Package org.apache.camel.component.xmlsecurity.api

Class XAdESSignatureProperties

java.lang.Object
org.apache.camel.component.xmlsecurity.api.XAdESSignatureProperties
All Implemented Interfaces:
XmlSignatureProperties
Direct Known Subclasses:
DefaultXAdESSignatureProperties
public class XAdESSignatureProperties extends Object implements XmlSignatureProperties
Implementation of the XAdES-BES and XAdES-EPES properties defined in http://www.etsi.org/deliver/etsi_ts%5C101900_101999%5C101903%5C01.04 .02_60%5Cts_101903v010402p.pdf. XAdES-T and XAdES-C is not implemented.

You have to overwrite the method getSigningCertificate() or getSigningCertificateChain() if you want to have a 'SigningCertificate' element in your XML Signature.

Further limitations:

  • No support for the 'QualifyingPropertiesReference' element (see section 6.3.2 of spec).
  • No support for the 'Transforms' element contained in the 'SignaturePolicyId' element contained in 'SignaturePolicyIdentifier' element
  • No support of the 'CounterSignature' element --> no support for the 'UnsignedProperties' element
  • A 'CommitmentTypeIndication' element contains always the 'AllSignedDataObjects' element. The 'ObjectReference' element within the 'CommitmentTypeIndication' element is not supported.
  • The 'AllDataObjectsTimeStamp' element is not supported (it requires a time authority)
  • The 'IndividualDataObjectsTimeStamp' element is not supported (it requires a time authority)

  • Field Details

  • Constructor Details

    • XAdESSignatureProperties

      public XAdESSignatureProperties()

  • Method Details

    • isAddSigningTime

      public boolean isAddSigningTime()

    • setAddSigningTime

      public void setAddSigningTime(boolean addSigningTime)

    • getNamespace

      public String getNamespace()

    • setNamespace

      public void setNamespace(String namespace)

    • findNamespace

      protected String findNamespace(org.apache.camel.Message message)

    • getPrefix

      public String getPrefix()

    • setPrefix

      public void setPrefix(String prefix)

    • findPrefix

      protected String findPrefix(org.apache.camel.Message message)

    • setSigningCertificateURIs

      public void setSigningCertificateURIs(List<String> signingCertificateURIs)
      URIs of the signing certificate or signing certificate chain. For the sining certificate the first URI is taken. If there is a signing certificate chain specified, then the URIs are assigned to the certificates in the chain in the order given in the provided list. You have to specify an empty entry (null or empty srting), if no URI should be assigned to a specific certificate in the list. If you specify an empty list, then no URIs are assigned.
      Throws:
      IllegalArgumentException - if the parameter is null or one of the URIs is null

    • getSigningCertificateURIs

      public List<String> getSigningCertificateURIs()

    • getDigestAlgorithmForSigningCertificate

      public String getDigestAlgorithmForSigningCertificate()

    • setDigestAlgorithmForSigningCertificate

      public void setDigestAlgorithmForSigningCertificate(String digestAlgorithm)
      Digest Algorithm for creating the digest of the signing certificate. Possible values: "http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmldsig-more#sha384", "http://www.w3.org/2001/04/xmlenc#sha512". Default value is "http://www.w3.org/2001/04/xmlenc#sha256".

    • getSignaturePolicy

      public String getSignaturePolicy()

    • setSignaturePolicy

      public void setSignaturePolicy(String signaturePolicy)
      Signature Policy. Possible values: SIG_POLICY_NONE, SIG_POLICY_IMPLIED, SIG_POLICY_EXPLICIT_ID. Default value is SIG_POLICY_NONE.

    • getSigPolicyId

      public String getSigPolicyId()

    • setSigPolicyId

      public void setSigPolicyId(String sigPolicyId)
      Identifier must be specified if getSignaturePolicy() equals "ExplicitId". Must be an URI

    • getSigPolicyIdQualifier

      public String getSigPolicyIdQualifier()

    • setSigPolicyIdQualifier

      public void setSigPolicyIdQualifier(String sigPolicyIdQualifier)
      Qualifier for the Signature Policy Identifier. Possible values are null (which means no Qualifier element is created), "OIDAsURI", or "OIDAsURN". Default value is null. If the identifier is an OID then a qualifier must be set.

