Package eu.europa.esig.dss.xades

Class DSSXMLUtils

java.lang.Object
eu.europa.esig.dss.xades.DSSXMLUtils
public final class DSSXMLUtils
extends Object
Utility class that contains some XML related method.

  • Field Details

    • DEFAULT_CANONICALIZATION_METHOD

      public static final String DEFAULT_CANONICALIZATION_METHOD
      This is the default canonicalization method for XMLDSIG used for signatures and timestamps (see XMLDSIG 4.4.3.2). Another complication arises because of the way that the default canonicalization algorithm handles namespace declarations; frequently a signed XML document needs to be embedded in another document; in this case the original canonicalization algorithm will not yield the same result as if the document is treated alone. For this reason, the so-called Exclusive Canonicalization, which serializes XML namespace declarations independently of the surrounding XML, was created.
      See Also:
      Constant Field Values

  • Method Details

    • registerTransform

      public static boolean registerTransform​(String transformURI)
      This method allows to register a transformation.
      Parameters:
      transformURI - the URI of transform
      Returns:
      true if this set did not already contain the specified element

    • registerCanonicalizer

      public static boolean registerCanonicalizer​(String c14nAlgorithmURI)
      This method allows to register a canonicalizer.
      Parameters:
      c14nAlgorithmURI - the URI of canonicalization algorithm
      Returns:
      true if this set did not already contain the specified element

    • indentAndReplace

      public static Node indentAndReplace​(Document document, Node node)
      Indents the given node and replaces it with a new one on the document
      Parameters:
      document - Document to indent the node in
      node - Node to be indented
      Returns:
      the indented Node

    • indentAndExtend

      public static Node indentAndExtend​(Document document, Node newNode, Node oldNode)
      Extends the given oldNode by appending new indented childs from the given newNode
      Parameters:
      document - owner Document of the node
      newNode - new Node to indent
      oldNode - old Node to extend with new indented elements
      Returns:
      the extended Node

    • getDocWithIndentedSignatures

      public static Document getDocWithIndentedSignatures​(Document documentDom, String signatureId, List<String> noIndentObjectIds)

    • getIndentedNode

      public static Node getIndentedNode​(Node documentDom, Node xmlNode)
      Returns an indented xmlNode
      Parameters:
      documentDom - is an owner Document of the xmlNode
      xmlNode - Node to indent
      Returns:
      an indented Node xmlNode

    • alignChildrenIndents

      public static Node alignChildrenIndents​(Node parentNode)
      Aligns indents for all children of the given node
      Parameters:
      parentNode - Node to align children into
      Returns:
      the given Node with aligned children

    • serializeNode

      public static byte[] serializeNode​(Node xmlNode)
      This method performs the serialization of the given node
      Parameters:
      xmlNode - The node to be serialized.
      Returns:
      the serialized bytes

    • canCanonicalize

      public static boolean canCanonicalize​(String canonicalizationMethod)
      This method says if the framework can canonicalize an XML data with the provided method.
      Parameters:
      canonicalizationMethod - the canonicalization method to be checked
      Returns:
      true if it is possible to canonicalize false otherwise

    • canonicalize

      public static byte[] canonicalize​(String canonicalizationMethod, byte[] toCanonicalizeBytes) throws DSSException
      This method canonicalizes the given array of bytes using the canonicalizationMethod parameter.
      Parameters:
      canonicalizationMethod - canonicalization method
      toCanonicalizeBytes - array of bytes to canonicalize
      Returns:
      array of canonicalized bytes
      Throws:
      DSSException - if any error is encountered

    • canonicalizeSubtree

      public static byte[] canonicalizeSubtree​(String canonicalizationMethod, Node node)
      This method canonicalizes the given Node. If canonicalization method is not provided, the DEFAULT_CANONICALIZATION_METHOD is being used
      Parameters:
      canonicalizationMethod - canonicalization method (can be null)
      node - Node to canonicalize
      Returns:
      array of canonicalized bytes

    • getCanonicalizationMethod

      public static String getCanonicalizationMethod​(String canonicalizationMethod)
      Returns the canonicalizationMethod if provided, otherwise returns the DEFAULT_CANONICALIZATION_METHOD
      Parameters:
      canonicalizationMethod - String canonicalization method (can be null)
      Returns:
      canonicalizationMethod to be used

    • recursiveIdBrowse

      public static void recursiveIdBrowse​(Element element)
      An ID attribute can only be dereferenced if it is declared in the validation context. This behaviour is caused by the fact that the attribute does not have attached type of information. Another solution is to parse the XML against some DTD or XML schema. This process adds the necessary type of information to each ID attribute.
      Parameters:
      element -

