Package eu.europa.esig.dss.xades.signature

Class XAdESSignatureBuilder

java.lang.Object
eu.europa.esig.dss.xades.signature.XAdESBuilder
eu.europa.esig.dss.xades.signature.XAdESSignatureBuilder
All Implemented Interfaces:
SignatureBuilder
Direct Known Subclasses:
XPathPlacementSignatureBuilder
public abstract class XAdESSignatureBuilder extends XAdESBuilder implements SignatureBuilder
This class implements all the necessary mechanisms to build each form of the XML signature.

  • Field Details

    • built

      protected boolean built
      Indicates if the signature was already built. (Two steps building)

    • document

      protected DSSDocument document
      This is the reference to the original document to sign

    • keyInfoCanonicalizationMethod

      protected String keyInfoCanonicalizationMethod
      The canonicalization method used for KeyInfo signing

    • signedInfoCanonicalizationMethod

      protected String signedInfoCanonicalizationMethod
      The canonicalization method used for SignedInfo signing

    • signedPropertiesCanonicalizationMethod

      protected String signedPropertiesCanonicalizationMethod
      The canonicalization method used for SignedProperties signing

    • deterministicId

      protected final String deterministicId
      The deterministic Id used for elements creation

    • signatureDom

      protected Element signatureDom
      This variable represents the current DOM signature object.

    • keyInfoDom

      protected Element keyInfoDom
      Cached KeyInfo element

    • signedInfoDom

      protected Element signedInfoDom
      Cached SignedInfo element

    • signatureValueDom

      protected Element signatureValueDom
      Cached SignatureValue element

    • qualifyingPropertiesDom

      protected Element qualifyingPropertiesDom
      Cached QualifyingProperties element

    • signedPropertiesDom

      protected Element signedPropertiesDom
      Cached SignedProperties element

    • signedSignaturePropertiesDom

      protected Element signedSignaturePropertiesDom
      Cached SignedSignatureProperties element

    • signedDataObjectPropertiesDom

      protected Element signedDataObjectPropertiesDom
      Cached SignedDataObjectProperties element

    • unsignedSignaturePropertiesDom

      protected Element unsignedSignaturePropertiesDom
      Cached UnsignedSignatureProperties element

    • KEYINFO_SUFFIX

      protected static final String KEYINFO_SUFFIX
      Id-suffix for KeyInfo element
      See Also:

    • TIMESTAMP_SUFFIX

      protected static final String TIMESTAMP_SUFFIX
      Id-suffix for Timestamp element
      See Also:

    • VALUE_SUFFIX

      protected static final String VALUE_SUFFIX
      Id-suffix for SignatureValue element
      See Also:

    • XADES_SUFFIX

      protected static final String XADES_SUFFIX
      Id-suffix for Signature element
      See Also:

  • Constructor Details

    • XAdESSignatureBuilder

      protected XAdESSignatureBuilder(XAdESSignatureParameters params, DSSDocument document, CertificateVerifier certificateVerifier)
      The default constructor for SignatureBuilder.
      Parameters:
      params - The set of parameters relating to the structure and process of the creation or extension of the electronic signature.
      document - The original document to sign.
      certificateVerifier - the certificate verifier with its OCSPSource,...

  • Method Details

    • getSignatureBuilder

      public static XAdESSignatureBuilder getSignatureBuilder(XAdESSignatureParameters params, DSSDocument document, CertificateVerifier certificateVerifier)
      Creates the signature according to the packaging
      Parameters:
      params - The set of parameters relating to the structure and process of the creation or extension of the electronic signature.
      document - The original document to sign.
      certificateVerifier - the certificate verifier with its OCSPSource,...
      Returns:
      the signature builder linked to the packaging

    • build

      public byte[] build() throws DSSException
      This is the main method which is called to build the XML signature
      Returns:
      A byte array is returned with XML that represents the canonicalized SignedInfo segment of signature. This data are used to define the SignatureValue element.
      Throws:
      DSSException - if an error occurred

    • incorporateFiles

      protected void incorporateFiles()
      This method is used to incorporate the provided documents within the final file

    • buildRootDocumentDom

      protected Document buildRootDocumentDom()
      Builds an empty Document
      Returns:
      Document

    • incorporateSignatureDom

      public void incorporateSignatureDom()
      This method creates a new instance of Signature element.