    • getSigPolicyIdDescription

      public String getSigPolicyIdDescription()

    • setSigPolicyIdDescription

      public void setSigPolicyIdDescription(String sigPolicyIdDescription)

    • getSigPolicyIdDocumentationReferences

      public List<String> getSigPolicyIdDocumentationReferences()

    • setSigPolicyIdDocumentationReferences

      public void setSigPolicyIdDocumentationReferences(List<String> sigPolicyIdDocumentationReferences)
      Sets the documentation references of the signature policy.
      Throws:
      IllegalArgumentException - if the parameter is null or one of the documentation references is null or empty

    • getSignaturePolicyDigestAlgorithm

      public String getSignaturePolicyDigestAlgorithm()

    • setSignaturePolicyDigestAlgorithm

      public void setSignaturePolicyDigestAlgorithm(String signaturePolicyDigestAlgorithm)
      Digest Algorithm for creating the digest of the signature policy document. Possible values: "http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmldsig-more#sha384", "http://www.w3.org/2001/04/xmlenc#sha512". Default value is "http://www.w3.org/2001/04/xmlenc#sha256".

    • getSignaturePolicyDigestValue

      public String getSignaturePolicyDigestValue()

    • setSignaturePolicyDigestValue

      public void setSignaturePolicyDigestValue(String signaturePolicyDigestValue)
      Digest value for the signature policy base 64 encoded.

    • getSigPolicyQualifiers

      public List<String> getSigPolicyQualifiers()

    • setSigPolicyQualifiers

      public void setSigPolicyQualifiers(List<String> sigPolicyQualifiers)
      Sets the signature policy qualifiers. Each qualifier can be a text or a XML fragment with the root element 'SigPolicyQualifier' with the XAdES namespace.
      Throws:
      IllegalArgumentException - if the input parameter is null, or one of the qualifiers is null or empty

    • getDataObjectFormatDescription

      public String getDataObjectFormatDescription()

    • setDataObjectFormatDescription

      public void setDataObjectFormatDescription(String dataObjectFormatDescription)

    • getDataObjectFormatMimeType

      public String getDataObjectFormatMimeType()

    • setDataObjectFormatMimeType

      public void setDataObjectFormatMimeType(String dataObjectFormatMimeType)

    • getDataObjectFormatIdentifier

      public String getDataObjectFormatIdentifier()

    • setDataObjectFormatIdentifier

      public void setDataObjectFormatIdentifier(String dataObjectFormatIdentifier)

    • getDataObjectFormatIdentifierQualifier

      public String getDataObjectFormatIdentifierQualifier()

    • setDataObjectFormatIdentifierQualifier

      public void setDataObjectFormatIdentifierQualifier(String dataObjectFormatIdentifierQualifier)
      Qualifier for the Format Identifier. Possible values are null (which means no Qualifier element is created), "OIDAsURI", or "OIDAsURN". Default value is null. If the identifier is an OID then a qualifier must be set.

    • getDataObjectFormatIdentifierDescription

      public String getDataObjectFormatIdentifierDescription()

    • setDataObjectFormatIdentifierDescription

      public void setDataObjectFormatIdentifierDescription(String dataObjectFormatIdentifierDescription)

    • getDataObjectFormatIdentifierDocumentationReferences

      public List<String> getDataObjectFormatIdentifierDocumentationReferences()

    • setDataObjectFormatIdentifierDocumentationReferences

      public void setDataObjectFormatIdentifierDocumentationReferences(List<String> dataObjectFormatIdentifierDocumentationReferences)
      Sets the documentation references of the data object format identifier.
      Throws:
      IllegalArgumentException - if the parameter is null or one of the documentation references is null or empty

    • getSignerClaimedRoles

      public List<String> getSignerClaimedRoles()

    • setSignerClaimedRoles

      public void setSignerClaimedRoles(List<String> signerClaimedRoles)
      Sets the claimed roles list. A role can be either a text or a XML fragment with the root element 'ClaimedRole' with the XAdES namespace.
      Throws:
      IllegalArgumentException - if signerClaimedRoles is null, or if one of the roles is null or empty

    • getSignerCertifiedRoles

      public List<XAdESEncapsulatedPKIData> getSignerCertifiedRoles()

