Package com.itextpdf.text.pdf.security
Class MakeXmlSignature
- java.lang.Object
-
- com.itextpdf.text.pdf.security.MakeXmlSignature
-
public class MakeXmlSignature extends java.lang.Object
Class that signs your XML.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static class
MakeXmlSignature.EmptyKey
Empty class for key simulation
-
Constructor Summary
Constructors Constructor Description MakeXmlSignature()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description private static javax.xml.crypto.dsig.XMLSignatureFactory
createSignatureFactory()
private static org.w3c.dom.Element
findElement(org.w3c.dom.NodeList nodes, java.lang.String localName)
Find Signature and SignatureValue elements after marshalization.private static javax.xml.crypto.dsig.Reference
generateContentReference(javax.xml.crypto.dsig.XMLSignatureFactory fac, XmlSignatureAppearance sap, java.lang.String referenceId)
private static javax.xml.crypto.dsig.Reference
generateCustomReference(javax.xml.crypto.dsig.XMLSignatureFactory fac, java.lang.String uri, java.lang.String type, java.lang.String id)
private static javax.xml.crypto.dsig.keyinfo.KeyInfo
generateKeyInfo(java.security.cert.Certificate[] chain, XmlSignatureAppearance sap)
private static javax.xml.crypto.dsig.keyinfo.KeyInfo
generateKeyInfo(java.security.PublicKey publicKey)
private static javax.xml.crypto.dsig.XMLObject
generateXadesObject(javax.xml.crypto.dsig.XMLSignatureFactory fac, XmlSignatureAppearance sap, java.lang.String signatureId, java.lang.String contentReferenceId, java.lang.String signedPropertiesId, java.lang.String[] signaturePolicy)
private static byte[]
getByteArrayOfNode(org.w3c.dom.Node node)
private static java.lang.String
getRandomId()
private static java.lang.String
getX509IssuerName(java.security.cert.X509Certificate cert)
private static java.lang.String
getX509SerialNumber(java.security.cert.X509Certificate cert)
private static void
sign(javax.xml.crypto.dsig.XMLSignatureFactory fac, ExternalSignature externalSignature, XmlLocator locator, org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo si, javax.xml.crypto.dsig.XMLObject xo, javax.xml.crypto.dsig.keyinfo.KeyInfo ki, java.lang.String signatureId)
static void
signXades(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, boolean includeSignaturePolicy)
Signs the xml with XAdES BES using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).static void
signXadesBes(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain)
Signs the xml with XAdES BES using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).static void
signXadesEpes(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain)
Signs the xml with XAdES BES using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).static void
signXmlDSig(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain)
Signs the xml with XmlDSig using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).static void
signXmlDSig(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.PublicKey publicKey)
Signs the xml with XmlDSig using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).static void
signXmlDSig(XmlSignatureAppearance sap, ExternalSignature externalSignature, javax.xml.crypto.dsig.keyinfo.KeyInfo keyInfo)
Signs the xml with XmlDSig using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).private static void
verifyArguments(XmlSignatureAppearance sap, ExternalSignature externalSignature)
-
-
-
Method Detail
-
signXmlDSig
public static void signXmlDSig(XmlSignatureAppearance sap, ExternalSignature externalSignature, javax.xml.crypto.dsig.keyinfo.KeyInfo keyInfo) throws java.security.GeneralSecurityException, java.io.IOException, DocumentException
Signs the xml with XmlDSig using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).- Parameters:
sap
- the XmlSignatureAppearanceexternalSignature
- the interface providing the actual signingkeyInfo
- KeyInfo for verification- Throws:
java.security.GeneralSecurityException
java.io.IOException
DocumentException
-
signXmlDSig
public static void signXmlDSig(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain) throws DocumentException, java.security.GeneralSecurityException, java.io.IOException
Signs the xml with XmlDSig using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).- Parameters:
sap
- the XmlSignatureAppearanceexternalSignature
- the interface providing the actual signingchain
- the certificate chain- Throws:
java.security.GeneralSecurityException
java.io.IOException
DocumentException
-
signXmlDSig