    • getIDIdentifier

      public static String getIDIdentifier​(Node node)
      If this method finds an attribute with the name ID (case-insensitive) then it is returned. If there is more than one ID attributes then the first one is returned.
      Parameters:
      node - the node to be checked
      Returns:
      the ID attribute value or null

    • getAttribute

      public static String getAttribute​(Node node, String attributeName)
      Returns attribute value for the given attribute name if exist, otherwise returns NULL
      Parameters:
      node - Node to get attribute value from
      attributeName - String name of the attribute to get value for
      Returns:
      String value of the attribute

    • setIDIdentifier

      public static void setIDIdentifier​(Element childElement)
      If this method finds an attribute with names ID (case-insensitive) then declares it to be a user-determined ID attribute.
      Parameters:
      childElement -

    • validateAgainstXSD

      public static String validateAgainstXSD​(XSDAbstractUtils xsdUtils, Source source)
      This method allows to validate an XML against the XAdES XSD schema.
      Parameters:
      xsdUtils - the XSD Utils class to be used
      source - Source XML to validate
      Returns:
      null if the XSD validates the XML, error message otherwise

    • isOid

      public static boolean isOid​(String policyId)

    • getOidCode

      public static String getOidCode​(String oid)
      Keeps only code of the oid string e.g. "urn:oid:1.2.3" to "1.2.3"
      Parameters:
      oid - String Oid
      Returns:
      Oid Code

    • isDuplicateIdsDetected

      public static boolean isDuplicateIdsDetected​(DSSDocument doc)
      This method is used to detect duplicate id values
      Parameters:
      doc - the document to be analyzed
      Returns:
      TRUE if a duplicate id is detected

    • getNodeBytes

      public static byte[] getNodeBytes​(Node node)
      Returns bytes of the given node
      Parameters:
      node - Node to get bytes for
      Returns:
      byte array

    • getReferenceOriginalContentBytes

      public static byte[] getReferenceOriginalContentBytes​(org.apache.xml.security.signature.Reference reference)
      Returns bytes of the original referenced data
      Parameters:
      reference - Reference to get bytes from
      Returns:
      byte array containing original data

    • getDigestAndValue

      public static Digest getDigestAndValue​(Element element)
      This method extracts the Digest algorithm and value from an element of type DigestAlgAndValueType
      Parameters:
      element - an Element of type DigestAlgAndValueType
      Returns:
      an instance of Digest

    • isSignedProperties

      public static boolean isSignedProperties​(org.apache.xml.security.signature.Reference reference, XAdESPaths xadesPaths)
      Determines if the given reference refers to SignedProperties element
      Parameters:
      reference - Reference to check
      Returns:
      TRUE if the reference refers to the SignedProperties, FALSE otherwise

    • isCounterSignature

      public static boolean isCounterSignature​(org.apache.xml.security.signature.Reference reference, XAdESPaths xadesPaths)
      Determines if the given reference refers to CounterSignature element
      Parameters:
      reference - Reference to check
      Returns:
      TRUE if the reference refers to the CounterSignature, FALSE otherwise

    • isKeyInfoReference

      public static boolean isKeyInfoReference​(org.apache.xml.security.signature.Reference reference, Element signature)
      Checks if the given reference is linked to a KeyInfo element
      Parameters:
      reference - the Reference to check
      signature - the Element signature the given reference belongs to
      Returns:
      TRUE if the reference is a KeyInfo reference, FALSE otherwise

    • isObjectReferenceType

      public static boolean isObjectReferenceType​(String referenceType)
      Checks if the given referenceType is an xmldsig Object type
      Parameters:
      referenceType - String to check the type for
      Returns:
      TRUE if the provided referenceType is an Object type, FALSE otherwise

    • isManifestReferenceType

      public static boolean isManifestReferenceType​(String referenceType)
      Checks if the given referenceType is an xmldsig Manifest type
      Parameters:
      referenceType - String to check the type for
      Returns:
      TRUE if the provided referenceType is a Manifest type, FALSE otherwise

    • isCounterSignatureReferenceType

      public static boolean isCounterSignatureReferenceType​(String referenceType)
      Checks if the given referenceType is an etsi Countersignature type
      Parameters:
      referenceType - String to check the type for
      Returns:
      TRUE if the provided referenceType is a Countersignature type, FALSE otherwise

    • getKeyInfoSigningCertificatePublicKey

      public static PublicKey getKeyInfoSigningCertificatePublicKey​(Element signatureElement)
      Extracts signing certificate's public key from KeyInfo element of a given signature if present NOTE: can return null (the value is optional)
      Parameters:
      signatureElement - Element representing a signature to get KeyInfo signing certificate for
      Returns:
      PublicKey of the signature extracted from KeyInfo element if present