    • setSignerCertifiedRoles

      public void setSignerCertifiedRoles(List<XAdESEncapsulatedPKIData> signerCertifiedRoles)
      Sets the certified roles.
      Throws:
      IllegalArgumentException - if signerCertifiedRoles is null

    • getSignatureProductionPlaceCity

      public String getSignatureProductionPlaceCity()

    • setSignatureProductionPlaceCity

      public void setSignatureProductionPlaceCity(String signatureProductionPlaceCity)

    • getSignatureProductionPlaceStateOrProvince

      public String getSignatureProductionPlaceStateOrProvince()

    • setSignatureProductionPlaceStateOrProvince

      public void setSignatureProductionPlaceStateOrProvince(String signatureProductionPlaceStateOrProvince)

    • getSignatureProductionPlacePostalCode

      public String getSignatureProductionPlacePostalCode()

    • setSignatureProductionPlacePostalCode

      public void setSignatureProductionPlacePostalCode(String signatureProductionPlacePostalCode)

    • getSignatureProductionPlaceCountryName

      public String getSignatureProductionPlaceCountryName()

    • setSignatureProductionPlaceCountryName

      public void setSignatureProductionPlaceCountryName(String signatureProductionPlaceCountryName)

    • getCommitmentTypeId

      public String getCommitmentTypeId()

    • setCommitmentTypeId

      public void setCommitmentTypeId(String commitmentTypeId)

    • getCommitmentTypeIdQualifier

      public String getCommitmentTypeIdQualifier()

    • setCommitmentTypeIdQualifier

      public void setCommitmentTypeIdQualifier(String commitmentTypeIdQualifier)
      Qualifier for the Commitment Type ID. Possible values are null (which means no Qualifier element is created), "OIDAsURI", or "OIDAsURN". Default value is null. If the identifier is an OID then a qualifier must be set.

    • getCommitmentTypeIdDescription

      public String getCommitmentTypeIdDescription()

    • setCommitmentTypeIdDescription

      public void setCommitmentTypeIdDescription(String commitmentTypeIdDescription)

    • getCommitmentTypeIdDocumentationReferences

      public List<String> getCommitmentTypeIdDocumentationReferences()

    • setCommitmentTypeIdDocumentationReferences

      public void setCommitmentTypeIdDocumentationReferences(List<String> commitmentTypeIdDocumentationReferences)
      Sets the documentation references for the Commitment Type ID:
      Throws:
      IllegalArgumentException - if the parameter is null or a documentation reference is null or empty

    • getCommitmentTypeQualifiers

      public List<String> getCommitmentTypeQualifiers()

    • setCommitmentTypeQualifiers

      public void setCommitmentTypeQualifiers(List<String> commitmentTypeQualifiers)
      List of additional qualifying information on the commitment. Each list element can be a text or an XML fragment with the root element 'CommitmentTypeQualifier' with the XAdES namespace.
      Throws:
      IllegalArgumentException - if the input parameter is null, or one qualifier is null or empty

    • get

      public XmlSignatureProperties.Output get(XmlSignatureProperties.Input input) throws Exception
      Description copied from interface: XmlSignatureProperties
      Returns further configuration objects for the XML signature
      Specified by:
      get in interface XmlSignatureProperties
      Parameters:
      input - input
      Returns:
      output must not be null
      Throws:
      Exception - if an error occurs during creating the output

    • setAttribute

      protected void setAttribute(Element element, String attrName, String value)

    • setIdAttributeFromHeader

      protected void setIdAttributeFromHeader(String header, Element element, XmlSignatureProperties.Input input)

    • addSignedDataObjectProperties

      protected String addSignedDataObjectProperties(Document doc, Element signedProperties, XmlSignatureProperties.Input input) throws XmlSignatureException, IOException, ParserConfigurationException
      Throws:
      XmlSignatureException
      IOException
      ParserConfigurationException

    • isAddSignedDataObjectPropeties

      protected boolean isAddSignedDataObjectPropeties()

    • addCommitmentTypeIndication

      protected void addCommitmentTypeIndication(Element signedDataObjectProperties, Document doc, XmlSignatureProperties.Input input) throws IOException, ParserConfigurationException, XmlSignatureException
      Throws:
      IOException
      ParserConfigurationException
      XmlSignatureException