public static void signXmlDSig(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.PublicKey publicKey) throws java.security.GeneralSecurityException, DocumentException, java.io.IOException
Signs the xml with XmlDSig using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).- Parameters:
sap
- the XmlSignatureAppearanceexternalSignature
- the interface providing the actual signingpublicKey
- PublicKey for verification- Throws:
java.security.GeneralSecurityException
java.io.IOException
DocumentException
-
signXades
public static void signXades(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain, boolean includeSignaturePolicy) throws java.security.GeneralSecurityException, DocumentException, java.io.IOException
Signs the xml with XAdES BES using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).- Parameters:
sap
- the XmlSignatureAppearanceexternalSignature
- the interface providing the actual signingchain
- the certificate chainincludeSignaturePolicy
- if true SignaturePolicyIdentifier will be included (XAdES-EPES)- Throws:
java.security.GeneralSecurityException
java.io.IOException
DocumentException
-
signXadesBes
public static void signXadesBes(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain) throws java.security.GeneralSecurityException, DocumentException, java.io.IOException
Signs the xml with XAdES BES using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).- Parameters:
sap
- the XmlSignatureAppearanceexternalSignature
- the interface providing the actual signingchain
- the certificate chain- Throws:
java.security.GeneralSecurityException
java.io.IOException
DocumentException
-
signXadesEpes
public static void signXadesEpes(XmlSignatureAppearance sap, ExternalSignature externalSignature, java.security.cert.Certificate[] chain) throws java.security.GeneralSecurityException, DocumentException, java.io.IOException
Signs the xml with XAdES BES using the enveloped mode, with optional xpath transform (see XmlSignatureAppearance).- Parameters:
sap
- the XmlSignatureAppearanceexternalSignature
- the interface providing the actual signingchain
- the certificate chain- Throws:
java.security.GeneralSecurityException
java.io.IOException
DocumentException
-
verifyArguments
private static void verifyArguments(XmlSignatureAppearance sap, ExternalSignature externalSignature) throws DocumentException
- Throws:
DocumentException
-
findElement
private static org.w3c.dom.Element findElement(org.w3c.dom.NodeList nodes, java.lang.String localName)
Find Signature and SignatureValue elements after marshalization.
-
generateKeyInfo
private static javax.xml.crypto.dsig.keyinfo.KeyInfo generateKeyInfo(java.security.cert.Certificate[] chain, XmlSignatureAppearance sap)
-
generateKeyInfo
private static javax.xml.crypto.dsig.keyinfo.KeyInfo generateKeyInfo(java.security.PublicKey publicKey) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
getRandomId
private static java.lang.String getRandomId()
-
createSignatureFactory
private static javax.xml.crypto.dsig.XMLSignatureFactory createSignatureFactory()
-
generateXadesObject
private static javax.xml.crypto.dsig.XMLObject generateXadesObject(javax.xml.crypto.dsig.XMLSignatureFactory fac, XmlSignatureAppearance sap, java.lang.String signatureId, java.lang.String contentReferenceId, java.lang.String signedPropertiesId, java.lang.String[] signaturePolicy) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
getX509IssuerName
private static java.lang.String getX509IssuerName(java.security.cert.X509Certificate cert)
-
getX509SerialNumber
private static java.lang.String getX509SerialNumber(java.security.cert.X509Certificate cert)
-
generateContentReference
private static javax.xml.crypto.dsig.Reference generateContentReference(javax.xml.crypto.dsig.XMLSignatureFactory fac, XmlSignatureAppearance sap, java.lang.String referenceId) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
generateCustomReference
private static javax.xml.crypto.dsig.Reference generateCustomReference(javax.xml.crypto.dsig.XMLSignatureFactory fac, java.lang.String uri, java.lang.String type, java.lang.String id) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
sign
private static void sign(javax.xml.crypto.dsig.XMLSignatureFactory fac, ExternalSignature externalSignature, XmlLocator locator, org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo si, javax.xml.crypto.dsig.XMLObject xo, javax.xml.crypto.dsig.keyinfo.KeyInfo ki, java.lang.String signatureId) throws DocumentException
- Throws:
DocumentException
-
getByteArrayOfNode
private static byte[] getByteArrayOfNode(org.w3c.dom.Node node)
-
-