    • getParentNodeOfSignature

      protected Node getParentNodeOfSignature()
      Returns a parent node of the signature
      Returns:
      Node

    • incorporateSignatureDom

      protected void incorporateSignatureDom(Node parentNodeOfSignature)
      Incorporates the signature element to the parent node
      Parameters:
      parentNodeOfSignature - Node the parent node

    • incorporateSignedInfo

      public void incorporateSignedInfo()
      This method incorporates the SignedInfo tag 
        
   	<ds:SignedInfo>
 			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
   		<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
   		...
   	</ds:SignedInfo>

    • incorporateKeyInfo

      protected void incorporateKeyInfo() throws DSSException
      Creates KeyInfo tag. NOTE: when trust anchor baseline profile policy is defined only the certificates previous to the trust anchor are included. 
              
 		<ds:KeyInfo>
 			<ds:X509Data>
  			<ds:X509Certificate>
 					MIIB....
 				</ds:X509Certificate>
 				<ds:X509Certificate>
 					MIIB+...
 				</ds:X509Certificate>
 			</ds:X509Data>
 		</ds:KeyInfo>
 
 
              
 		<ds:KeyInfo>
 			<ds:X509Data>
  			<ds:X509Certificate>
 					MIIB....
 				</ds:X509Certificate>
 				<ds:X509Certificate>
 					MIIB+...
 				</ds:X509Certificate>
 			</ds:X509Data>
 		</ds:KeyInfo>
      Throws:
      DSSException - if an error occurred

    • incorporateObjects

      protected void incorporateObjects()
      This method incorporates the ds:Object tags 
              
 		<ds:Object>
 			...
 		</ds:Object>
 		<ds:Object>
 			...
 		</ds:Object>

    • incorporateQualifyingProperties

      protected void incorporateQualifyingProperties()
      This method incorporates the ds:Object with xades:QualifyingProperties element 
              
 		<ds:Object>
 			<xades:QualifyingProperties>
 				<xades:SignedProperties>
 					...
 				</xades:SignedProperties>
 			</xades:QualifyingProperties>
 		</ds:Object>

    • incorporateSignedObjects

      protected void incorporateSignedObjects()
      Incorporates the list of signed ds:Object elements (used for Enveloping packaging)

    • incorporateCustomObjects

      protected void incorporateCustomObjects()
      Incorporates a list of custom ds:Object elements within the ds:Signature element

    • incorporateObject

      protected void incorporateObject(DSSObject object)
      Incorporates the given object within the ds:Signature
      Parameters:
      object - DSSObject to incorporate

    • incorporateReferenceSignedProperties

      protected void incorporateReferenceSignedProperties()
      This method incorporates ds:References 
              
 		<ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI=
	"#xades-id-A43023AFEB149830C242377CC941360F">
			<ds:Transforms>
				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
			</ds:Transforms>
			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
			<ds:DigestValue>uijX/nvuu8g10ZVEklEnYatvFe8=</ds:DigestValue>
		</ds:Reference>

    • incorporateReferenceKeyInfo

      protected void incorporateReferenceKeyInfo()
      Method incorporates KeyInfo ds:References. 
              
 		<ds:Reference URI="#keyInfo-id-A43023AFEB149830C242377CC941360F">
			<ds:Transforms>
				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
			</ds:Transforms>
			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
			<ds:DigestValue>uijX/nvuu2g10ZVEklEnYatvFe4=</ds:DigestValue>
		</ds:Reference>

    • incorporateSignatureValue

      protected void incorporateSignatureValue()
      This method incorporates the signature value.

    • incorporateSignedProperties

      protected void incorporateSignedProperties()
      Creates the SignedProperties DOM object element. 
       
 		<SignedProperties Id="xades-ide5c549340079fe19f3f90f03354a5965">

    • incorporateSignedSignatureProperties

      protected void incorporateSignedSignatureProperties()
      Creates the SignedSignatureProperties DOM object element. 
       
 		<SignedSignatureProperties>
 		...
 		</SignedSignatureProperties>

    • signDocument

      public DSSDocument signDocument(byte[] signatureValue)
      Adds signature value to the signature and returns XML signature (InMemoryDocument)
      Specified by:
      signDocument in interface SignatureBuilder
      Parameters:
      signatureValue - byte array
      Returns:
      DSSDocument representing the signature

    • addTimestamp

      protected void addTimestamp(Element timestampElement, TimestampToken token)
      Adds the content of a timestamp into a given timestamp element
      Parameters:
      timestampElement - Element
      token - TimestampToken

    • getNodeToCanonicalize

      protected Node getNodeToCanonicalize(Node node)
      Returns a node to be canonicalized (applies indents if required)
      Parameters:
      node - Node
      Returns:
      Node

    • alignNodes

      protected void alignNodes()
      Description copied from class: XAdESBuilder
      This method is used to align children indents
      Specified by:
      alignNodes in class XAdESBuilder