    • isAddCommitmentType

      protected boolean isAddCommitmentType()

    • addDataObjectFormat

      protected String addDataObjectFormat(Element signedDataObjectProperties, Document doc, XmlSignatureProperties.Input input)

    • isAddDataObjectFormat

      protected boolean isAddDataObjectFormat()

    • addSignedSignatureProperties

      protected void addSignedSignatureProperties(Document doc, Element signedProperties, XmlSignatureProperties.Input input) throws Exception
      Throws:
      Exception

    • isAddSignedSignatureProperties

      protected boolean isAddSignedSignatureProperties() throws Exception
      Throws:
      Exception

    • isAddSignerRole

      protected boolean isAddSignerRole()

    • addSignatureProductionPlace

      protected void addSignatureProductionPlace(Document doc, Element signedSignatureProperties, XmlSignatureProperties.Input input)

    • isAddSignatureProductionPlace

      protected boolean isAddSignatureProductionPlace()

    • addSignerRole

      protected void addSignerRole(Document doc, Element signedSignatureProperties, XmlSignatureProperties.Input input) throws XmlSignatureException, IOException, ParserConfigurationException
      Throws:
      XmlSignatureException
      IOException
      ParserConfigurationException

    • addSignaturePolicyIdentifier

      protected void addSignaturePolicyIdentifier(Document doc, Element signedProperties, XmlSignatureProperties.Input input) throws XmlSignatureException, IOException, ParserConfigurationException
      Throws:
      XmlSignatureException
      IOException
      ParserConfigurationException

    • createChildFromXmlFragmentOrText

      protected Element createChildFromXmlFragmentOrText(Document doc, XmlSignatureProperties.Input input, String localElementName, String errorMessage, String elementOrText) throws IOException, ParserConfigurationException, XmlSignatureException
      Throws:
      IOException
      ParserConfigurationException
      XmlSignatureException

    • replacePrefixes

      protected void replacePrefixes(Document qualifierDoc, XmlSignatureProperties.Input input)

    • getChildElements

      protected List<Element> getChildElements(Element el)

    • replacePrefix

      protected void replacePrefix(Element el, XmlSignatureProperties.Input input)

    • replacePrefixForNode

      protected void replacePrefixForNode(Node node, XmlSignatureProperties.Input input)

    • isAddSignaturePolicy

      protected boolean isAddSignaturePolicy()

    • addSigningCertificate

      protected void addSigningCertificate(Document doc, Element signedProperties, XmlSignatureProperties.Input input) throws Exception
      Throws:
      Exception

    • getSigningCertificate

      protected X509Certificate getSigningCertificate() throws Exception
      Returns the signing certificate. If you want to have a "SigningCertificate" element then either this method or the method getSigningCertificateChain() must return a value which is different from null or an empty array.

      This implementation returns null

      Throws:
      Exception

    • getSigningCertificateChain

      protected X509Certificate[] getSigningCertificateChain() throws Exception
      Returns the signing certificate. If you want to have a "SigningCertificate" element then either this method or the method getSigningCertificate() must return a value.

      This implementation returns null

      Throws:
      Exception

    • addSigningTime

      protected void addSigningTime(Document doc, Element signedProperties, XmlSignatureProperties.Input input)

    • addCertificate

      protected void addCertificate(X509Certificate cert, Element signedCertificate, Document doc, int index, XmlSignatureProperties.Input input) throws CertificateEncodingException, NoSuchAlgorithmException, XmlSignatureException
      Throws:
      CertificateEncodingException
      NoSuchAlgorithmException
      XmlSignatureException

    • getMessageDigestAlgorithm

      protected String getMessageDigestAlgorithm(String xmlSigDigestMethod, String errorMessage) throws XmlSignatureException
      Throws:
      XmlSignatureException

    • calculateDigest

      protected String calculateDigest(String algorithm, byte[] bytes) throws NoSuchAlgorithmException
      Throws:
      NoSuchAlgorithmException

    • createElementNS

      protected Element createElementNS(Document doc, XmlSignatureProperties.Input input, String elementName)

    • createDigSigElement

      protected Element createDigSigElement(String localName, Document doc, String prefixForXmlSignatureNamespace)

    • createElement

      protected Element createElement(String localName, Document doc, XmlSignatureProperties.Input input)