whether it's a node-set, Element or Octet-Stream: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceNodeSetData.java?view=markup&pathrev=1229629 http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceSubTreeData.java?view=markup&pathrev=1229629 http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/signature/reference/ReferenceOctetStreamData.java?view=markup&pathrev=1229629 After signature validation, you can access the getReferenceData() method of org.apache.xml.security.signature.Reference to get the dereferenced Element. See the following test for an example of how this is done: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/signature/SignatureReferenceTest.java?view=markup&pathrev=1229629 e.g.: XMLSignature signature = ... SignedInfo signedInfo = signature.getSignedInfo(); for (int i = 0; i < signedInfo.getLength(); i++) { Reference reference = signedInfo.item(i); ReferenceData refData = reference.getReferenceData(); .... }

          People

          • Assignee:
            Colm O hEigeartaigh
            Reporter:
            Colm O hEigeartaigh
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development